Policy #: BP-010
Policy Name: Privacy
with HIPAA Privacy Standards
Effective Date: April 7, 2003
It is the policy of our practice that all physician and staff
preserve the integrity and the confidentiality of protected health information
(PHI) pertaining to our patient. The
purpose of this policy is to ensure that our practice and its physicians and
staff have the necessary medical and PHI to provide the highest quality medical
care possible while protecting the confidentiality of the PHI of our patient to
the highest degree possible. Patient
should not fear about providing information to our practice and its physicians
and staff for purposes of treatment, payment and healthcare operations (TPO).
To that end, our practice and its physicians and staff will --
to the standards set forth in the Notice of Privacy Practices.
use and disclose PHI only in conformance with state and federal laws and
current patient covenants and/or authorizations, as appropriate. Our practice and its physicians and
staff will not use or disclose PHI for uses outside of practices TPO, such
as marketing, employment, life insurance applications, etc. without an
authorization from the patient.
and disclose PHI to remind patients of their appointments only within
that PHI collected about patients must be accurate, timely, complete and
available when needed. Our practice
and its physicians and staff will:
reasonable measures to protect the integrity of all PHI maintained about
that patients have a right to privacy.
Our practice and its physicians and staff respect the patient's
individual dignity at all times.
Our practice and its physician and staff will respect patient's
privacy to the extent consistent with providing the highest quality
medical possible and with the efficient administration of the facility.
as responsible information stewards and treat all PHI as sensitive and
confidential. Consequently, our
practice and its physicians and staff will:
all PHI data as confidential in accordance with professional ethics,
accreditation standards, and legal requirements.
disclose PHI data unless the patient (or his or her authorized
representative) has properly consented to or authorized the release or
the release is otherwise authorized by law.
that, although our practice "owns" the medical record, the
patient has a right to inspect and obtain a copy of his/her PHI. In addition, patients have a right to
request an amendment to his/her medical record if he/she believes his/her
information is inaccurate or incomplete.
Our practice and its physicians and staff will--
patients access to their medical records when their written requests are
approved by our practice. If we
deny their request, then we must inform the patients that they may
request a review of our denial. In
such cases, we will have an on-site healthcare professional review the
patients an opportunity to request the correction of inaccurate or
incomplete PHI in their medical records in accordance with the law and
physicians and staff of our practice will maintain a list of all
disclosures of PHI for purposes other than TPO for each patient. We will provide this list to patients
upon request, so long as their requests are in writing.
physicians and staff of our practice will adhere to any restrictions
concerning the use or disclosure of PHI that patients have requested and
have been approved by our practice.
physicians and staff of our practice must adhere to this policy. Our practice will not tolerate
violations of this policy.
Violation of this policy is grounds for disciplinary action, up to
and including termination of employment and criminal or professional
sanctions in accordance with our practice's personnel rules and
President Bel-Park Anesthesia
Associates, Inc. Date
Practice Administrator Bel-Park
Anesthesia Associates, Inc. Date
Source: Health Insurance
Portability and Accountability Act (HIPAA) Privacy Manual, Copyright ©
2001Gates, Moore & Company, http://www.gatesmoore.com/.
Reprinted with permission.