Concepts of Care Home Health
Notice of Privacy Practices
THE FOLLOWING NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION.
Concepts of Care Home Health (the “Provider”), may use and disclose your protected health information for treatment, payment, health care operations and as required by law in accordance with the Health Insurance Portability and Accountability Act (“HIPAA”), as amended by the Health Information Technology for Economic and Clinical Health Act (HITECH Act), and the HIPAA Omnibus Rule (Collectively, the “HIPAA Rules”). The use of “you” or “your” below, also refers to your authorized representative.
CONSENTS: In accordance with the HIPAA Rules, the Provider exercises its option to obtain your consent regarding the use and disclosure of your information at the start of care or within a reasonable amount of time afterwards. The Provider retains the right not to provide treatment if you refuse to sign the consent form.
AUTHORIZATIONS: Your written authorization is required for the disclosure of your protected health information when the disclosure is not for treatment purposes, health care operations or payment, or required by law.
YOUR HEALTH INFORMATION MAY BE USED AND DISCLOSED WITHOUT PATIENT AUTHORIZATION:
To Provide Treatment:
The Provider and others involved with treatment (such as your attending physician, family members, pharmacists, suppliers of medical equipment or other health care professionals) may disclose your health information to each other in order to provide appropriate treatment to you. For example, your attending physician needs information about your symptoms in order to prescribe appropriate medications. Where applicable, any documents containing protected health information given to you or left in your home/place of service by one of our caregivers for the purpose of treatment and/or continued care, is your responsibility to safeguard.
To Obtain Payment:
The Provider may disclose your health information to collect payment from third parties. For example, the Provider may be required by your health insurer to disclose information regarding your health care status to obtain prior approval for treatment.
To Conduct Health Care Operations:
The Provider may disclose your health information as necessary to facilitate the Provider’s health care operations and to provide quality care to all of the Provider‘s patients, including such activities as:
- Quality assessment and improvement
- Activities designed to improve health or reduce health care costs
- Protocol development, case management and care coordination
- Contacting providers and patients about treatment alternatives and other related functions
- Professional review and performance evaluation
- Supervised professional training programs
- Accreditation, certification, licensing or credentialing
- Reviews and auditing (includes compliance, medical, and legal services)
- Business planning and development (includes cost management, analyses, formularies)
- Business management and general administration
- Patient safety activities
Provider may use your health information to evaluate its staff performance, combine your health information with other Provider patients in evaluating how to more effectively serve all Provider patients, disclose your health information to Provider staff and contracted personnel for training purposes, use your health information to contact you as a reminder regarding a visit to you, or contact you via information mailings (unless you tell us you do not want to be contacted for such).
To Business Associates:
We may enter into contracts with entities known as Business Associates that provide services to, or perform functions on behalf of, the Provider. For example, we may disclose your protected health information to a Business Associate to administer claims. Business Associates and their subcontractors are required by law to safeguard your protected health information.
To Health Information Exchange (HIE):
Providers may participate in electronic health exchanges and may share your health information as described in this Notice. Participation is voluntary and you will be provided the opportunity to opt out from the electronic health information exchange.
As Required by Law: There are federal and state regulations that require certain reporting, including population-based activities relating to improving health or reducing health care costs. For example, your health information may be required for public health activities, abuse, neglect or domestic violence investigations, law enforcement purposes, specialized government functions, death related functions/purposes, to avert a serious threat to health or safety, judicial and administrative proceedings and workers compensation. Some states have separate privacy laws that may apply additional legal requirements. If the state privacy laws are more stringent than federal privacy laws, the state law overrides the federal law. The Provider will not disclose your health information without your written authorization, which you may revoke in writing at any time excluding above required by LAW.
WRITTEN AUTHORIZATION IS REQUIRED OUTSIDE OF TREATMENT, PAYMENT, HEALTH CARE OPERATIONS, OR AS REQUIRED BY LAW FOR THE FOLLOWING:
- Long term care/Life insurance
- Psychotherapy notes/records
WITH RESPECT TO YOUR HEALTH INFORMATION, YOU HAVE THE RIGHT:
To request restrictions on certain uses and disclosures of your health information, including disclosure to individuals involved in your care or payment. However, the Provider is not required to agree to your request except when PHI is for payment to a health plan to carry out payment, and is not otherwise required by law, and you have, or someone on your behalf has, paid the Provider in full.
To receive confidential communications in a certain way. For example, you may request that the Provider only communicate with you privately with no other family members present. The Provider will not request any reasons for your request and will attempt to honor any reasonable requests.
Requesting a copy your health information records including billing records. To request an inspection or copy of your records containing your health information, please directly notify your Provider location. You may request to receive this information in electronic or paper format. The Provider may charge a reasonable fee for copying and assembling costs associated with your request.
Request amendments to your health care information (including corrections or other opinions) for any health information in question for as long as it is maintained by the Provider. This right does not include the deletion, removal, or erasure of health information. All such requests must be made in writing. The Provider may deny the request if: (a) the request is not in writing; (b) the request does not include a reason; (c) the health information was not created by the Provider nor part of the Provider‘s records; (d) if you are not otherwise permitted by the Regulations to inspect or copy the health information in question; or, (e) if after considering your request, the Provider finds that your health information is already accurate and complete.
Accounting of disclosures of your health information made by the Provider for reasons other than for treatment, payment or health care operations starting after 09/1/2003. All requests must be made in writing and should specify the time period for the accounting not to exceed six (6) years or the normal record retention policy of the Provider, whichever is longer.
The Provider will provide the first accounting requested during any twelve (12) month period without charge. Subsequent requests may be subject to a reasonable cost-based fee.
If you wish to receive a hard copy of this Notice at any time even if you have received this Notice previously. A copy of the current version of this Notice is available at the Provider location and on our website at
RESPONSIBILITIES OF THE PROVIDOR AS REQUIRED BY LAW:
- to maintain the privacy of your health information;
- to provide to you or your representative this Notice of its duties and privacy practices;
- to abide by the terms of this Notice as may be amended from time to time; and
- to notify you in the event that we or one of our Business Associates discover a breach of your unsecured protected health information, in a manner not permitted under the HIPAA Rules, which compromises the security or privacy of your protected health information, unless after assessment it is determined that there is a low probability that the protected health information was compromised.
CHANGES TO THIS NOTICE:
The Provider reserves the right to change the terms of this Notice and to make such changes effective for all health information that it maintains. If the Provider changes this Notice, the Provider will provide a copy of the revised Notice to you via your Provider location (and at www.conceptsofcare.com ).
You have the right to express complaints to the Provider or the Secretary of DHHS if you believe that your privacy rights have been violated. You will not be retaliated against in any way for filing a complaint.
TO CONTACT US:
Privacy and security concerns related to your patient information can be addressed directly to your Provider designated HIPAA Privacy Officer at 1-800-246-3233, or via direct mail to the address below:
Attention: Privacy Officer
Concepts of Care Home Health
100 General Mouton Ave
Lafayette, LA 70501