Hippa Notice

Home Hippa Notice

THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION.

PLEASE REVIEW IT CAREFULLY.

In this notice we use the terms “we,” “us,” and “our” to describe Saniset. For more details, please refer to section IV of this notice.

I. WHAT IS “PROTECTED HEALTH INFORMATION”?

Your protected health information (PHI) is individually identifiable health information, including demographic information, about your past, present or future physical or mental health or condition, health care services you receive, and past, present or future payment for your health care. Demographic information means information such as your name, social security number, address, and date of birth.

PHI may be in oral, written or electronic form. Examples of PHI include your medical record, claims record, enrollment or disenrollment information, and communications between you and your health care provider about your care.

If your PHI is de-identified in accordance with HIPAA standards, it is no longer PHI.

II.  ABOUT OUR RESPONSIBILITY TO PROTECT YOUR PHI

By law, we must

  1. protect the privacy of your PHI;
  2. tell you about your rights and our legal duties with respect to your PHI;
  3. notify you if there is a breach of your unsecured PHI; and
  4. tell you about our privacy practices and follow our notice currently in effect.

We take these responsibilities seriously and, have put in place administrative safeguards (such as security awareness training and policies and procedures), technical safeguards (such as encryption and passwords), and physical safeguards (such as locked areas and requiring badges) to protect your PHI and, as in the past, we will continue to take appropriate steps to safeguard the privacy of your PHI.

III. YOUR RIGHTS REGARDING YOUR PHI

This section tells you about your rights regarding your PHI and describes how you can exercise these rights.

Your right to access and amend your PHI

Subject to certain exceptions, you have the right to view or get a copy of your PHI that we maintain in records relating to your care or decisions about your care or payment for your care. Subject to certain exceptions, requests must be in writing. We may charge you a reasonable, cost-based fee for the copies, summary or explanation of your PHI.

If we do not have the record you asked for but we know who does, we will tell you who to contact to request it. In limited situations, we may deny some or all of your request to see or receive copies of your records, but if we do, we will tell you why in writing and explain your right, if any, to have our denial reviewed.

If you believe there is a mistake in your PHI or that important information is missing, you may request that we correct or add to the record. Requests must be in writing, tell us what corrections or additions you are requesting, and why the corrections or additions should be made. We will respond in writing after reviewing your request. If we approve your request we will make the correction or addition to your PHI. If we deny your request, we will tell you why and explain your right to file a written statement of disagreement. Your statement must be limited to 250 words for each item in your record that you believe is incorrect or incomplete. You must clearly tell us in writing if you want us to include your statement in future disclosures we make of that part of your record. We may include a summary instead of your statement.

Submit all written requests to Saniset or the medical office where you received your care.

Your right to choose how we send PHI to you or someone else

You may ask us to send your PHI to you at a different address (for example, your work address) or by different means (for example, fax instead of regular mail).

If your PHI is stored electronically, you may request a copy of the records in an electronic format offered by Saniset. You may also make a specific written request to Saniset to transmit a copy of your PHI to a designated third party. We may charge a reasonable, cost-based fee.

Your right to an accounting of disclosures of PHI

You may ask us for a list of our disclosures of your PHI. You are entitled to one disclosure accounting in any 12-month period at no charge. If you request any additional accountings less than 12 months later, we may charge a fee.

Your right to request limits on uses and disclosures of your PHI

You may request that we limit our uses and disclosures of your PHI for treatment, payment, and health care operations purposes. We will review and consider your request. You may write to Saniset or the medical office where you received your care for consideration of your request.

We are not required to agree to your request, except to the extent that you request a restriction on disclosures to a health plan or insurer for payment or health care operations purposes and the items or services have been paid for out of pocket in full. However, we can still disclose the information to a health plan or insurer for the purpose of treating you. For requests to restrict your PHI for payment or health care operations purposes, please request the restriction prior to receiving services at the Saniset facility or medical office where you receive your care.

You can ask us not to use or share certain health information for treatment, payment, or our operations. We are not required to agree to your request, and we may say ‘no’ if it would affect your care. We will consider all submitted requests and, if we deny your request, we will notify you in writing.

Your right to receive a paper copy of this notice

You also have a right to receive a paper copy of this notice upon request.

IV.  HOW WE MAY USE AND DISCLOSE YOUR PHI

Your confidentiality is important to us. Our physicians and employees are required to maintain the confidentiality of the PHI of our members/patients, and we have policies and procedures and other safeguards to help protect your PHI from improper use and disclosure. Sometimes we are allowed by law to use and disclose certain PHI without your written permission. We briefly describe these uses and disclosures below and give you some examples.

How much PHI is used or disclosed without your written permission will vary depending, for example, on the intended purpose of the use or disclosure. Sometimes we may only need to use or disclose a limited amount of PHI, such as to send you an appointment reminder or to confirm that you are a health plan member. At other times, we may need to use or disclose more PHI such as when we are providing medical treatment.

V.  ALL OTHER USES AND DISCLOSURES OF YOUR PHI REQUIRE YOUR PRIOR WRITTEN AUTHORIZATION

Except for those uses and disclosures described above, we will not use or disclose your PHI without your written authorization. Some instances in which we may request your authorization for use or disclosure of PHI are:

When your authorization is required and you authorize us to use or disclose your PHI for some purpose, you may revoke that authorization by notifying us in writing at any time. Please note that the revocation will not apply to any authorized use or disclosure of your PHI that took place before we received your revocation. Also, if you gave your authorization to secure a policy of insurance, including health care coverage from us, you may not be permitted to revoke it until the insurer can no longer contest the policy issued to you or a claim under the policy.

VI.  HOW TO CONTACT US ABOUT THIS NOTICE OR TO COMPLAIN ABOUT OUR PRIVACY PRACTICES

If you have any questions about this notice, or want to lodge a complaint about our privacy practices, please write to us or let us know by calling us. You also may notify the secretary of the Department of Health and Human Services.

We will not take retaliatory action against you if you file a complaint about our privacy practices.

VII. CHANGES TO THIS NOTICE

We may change this notice and our privacy practices at any time, as long as the change is consistent with state and federal law. Any revised notice will apply both to the PHI we already have about you at the time of the change, and any PHI created or received after the change takes effect. If we make an important change to our privacy practices, we will promptly change this notice and make the new notice available on our Website at www.saniset.org. Except for changes required by law, we will not implement an important change to our privacy practices before we revise this notice.

VIII. EFFECTIVE DATE OF THIS NOTICE

This notice is effective on March 12, 2021.

THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION.