THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED BY THE U.S. DEPARTMENT OF STATE (DOS) OFFICE OF MEDICAL SERVICES (MED) AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.This Notice of Privacy Practices is provided to you in keeping with guidance in the Privacy Act of 1974. MED is authorized to collect certain health information from you pursuant to section 904 of the Foreign Service Act, 22 U.S.C. § 4084. This notice describes how MED may use or disclose your protected health information, with whom that information may be shared, and the safeguards MED has in place to protect it. This notice also describes your rights to access and amend your protected health information. You have the right to approve or refuse the release of specific information outside of MED except when the release is required or authorized by law or regulation. Show HOW WE MAY USE OR DISCLOSE YOUR PROTECTED HEALTH INFORMATIONThe following are examples of permitted uses and disclosures of your protected health information. Additional information about the Routine Uses of your medical information can be found in the System of Records Notice State-24, Medical Records. REQUIRED USES AND DISCLOSURES By law, we must disclose your health information to you unless it has been determined by a competent medical authority that it would be harmful to you. TREATMENT We will use and disclose your protected health information to provide, coordinate, or manage your health care and any related services. For example, we would disclose your protected health information, as necessary for provision of any diagnosis and prescriptions/medications in a DOS health unit/clinic. We will disclose your protected health information to another physician, or health care provider (for example, a specialist, pharmacist, or laboratory) who, at the request of your physician, becomes involved in your care by providing assistance with your health care diagnosis or treatment. This includes pharmacists who may be provided information on other drugs you have been prescribed to identify potential interactions. In emergencies, we will use and disclose your protected health information to provide the treatment you require. PAYMENT Your protected health information will be used, as needed, to obtain payment for your health care services, including services recommended for determining eligibility for benefits, and utilization reviews. For example, obtaining approval for a hospital stay might require that some protected health information be disclosed to obtain approval for the hospital admission. HEALTH CARE OPERATIONS AND OVERSIGHT We may use or disclose your protected health information to support the daily activities related to health care. These activities include, but are not limited to, quality assessment activities, investigations of adverse events or complaints, medical suitability determinations for medical and security clearances, medical clearance of an individual for a specific post, oversight of staff performance, and conducting or arranging for other health care related activities. We may disclose protected health information to a health oversight agency for activities such as audits, investigations, and inspections. These health oversight agencies might include government agencies that oversee the health care system, government benefit programs, other government regulatory programs, and civil rights laws. REQUIRED BY LAW We may use or disclose your protected health information if law or regulation requires the use or disclosure. These include the following:
PUBLIC HEALTH We may disclose your protected health information to a public health authority that is permitted by law to collect or receive the information. The disclosure may be necessary to do the following:
FOOD AND DRUG ADMINISTRATION We may disclose your protected health information to a person or company required by the Food and Drug Administration to do the following:
CORONERS, FUNERAL DIRECTORS, AND ORGAN DONATIONS We may disclose protected health information to coroners or medical examiners for identification, to determine the cause of death, or for the performance of other duties authorized by law. We may also disclose protected health information to funeral directors as authorized by law. NATIONAL SECURITY We may also disclose your protected health information to authorized Federal officials for conducting national security and intelligence activities and protective services to the President or others. WORKERS’ COMPENSATION We may disclose your protected health information to comply with workers’ compensation laws and other similar legally established programs. PARENTAL ACCESS Some state laws concerning minors permit or require disclosure of protected health information to parents, guardians, and persons acting in a similar legal status. Where care occurs in the U.S, we will act consistently with the law of the state where the treatment was provided. We may refuse to disclose information to a parent when we feel such disclosure might be harmful to the child. CONSEQUENCES OF NON-DISCLOSURE Providing this information is voluntary, however failure to disclose medical information needed from you by MED may affect MED’s ability to provide treatment or (in the case of medical clearances) may result in denial of medical clearance. YOUR RIGHTS REGARDING YOUR HEALTH INFORMATIONUnder the privacy rules, you have the right to do the following by submitting a written request or electronic message to the Medical Privacy Officer. Depending on your request, you may also have rights under the Privacy Act of 1974. Please be aware that MED may deny your request, and that you may seek a review of any such denial. RIGHT TO INSPECT AND COPY You may inspect and obtain a copy of your protected health information that is contained in a designated medical record for as long as we maintain the protected health information. A designated medical record contains medical and billing records and any other records that MED uses for making decisions about you. This right does not include inspection and copying of the following records: some psychotherapy notes; information compiled in reasonable anticipation of, or use in, a civil, criminal, or administrative action or proceeding; and protected health information that is subject to law that prohibits access to protected health information. RIGHT TO REQUEST RESTRICTIONS You may ask us not to use or disclose any part of your protected health information. Your request must be made in writing to MED Privacy Officer where you wish the restriction instituted. In your request, you must tell us (1) what information you want restricted; (2) whether you want to restrict our use, disclosure, or both; (3) to whom you want the restriction to apply,; and (4) an expiration date. MED is not required to agree to a requested restriction. If the restriction is mutually agreed upon, we will honor your request, unless it is needed to provide emergency treatment. You may revoke a previously agreed upon restriction, at any time, in writing, though MED may continue to have access to the information as permissible under applicable laws. All disclosure restrictions expire in three years and must be renewed if you want them continued. RIGHT TO REQUEST CONFIDENTIAL COMMUNICATIONS You may request that MED communicate with you using alternative means or at an alternative location to further protect your privacy. We will not ask you the reason for your request. We will accommodate reasonable requests, when possible. RIGHT TO REQUEST AMENDMENT If you believe that the information we have about you is incorrect or incomplete, you may request an amendment to your protected health information as long as we maintain this information. While we will accept requests for amendment, we are not required to agree to the amendment. If there are factual errors (wrong birth date, wrong blood type, etc.) we will correct these. If you disagree with statements in the record, we will append/add your statement to the record, but the original document cannot be changed. RIGHT TO OBTAIN A COPY OF THIS NOTICE You may obtain a paper copy of this notice from MED or view it electronically on MED’s intranet website at http://med.m.state.sbu. ACKNOWLEDGMENT OF RECEIPT OF THIS NOTICEYou will be asked to provide a signed acknowledgment of receipt of this notice. Our intent is to make you aware of the possible uses and disclosures of your protected health information and your privacy rights. The delivery of your health care services will in no way be conditioned upon your signed acknowledgment. If you decline to provide a signed acknowledgment, we will continue to provide your treatment, and will use and disclose your protected health information for treatment, payment, and health care operations when necessary.
COMPLAINTS If you believe your privacy rights have been violated, you may file a written complaint with the MED Privacy Officer. Please address your signed letter to: MED Privacy Officer, CONTACT INFORMATION You may email the Medical Privacy Officer for further explanation of this document at . BREACH OR LOSS We have instituted extensive precautions to protect your information from loss or inappropriate access. However, if your healthcare information is out of our control and we feel there is some risk to you as a result, we will notify you as soon as possible. Our first choice for notification is by email. If that is not possible, we will send a notice by U.S. Postal Service. If the data loss involves a significant number of individuals, we may also send a department notice or cable and/or place a notice on the MED website. FEDERAL PRIVACY LAWS Federal laws governing release of information, including the Privacy Act and the Freedom of Information Act, may apply and have been taken into consideration in developing MED’s policies and this notice. ACKNOWLEDGMENT OF RECEIPT I have received a copy of the MED Privacy Policy. Name (print) ___________________ Date of Birth: ___ / ___ / ______ Agency: State (circle), Other (specify): __________ Signature: _______________________ Date: _____________ Return instructions:
What are the 5 provisions of the Hipaa privacy Rule?HHS initiated 5 rules to enforce Administrative Simplification: (1) Privacy Rule, (2) Transactions and Code Sets Rule, (3) Security Rule, (4) Unique Identifiers Rule, and (5) Enforcement Rule.
What is considered PHI under Hipaa?Protected health information (PHI) is any information in the medical record or designated record set that can be used to identify an individual and that was created, used, or disclosed in the course of providing a health care service such as diagnosis or treatment.
What must be included in an up to date NPP?Regardless of industry, your NPP must contain user-friendly language and specific information:. Describe the types of uses or disclosures of PHI that are permitted without authorization from the individual.. Describe the types of uses or disclosures that require authorization or that the individual can elect to opt out:. How is the information on a patient's insurance card usually recorded if the medical office uses an electronic health record EHR )?How is the information on a patient's insurance card usually recorded if the medical office uses an electronic health record (EHR)? The insurance card is scanned into the EHR.
|