HIPAA stands for the Health Insurance Portability and Accountability Act. This act, approved by Congress in 1996, provides patients with uniform access to their medical records and more control over how their personal health information is used and disclosed. It also requires health
care providers to safeguard the security and confidentiality of medical records. Full information about the Act is provided on the US Department of Health & Human Services web site.
Children’s Wellness Center has taken all required steps to be in compliance with HIPAA regulations. We have adopted a privacy plan and trained our employees on its procedures. We have identified an employee who is responsible for ensuring that the procedures are implemented and up to date with current regulations. We have adopted an Electronic Medical Records (EMR) system that is certified in compliance with the Act. In short, we take our obligations very seriously.
An important aspect of HIPAA is patient notification. When you first visit our offices, you will be asked to read and acknowledge receiving a copy of the following guidelines. Please read them carefully and feel free to ask any questions about how your child’s medical records will be maintained.
Notice of Privacy Policies and Practices (effective September 1, 2004) Children’s Wellness Center is committed to protecting our patients’ privacy. The confidentiality of our patients is of greatest concern to our physician and employees alike. This notice details how our practice collects, handles, and protects personal information about our patients. This policy will be distributed to all patients and is available for viewing on our web site. We will review this policy on an annual basis and monitor our compliance with this policy. Should it be necessary to revise this policy more often due to circumstances, we will do so in a timely fashion.
How we protect your information
- Our staff is trained to adhere to the following privacy measures with regards to Protected Health Information (PHI):
- There are only three (3) reasons why an employee needs to access a patient’s chart or computer information: to treat or care for the patient, to process billing for services, or to respond to a medical records request.
- Patient medical information is located in a staff business area, out of the patient flow area. Patients do not have access to this area.
- Computer display terminals are exited out to a screensaver when the operator leaves a station. Entry into the system is password protected. Passwords are not to be shared.
- PHI transmitted over the Internet is encrypted, and all access is protected by passwords. Information we may disclose No PHI will be released without proper written consent from the patient or parent or guardian of the minor patient, unless the request is during an emergency. Occasions for release of PHI are the following:
- Workman’s compensation – The patient signs a record release at the time of the visit, as the chart notes must accompany the insurance billing.
- Legal pursuit – Attorney request (also includes medical record service) or subpoena
- Patient request; for example, moving or transferring records to another physician
- Disability Documentation
- Auto Accident
- Insurance company chart audit
- Driver’s Form
- Insurance Claim adjudication
- Our patients have the following rights to privacy and respect regarding their personal information:
- The right to access and copy health records with reasonable notice.
- The right to request restriction on how health information is disclosed or used.
- The right to file a complaint if they believe that our safeguards and procedures have not been followed.
Any privacy issue complaints should be directed to the Privacy Officer. If satisfaction is not received, the patient may notify the Department of Health & Human Services.