Privacy Policy
Heartsong Hospice Notice of Privacy Practices
THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION
PLEASE REVIEW IT CAREFULLY
Heartsong Hospice of SC, LLC DBA Heartsong Hospice and its affiliated companies (the "Provider") (collectively, an "Affiliated Covered Entity"), may use and disclose your protected health information for treatment, payment, health care operations and as required by law in accordance with the Health Insurance Portability and Accountability Act ("HIPAA"), as amended by the Health Information Technology for Economic and Clinical Health Act (HITECH Act), and the HIPAA Omnibus Rule (Collectively, the "HIPAA Rules"). The use of "you" or "your" below, also refers to your authorized representative(s).
CONSENTS: In accordance with the HIPAA Rules, the Provider exercises its option to obtain your consent regarding the use and disclosure of your information at the start of care or within a reasonable amount of time afterwards. The Provider retains the right not to provide treatment if you refuse to sign the consent form.
AUTHORIZATIONS: Your written authorization is required for the disclosure of your protected health information when the disclosure is not for treatment purposes, health care operations or payment, or required by law.
YOUR HEALTH INFORMATION MAY BE USED & DISCLOSED WITHOUT PATIENT AUTHORIZATION:
To Provide Treatment. The Provider and others involved with treatment (such as your attending physician, family members, pharmacists, suppliers of medical equipment or other health care professionals) may disclose your health information to each other in order to provide appropriate treatment to you. For example, your attending physician needs information about your symptoms in order to prescribe appropriate medications. Where applicable, any documents containing protected health information given to you or left in your home/place of service by one of our caregivers for the purpose of treatment and/or continued care, is your responsibility to safeguard.
To Obtain Payment. The Provider may disclose your health information to collect payment from third parties. For example, the Provider may be required by your health insurer to disclose information regarding your health care status to obtain prior approval for treatment.
To Conduct Health Care Operations. The Provider may disclose your health information as necessary to facilitate the Provider's health care operations and to provide quality care to all of the Provider's patients, including such activities as:
- Quality assessment and improvement
- Activities designed to improve health or reduce health care costs
- Protocol development, case management and care coordination
- Contacting providers and patients about treatment alternatives and other related functions
- Professional review and performance evaluation
- Supervised professional training programs
- Accreditation, certification, licensing or credentialing
- Reviews and auditing (includes compliance, medical, and legal services)
- Business planning and development (includes cost management, analyses, formularies)
- Business management and general administration
- Patient safety activities
For example, the Provider may use your health information to evaluate its staff performance, combine your health information with other Provider patients in evaluating how to more effectively serve all Provider patients, disclose your health information to Provider staff and contracted personnel for training purposes, use your health information to contact you as a reminder regarding a visit to you, or contact you via information mailings (unless you tell us you do not want to be contacted for such).
To an Affiliated Covered Entity: The Provider may disclose information to other affiliated entities that are part of the Affiliated Covered Entity to carry out treatment, payment and health care operations as described above, which may include assisting to identify and provide appropriate care for you or to assist in administrative functions related to your care.
To Business Associates. We may enter into contracts with entities knows as Business Associates that provide services to, or perform functions on behalf of, the Provider. For example, we may disclose your protected health information to a Business Associate to administer claims. Business Associates and their subcontractors are required by law to safeguard your protected health information.
To Health Information Exchange (HIE). Providers may participate in electronic health exchanges (HIE) and may share your health information as described in this Notice. An HIE is a way of sharing your health information among providers such as hospitals, doctors, labs and other health care providers through secure, electronic means. As permitted by law, your health information will automatically be shared with this exchange in order to provide faster access, better coordination of care and assist providers and public health officials in making more informed decisions. If you wish to opt-out, please contact your provider, call 803-722-0662.
As Required by Law. There are federal and state regulations that require certain reporting, including population-based activities relating to improving health or reducing health care costs. For example, your health information may be required for public health activities, abuse, neglect or domestic violence investigations, law enforcement purposes, specialized government functions, military/veterans affairs, death related functions/purposes, organ and tissue procurements/donations, to avert a serious threat to health or safety, judicial and administrative proceedings, disaster relief and workers compensation. Some states have separate privacy laws that may apply additional legal requirements. If the state privacy laws are more stringent than federal privacy laws, the state law overrides the federal law.
Other than as stated above, the Provider will not disclose your health information without your written authorization, which you may revoke in writing at any time.
WRITTEN AUTHORIZATION IS REQUIRED OUTSIDE OF TREATMENT, PAYMENT, HEALTH CARE OPERATIONS, OR AS REQUIRED BY LAW FOR THE FOLLOWING:
- Litigation
- Life insurance
- Fundraising/Marketing
- Psychotherapy notes/records Substance abuse disorder records
- Disability
- Research
- HIV or Genetic testing Results
WITH RESPECT TO YOUR HEALTH INFORMATION, YOU HAVE THE RIGHT:
- To request restrictions on certain uses and disclosures of your health information, including disclosure to individuals involved in your care or payment. However, the Provider is not required to agree to your request except when PHI is for payment to a health plan to carry out payment, and is not otherwise required by law, and you have, or someone on your behalf has, paid the Provider in full.
- To receive confidential communications in a certain way. For example, you may request that the Provider only communicate with you privately with no other family members present. The Provider will not request any reasons for your request and will attempt to honor any reasonable requests. If you would like to ask for an alternate means of communication, please request an Alternate Confidential Communication Fonn to document how you wish to receive confidential communications.
- To inspect and receive a copy of your health information including billing records. To request an inspection or copy of your records containing your health information, please directly notify your Provider. You may request to receive this information in electronic or paper format. The Provider may charge a reasonable fee for copying and assembling costs associated with your request. Federal regulations require that we provide a copy of the clinical record to home health patients at no charge. We will provide a copy or a summary of your health and claims records, usually within 30 days of your request. Federal regulations require that we provide a copy or a summary of your home health and claims records upon the next visit after the request or within 4 days of your request, whichever comes first.
- To request amendments to your health care information (including corrections or other opinions) for any health information in question for as long as it is maintained by the Provider. This right does not include the deletion, removal, or erasure of health information. All such requests must be made in writing. The Provider may deny the request if: (a) the request is not in writing; (b) the request does not include a reason; (c) the health information was not created by the Provider nor part of the Provider's records; ( d) if you are not otherwise permitted by the Regulations to inspect or copy the health information in question; or, (e) if after considering your request, the Provider finds that your health information is already accurate and complete. We may say "no" to your request, but we will tell you why in writing within 60 days.
- To an accounting of disclosures of your health information made by the Provider for reasons other than for treatment, payment or health care operations. All such requests must be made in writing and should specify the time period for the accounting not to exceed six (6) years or the normal record retention policy of the Provider, whichever is longer. The Provider will provide the first accounting requested during any twelve (12) month period without charge. Subsequent requests may be subject to a reasonable cost-based fee.
- To get a paper copy of this Notice at any time even if you have received this Notice previously. A copy of the current version of this Notice is available at the Provider location.
- To choose someone to act for you. If you have given someone medical power of attorney or if someone is your legal guardian, that person can exercise your rights and make choices about your health information. We will make sure the person has this authority and can act for you before we take any action.
DUTIES OF THE PROVIDER (AS REQUIRED BY LAW):
- to maintain the privacy of your health information;
- to provide to you or your representative this Notice of its duties and privacy practices;
- to abide by the terms of this Notice as may be amended from time to time; and
- to notify you in the event that we or one of our Business Associates discover a breach of your unsecured protected health information, in a manner not permitted under the HIPAA Rules, which compromises the security or privacy of your protected health information, unless after assessment it is determined that there is a low probability that the protected health information was compromised.
CHANGES TO THIS NOTlCE: The Provider reserves the right to change the terms of this Notice and to make such changes effective for all health information that it maintains. If the Provider changes this Notice, the Provider will provide a copy of the revised Notice to you via your Provider location.
COMPLAINTS: You have the right to express complaints to the Provider or the Secretary of DHHS if you believe that your privacy rights have been violated. You will not be retaliated against in any way for filing a complaint.
TO CONTACT US: Privacy and security concerns related to your patient information can be addressed directly to your Provider, or our designated HIPAA Privacy Officer at 803-722-0662, or by the direct mailing address below:
Privacy Officer
Heartsong Hospice
7909 Parklane Rd. Suite 310
Columbia, SC, 29223