Sweeny Community Hospital Notice Privacy Practices
This notice describes how information about you may be used and disclosed and how you can get access to this information. Please review it carefully.
Understanding Your Health Record/Information
Each time you visit a hospital, physician, or other health-care provider, a record of your visit is made. Typically, this record contains your symptoms, examination and test results, diagnoses, treatment, and a plan for future care or treatment. This information, often referred to as your health or medical record, serves as:
- a basis for planning your care and treatment;
- a way of communication among the many healthcare professionals who contribute to your care;
- a legal document describing the care you received;
- a way by which you or a third-party payer can verify that services billed were actually provided;
- a tool in educating health-care professionals;
- a source of data for medical research;
- a source of information for public health officials charged with improving the health of the nation;
- a source of data for facility planning and marketing; and
- a tool with which we can assess and continually work to improve the care we render and the outcomes we achieve.
Understanding what is in your record and how your health information is used will help you to:
- ensure it is correct;
- better understand who, what, when, where, and why others may access your health information; and
- make more informed decisions when authorizing disclosure to others.
Your Health Information Rights
Although your health record is the physical property of the health-care practitioner or facility that compiled it, the information belongs to you.
You have the right to:
- request a restriction on certain uses and disclosures of your information as provided by 45 Code of Federal Regulation (CFR) 164.522;
- obtain a copy of the notice of information practices upon request; inspect and obtain a copy of your health record as provided for in 45 CFR 164.524;
- amend your health record as provided in 45 CFR 164.528;
- obtain a list of disclosures of your health information as provided in 45 CFR 164.528;
- request communications of your health information by alternative means or at alternative locations;
- revoke your authorization to use or disclose health information except to the extent that action has already been taken; and restrict disclosure to your health plan of any health information created from a service that you have paid for out of pocket.
This organization is required to:
- maintain the privacy of your health information;
- provide you with a notice of our legal duties and privacy practices with respect to information we collect and maintain about you;
- abide by the terms of this notice;
- notify you if we are unable to agree to a requested restriction; and
- accommodate reasonable requests you may have to communicate health information by alternative means or at alternative locations.
We reserve the right to change our practices and to make the new provisions effective for all protected health information we maintain. Should our information practices change, we will post a revised notice in the public areas of our Hospital and our website. We will not use or disclose your health information without your authorization, except as described in this notice. Disclosure of the following health information requires your written authorization: use of psychotherapy notes, disclosure of health information to marketing and disclosures that constitute a sale of health information. You may revoke your permission to release confidential healthcare information at any time. You may be contacted by the organization for the purposes of raising funds to support the organization’s operations. You may opt out of receiving such communications. The organization will notify patients when a reportable breach is discovered. Notification will be made to the patient(s) as soon as possible and no later than 60 days from when the breach is discovered. Notification will include a brief description of how the breach occurred, a description of the protected health information involved and steps patient(s) should take to protect themselves from harm. The notification will also include contact information for the individual to ask questions.
For More Information or to Report a Problem
If you believe your privacy rights have been violated, you can file a complaint with the privacy office at the phone number and address listed below or with the Secretary of Health and Human Services at Region VI Office for Civil Rights, 130l Young Street, Suite 1169, Dallas, TX 75202. Phone (800) 368-1019, Fax: (214) 767-0432. There will be no retaliation for filing a complaint. For more information or to report a complaint, you may contact the Privacy Officer by phone at (979) 548-1593 or by mail at 305 N. McKinney, Sweeny, TX 77480.
Examples of Disclosures for Treatment, Payment and Health Operations
We will use your health information for treatment. For example: Information obtained by a nurse, physician, or other member of your healthcare team will be recorded in your record and used to determine the treatment that should work best for you. Your physician will document in your record his or her expectations of the members of your healthcare team. Members of your health-care team will then record the actions they took and their observations. In that way, the physician will know how you are responding to treatment. Your health information will be shared between our clinics for patient care purposes. We will also provide your physician or another health-care provider with copies of various reports that should assist him or her in treating you once you’re discharged from this hospital.
We will use your health information to obtain payment.
For example: A bill may be sent to you or a third-party payer. The information on or accompanying the bill may include information that identifies you, as well as your diagnosis, procedures, and supplies used. This information may be submitted electronically in order to verify insurance, process payments or correct claims.
We will use your health information for regular health operations.
For example: Members of the medical staff, the quality improvement manager, or members of the quality management committee may use information in your health record to assess the care and outcomes in your case and others like it. This information will then be used in an effort to continually improve the quality and effectiveness of the healthcare and service we provide. Your health information will be shared between our clinics for operations purposes. Your information may be transmitted electronically to state or federal agencies for required reporting purposes.
Business associates: There are some services provided in our organization through contracts with business associates. Examples include physician services in the emergency department and radiology, and certain laboratory tests. When these services are contracted, we may disclose your health information to our business associates so that they can perform the job we’ve asked them to do and bill you or your insurance company for services rendered. To protect your health information, however, we require the business associate to appropriately safeguard your information.
AUTHORIZATION NOT REQUIRED
Pursuant to state and federal law, there are instances where Sweeny Community Hospital may use or disclose your PHI without a written authorization from you, including the following:
Directory: Unless you notify us that you object, we will use your name, location in the facility, general condition, and religion for directory purposes. This information may be provided to members of the clergy and, except for religious affiliation, to other people who ask for you by name.
Notification and Communication with family: We may use or disclose information to notify or assist in notifying a family member, personal representative, or another person responsible for your care, your location, and general condition. Health-care professionals, using their best judgment, may disclose to a family member, other relative, close personal friend or any other person you identify, health information relevant to that person’s involvement in your care or payment related to your care.
Funeral directors: We may disclose health information to funeral directors consistent with applicable law to carry out their duties.
Organ procurement organizations: Consistent with applicable law, we may disclose health information to organ procurement organizations or other entities engaged in the procurement, banking, or transplantation of organs for the purpose of tissue donation and transplant.
Food and Drug Administration (FDA): We may disclose to the FDA health information about adverse events with respect to food, supplements, product and product defects, or post marketing surveillance information to enable product recalls, repairs, or replacement.
Workers’ compensation: We may disclose health information to the extent authorized by and to the extent necessary to comply with laws relating to workers’ compensation or other similar programs established by law.
Public health: As required by law, we may disclose your health information to public health or legal authorities charged with preventing or controlling disease, injury or disability.
Law enforcement: We may disclose health information for law enforcement purposes as required by law.
Legal Proceedings: We may be required to disclose your PHI in response to a court order or valid subpoena.
Federal law allows for your health information to be released to an appropriate health oversight agency, public health authority or attorney, provided that an employee or business associate believes in good faith that we have engaged in unlawful conduct or have otherwise violated professional or clinical standards and are potentially endangering one or more patients, workers or the public.
Effective Date: September 23, 2013
Notice of Health Information Practices: 2/17/10
Texas Health and Safety Code Sec. 181.154 Requires
NOTICE AND AUTHORIZATION FOR ELECTRONIC DISCLOSURE OF PROTECTED HEALTH INFORMATION
Sweeny Hospital District (District) shall provide notice to an individual for whom the District creates or receives protected health information if the individual’s protected health information is subject to electronic disclosure.
The District may not electronically disclose an individual’s protected health information to any person without a separate authorization from the individual or the individual’s legally authorized representative for each disclosure. An authorization for disclosure under this subsection may be made in written or electronic form, or in oral form if it is documented in writing by the covered entity.
The authorization for electronic disclosure of protected health information described is not required if the disclosure is made:
To another covered entity as that term is defined by Section 181.001, or to a covered entity as that term is defined by Section 602.001, Insurance Code for the purpose of: Treatment, Payment, Health Care Operations or performing an insurance or health maintenance organization function described by section 602.053, Insurance Code or as otherwise authorized by state or federal law.