Suggested text: Our website address is: https://newhopevillage.org.
NEW HOPE
NOTICE OF PRIVACY PRACTICES
Effective April 14, 2003
Revised August, 2013
THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION.
PLEASE REVIEW IT CAREFULLY.
This facility is required by law to provide you with this Notice so that you will understand how we may use or share your information from your Designated Record Set. The Designated Record Set includes financial and health information referred to in this Notice as “Protected Health Information” (PHI) or simply “health information.” We are required to adhere to the terms outlined in this Notice. If you have any questions about this Notice, please contact our Privacy Officer at 712-792-5500, ext. 223.
Understanding Your Health Record and Information |
Each time you are served by our organization, a record of our service is made containing health and financial information. Typically, this record contains information about your condition, the service we provide and payment for the treatment. We may use and/or disclose this information to:
Understanding what is in your record and how your health information is used helps you to:
How We May Use and Disclose Protected Health Information About You |
The following categories described the ways that we use and disclose health information. Not every use or disclosure in a category will be listed. However, all of the ways we are permitted to use and disclose information will fall into one of the categories.
A. Uses and Disclosures for Treatment, Payment and Administrative Operations
1. For Treatment. We may use or disclose health information about you to provide you with services. We may disclose health information about you to doctors, nurses, therapists or other organization personnel in order to coordinate and manage your services. For example, we may need to disclose information to a case manager who is responsible for coordinating your care.We may also disclose your health information among our staff or we may disclose your health information to your primary physician. We may consult with other health care providers and in the process of that consultation share your health information with them.
2. For Payment. We may use or disclose your protected health information (PHI) so that the services you receive are billed to, and payment is collected from, your funders or other interested parties. For example, we may disclose your PHI to permit funders to approve or pay for your services. This may include: making a determination of eligibility for services, reviewing your services, reviewing your services to determine if they were appropriately authorized, reviewing your services for purposes of utilization review, to ensure the appropriateness of your services, or to justify the charges for your services.
3. For Administrative Operations. We may use and disclose PHI about you for our day to day administrative operations. These uses and disclosures are necessary to run our organization and make sure that you receive quality services. For example, these activities may include quality reviews, medication reviews, licensing, business planning and development, and general administration activities. We may also combine health information about many individuals to help determine what additional services should be offered, what services should be discontinued, and whether certain new treatments are effective. Health information about you may be used by the administrative offices for business development and planning, cost management analyses, insurance claims management, risk management activities, and in developing and testing information systems programs. We may also use and disclose information for professional review, performance evaluation, and for training programs. Other aspects of health care operations that may require use and disclosure of your health information include accreditation, certification, licensing and credentialing activities, review and auditing, including compliance reviews, medical review, legal services and compliance programs. Your health information may be used and disclosed for the business management and general activities of the organization including resolution of internal grievances, customer service and due diligence in connection with a sale or transfer of the organization. In limited circumstances, we may disclose your health information that identifies you so that the health information may be used to study health care and health care delivery without learning the identities of the consumers. We may disclose your age, birth date and general information about you in the organization newsletter, on activities calendars, and to entities in the community that wish to acknowledge your birthday or commemorate your achievements on special occasions.
We may also provide your PHI to other service providers or to your funders to assist them in performing their own operations. We will do so only if you have or have had a relationship with the other provider or funder. For example, we may provide information about you to your funder to assist them in their quality assurance activities.
Other Allowable Uses of Your Health Information |
Public Health Risks – We may disclose health information about you for public health purposes including:
Health Oversight Activities – We may disclose health information to a health oversight agency for activities authorized by law. These oversight activities may include audits, investigations, inspections, and licensure. These activities are necessary for the government to monitor the health care system, government programs, and compliance with civil rights laws.
Judicial and Administrative Proceedings – If you are involved in a lawsuit or a dispute, we may disclose health information about you in response to a court or administrative order. We may also disclose health information about you in response to a subpoena, discovery request, or other lawful process by someone else involved in the dispute, but only if efforts have been made to tell you about the request or to obtain an order protecting the information requested.
Other Uses of Health Information |
Other uses and disclosures of health information not covered by this Notice or the laws that apply to us will be made only with your written permission. If you provide us permission to use or disclose health information about you, you may revoke that permission, in writing, at any time. If you revoke your permission, we will no longer use or disclose health information about you for the reasons covered by your written authorization. You understand that we are unable to take back any disclosures that we have already made with your permission, and that we are required to retain our records of the care that we provided to you. Specifically, without your written authorization we will not use or disclose your health information for the following purposes: 1. Most uses and disclosures of psychotherapy notes; 2. Uses or disclosures for marketing purposes; and 3. Uses and disclosures that involve the sale of your protected health information.
Your Rights Regarding Health Information About You |
Although your health record is the property of the organization, the information belongs to you. You have the following rights regarding your health information:
A. Right to inspect and copy.
You have the right to request to inspect or copy health information used to make decisions about your care – whether they are decisions about your services or payment of your care. You must submit your request in writing to our Privacy Officer. If you request a copy of the information, we may charge you a fee for the cost of copying, mailing and supplies associated with your request. We may deny your request to inspect or copy your health information in certain limited circumstances, such as psychotherapynotes or if the information is compiled in anticipation of, or use in, a civil, criminal or administrative action or proceeding. In some cases, you will have the right to have the denial reviewed by a licensed health care professional not directly involved in the original decision to deny access. We will inform you in writing if the denial of your request may be reviewed. Once the review is completed, we will honor the decision made by the licensed health care professional reviewer. If your health information is kept electronically, you have the right to receive an electronic copy of your health information subject to the restrictions set forth above.
B. Right to amend.
For as long as we keep records about you, you have the right to request us to amend any health information used to make decisions about your care – whether they are decisions about your service or payment of your care. To request an amendment, you must submit a written request to our Privacy Officer and tell us why you believe the information is incorrect or inaccurate. We may deny your request for an amendment if it is not in writing or does not include a reason to support the request. We may also deny your request if you ask us to amend health information that:
If we deny your request to amend, we will send you a written notice of the denial stating the basis for the denial and offering you the opportunity to provide a written statement disagreeing with the denial. If you do not wish to prepare a written statement of disagreement, you may ask that the requested amendment and our denial be attached to all future disclosures of the health information that is the subject of your request. If you choose to submit a written statement of disagreement, we have the right to prepare a written rebuttal to your statement of disagreement. In this case, we will attach the written request and the rebuttal (as well as the original request and denial) to all future disclosures of the health information that is the subject of your request.
C. Right to an accounting of disclosures.
You have the right to request that we provide you with an accounting or list of disclosures we have made of your health information. This list will not include certain disclosures of your health information, for example, those we have made for purposes of service, payment and health care operations; disclosure made to you or authorized by you; disclosures that are incident to another use or disclosure, etc. To request an accounting of disclosures, you must submit your request in writing to the Privacy Officer. The request must state the time period for which you wish to receive an accounting. This time period should not be longer than six years and not include dates before April 14, 2003. The first accounting you request within a twelve month period will be free. For additional requests during the same 12 month period, we will charge you for the costs of providing the accounting. We will notify you of the amount we will charge and you may choose to withdraw or modify your request before you incur any costs.
In addition to your right to an accounting of disclosures, we have a legal obligation to notify you if your protected health information is affected by any security breach that may occur
D. Right to request restrictions.
You have the right to request a restriction on the health information we use or disclose about you. You may also ask that any part or all of your health information not be disclosed to family members or friends who may be involved in your care or for notification purposes. We are not required to agree to a restriction that you may request. If we do agree, we will honor your request unless the restricted health information is needed to provide you with emergency care. You must submit your request in writing to the Privacy Officer and list: (a) what information you want to limit; (b) whether you want to limit use or disclosure or both; and (c) to whom you want the limits to apply. The above notwithstanding, you have the right to request a restriction of disclosures to a health plan for payment or health care operations regarding any services you have paid for, in full, out of pocket and we are required to honor that request.
E. Right to request confidential communications.
You have the right to request that we communicate with you about your health care only in a certain location or through a certain method. For example, you may request that we contact you only at work or by e-mail. To request such a confidential communication, you must make your request in writing to the Privacy Officer. We will accommodate all reasonable requests. You do not need to give us a reason for the request; but your request must specify how or where you wish to be contacted.
F. Right to a paper copy of this notice.
You have the right to obtain a paper copy of this Notice of Privacy Practices. You may request a copy at any time by contacting the Privacy Officer. A copy of the Notice of Privacy Practices is on our web site at www.newhopevillage.org.
Changes to this Notice |
We reserve the right to change the terms of our Notice of Privacy Practices. We also reserve the right to make the revised or changed Notice of Privacy Practices effective for all health information we already have about you as well as any health information we receive in the future. We will post a copy of the current Notice of Privacy Practices at our primary business office and at each site where we provide services. You may also obtain a copy of the current Notice of Privacy Practices by calling us at 712-792-5500, extension 223 and requesting a copy be sent to you in the mail or by asking for one any time you are at our business office or service sites.
Complaints |
If you believe your privacy rights have been violated, you may file a complaint with us or with the Secretary of the U.S. Department of Health and Human Services. All complaints must be submitted in writing. Our Privacy Officer will assist you with writing your complaint, if you request such assistance. We will not retaliate against you for filing a complaint. To file a complaint with us, contact our Privacy Officer by telephone at 712-792-5500, extension 223 or by mail at 1211 E. 19th St., PO Box 887, Carroll, IA 51401
Suggested text: When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.
Suggested text: If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
Suggested text: If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Suggested text: Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.
Suggested text: If you request a password reset, your IP address will be included in the reset email.
Suggested text: If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
Suggested text: If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Suggested text: Visitor comments may be checked through an automated spam detection service.