Privacy Notice for Clients
This notice describes how medical information about you may be used and disclosed and how you can access this information. Please review it carefully.
Decision Critical Concierge Nursing (herein referred to as DC) respects your confidentiality and privacy. We have policies and procedures in place that protect your protected health information and restrict how it is used. Protected Health Information (PHI) includes medical information regarding your care and treatment and protected information may be used to identify you, including but not limited to, your name, address, phone number, social security number, e-mail address, diagnosis, or similar information you provide in the course of treatment. PHI may be in paper or electronic format.
In addition, federal and state governments oversee home health care to be sure that we furnish and you receive quality home health care services and your PHI is kept secure and confidential.
Collection and use of written and electronic protected health information
To provide services to you, we are required to collect information about you and your health care needs from you and others (e.g., insurance companies, hospitals, physicians, family members, other caregivers).
As your nurse, DC will not sell your protected health information. To provide optimal care and treatment, we must share information about you and your health care needs for treatment, payment, and our health care operations. For treatment we will share PHI with members of our health care team, physicians, hospitals, other healthcare providers, your interdisciplinary team, family members, close friends, or other people you identify including clergy, private caregivers, pharmacies, medical equipment providers and others. For DC’s health care operations and quality improvement, we will use and share your information to improve our care, reduce costs or for training of our employees.
Some examples of how we use your protected health information include:
- To communicate with your physician or other members of your interdisciplinary team to ensure that your care plan and orders are kept up-to-date and your needs are met.
- For review, teaching and training purposes within our company, including to students or trainees under our supervision, to help ensure we are providing quality care.
- To tell you about or recommend possible treatment options, products or services offered by other DC offices or by third party providers that may be of interest or benefit to you.
- To our limited non-employees we work with, called Business Associates may assist us in your care, obtaining payment or in our daily health care operations. For example, an answering service or record storage company may be our Business Associates. All Business Associates sign a contract and promise to follow the same standards as DC.
For other disclosures not related to your treatment, payment, health care operations or is not legally required; we must have your signature on a separate HIPAA Authorization form. For example, if an attorney sends us a letter asking for copies of your medical file, we will obtain your written authorization before releasing the information. Additionally, some PHI is highly protected, including information related to substance abuse, sexually transmitted diseases or diagnoses like HIV/AIDS.
If you have designated a medical power of attorney, you have a legal guardian or you have someone who is authorized to make decisions on your behalf, we will work with that person. Before we do, we will confirm that person has legal authority to act on your behalf by contacting you and/or requesting copies of the legal documents.
There are some situations where DC is legally required to share your PHI without seeking your authorization. They are defined in federal and state laws and regulations, which we must follow. Some examples include:
- When a law enforcement official or attorney presents us with a warrant, court ordered subpoena, legal discovery request or other legal requirements.
- For health oversight activities such as accreditation, licensing, credentialing or audits, inspections and investigations, including compliance or medical reviews.
- When a government regulatory agency or oversight board asks to see your records for investigations, inspections, disciplinary actions or to ensure that we are conforming to other laws and regulations, including the Health Insurance Portability and Accessibility Act (HIPAA) and similar state or local laws.
- For public health activities including controlling disease, injury or disability, reporting to the Federal Food and Drug Administration concerning problems with products, product recalls or reporting deaths as required by State law.
- When we reasonably believe that you are a possible victim of abuse, neglect, domestic violence or other crimes or to help prevent any possible threat or injury to you.
- For public health activities and to avert a serious or imminent threat to your health or safety or the health and safety of others.
- For emergency preparedness to help ensure your safety in the event of a natural disaster or other safety hazard to you or your home.
Your privacy rights
Although your medical file and PHI are the property of DC, the information belongs to you. You have the right to:
- Know and see the information about your care in your medical file maintained by DC. Review the information in person or request copies of your medical file, whether in paper or electronic format. You must ask us in writing and give us time to schedule your visit or to make copies of your file. If your records are maintained electronically, you can have access to them in an electronic format. Or, you may ask us to send your health record to a third party. If you cannot see the records protectedly, you may designate someone to do so, on your behalf. We will usually provide access to your records within 30 days of your request. We may also charge a reasonable copying fee for our costs.
- Request that we communicate with you concerning your health matters in a specific way (for example, at a cellular or office telephone numbers or at a different address then we have on file). We will accommodate your request if possible.
- Request that certain people NOT have access to your protected health information including limiting information to your health plan if you (or someone on your behalf) have paid in full for services out of pocket. Please notify your Clinical Manager or office Director of any restrictions or requests.
- Be notified if we believe there has been unauthorized access to your PHI (breach). In the event of a breach, within 60 days, we will contact you via telephone whenever possible and will provide written notice by first class mail or by e-mail. We will let you know what occurred and what we have done to remedy it. We will also follow any state specific laws that may have different requirements.
- Ask us to amend information in our files you believe is incorrect or incomplete whether in paper or electronic format. To request an Amendment, please ask your Clinical Manager or Director for the form: “Request to Amend My protected Health Information Form” for this purpose. In most situations, we will honor your request and update your record; however, there are a few situations where we may not be able to do so.
- Request a list of anyone who received your protected health information without your authorization for the last six years (accounting). The list includes who we shared it with, the date and why. It may include releases to attorneys, law enforcement officials, and government agencies. To request a copy of this list, please contact your local office Director.
Photographs, videotapes, and digital or other images may need to be recorded to document your care. DC retains ownership rights to these photographs, videotapes, and digital or other images. We will store them in a secure manner to protect your privacy. You have the same rights outlined above to see these images or to obtain copies.
DC may communicate information about your care via e-mail. When doing so we take steps to protect the privacy, security and confidentiality of e-mail information that is sent and received. We also make any e-mail that is related to your PHI a part of your medical file.
We will not use unsecure e-mail to communicate certain medical information regarding sexually transmitted diseases, HIV/AIDS or substance abuse. If there are other types of information you do not wish to be transmitted via e-mail. We will honor your request if possible.
If you or any third parties wish to e-mail DC about your care, only use a “DC” e-mail address (ending in ‘decisioncriticalbr.com’) because we cannot guarantee receipt or security of e-mail sent to any other address.
DC values our relationship with you and prefers to communicate with you via telephone or in person whenever possible. If you communicate with us via e-mail, we will do our best to respond promptly. Please avoid e-mail for emergencies or time sensitive matters.
Changes to this notice
On occasion we may need to update or change this Privacy Notice. Copies of the updated Notice will be available in your service office and will also be posted on our web site (www.decisioncriticalbr.com). If you would like to receive a paper copy of this Notice, at any time, please send us an email.
If you have questions, need more information, disagree with a decision made about access to your PHI, or if you have any concerns regarding a possible violation of your privacy, please contact your local DC office or DC’s Privacy Officer using the methods listed below.
· Compliance Email: [email protected]
You may also file a grievance/complaint with the United States Department of Health and Human Services, 200 Independence Ave., SW, Washington, DC 20201, or by calling them Toll Free at 1-877-696-6775.
Contact Form Data
When you submit to our contact form, the information is transmitted via email . This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.