Privacy Policies

Jeffrey H. Chester, DO

PRIVACY POLICIES
effective April 15, 2003

It is the policy of my practice and staff preserve the integrity and the confidentiality of protected health information (PHI) pertaining to our patients. The purpose of this policy is to ensure that my practice and staff have the necessary medical and PHI to provide the highest quality medical care possible while protecting the confidentiality of the PHI of our patients to the highest degree possible.  Patients should not be afraid to provide information to my practice and staff for purposes of treatment, payment and healthcare operations (TPO). To that end, my practice and staff will–

F  Adhere to the standards set forth in the Notice of Privacy Practices.

F  Collect, use and disclose PHI only in conformance with state and federal laws and current patient covenants and/or authorizations, as appropriate. My practice and staff will not use or disclose PHI for uses outside of practice’s TPO, such as marketing, employment, life insurance applications, etc. without an authorization from the patient.

F  Use and disclose PHI to remind patients of their appointments unless they instruct us not to.

F  Recognize that PHI collected about patients must be accurate, timely, complete, and available when needed.   My practice and staff will implement reasonable measures to protect the integrity of all PHI maintained about patients.

F  Recognize that patients have a right to privacy. My practice and staff respect the patient’s individual dignity at all times. My practice and staff will respect patient’s privacy to the extent consistent with providing the highest quality medical care possible and with the efficient administration of the facility.

F  Act as responsible information stewards and treat all PHI as sensitive and confidential. Consequently, My practice and staff will:

  • Treat all PHI data as confidential in accordance with professional ethics, accreditation standards, and legal requirements.
  • Not disclose PHI data unless the patient (or his or her authorized representative) has properly authorized the release or law otherwise authorizes the release.

F  Recognize that, although my practice “owns” the medical record, the patient has a right to inspect and obtain a copy of his/her PHI.  In addition, patients have a right to request an amendment to his/her medical record if he/she believes his/her information is inaccurate or incomplete.  My practice and staff will–

  • Permit patients access to their medical records when their written requests are approved by my practice.  If we deny their request, then we must inform the patients that they may request a review of our denial.  In such cases, we will have an on-site healthcare professional review the patients’ appeals.

  • Provide patients an opportunity to request the correction of inaccurate or incomplete PHI in their medical records in accordance with the law and professional standards.

F   My practice and staff will maintain a list of certain disclosures of PHI for purposes other than TPO for each patient and those made pursuant to an authorization as required by HIPAA rules.  We will provide this list to patients upon request, so long as their requests are in writing.

F  My practice and staff will adhere to any restrictions concerning the use or disclosure of PHI that patients have requested and have been approved by our practice.

F  My practice and staff must adhere to this policy.  My practice will not tolerate violations of this policy. Violation of this policy is grounds for disciplinary action, up to and including termination of employment and criminal or professional sanctions in accordance with our practice’s personnel rules and regulations.

F  My practice may change this privacy policy in the future.  Any changes will be effective upon the release of a revised privacy policy and will be made available to patients upon request.