When you choose Dr. Kevin Brenner for your plastic surgical care, you can rest assured that your privacy and confidentiality will be upheld. Dr. Brenner, and his full office staff at the ROX Center have your best interest in mind at all times. This applies not only to your entire surgical experience and surgical results, but also to your strict privacy. Dr. Brenner’s office staff is fully HIPPA trained and HIPPA compliant. So that you fully understand your rights as a patient under HIPPA, we have compiled the important highlights of this law for your review:
HIPPA: Health Insurance Portability & Accountability Act
The HIPAA Privacy Rule which took effect in 2003, regulates the use and disclosure of certain information held by “covered entities” (generally, health care clearinghouses, employer sponsored health plans, health insurers, and medical service providers that engage in certain transactions.) It establishes regulations for the use and disclosure of private health information. Private health information is any information held by a covered entity (i.e your physician and their staff) which concerns health status, provision of health care, or payment for health care that can be linked to an individual. This is interpreted rather broadly and includes any part of an individual’s medical records or payment history.
Your physician (or other covered entities) must disclose protected health information to the his or her patients within 30 days upon written request. They also must disclose protected health information when required to do so by law, such as reporting suspected child abuse to state child welfare agencies. A covered entity may disclose protected health information to facilitate treatment, payment, or health care operations, or if the covered entity has obtained authorization from the individual. However, when a covered entity discloses any protected health information, it must make a reasonable effort to disclose only the minimum necessary information required to achieve its purpose.
The Privacy Rule gives individuals the right to request that a covered entity correct any inaccurate. It also requires covered entities to take reasonable steps to ensure the confidentiality of communications with individuals. For example, an individual can ask to be called at his or her work number, instead of home or cell phone number.
The Privacy Rule requires covered entities to notify individuals of uses of their private health information. Covered entities must also keep track of disclosures of private health information and document privacy policies and procedures. They must appoint a Privacy Official and a contact person responsible for receiving complaints and train all members of their workforce in procedures regarding private health information. An individual who believes that the Privacy Rule is not being upheld can file a complaint with the Department of Health and Human Services Office for Civil Rights (OCR).