NOTICE OF PRIVACY
IMPORTANT: THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION.
As an essential part of our commitment to you, Ajo Ambulance maintains the privacy of certain confidential health care information about you, known as Protected Health Information or PHI. We are required by law to protect your health care information and to provide you with the attached Notice of Privacy Practices.
The notice outlines our legal duties and privacy practices respect to your PHI. It not only describes our privacy practices and your legal rights, but lets you know, among other things, how Ajo Ambulance is permitted to use and disclose PHI about you, how you can access and copy that information, how you may request amendment of that information and how you may request restrictions of our use and disclosure of your PHI.
Ajo Ambulance is also required to abide by the terms of the version of this Notice currently in effect. In most situations we may use this information as described in this Notice without your permission, but there are some situations where we may use it only after we obtain your written authorization, if we are required by law to do so. We respect your privacy and treat all health care information about our patients with care under strict policies of confidentiality that all of our staff is committed to following at all times.
USES AND DISCLOSURES OF PHI: Ajo Ambulance may use PHI for the purposes of treatment, payment and health care operations, in most cases without your written permission. Examples of our use of your PHI:
FOR TREATMENT: This includes such things as verbal and written information that we obtain about you and use pertaining to your medical condition and treatment provided to you by us and other medical personnel, including doctors and nurses who give orders to allow us to provide treatment to you). It also includes information we give to other health care personnel, to whom we transfer your care and treatment, and includes transfer of PHI via radio or telephone to the hospital or dispatch center as well as providing the hospital with a copy of the written record we create in the course of providing you with treatment and transport.
FOR PAYMENT: This includes any activities we must undertake in order to get reimbursed for the services we provide to you, including such as organizing your PHI and submitting bills to insurance companies (either directly or through a third party billing company), management of billed claims for services rendered, medical necessity determination and review, utilization review and collection of outstanding accounts.
FOR HEALTH CARE OPERATIONS: This includes quality assurance activities, licensing and training programs to ensure that our personnel meet our standards of care and follow established policies and procedures, obtaining legal and financial services, conducting business planning, processing grievances and complaints, creating reports that do not individually identify you for data collection purposes, fundraising and certain marketing activities.
REMINDERS FOR SCHEDULED TRANSPORTS & INFORMATION ABOUT OTHER SERVICES: We may also contact you to provide you with a reminder of any scheduled appointments for non-emergency ambulance and medical transports, or with other information about alternative services were provide or other health-related benefits and services that may be of interest to you.
USE & DISCLOSURE OF PHI WITHOUT YOUR AUTHORIZATION: Ajo Ambulance is permitted to use PHI without your written authorization or opportunity to object in certain situations, including:
Any other use or disclosure of PHI, other than those listed above all only be made with your written authorization, (the authorization must specifically identify the information we seek to use or disclose, as well as when and how we seek to use or disclose it). You may revoke your authorization at any time, in writing, except to the extent that we have already used or disclosed medical information in reliance on that authorization.
PATIENT RIGHTS: As a patient, you have a number of rights with respect to the protection of your PHI, including:
The right to access, copy or inspect your PHI: This means you may come to our offices and inspect and copy most of the medical information about you that we maintain. We will normally provide you with access to this information within 30 days of your request. We may also charge you a reasonable fee for you to copy any medical information that you have the right to access. In limited circumstances, we may deny you access to your medical information, and you may appeal certain types of denials. We have available forms to request access to your PHI and will provide a written response if we deny you access and let you know your appeal rights. If you wish to inspect and copy your medical information, you should contact the privacy officer listed at the end of this Notice.
The right to amend your PHI: You have the right to ask us to amend written medical information that we have about you. We will generally amend your information within 60 days of your request and will notify you when we have amended the information. We are permitted by law to deny your request to your medical information only in certain circumstances, like when we believe the information you have asked us to amend is correct. If you wish to request that we amend the medical information that we have about you, you should contact the privacy officer listed at the end of this Notice.
The right to request an accounting of our use and disclosure of your PHI: You may request an accounting form of certain disclosures of your medical information that we have made in the last six years prior to the date of your request. We are not required to give you an accounting of information we have used or disclosed for purpose of treatment, payment, or health care operations, or when we share your health information with our business associates, like our billing company or a medical facility from or to which we have transported you.
We are also not required to give you an accounting of our uses of protected health information for which you have already given us written authorization. If you wish to request an accounting of the medical information about you that we have used or disclosed that is not exempted from the account requirement, you should contact the privacy officer listed at the end of this Notice.
The right to request that we restrict the uses and disclosures of your PHI: You have the right to request that we restrict how we use and disclose your medical information that we have about you for treatment, payment or health care operations, or to restrict the information that is provided to family, friends and other individuals involved in your health care. But if you request a restriction and the information you asked us to restrict is needed to provide you with emergency treatment, then we may use the PHI or disclosed the PHI to a health care provider to provide you with emergency treatment. Ajo Ambulance is not required to agree to any restrictions you request, but any restrictions agreed to by Ajo Ambulance are binding on Ajo Ambulance.
Internet, Electronic Mail and the Rights to Obtain Copy of Paper Notice on Request: If we maintain a web site, we will prominently post a copy of this Notice on our web site and make the Notice available electronically through the web site. If you allow us, we will forward you this Notice by electronic mail instead of on paper and you may always request a paper copy of the Notice.
Revisions to the Notice: Ajo Ambulance reserves the rights to change the terms of this Notice at any time and the changes will be effective immediately and will apply to all protected health information that we maintain. Any material changes to the Notice will be promptly posted in our facilities and posted to our web site if we maintain one. You can get a copy of the latest version of the Notice by contacting the privacy officer listed below.
Your Legal Rights and Complaints: You also have the right to complain to us or to the Secretary of the United States Department of Health and Human Services if you believe your privacy rights have been violated. You will not be retaliated against in any way for filing a complaint with us or to the government. Should you have any questions, comments, or complaints you may direct all inquires to the privacy officer listed at the end of this Notice. Individuals will not be retaliated against for filing a complaint.
HIPAA II Breach Notification: Title XIII of the American Recovery & Reinvestment Act of 2009, known as the Health Information Technology for Economic and Clinical Health Act, or the HITECH Act, makes significant changes to HIPAA, and greatly expands HIPAA obligations of covered entities and business associates. Such changes include new notification requirements, enforcement expansion, and increased penalties and compensation for harmed individuals. Civil penalties now range from $100 to $50,000 per violation and are capped at $25,000 to $1.5 million for all violations of a single requirement in a calendar year. The severities of penalties are based on a tiered structure based upon the cause of the violation and the violating party’s level of knowledge.
A “Breach” means the acquisition, access, use, or disclosure of unsecured PHI(Protected Health Information) in a manner not permitted under the Privacy Rule which compromises the security or privacy of the PHI.
PHI: (Protected Health Information) Individually identifiable or demographic information regarding past, present, or future physical or mental health or the provision of care to an individual.
Unsecured PHI: PHI that is not rendered unusable, unreadable, or indecipherable to unauthorized individuals through the use of a technology or methodology specified in HHS guidance.
Privacy Rule: Impermissible use or disclosure of PHI.
Compromise of Security or Privacy of PHI: Poses a significant risk of financial, reputational, or other harm to the individual.
Exceptions to Breach: If there was an unintentional acquisition, access, or use; if there was an inadvertent disclosure to other authorized parties; and if there was disclosure where retention not possible.
Breach Notification: The American Recovery and Reinvestment Act of 2009 (ARRA) requires HIPAA-covered entities to notify breach victims when protected health information has been disclosed to an unauthorized person.
When a breach occurs, the covered entity must notify victims and the Secretary of Human Services “without unreasonable delay,” and within 60 days of the discovery of the breach. The covered entity must notify the individual directly if possible (ie, by mail), and must also post a notice on its website if the breach involves 10 or more victims who are not directly reachable. If the breach involves more than 500 residents of a single state, the covered entity must also notify statewide media.
If you have any questions or if you wish to file a complaint or exercise any rights listed in this Notice, please contact:
Ajo Ambulance Inc.
1850 N. Ajo Gila Bend Hwy
Ajo, AZ 85321
Phone: 520-387-4549 Fax: 520-387-6050
<< New text box >>