Building Stronger Communities - One Project at a Time
THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.
A federal law called the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) creates new rights for clients of health care organizations. One of those rights is to information regarding the provider’s privacy practice. Under federal regulations, we must provide you with a copy of this Notice of Privacy Practices and ask that you sign a document stating that we gave the notice to you. You may review the Notice of Privacy Practices immediately or at a later time. At some point, you should read it carefully because it explains:
At Community Education Group, we take your confidentiality very seriously. We encourage you to read this Notice and keep a copy of it for your records.
Our Pledge Regarding Your Health Information
This Notice of Privacy Practices (the “Notice”) describes the privacy practices of Community Education Group (“CEG”), which includes its employees, volunteers, interns and contractors.
CEG wants you to know that nothing is more central to our operations than maintaining the privacy of your health information (“Protected Health Information” or “PHI”). PHI is information about you, including basic demographic information that may identify you and that relates to your past, present or future health or condition and dispensing of pharmaceutical products to you. We take this responsibility very seriously.
We are required by federal and applicable state law to protect the privacy of your health information and to provide you with this Notice of our legal duties and privacy practices with respect to your PHI. This Notice describes how we may use and disclose PHI about you to carry out treatment, payment or health care operations and for other specified purposes that are permitted or required by federal and state laws. The Notice also describes your rights with respect to your PHI.
CEG is required to follow this Notice whenever we use or disclose your PHI. We will not use or disclose PHI about you without your written authorization, except as described in this Notice. We will limit our uses and disclosures to the minimum reasonably necessary to accomplish our intended purpose. We will maintain reasonable and appropriate administrative, technical, and physical safeguards to prevent use or disclosure of your PHI beyond what is permitted by this Notice and to limit its incidental use and disclosure pursuant to otherwise permitted or required use or disclosure.
Certain programs within CEG are not governed by this Notice. This include our legal services program as it is not treated as a covered entity providing health care services for the purposes of federal privacy regulations. In general, our health care operations can share information about you with these programs only if you provide a signed authorization form. These programs are also governed by other standards that protect your privacy, including state laws and professional ethics restrictions.
We reserve the right to change our practices and this Notice and to make the new Notice effective for all PHI we maintain.
Upon your request to our office listed below, we will provide a revised Notice to you. We will also post the revised Notice within all CEG vehicles and on CEG premises within 30 days of any revisions we make.
How We May Use and Disclose Your PHI Without Your Permission
FOR TREATMENT, PAYMENT OR HEALTH CARE OPERATIONS:
As permitted under federal and applicable state law, we will use or disclose your PHI without your express authorization for three purposes: (i) treatment, (ii) payment and (iii) health care operations. For each of these categories, we explain what that means below.
FOR OTHER SPECIAL CIRCUMSTANCES:
There are other special circumstances when we are permitted under federal and applicable state law to use or disclose your PHI without your permission. The following explains when these circumstances may arise in two categories: (i) when we are likely to use or disclose your PHI and (ii) when we are permitted under law, but probably will not use or disclose your PHI.
We are likely to use or disclose your PHI for the following purposes:
Business associates: There are some services provided by us through contracts with other companies, who are our “business associates.” Federal law requires us to enter into a contract with these business associates to ensure that they will appropriately safeguard your PHI. For instance, we may contract to have certain of our services delivered by another health care provider or we may use a billing service for submitting our claims. When these services are contracted for, we may disclose PHI about you to our business associates so that they can perform the job we have asked them to do or bill an insurance company or managed care group for services rendered. But these business associates will be required to protect any PHI they receive in accordance with federal and applicable state laws, regulations and policies.
Individuals Involved in Your Care or Payment for Care: We may release PHI about you that is relevant for a friend, personal representative, spouse, domestic partner or family member who is involved in your medical care. If you are present, we can make these disclosures when you do not object or we can reasonably infer that you agree. If you are not present or are incapacitated, we may disclose certain PHI about you if we determine that the disclosure would be in your best interest.
Disclosures to parents or legal guardians: If you are a minor, we may release PHI about you to your parent or legal guardian when we are permitted to or required to under federal and applicable state law.
Workers’ compensation: We may disclose PHI about you to the extent authorized by and to the extent necessary to comply with laws relating to workers’ compensation or other similar programs established by law.
Public health: As required by law, we may disclose PHI about you to public health or legal authorities charged with preventing or controlling disease, injury, or disability. These activities may include the following:
Law enforcement: We may disclose PHI about you for law enforcement purposes as required by law or in response to a request by a law enforcement official. These disclosures of your PHI may be:
As required by law: We must disclose PHI about you when required to do so by federal, state or local laws.
Health oversight activities: We may disclose PHI about you to an oversight agency for activities authorized by law. These oversight activities include audits, investigations, and inspections, as necessary for our licensure and for the government to monitor the health care system, government programs, and compliance with federal and state laws.
Judicial and administrative proceedings: If you are involved in a lawsuit or a dispute, we may disclose PHI about you in response to a court or administrative order. We may also disclose PHI about you in response to a subpoena, discovery request, or other lawful process by someone else involved in the dispute, but only if efforts have been made to tell you about the request or to obtain an order protecting the requested PHI.
United States Department of Health and Human Services: Under federal law, we are required to disclose your PHI without your permission, if this PHI is requested by the U.S. Department of Health and Human Services to determine if we are in compliance with the federal laws and regulations regarding protecting the confidentiality of health information.
Research: Under certain circumstances, we may use or disclose your PHI for research purposes. Before we use or disclose your PHI, however, the research project will have to be approved through a special approval process by an institutional review board or privacy board that has reviewed the research proposal and established protocols to ensure the privacy of your PHI. We may also use or disclose your PHI for research purposes if we obtain your express written authorization for this use or disclosure.
Victims of abuse, neglect, or domestic violence: We may disclose PHI about you to a government authority, such as a social service or protective services agency, if we reasonably believe you are a victim of abuse, neglect, or domestic violence. We will only disclose your PHI for this purpose to the extent required by law, if you agree to the disclosure, or if the disclosure is allowed by law and we believe it is necessary to prevent serious harm to you or someone else or the law enforcement or public official that is to receive the report represents that it is necessary and will not be used against you. When we make this disclosure, we will notify you.
Administrator or Executor: Upon your death, we may disclose your PHI to an administrator, executor or other individual so authorized under applicable state law.
Although we may not engage in these activities, we may use or disclose PHI about you for the following purposes under federal or state law without your permission:
Notification: We may use or disclose PHI about you to an entity assisting in a disaster relief effort so that your family, personal representative or friends may be notified about your condition, status and location.
Correctional institution: If you are or become an inmate of a correctional institution, we may disclose to the institution or its agents PHI necessary for your health and the health and safety of others.
To avert a serious threat to health or safety: We may use and disclose PHI about you when necessary to prevent a serious threat to your health and safety or the health and safety of the public or another person. Any disclosure, however, would only be to someone able to help prevent the threat.
Military and veterans: If you are a member of the armed forces, we may release PHI about you as required by military command authorities. We may also release PHI about foreign military personnel to the appropriate military authority.
National security and intelligence activities: We may release PHI about you to authorized federal officials for intelligence, counterintelligence, and other national security activities authorized by law.
Protective services for the President and others: We may disclose PHI about you to authorized federal official so they may provide protection to the President, other authorized persons or foreign heads of state or conduct special investigations.
How We May Use or Disclose Your PHI For Other Purposes
We will obtain your written authorization before using or disclosing PHI about you for purposes other than those provided for above (or as otherwise permitted or required by law). You may revoke this authorization in writing at any time. If you decide to revoke your authorization, you must submit a request to revoke in writing to our office at the address listed below. Your revocation will become effective upon its receipt by us. Your revocation will not have any effect on any action taken by us in reliance upon the authorization before we received written notice of the revocation.
Your Rights Regarding Your PHI
You have the following rights with respect to PHI about you:
For More Information or to Report a Problem
If you believe your privacy rights have been violated, you can file a complaint with our office or with the Secretary of the United States Department of Health and Human Services. To file a complaint with us, contact our office at the address and number listed above. All complaints must be submitted in writing. You will not be penalized in any way for filing a complaint.
This Notice is effective as of March 19, 2012.
Acknowledgement of Receipt of Notice of Privacy Practices from Community Education Group is indicated by your signature on our Consents form within your record.