HIPAA Privacy Practices
Clayton County Fire & Emergency Services is committed to protecting personal health information. We are required by law to maintain the privacy of health information that could reasonably be used to identify patients, known as “protected health information” or “PHI.” We are also required by law to provide a copy of our detailed Notice of Privacy Practices (“Notice”) explaining our legal duties and privacy practices with respect to your PHI.
Notice of Privacy Practices
IMPORTANT: THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.
Clayton County Fire & Emergency Services (“CCFES”) is required by the Health Insurance Portability and Accountability Act (“HIPAA”) to maintain the privacy of your protected health information (“PHI”). We are also required by law to provide you with the attached detailed Notice of Privacy Practices (“Notice”) explaining our legal duties and privacy practices with respect to your PHI.
Uses and Disclosures for Treatment, Payment or Healthcare Operations
CCFES may use or disclose your PHI without your authorization, for the following purposes:
Treatment – We can use your PHI for treatment provided to you by us and other medical personnel (including doctors and nurses who give orders to allow us to provide treatment to you). For example, we may share PHI via radio or telephone to the hospital or dispatch center as well as provide the hospital with a copy of the record we create in the course of providing you with treatment and transport.
Payment – We may use and disclose your PHI to get reimbursed for the services that we provide to you. This includes such things as submitting bills to insurance companies (either directly or through a third party billing company), managing billed claims and collecting outstanding accounts. We may also disclose PHI to another healthcare provider or entity for the payment activities of the provider or entity that receives the PHI (such as your hospital).
Healthcare Operations – We may use or disclose your PHI for things such as quality assurance activities, licensing, and training programs to ensure that our personnel meet our standards of care and follow established policies and procedures, obtaining legal and financial services, conducting business planning, processing grievances and complaints.
Other Uses and Disclosure of Your PHI We Can Make Without Authorization
CCFES is also permitted to use or disclose your PHI without your written authorization the following situations:
- For healthcare fraud and abuse detection or for activities related to compliance with the law;
- To a family member, other relative, or close personal friend or other individual involved in your care;
- To a public health authority in certain situations (such as reporting a birth, death or disease, as required by law), as part of a public health investigation, to report child or adult abuse, neglect or domestic violence, to report adverse events such as product defects, or to notify a person about exposure to a possible communicable disease, as required by law;
- For health oversight activities including audits or other actions undertaken by the government (or their contractors) by law to oversee the healthcare system;
- For judicial and administrative proceedings, as required by a court or administrative order, or in some cases in response to a subpoena or other legal process;
- For law enforcement activities in limited situations;
- To avert a serious threat to the health and safety of a person or the public at large;
- For workers’ compensation purposes in compliance with workers’ compensation laws;
- To coroners, medical examiners, and funeral directors for identifying a deceased person, determining cause of death, or carrying on their duties as authorized by law;
- If you are an organ donor, we may release health information to organizations that handle organ procurement or organ and as necessary to facilitate organ donation and transplantation.
Uses and Disclosures of Your PHI That Require Your Written Authorization
Any other use or disclosure of PHI, other than those listed above, will generally only be made with your written authorization. You make revoke this authorization at any time by contacting us. The law specifically requires that we obtain your written authorization before using or disclosing your: (a) psychotherapy notes, other than for the purpose of carrying out our own treatment, payment or health care operations purposes, (b) PHI for marketing when we receive payment to make a marketing communication; or (c) PHI when engaging in a sale of your PHI.
Your Rights Regarding Your PHI
As a patient, you have a number of rights with respect to your PHI, including:
Right to access your PHI – You have the right to inspect and/or obtain a paper or electronic copy of most of the PHI that we collect and maintain about you. You also have the right to request that we transmit your PHI to a third party. We ask patients to make access requests in writing by contacting our HIPAA Compliance Officer.
Right to request an amendment of your PHI – You have the right to ask us to amend PHI that we maintain about you. Requests for amendments to your PHI should be made in writing and you should contact our HIPAA Compliance Officer if you wish to make a request for amendment.
Right to request an accounting of certain disclosures of your PHI – You may request an accounting of certain disclosures of your PHI. CCFES will provide an accounting of those disclosures that we are required to account for under HIPAA. If you wish to request an accounting of disclosures of your PHI, you should contact, our HIPAA Compliance Officer and make a request in writing.
Right to request restrictions on uses and disclosures of your PHI – You have the right to request that we restrict how we use and disclose your PHI for treatment, payment or healthcare operations purposes, or to restrict the information that we can provide to family, friends and other individuals involved in your healthcare. However, we are only required to abide by a requested restriction under limited circumstances, and it is generally our policy that we do not agree to any restrictions unless required by law to do so. If you wish to request a restriction on the use or disclosure of your PHI, you should contact our HIPAA Compliance Officer and make a request in writing.
Right to notice of a breach of unsecured PHI – If we discover that there has been a breach of your unsecured PHI, we will notify you about that breach by first-class mail dispatched to the most recent address that we have on file. If you prefer to be notified about breaches by electronic mail, please contact our HIPAA Compliance Officer.
Right to request confidential communications – You have the right to request that we send your PHI to an alternate location (e.g., somewhere other than your home address) or in a specific manner (e.g., by email rather than regular mail). If you wish to request that we communicate PHI to a specific location or in a specific format, you should contact our HIPAA Compliance Officer and make a request in writing.
Email and the Right to Obtain Copy of Paper Notice
You may download an electronic copy of this Notice for your records. You can also request that we provide our Notice of Privacy Practices to you electronically instead of on paper. You may always request a paper copy of our Notice.
Revisions to the Notice
CCFES is required to abide by the terms of the version of this Notice currently in effect. However, CCFES reserves the right to change the terms of this Notice at any time, and the changes will be effective immediately and will apply to all PHI that we maintain. Any material changes to the Notice will be promptly posted in our facilities and on our web site, if we maintain one. You can get a copy of the latest version of this Notice by contacting our HIPAA Compliance Officer.
Your Legal Rights and Complaints
You also have the right to complain to us, or to the Secretary of the United States Department of Health and Human Services, if you believe that your privacy rights have been violated. You will not be retaliated against in any way for filing a complaint with us or to the government.
If you have any questions or if you wish to file a complaint or exercise any rights listed in this Notice, please contact our HIPAA Compliance Officer.
Contact Information for HIPAA Compliance Officer
Clayton County Fire & Emergency Services
7810 Highway 85
Riverdale, GA 30274
Effective Date of Notice: January 1, 2018