Pennsylvania Hospital & Surgery Center ADMINISTRATIVE POLICY MANUAL

Similar documents
Creation Date: 1/30/15 Title: Patient Right to Access, Inspect and Copy Revision History:

POLICY NUMBER B JULY 8, 2014

Notice of HIPAA Privacy Practices Updates

HIPAA PRIVACY RULE: ACCESS TO PROTECTED HEALTH INFORMATION. A. General Right to Access Protected Health Information 1

PATIENT PRIVACY: RIGHT TO ACCESS PROTECTED HEALTH INFORMATION IN THE DESIGNATED RECORD SET POLICY

HIPAA Policies and Procedures Manual

[Enter Organization Logo] USE AND DISCLOSURE OF MENTAL HEALTH RECORDS. Policy Number: [Enter] Effective Date: [Enter]

LifeBridge Health HIPAA Policy 4. Uses of Protected Health Information for Research

MAIN STREET RADIOLOGY

APPLICATION FOR RESEARCH REQUESTING AN IRB WAIVER OF CONSENT AND HIPAA AUTHORIZATION

PARAGOULD DOCTORS CLINIC PRIVACY NOTICE

What is HIPAA? Purpose. Health Insurance Portability and Accountability Act of 1996

Mental Health. Notice of Privacy Practices

SUMMARY OF NOTICE OF PRIVACY PRACTICES

CLINICIAN S GUIDE TO HIPAA PRIVACY

DE-IDENTIFICATION OF PROTECTED HEALTH INFORMATION (PHI)

NOTICE OF PRIVACY PRACTICES UNIVERSITY OF CALIFORNIA IRVINE HEALTHSYSTEM

NOTICE OF PRIVACY PRACTICES

San Francisco Department of Public Health Policy Title: HIPAA Compliance Privacy and the Conduct of Research Page 1 of 10

Notice of Privacy Practices

HIPAA Privacy Regulations Governing Research

New HIPAA Privacy Regulations Governing Research. Karen Blackwell, MS Director, HIPAA Compliance

HIPAA COMPLIANCE APPLICATION

HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT

UNIVERSITY OF ILLINOIS HIPAA PRIVACY AND SECURITY DIRECTIVE

OREGON HIPAA NOTICE FORM

DEPARTM PRACTICES. Effective: Tel: Fax: to protecting. Alice Gleghorn, Page 1

POLICY & PROCEDURE. This policy applies to all healthcare organizations owned and/or managed by WFH.

HIPAA Privacy Rule and Sharing Information Related to Mental Health

HIPAA PRIVACY TRAINING

HIPAA. Health Insurance Portability and Accountability Act. Presented by the UMMC Office of Integrity and Compliance

CAPITAL SURGEONS GROUP, PLLC

INSTITUTIONAL REVIEW BOARD Investigator Guidance Series HIPAA PRIVACY RULE & AUTHORIZATION THE UNIVERSITY OF UTAH. Definitions.

Form B - For those enrolled in other insurance

WAKE FOREST BAPTIST HEALTH NOTICE OF PRIVACY PRACTICES

Commission on Dental Accreditation Guidelines for Filing a Formal Complaint Against an Educational Program

The Queen s Medical Center HIPAA Training Packet for Researchers

New York Notice Form Notice of Psychologists Policies and Practices to Protect the Privacy of Your Health Information

Notice of Privacy Practices

SUNY DOWNSTATE MEDICAL CENTER POLICY AND PROCEDURE

ERIE COUNTY MEDICAL CENTER CORPORATION NOTICE OF PRIVACY PRACTICES. Effective Date : April 14, 2003 Revised: August 22, 2016

NOTICE OF PRIVACY PRACTICES MOUNT CARMEL HEALTH SYSTEM

Patient-Level Data. February 4, Webinar Series Goals. First Fridays Webinar Series: Medical Education Group (MEG)

RECEIPT OF NOTICE OF PRIVACY PRACTICES WRITTEN ACKNOWLEDGEMENT FORM. I,, have received a copy of Dr. Andy Hand s Notice of Privacy Practice.

This notice describes Florida Hospital DeLand s practices and that of: All departments and units of Florida Hospital DeLand.

Commonwealth Health Corporation Notice of Privacy Practices CHC COMMONWEALTH HEALTH CORPORATION

Privacy and Security Orientation for Visiting Observers. DUHS Compliance Office

NOTICE OF PRIVACY PRACTICES

YALE UNIVERSITY THE RESEARCHERS GUIDE TO HIPAA. Health Insurance Portability and Accountability Act of 1996

The Impact of The HIPAA Privacy Rule on Research

THE JOURNEY FROM PHI TO RHI: USING CLINICAL DATA IN RESEARCH

Notice of Privacy Practices for Protected Health Information

BON SECOURS RICHMOND NOTICE OF PRIVACY PRACTICES

Parental Consent For Minors to Receive Services

Guidelines for Requesting an Increase in Enrollment in a Predoctoral Dental Education Program

HH Health System-Shoals, LLC dba Helen Keller Hospital Notice of Privacy Practices

Notice of Privacy Practices

HIPAA Notice of Privacy Practices

Johns Hopkins Notice of Privacy Practices for Health Care Providers

Medical Records Chapter (1) The documentation of each patient encounter should include:

CHI Mercy Health. Definitions

Notice of Privacy Practices for Protected Health Information (PHI)

Patient Consent Form

NOTICE OF PRIVACY PRACTICES

Senior Care Pharmacy Wichita

always legally required to follow the privacy practices described in this Notice.

Release of Medical Records in Ohio OHIMA. Ohio Revised Code (ORC) HIPAA

NOTICE OF PRIVACY PRACTICE UNIVERSITY OF CALIFORNIA SAN FRANCISCO DENTAL CENTER

Oklahoma Surgicare NOTICE OF PRIVACY PRACTICES. Effective Date: 02/17/2010

If you have any questions about this notice, please contact our privacy officer Dr. Jev Sikes at

Associates in ear, nose, throat/ Head & Neck surgery, pllc

Accommodate reasonable requests you may have to communicate health information by alternative means or at alternative locations.

Opp Health and Rehabilitation, LLC 115 Paulk Avenue P.O. Box 730 Opp, AL Phone Number: (334)

HIPAA PRIVACY NOTICE

Advanced HIPAA Communications and University Relations

Student Orientation: HIPAA Health Insurance Portability & Accountability Act

Use And Disclosure Of Protected Health Information (PHI) For Research

NOTICE OF PRIVACY PRACTICES

Joseph Bikowski, M.D., Associates

A Better You Counseling Services, LLC 1225 Johnson Ferry Road, Ste 170 Marietta GA

J.C. Blair Memorial Hospital Huntingdon, PA

IRB 101. Rachel Langhofer Joan Rankin Shapiro Research Administration UA College of Medicine - Phoenix

MEMPHIS LUNG PHYSICIANS FOUNDATION AN OFFICE OF BAPTIST MEDICAL GROUP NOTICE OF PRIVACY PRACTICES

COMMISSION ON DENTAL ACCREDITATION POLICY ON REPORTING AND APPROVAL OF SITES WHERE EDUCATIONAL ACTIVITY OCCURS

Slide 1 WHO IS THE CLIENT? WHO CONTROLS THE RECORD? ETHICS AND HIPAA. Slide 2. Slide 3. The Four As of Ethical Practice

physicians, nurses, and technicians and other Facility personnel for review and learning purposes. We may also combine the medical information we

NOTICE OF PRIVACY PRACTICES FOR MAYO CLINIC ARIZONA

Patient name (print) Signature of Patient/ Legal Representative. Relationship to Patient FOR OFFICE USE ONLY

WELCOME. Payment will be expected at the time of service. Please remember our 24 hour cancellation notice.

NOTICE OF PRIVACY PRACTICES

Presented by the UAMS HIPAA Office August 2013 Anita B. Westbrook

SCHOOL OF PUBLIC HEALTH. HIPAA Privacy Training

HIPAA NOTICE OF PRIVACY PRACTICES

MURRAY MEDICAL CENTER HIPAA NOTICE OF PRIVACY PRACTICES

HIPAA Notice of Privacy Practices DFD Russell Medical Center Effective April 14, 2003 Updated April 10, 2013

REVISED NOTICE OF PRIVACY PRACTICES ORIGINAL DATE: JANUARY 1, 2003 REVISED: JANUARY 16, 2014 REVISED: NOVEMBER 27, 2017 PLEASE REVIEW IT CAREFULLY

NOTICE OF PRIVACY PRACTICES Full Length Version Effective Date: 4/19/2016

COMMISSION ON DENTAL ACCREDITATION REPORTING PROGRAM CHANGES IN ACCREDITED PROGRAMS

Outpatient Wellness Clinic

PEDIATRIC HEALTH ASSOCIATES HIPAA NOTICE OF PRIVACY PRACTICES

Transcription:

Page 1 Issued: POLICY: Committee Approval: HIPAA Administrative Policy Review Committee: April 2003 April 2005 April 2006 April 2007 April 2008 Attachment(s): For purposes of this policy, Pennsylvania Hospital includes all off campus licensed facilities, including but not limited to the Surgery Center of Pennsylvania Hospital. Patients have the right to request access to, inspect, and obtain a copy of their protected health information (PHI) that Pennsylvania Hospital maintains in a designated record set. It is the policy of Pennsylvania Hospital to recognize that right in accordance with HIPAA privacy regulations, and applicable law. PURPOSE: The purpose of this policy is to define the process for receiving, and processing requests for access to, inspection, and copying of PHI. SCOPE: Related Policies: Request for Access, Inspection, or Copy Form Denial of Access Form This policy applies to all patient requests for access to, inspection, and copying of PHI. IMPLEMENTATION: The responsibility for implementation of this policy rests with all members of Pennsylvania Hospital s workforce who receive patient requests for access to, inspection, and copying of PHI. DEFINITIONS: Protected health information (PHI) is information that is created or received by UPHS and the School of Medicine; and relates to the past, present, or future physical or mental health or condition of a patient; the provision of health care to a patient; or the past, present, or future payment for the provision of health care to a patient; and that identifies the patient or for which there is a reasonable basis to believe the information can be used to identify the patient. PHI includes information of persons living or deceased. The following components of a patient's information also are considered PHI: a) names; b) street address, city, county, precinct, zip code; c) dates directly related to a patient, including birth date, admission date, discharge date, and date of death; d) telephone numbers, fax numbers, and electronic mail addresses; e) Social Security numbers; f) medical record numbers; g) health plan beneficiary numbers; h) account numbers; i) certificate/license numbers; j) vehicle identifiers and serial numbers, including license plate numbers; k) device identifiers and serial numbers; l) Web Universal Resource Locators (URLs); m) biometric identifiers, including finger and voice prints; n) full face photographic images and any comparable images; and o) any other unique identifying number, characteristic, or code.

Page 2 A designated record set is a group of records maintained by or for UPHS and the School of Medicine that is: a) the medical records and billing records about individuals; or b) used, in whole or in part, by or for UPHS and the School of Medicine to make decisions about individuals. Psychotherapy notes means notes recorded (in any medium) by a health care provider who is a mental health professional documenting or analyzing the contents of conversation during a private counseling session or a group, joint, or family counseling session and that are separated from the rest of the individual s medical record. Psychotherapy notes excludes medication prescription and monitoring, counseling session start and stop times, the modalities and frequencies of treatment furnished, results of clinical tests, and any summary of the following items: diagnosis, functional status, the treatment plan, symptoms, prognosis, and progress to date. PROCEDURE: REQUESTS FOR VIEWING ACCESS, OR INSPECTION OF MEDICAL RECORDS DURING A PATIENT ENCOUNTER 1. A patient, or a designee appropriately authorized by the patient, who wishes to see his/her medical record during a patient encounter (this includes in-house patients, and patients during a clinical office visit) must request viewing access to the medical record. Access may be denied only as outlined below (see Reviewable Denials and Unreviewable Denials). The patient, or a designee appropriately authorized by the patient, may view the record only while a physician or his/her designee is in attendance. The request for viewing access, the approval of the request by the physician, the date and time of the review, and the name of the physician or designee participating in the review will be documented in the medical record. This documentation will be signed by the physician or designee, and the patient or designee appropriately authorized by the patient. It is the intent of the Pennsylvania Hospital to resolve questionable cases in favor of patient access. 2. If viewing access during a patient encounter is denied then all of the steps outlined below must be followed. REQUESTS FOR ACCESS, INSPECTION, OR COPYING OF PHI FOLLOWING DISCHARGE, OR DURING A NON-CLINICAL OUTPATIENT ENCOUNTER A patient wishing to access, inspect, or obtain a copy of his or her PHI should be provided with the Patient Request for Access, Inspection or Copying of PHI Form to fill out and return to the appropriate custodian of records. This form will be added to the patient s medical record.

Page 3 PROCESSING REQUESTS The custodian of records must grant the request unless a denial is warranted based on the following: 1. Reviewable denials A. If the reason for the denial is that a licensed healthcare professional has determined, in the exercise of professional judgment, that: i) the request is reasonably likely to endanger the life or physical safety of the patient or another person; ii) the information to which access was requested makes reference to another person (other than a healthcare provider) and is reasonably likely to cause substantial harm to such person; or iii) the request for access is made by the patient s personal representative and is reasonably likely to cause substantial harm to the patient or another person, then the patient has the right to have the denial reviewed by a licensed healthcare professional designated by Pennsylvania Hospital who did not participate in the original decision. B. Denials based on the above criteria are reviewable upon request. If the patient requests a review, the Chief Medical Officer or his/her designee must promptly review the decision and make a determination within a reasonable period of time. The custodian of records at Pennsylvania Hospital must then inform the patient promptly of the decision. 2. Unreviewable Denials Patients will not be provided an opportunity to challenge denials if: a) the information requested is psychotherapy notes; b) the information was compiled in reasonable anticipation of, or for use in, a civil, criminal, or administrative action or proceeding; c) the information is subject to or exempt from the Clinical Laboratory Improvements Amendments of 1988, as specified in the Privacy Rule; d) Pennsylvania Hospital is acting under the direction of a correctional institution and granting an inmate copy would jeopardize the health, safety, security, custody, or rehabilitation of the individual or of other inmates, or the safety of any officer, employee, or other person at the correctional institution or responsible for the transporting of the inmate; e) the information requested was created or obtained in the course of research that includes treatment, and the patient has previously agreed to the denial of access during the course of the research (provided that the patient agreed to the denial of access when consenting to participate in the research that includes treatment, and was informed that the right of access will be reinstated upon completion of the research);

Page 4 f) the information was obtained from someone other than a healthcare provider under a promise of confidentiality, and the copy requested would likely reveal the source. 3. If certain information is excluded, the patient must be provided with a copy of any requested information other than the excluded information (in which case, such copy must be provided in compliance with Sections 1 and 2 above). 4. If Pennsylvania Hospital denies the request, the record custodian must provide the patient with a timely written denial, which states in plain language the basis for the denial, an explanation of the patient's right to seek a review of the denial, and the procedures involved, a statement of the patient's right to file a complaint with the entity or with the Secretary of HHS, a description of the complaint procedures, and the name and telephone number of the record custodian. This denial is added to the patient s medical record. Granting a Request. If the request is granted, Pennsylvania Hospital need only make available that PHI and those records that are maintained in a designated record set. Processing the Request. 1. If the information of which a copy is requested is maintained on site, Pennsylvania Hospital must respond to a request for copy within 30 days of receipt of such request, by (i) providing the copy requested, (ii) providing the patient with a written denial of the request, or (iii) by providing the patient with a written statement containing the reasons for the delay and the date on which the information will be provided to the patient (which may be no more than 60 days from the date of the patient's initial request). 2. If the information is maintained by Pennsylvania Hospital, but is not maintained on-site, Pennsylvania Hospital must respond to a request for copy within 60 days by (i) providing the copy requested, (ii) providing the patient with a written denial of the request or (iii) by providing the patient with a written statement containing the reasons for the delay and the date on which the information will be provided to the patient (which may be no more than 90 days from the patient's initial request). 3. If Pennsylvania Hospital does not maintain the information but knows where the information may be located, the patient must be informed of where she/he may locate the information. Copying If the request for copying is granted, Pennsylvania Hospital must:

Page 5 1. Provide requested copies of the information in the form requested, if the information is readily producible in such form, or, if not, in a readable hard copy form or other form agreed to by Pennsylvania Hospital and the requestor; and 2. Provide requested copies in a timely manner State law The laws of the state(s) in which Pennsylvania Hospital operates may have more stringent requirements than those set forth in this policy. Pennsylvania Hospital will comply with the most restrictive applicable law, statue, or regulation. Fees Pennsylvania Hospital may charge for retrieval/copying medical records in accordance with the fee schedule established, if applicable, by the Commonwealth of Pennsylvania or State of New Jersey. /s/kathleen Kinslow 05/05/08 Kathleen Kinslow, CRNA, EdD, MBA DATE Executive Director Disclaimer: Any printed copy of this policy is only as current as of the date it was printed; it may not reflect subsequent revisions. Refer to the on-line version for most current policy. Use of this document is limited to University of Pennsylvania Health System workforce only. It is not to be copied or distributed outside the institution without administrative permission.

2024 © careersdocbox.com Privacy Policy | Terms of Service | Feedback