THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.
Privacy Officer: Practice Manager, 469-620-0222
Notice of Privacy Practices
Assigning Privacy and Security Responsibilities
Specific individuals at Minimally Invasive Surgical Associates are assigned the responsibility of implementing and maintaining the HIPAA Privacy and Security Rules’ requirements. At a minimum, Minimally Invasive Surgical Associates will designate the Practice Manager as the privacy official.
Minimally Invasive Surgical Associates privacy protections extend to information concerning deceased individuals.
Minimum Necessary Use and Disclosure of Protected Health Information
Minimally Invasive Surgical Associates will ensure that for all routine and recurring uses and disclosures of PHI (except for uses or disclosures made for treatment purposes; to or as authorized by the patient; or as required by law for HIPAA compliance) such uses and disclosures of PHI must be limited to the minimum amount of information needed to accomplish the purpose of disclosure.
Verification of Identity
Minimally Invasive Surgical Associates will ensure that the identity of all persons who request access to protected health information be verified before such access is granted.
Appropriate safeguards will be in place at Minimally Invasive Surgical Associates to reasonably protect health information from any intentional or unintentional use or disclosure that is in violation of the HIPAA Privacy Rule. These safeguards include physical protection of premises and PHI, technical protection of PHI maintained electronically and administrative protection of PHI. These safeguards will extend to the oral communication of PHI and to PHI removed from Minimally Invasive Surgical Associates.
Minimally Invasive Surgical Associates will ensure business associates comply with the HIPAA Privacy Rules to the same extent as Minimally Invasive Surgical Associates, and that they be contractually bound to protect health information to the same degree as set forth in this policy. Business associates permitted to receive PHI include, for example Minimally Invasive Surgical Associates billing service, patients’ health insurers, and other healthcare providers with whom we consult and coordinate patients’ care or to whom we refer patients for specialized care.
Training and Awareness
Minimally Invasive Surgical Associates will ensure that all employees are trained on the policies and procedures governing protected health information and how Minimally Invasive Surgical Associates complies with the HIPAA Privacy. New employees will receive training within a reasonable time of employment.
Minimally Invasive Surgical Associates will ensure that sanctions will be in effect for any member of the workforce who intentionally or unintentionally violates any of these policies or any procedures related to the fulfillment of these policies. Such sanctions will be recorded in the individual’s personnel file.
Retention of Records
Minimally Invasive Surgical Associates will adhere to the HIPAA Privacy records retention requirement of six years. All records designated by HIPAA in this retention requirement will be maintained in a manner that allows for access within a reasonable period of time. This records retention time requirement may be extended at Minimally Invasive Surgical Associates discretion to meet with other governmental regulations or those requirements imposed by our professional liability carrier.
Minimally Invasive Surgical Associates will investigate and resolve all complaints relating to the protection of health in a timely fashion. All complaints will be directed to Practice Manager, who is duly authorized to investigate complaints and implement resolutions.
Prohibited Activities-No Retaliation or Intimidation
No employee or contractor of Minimally Invasive Surgical Associates may engage in any intimidating or retaliatory acts against persons who file complaints or otherwise exercise their rights under HIPAA regulations. No employee or contractor may condition treatment or payment on the provision of an authorization to disclose protected health information.
Cooperation with Privacy Oversight Authorities
Minimally Invasive Surgical Associates will ensure that oversight agencies such as the Office for Civil Rights of the Department of Health and Human Services will receive cooperation in any investigation relative to protection of health information within Minimally Invasive Surgical Associates. All personnel will cooperate fully with all privacy reviews and investigations.
Investigation and Enforcement
In addition to cooperation with Privacy Oversight Authorities, Minimally Invasive Surgical Associates will follow procedures to ensure that investigations are supported internally and staff of Minimally Invasive Surgical Associates will not be retaliated against for cooperation with any authority. It is our policy to attempt to resolve all investigations and avoid any penalty phase if at all possible.