Notice of Privacy


“Notice of Privacy Practices”
Effective date: 07/01/2011

FamilyCore Privacy Policy

Your health record contains personal information about you and your health. This information about you that may identify you and that relates to your past, present or future physical or mental health or condition and related health care services is referred to as Protected Health Information (“PHI”). This Notice of Privacy Practices describes how Counseling & Family Services D/B/A FamilyCore may use and disclose your PHI in accordance with applicable law and the National Association of Social Workers (NASW) Code of Ethics. It also describes your rights regarding how you may gain access to and control your PHI. Please read this “Notice of Privacy Practices” carefully. This notice takes the place of any previously distributed notices.

We are required by law to maintain the privacy of PHI and to provide you with notice of our legal duties and privacy practices with respect to PHI. We are required to abide by the terms of this Notice of Privacy Practices. We reserve the right to change the terms of our Notice of Privacy Practices at any time. Any new Notice of Privacy Practices will be effective for all PHI that we maintain at that time. We will provide you with a copy of the revised Notice of Privacy Practices by posting a copy on our website, sending a copy to you in the mail (upon your request) or providing one to you at your next appointment.

The following categories describe ways that we may use and disclose health information that identifies you. Some of the categories include examples, but every type of use or disclosure of PHI in a category is not listed. If you give us permission to use or disclose Health Information for a purpose not discussed in this notice, you may revoke that permission, in writing, at any time.

How We May Use and Disclose Health Information About You:

For Treatment: Your PHI may be used and disclosed by those who are involved in your care for the purpose of providing, coordinating, or managing your health care treatment and related services. This includes consultation with clinical supervisors or other treatment team members. We may disclose PHI to a third party only with your authorization, or as otherwise authorized by law or this policy. We may also contact you to remind you of your appointments or to provide information to you about treatment alternatives or other health-related benefits and services that may be of interest to you.

For Payment: We may use and disclose PHI so that we can receive payment for the treatment services provided to you. Disclosures for this purpose will only be done with your authorization. Examples of payment-related activities are: making a determination of eligibility or coverage for insurance benefits, processing claims with your insurance company, reviewing services provided to you to determine medical necessity, or undertaking utilization review activities. If it becomes necessary to use collection processes due to lack of payment for services, we will only disclose the minimum amount of PHI necessary for purposes of collection.

For Health Care Operations: We may use or disclose, as needed, your PHI in order to support our business activities including, but not limited to, quality assessment activities, employee review activities, licensing, and conducting or arranging for other business activities. For example, we may share your PHI

with third parties that perform various business activities (e.g., billing or typing services) provided we have a written contract with the business that requires it to safeguard the privacy of your PHI. Except as otherwise described in this policy, for training or teaching purposes PHI will be disclosed only with your authorization.

Required by Law: Under the law, we must disclose your PHI to you upon your request. In addition, we must make disclosures to the Secretary of the Department of Health and Human Services for the purpose of investigating or determining our compliance with the requirements of the Privacy Rule.

How We May Use and Disclose Health Information About You Without Authorization: Following is a list of the categories of uses and disclosures permitted by HIPAA without an authorization. Applicable law and ethical standards permit us to disclose information about you without your authorization only in a limited number of situations.

Unless another law requires otherwise, as an organization that utilizes social work practices in the State of Illinois, we will adhere to more stringent privacy requirements for disclosures made without an authorization. The following language addresses these categories to the extent consistent with the NASW Code of Ethics and HIPAA:

Compliance With Other Laws: We may use or disclose your PHI when there is a law in effect that requires us to disclose this information. You will be notified of any such disclosures.

Child or Elder Abuse or Neglect. We must disclose your PHI as required by law to a state or local agency that is authorized by statute to receive reports of child or elder abuse or neglect.

Legal Proceedings. We may disclose your PHI in the course of a judicial or administrative proceeding, when required by a court order or administrative tribunal, and in certain conditions in response to a discovery request, subpoena, or other lawful process.

Deceased Patients. We may disclose PHI regarding deceased patients as mandated by state laws. A release of information consent regarding deceased patients may be limited to an executor or administrator of a deceased person’s estate.

Medical Emergencies. We may use or disclose your PHI in a medical emergency situation to medical personnel only in order to prevent serious harm. Our staff will try to provide you a copy of this notice as soon as reasonably practicable after the resolution of the emergency.

Family Involvement in Care. We may disclose information to close family members or friends directly involved in your treatment based on your consent or as necessary to prevent serious harm.

Health Oversight. If required, we may disclose PHI to a health oversight agency for activities authorized by law, such as audits, investigations, and inspections. Oversight agencies seeking this information include government agencies and organizations that provide financial assistance to the program (such as third-party payors based on your prior consent) and peer review organizations performing utilization and quality control.

Law Enforcement. We may release Health Information if asked by a law enforcement official for the following reasons: (1) in response to a court order, subpoena, warrant, summons or similar process; (2) limited information to identify or locate a suspect, fugitive, material witness, or missing person; (3) about the victim of a crime if, under certain limited circumstances, we are unable to obtain the person’s agreement; (4) about a death we believe may be the result of criminal conduct; (5) about criminal conduct on our premises; and (6) in emergency circumstances to report a crime, the location of the crime or victims, or the identity, description, or location of the person who committed the crime.

Military, Veterans National Security and Intelligence. If you are or were a member of the armed forces, or part of the national security or intelligence communities, we may be required by military command or other governmental authorities to release health information about you. We may also release information about foreign military personnel to the appropriate foreign military authority.

Public Health. If required, we may use or disclose your PHI for mandatory public health activities to a public health authority authorized by law to collect or receive such information for the purpose of preventing or controlling disease, injury, or disability, or if directed by a public health authority, to a government agency that is collaborating with that public health authority.

Public Safety. We may disclose your PHI if necessary to prevent or lessen a serious and imminent threat to the health or safety of a person or the public. If information is disclosed to prevent or lessen a serious threat it will be disclosed to a person or persons reasonably able to prevent or lessen the threat, including the target of the threat.

Business Associates. We may disclose Health Information to our business associates that perform functions or services. All of our business associates are obligated, under contract with us, to protect the privacy of your information, and are not allowed to use or disclose any information other than as specified in our contract.

Research. Under certain circumstances, we may use and disclose PHI for research projects that are subject to a special approval process. We will ask you for your permission if the researcher will have access to your name, address or other information that reveals who you are, or will be involved in your care.

Workers’ Compensation. We may release Health Information for workers’ compensation or similar programs. These programs provide benefits for work-related injuries or illnesses.

Verbal Permission. We may also use or disclose your information to family members that are directly involved in your treatment with your verbal permission.

With Authorization. Uses and disclosures not specifically permitted by applicable law will be made only with your written authorization. If you give us authorization to use or disclose health information about you, you may revoke that authorization, in writing, at any time. If you revoke your authorization, we will no longer use or disclose information about you for the reasons covered by your written authorization, but we cannot take back any uses or disclosures already made with your permission.

Your Rights Regarding Your PHI:

You have the following rights regarding PHI we maintain about you. To exercise any of these rights, please submit your request in writing to our Privacy Officer at the address below:

Right of Access to Inspect and Copy. You have the right, which may be restricted only in exceptional circumstances, to inspect and copy PHI that may be used to make decisions about your care or payment for your care. Your right to inspect and copy PHI will be restricted only in those situations where there is compelling evidence that access would cause serious harm to you. If you are denied access to your health information, you may ask that the denial be reviewed.

• If you request a copy of the information, we may charge a fee for the costs of copying, mailing or other associated supplies. If your records are maintained electronically, you may also request an electronic copy of your PHI.

Right to Amend. If you feel that the PHI we have about you is incorrect or incomplete, you may ask us to amend the information, although we are not required to agree to the amendment. If we

deny your request for amendment, you have the right to file a statement of disagreement with us. We may prepare a rebuttal to your statement and will provide you with a copy. Please contact the Privacy Office if you have any questions.

• Right to an Accounting of Disclosures. You have the right to request an accounting of certain disclosures that we make of your PHI. We may charge you a reasonable fee if you request more than one accounting in any 12-month period.

Right to Request Restrictions. You have the right to request a restriction or limitation on the use or disclosure of your PHI for treatment, payment, or health care operations. In addition, you have the right to request a limit on the Health Information we disclose about you to someone who is involved in your care or the payment for your care, like a family member or friend. We are not required to agree to your request unless the request is to restrict disclosure of PHI to a health plan for purposes of carrying out payment or health care operations, and the PHI pertains to a health care item or service that you paid for out of pocket. In that case, we are required to honor your request for a restriction

Right to Request Confidential Communication. You have the right to request that we communicate with you about medical matters in a certain way or at a certain location

• Breach Notification. If there is a breach of unsecured protected health information concerning you, we may be required to notify you of this breach, including what happened and what you can do to protect yourself.
• Right to a Copy of this Notice. You have the right to a paper copy of this notice. You can request this paper copy at any time by contacting the FamilyCore Privacy Officer.

Changes To This Notice: We reserve the right to change this notice. We reserve the right to make the revised or changed notice effective for Health information we already have as well as any information we receive in the future. We will post a copy of the current notice at our office. The notice will contain the effective date of the change.

Complaints: If you believe we have violated your privacy rights, you have the right to file a grievance in writing with our Privacy Officer at FamilyCore or with the Secretary of Health and Human Services at 200 Independence Avenue, S.W. Washington, D.C. 20201 or by calling (202) 619-0257. We will not retaliate against you for filing a grievance.

330 S.W. Washington St.
Peoria, IL 61602
(309) 676-2400

The effective date of this Notice is July 1, 2011.

FamilyCore HIPPA Notice Form ____ 07 01 11