Nick Y. Shimoda, P.C.
186 Belmont Dr
Dothan, AL 36305

NOTICE OF PRIVACY POLICY

THIS NOTICE DESCRIBES HOW INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.

Understanding Your Record

At Nick Y. Shimoda, P.C., we are committed to treating and using protected health information about you responsibly. This Notice of Privacy Practices describes the personal information we collect, and how and when we use or disclose that information. It also describes your rights as they relate to your protected health information. This Notice is effective January 1, 2012 and applies to all protected health information as defined by federal regulations including but not limited to HIPAA and HITECH. Your record may contain health information disclosed to us by you or another source often including your symptoms, examination and test results, diagnoses, treatment, and plans for future care or treatment. This information, often referred to as your health record, serves as a:

  • Basis for planning your care and treatment
  • Means of communication among the many health professionals who contribute to your care
  • Legal document describing the care and services you receive
  • Means by which you or a third-party payer can verify that services billed were actually provided
  • A source of information for public health officials charged with improving the health of this state and the nation
  • A tool with which we can assess and continually work to improve the care we render and the outcomes we achieve

Understanding what is in your record and how your protected health information is used helps you to: ensure its accuracy, better understand who, what, when, where, and why others may access your health information, and make more informed decisions when authorizing disclosure to others.

Your Health Information Rights

Although your health record is the physical property of Nick Y. Shimoda, P.C., the information belongs to you. You have the right to:

  • Obtain a paper copy of this notice of privacy practices upon request
  • Inspect and copy your record
  • Amend your record
  • Obtain an accounting of disclosures of your information
  • Request communications of your information by alternative means or at alternative locations
  • Request a restriction on certain uses and disclosures of your information
  • Revoke your authorization to use or disclose health information except to the extent that action has already been taken

Our Responsibilities

Nick Y. Shimoda, P.C. is required to:

  • Maintain the privacy of your health information
  • Provide you with this notice as to our legal duties and privacy practices with respect to information we collect and maintain about you
  • Abide by the terms of this notice
  • Notify you if we are unable to agree to a requested restriction
  • Accommodate reasonable requests you may have to communicate health information by alternative means or at alternative locations

We reserve the right to change our practices and to make the new provisions effective for all protected health information we maintain. Should our information practices change, we will post a copy in our office.

We will not use or disclose your health information without your authorization, except as described in this notice. We will also cease to use or disclose your health information after we have received a written revocation of the authorization according to the procedures included in the authorization.

HITECH Notification Requirements

Under HITECH, we are required to notify patients whose PHI has been breached. Notification must occur by first class mail within 60 days of the event. A breach occurs when an unauthorized use or disclosure that compromises the privacy or security of PHI poses a significant risk for financial, reputational, or other harm to the individual. This notice must:

  1. Contain a brief description of what happened, including the date of the breach and the date of discovery;
  2. The steps the individual should take to protect themselves from potential harm resulting from the breach;
  3. A brief description of what we are doing to investigate the breach, mitigate losses, and to protect against further breaches.

Business Associates

Effective February 2012, our Business Associate Agreements have been amended to provide that all HIPAA security administrative safeguards, physical safeguards, technical safeguards and security policies, procedures, and documentation requirements apply directly to the business associate.

Cash Patients/Clients

HITECH states that if a patient pays in full for their services out of pocket they can demand that the information regarding the service not be disclosed to the patients third party payer since no claim is being made against the third party payer.

Access to E-Health Records

HITECH expands this right, giving you the right to access your own e-health record in an electronic format, if available, and to direct us to send the e-health record directly to a third party. We may only charge for labor costs under the new rules.

Accounting of E-Health Records for Treatment, Payment, and Health

We do not currently have to provide an accounting of disclosures of PHI to carry out treatment, payment, and health care operations. However, starting January 1, 2014, the Act will require us to provide upon written request an accounting of disclosures through an e-health record to carry out treatment, payment, and health care operations. This new accounting requirement is limited to disclosures within the three-year period prior to the your request.

We must either: (1) provide an individual with an accounting of such disclosures we made and all of our business associates disclosures; or (2) provide you with an accounting of the disclosures made by us and a list of business associates, including their contact information, who will be responsible for providing an accounting of such disclosures upon request.

For More Information or to Report a Problem

If have questions and would like additional information, you may contact our Privacy Officer, Joy W. Riddle, at 334-699-2323.

If you believe your privacy rights have been violated, you can file a complaint with our Privacy Officer as listed below. If you feel that your complaint has not been successfully satisfied, you may file a complaint with the Office for Civil Rights. We will provide you with the address upon request. There will be no retaliation for filing a complaint with either the Privacy Officer or the Office for Civil Rights.

Joy W. Riddle, Privacy Officer
Nick Y. Shimoda, P.C.
305 Regency Court
P.O. Box 1765
Dothan, Alabama 36302

Examples of Disclosures for Treatment, Payment and Health Operations

We will use your health information for treatment.

For example: Information obtained by a nurse, doctor, or other member of your health care team will be recorded in your record and used to determine the course of treatment that should work best for you. Your doctor will document in your record his or her expectations of the members of your health care team. Members of your health care team will then record the actions they took and their observations. We will also provide your doctor or a subsequent health care provider with copies of various reports that should assist him or her in treating you.

We will use your health information for payment.

For example: A bill may be sent to you or a third-party payer. The information on or accompanying the bill may include information that identifies you, as well as your diagnosis, procedures, and supplies used.

We will use your health information for regular health operations.

For example: Members of the medical staff, the risk or quality improvement manager, or members of the quality improvement team may use information in your health record to assess the care and outcomes in your case and others like it. This information will then be used in an effort to continually improve the quality and effectiveness of the healthcare and service we provide.

Business associates: There are some services provided in our organization through contacts with business associates. Examples include billing services. When these services are contracted, we may disclose your health information to our business associate so that they can perform the job we've asked them to do and bill you or your third-party payer for services rendered. To protect your health information, however, we require the business associate to appropriately safeguard your information.

Notification: We may use or disclose information to notify or assist in notifying a family member, personal representative, or another person responsible for your care, your location, and general condition.

Communication with family: Health professionals, using their best judgment, may disclose to a family member, other relative, close personal friend or any other person you identify, health information relevant to that person's involvement in your care or payment related to your care.

Research: We may disclose information to researchers when their research has been approved by an institutional review board that has reviewed the research proposal and established protocols to ensure the privacy of your health information.

Food and Drug Administration (FDA): We may disclose to the FDA health information relative to adverse events with respect to food, supplements, product and product defects, or post marketing surveillance information to enable product recalls, repairs, or replacement.

Workers compensation: We may disclose health information to the extent authorized by and to the extent necessary to comply with laws relating to workers compensation or other similar programs established by law.

Public health: As required by law, we may disclose your health information to public health or legal authorities charged with preventing or controlling disease, injury, or disability.

Law enforcement: We may disclose health information for law enforcement purposes as required by law or in response to a valid subpoena.

Federal law makes provision for your health information to be released to an appropriate health oversight agency, public health authority or attorney, provided that a work force member or business associate believes in good faith that we have engaged in unlawful conduct or have otherwise violated professional or clinical standards and are potentially endangering one or more patients, workers or the public.

No representation is made that the quality of legal services to be performed is greater than the quality of legal services performed by other lawyers.
The information obtained at this site is not, nor is intended to be, legal advise. You should consult an attorney for individual advice regarding your own situation.

You may reproduce materials available at this site for you own personal use and for noncommercial distribution.

Copyright 2009-12 - Nick Y. Shimoda, all rights are reserved.