ACCESS 420 Medical Services

Notice of Privacy Policy (Download Privacy Policy)


Your Health Information Is Protected By Federal Law

Most of us believe that our medical and other health information is private and

should be protected, and we want to know who has this information. The Privacy

Rule, a Federal law, gives you rights over your health information and sets rules

and limits on who can look at and receive your health information.

Who Must Follow This Law

We call the entities that must follow the Privacy Rule covered entities. 

Covered entities include:

�  Health Plans, including health insurance companies, HMOs, company health plans,

and certain government programs that pay for health care, such as Medicare and


�  Most Health Care Providers—those that conduct certain business electronically,

such as electronically billing your health insurance—including most doctors,

clinics, hospitals, psychologists, chiropractors, nursing homes, pharmacies, and


�  Health Care Clearinghouses—entities that process nonstandard health information

they receive from another entity into a standard (i.e., standard electronic format

or data content), or vice versa.


Who Is Not Required to Follow This Law

Many organizations that have health information about you do not have to follow

this law.

Examples of organizations that do not have to follow the Privacy Rule include:

�  life insurers,

�  employers,

�  workers compensation carriers,

�  many schools and school districts,

�  many state agencies like child protective service agencies,

�  many law enforcement agencies,

�  many municipal offices.



What Information Is Protected

�  Information your doctors, nurses, and other health care providers put in your

medical record

�  Conversations your doctor has about your care or treatment with nurses and


�  Information about you in your health insurer�s computer system

�  Billing information about you at your clinic

�  Most other health information about you held by those who must follow this law




How Is This Information Protected

�  Covered entities must put in place safeguards to protect your health


�  Covered entities must reasonably limit uses and disclosures to the minimum

necessary to accomplish their intended purpose.

�  Covered entities must have contracts in place with their contractors and others

ensuring that they use and disclose your health information properly and safeguard

it appropriately.

�  Covered entities must have contracts in place to limit who can view and access

your health information as well as implement training programs for employees about

how to protect your health information.


Who Can Look at and Receive Your Health Information

The law sets rules and limits on who can look at and receive your health


To make sure that your health information is protected in a way that does not

interfere with your health care, your information can be used and shared:

�  For your treatment and care coordination

�  To pay doctors and hospitals for your health care and to help run their


�  With your family, relatives, friends, or others you identify who are involved

with your health care or your health care bills, unless you object

�  To make sure doctors give good care and nursing homes are clean and safe

�  To protect the public's health, such as by reporting when the flu is in your


�  To make required reports to the police, such as reporting gunshot wounds

�  Your health information cannot be used or shared without your written permission

unless this law allows it. For example, without your authorization, your provider

generally cannot:

�  Give your information to your employer

�  Use or share your information for marketing or advertising purposes

�  Share private notes about your health care



US Department of Health & Human Services