Joint Notice of Privacy Practices

Versión en español de SRHS Aviso de prácticas de privacidad

THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION.  PLEASE REVIEW IT CAREFULLY

This notice describes the privacy practices of Southern Regional Health System (referred to as "Hospital") and the physician members of the Hospital’s medical staff ("Physicians") related to the use and disclosure of Protected Health Information (PHI) of its patients.  Southern Regional Health System and their Medical Staff are covered entities that participate in an organized health care arrangement as defined by 45 C.F.R. § 164.520(d)(1).  Therefore, these entities have elected to comply with HIPAA notice requirements by preparing a Joint Notice ("Joint Notice") concerning our privacy practices.  In certain circumstances, however, you may also receive a separate notice from the Hospital or Physicians.

As participants in these Privacy Practices, Hospital and Physicians are jointly referred to hereinafter as "Participants."  Participants use confidential personal health information about patients while receiving health care at the Hospital and maintained by Hospital, referred to below as PHI. Participants protect the privacy of this information created or obtained while patients are receiving health care at the Hospital and maintained by Hospital, and PHI is also protected from disclosure by state and federal law. In certain specific circumstances, pursuant to this Joint Notice of Privacy Practices, patient authorization or applicable laws and regulations, PHI can be used by Participants or disclosed to other parties.

Below are categories describing these uses and disclosures, along with some examples to help you better understand each category.

Uses and Disclosures for Treatment, Payment and Health Care Operations

As described in detail below, Participants may use or disclose your PHI for the purposes of treatment, payment, and health care operations, without obtaining written authorization from you. Participants will make a good faith effort to obtain from patients or their representatives a written acknowledgement of receipt of this Notice, which describes the uses and disclosures of patients' PHI.

  • For Treatment Participants may use and disclose PHI in the course of providing, coordinating, or managing your medical treatment, including the disclosure of PHI for treatment activities of another health care provider. These types of uses and disclosures may take place between Physicians who are members of the Hospital's medical staff, medical group practices with whom the Hospital has entered into provider agreements, nurses, technicians, students, and other health care professionals who provide you health care services or are otherwise involved in your care at the Hospital. For example: while you are a patient at the Hospital, if your attending Physician refers you to a specialist physician, Participants may disclose your PHI to the specialist physician with whom your attending Physician has consulted regarding your care. Additionally, Participants may disclose your PHI to nurses and other health care professionals at the Hospital who may be assisting in your care. While Physicians on the Hospital’s Medical Staff are required to follow and observe these Privacy Practices, they are independent professionals rather than employees of the Hospital, and the Hospital expressly disclaims any responsibility for their acts or omissions.
  • For Payment Participants may use and disclose PHI in order to bill and collect payment for the health care services provided to you. For example, Participants may need to give PHI to your health plan in order to be reimbursed for the services provided to you. Participants may also disclose PHI to its business associates, such as billing companies, claims processing companies, and others that assist in processing health claims. Participants may also disclose PHI to other health care providers and health plans for the payment activities of such providers or health plans.
  • For Health Care Operations – Participants may use and disclose PHI as part of its operations, including for quality assessment and improvement, such as evaluating the treatment and services you receive and the performance of our staff in caring for you, provider training, underwriting activities, compliance and risk management activities, planning and development, and management and administration. Participants may disclose PHI to doctors, nurses, technicians, students, attorneys, consultants, accountants, and others for review and learning purposes, to help make sure Participants are complying with all applicable laws, and to help Participants continue to provide health care to its patients at a high level of quality. Participants may also disclose PHI to other health care providers and health plans for such entity's quality assessment and improvement activities, credentialing and peer review activities, and health care fraud and abuse detection or compliance, provided that such entity has, or has had in the past, a relationship with the patient who is the subject of the information.
  • Exceptions to Notice Requirement – Despite the general rules explained above, Participants may use or disclose your PHI without providing you with this Notice to carry out treatment, payment, or health care operations in certain circumstances. For instance, an emergency treatment situation or other circumstance may cause Participants to be unable to provide you with this Notice prior to providing treatment, in which case this Notice will be provided to you as soon as reasonably practicable after such emergency treatment situation. In some cases other persons are legally authorized to acknowledge receipt of this Notice on behalf of a patient.

Other Uses and Disclosures for Which Authorization is not Required

In addition to using or disclosing PHI for treatment, payment and health care operations, Participants may use and disclose PHI without your written authorization under the following circumstances:

  • As Required by Law and Law Enforcement – Participants may use or disclose PHI when required to do so by applicable law. Participants also may disclose PHI when ordered to do so in a judicial or administrative proceeding, to identify or locate a suspect, fugitive, material witness, or missing person, when dealing with gunshot and other wounds, about criminal conduct, to report a crime, the location of the crime or victims, or the identity, description, or location of a person who committed a crime, or for other law enforcement purposes.
  • For Public Health Activities and Public Health Risks – Participants may disclose PHI to government officials in charge of collecting information about births and deaths, preventing and controlling disease, reports of child abuse or neglect and of other victims of abuse, neglect, or domestic violence, reactions to medications or product defects or problems, or to notify a person who may have been exposed to a communicable disease or may be at risk of contracting or spreading a disease or condition.
  • For Health Oversight Activities – Participants may disclose PHI to the government for oversight activities authorized by law, such as audits, investigations, inspections, licensure or disciplinary actions, and other proceedings, actions or activities necessary for monitoring the health care system, government programs, and compliance with civil rights laws.
  • Coroners, Medical Examiners, and Funeral Directors – Participants may disclose PHI to coroners, medical examiners, and funeral directors for the purpose of identifying a decedent, determining a cause of death, or otherwise as necessary to enable these parties to carry out their duties consistent with applicable law.
  • Organ, Eye, and Tissue Donation – Participants may release PHI to organ procurement organizations to facilitate organ, eye, and tissue donation and transplantation.
  • Research – Under certain circumstances, Participants may use and disclose PHI for medical research purposes.
  • To Avoid a Serious Threat to Health or Safety – Participants may use and disclose PHI, to law enforcement personnel or other appropriate persons, to prevent or lessen a serious threat to the health or safety of a person or the public.
  • Specialized Government Functions – Participants may use and disclose PHI of military personnel and veterans under certain circumstances. Participants may also disclose PHI to authorized federal officials for intelligence, counterintelligence, and other national security activities, and for the provision of protective services to the President or other authorized persons or foreign heads of state or to conduct special investigations.
  • Workers' Compensation – Participants may disclose PHI to comply with workers' compensation or other similar laws. These programs provide benefits for work-related injuries or illnesses.
  • Fundraising Activities – Your PHI may be used to contact you in an effort to raise money for the Hospital.  Your PHI may be disclosed to a foundation related to the Hospital.  Such disclosure would be limited to contact information, such as your name, address and phone number and the dates you required treatment or services at the Hospital.  The money raised in connection with these activities would be used to expand and support the Hospital’s provision of health care and related services to the community.  If you do not want to be contacted as part of these fundraising activities, then please notify the Hospital.
  • Appointment Reminders; Health-related Benefits and Services; Marketing. Participants may use and disclose your PHI to contact you and remind you of an appointment at the hospital or the offices of a Physician, or to inform you of treatment alternatives or other health-related benefits and services that may be of interest to you, such as disease management programs. Participants may use and disclose your PHI to encourage you to purchase or use a product or service through a face-to-face communication or by giving you a promotional gift of nominal value.
  • Disclosures to You or for HIPAA Compliance Investigations – Participants may disclose your PHI to you or to your personal representative, and is required to do so in certain circumstances described below in connection with your rights of access to your PHI and to an accounting of certain is closures of your PHI. Participants must disclose your PHI to the Secretary of the United States Department of Health and Human Services (the "Secretary") when requested by the Secretary in order to investigate Participants' compliance with privacy regulations issued under the federal Health Insurance Portability and Accountability Act of 1996 ("HIPAA").

Uses and Disclosures to Which You Have an Opportunity to Object

  • Patient Directories – Unless you object, Hospital may use some of your PHI to maintain a directory of individuals in its facility. This information may include your name, your location in the facility, your general condition (e.g. fair, stable, etc.), and your religious affiliation, and the information may be disclosed to members of the clergy. Except for your religious affiliation, the information may be disclosed to other persons who ask for you by name.
  • Disclosures to Individuals Involved in Your Health Care or Payment for Your Health Care – Unless you object, Participants may disclose your PHI to a family member, other relative, friend, or other person you identify as involved in your health care or payment for your health care. Participants may also notify those people about your location or condition.

Other Uses and Disclosures of PHI Which Authorization is Required

Other types of uses and disclosures of your PHI not described above will be made only with your written authorization, which, except in limited situations, you have the right to revoke in writing.

Regulatory Requirements

Participants are required by law to maintain the privacy of your PHI, to provide individuals with notice of its legal duties and privacy practices with respect to PHI, and to abide by the terms described in this Notice. Participants reserve the right to change the terms of this Notice and of its privacy policies, and to make the new terms applicable to all of the PHI it maintains. Before Participants make an important change to its privacy policies, these entities will promptly revise this Notice and post a new Notice in patient entrance areas of their facilities and on all maintained websites. You have the following rights regarding your PHI:

  • Right to Restrict Access to Your Health Information – You may request that Participants restrict the use and disclosure of your PHI. Participants are not required to agree to any restrictions you request, but if it does so, these entities will be bound by the agreed restrictions, except in emergency situations.

Your Rights Regarding Your Protected Health Information

  • Right to Confidential Communication – You have the right to request that communications of PHI to you from the Participants be made by particular means or at particular locations. For instance, you might request that communications be made at your work address, or by e-mail rather than regular mail. Your requests must be made in writing and sent to the Health Information Services Department. Participants will accommodate your reasonable requests without requiring you to provide a reason for your request.
  •  Right to Inspect and Copy Your Health Information – Generally, you have the right to inspect and copy your PHI that Participants maintain, provided that you make your request in writing to the Health Information Services Department. Within thirty (30) days of receiving your request (unless extended by an additional thirty (30) days), Participants will inform you of the extent to which your request has or has not been granted. In some cases, Participants may provide you a summary of the PHI you request if you agree in advance to such a summary and any associated fees. If you request copies of your PHI or agree to a summary of your PHI, Participants may impose a reasonable fee to cover copying, postage, and related costs. If Participants deny access to your PHI, these entities will provide an explanation of the basis for denial, as well as of your opportunity to have your request and the denial reviewed by a licensed health care professional (who was not involved in the initial denial decision) designated as a reviewing official. If Participants do not maintain the PHI you request but know where that PHI is located, you will be told how to redirect your request.
  • Right to Amend Your Records – If you believe that your PHI maintained by Participants contains an error or needs to be updated, you have the right to request that the Participants correct or supplement your PHI. Your request must be made in writing to the Health Information Services Department, and it must explain why you are requesting an amendment to your PHI. Within sixty (60) days of receiving your request (unless extended by an additional thirty (30) days), Participants will inform you of the extent to which your request has or has not been granted. Participants generally can deny your request if your request relates to PHI: (i) not created by one of the Participants; (ii) that is not part of the records Participants maintain; (iii) that is not subject to being inspected by you; or (iv) that is accurate and complete. If your request is denied, Participants will provide you a written denial that explains the reason for the denial and your rights to: (i) file a statement disagreeing with the denial; (ii) if you do not file a statement of disagreement, submit a request that any future disclosures of the relevant PHI be made with a copy of your request and Participants denial attached; and (iii) complain about the denial.
  • Right to Receive an Accounting of Disclosures – You generally have the right to request and receive a list of the disclosures of your PHI that the Hospital has made at any time during the six (6) years prior to the date of your request. (A request for a list of disclosures made by a Physician must be made directly to that Physician's Office.) The list will not include disclosure for which you have provided a written authorization, and does not include certain uses and disclosures to which this Notice already applies, such as those: (i) for treatment, payment, and health care operations; (ii) made to you; (iii) for Hospital’s patient directory or to persons involved in your health care; (iv) for national security or intelligence purposes; or (v) to correctional institutions or law enforcement officials. You should submit any such request to the Health Information Services Department, and within sixty (60) days of receiving your request (unless extended by an additional thirty (30) days), Participants will respond to you regarding the status of your request. Participants will provide the list to you at no charge, but if you make more than one request in a year you will be charged a fee of $75.00 for each additional request.
  • Right to a Copy of This Notice – You have the right to receive a paper copy of this notice upon request, even if you have agreed to receive this notice electronically.
  • Right to Complain – If you believe your privacy rights with respect to your PHI have been violated, you may complain to the Participants by contacting either the Physician's office in question or the Compliance Office at Southern Regional Health System and submitting a written complaint. Participants will in no manner penalize you or retaliate against you for filing a complaint regarding the Hospital’s privacy practices. You also have the right to file a complaint with the Department of Health and Human Services Office of Civil Rights.

For further information on this Joint Notice, you may contact:  Privacy Officer – 770-991-8341

Check Off Pre-Reg

Going to the hospital for a visit or surgery? Check Pre-Reg off your list. Take 15 minutes to fill out our Pre-Registration form.

See Our Locations

Southern Regional Medical
Center

Spivey Station

Maps and Directions