Back to Home Page


Versión en Español

Notice Regarding Compliance By Mercy Iowa City With
HIPAA Privacy, Security and Other Regulations

This notice describes how medical information about you may be used
and disclosed and how you can get access to this information.
Please review it carefully.

Your Privacy Is Important to Us
We are committed to providing our patients with Exceptional Medicine, Extraordinary Care. An important part of our commitment is our pledge to protect your nonpublic personal medical and financial information. This notice, which is required by the federal Health Insurance Portability and Accountability Act of 1996 (HIPAA), informs you about our privacy practices.

Pursuant to the Health Insurance Portability and Accountability Act of 1996 (HIPAA), U.S. Department of Health and Human Services (HHS) is promulgating regulations that address, among other things; 1) standards for the privacy of individually identifiable health information; 2) security standards to protect the confidentiality and integrity of health information and the information technology used to store, process, and transmit such data; and 3) standards for administrative transactions and data elements exchanged electronically that are consistent with the goals of improving the operation of the health care system and reducing administrative costs.

Please note that HHS has released some final regulations, with varying dates for compliance, and some proposed, but not final, regulations. After HHS has issued final HIPAA regulations, Mercy Iowa City will undertake a review of its policies, practices, and standards to ensure compliance with all applicable regulations.

Who Is Covered by This Notice
This notice describes our hospital's practices and that of:

  • Any health care professional authorized to enter information into your hospital chart.
  • All departments and units of the hospital, including off-site and on-campus clinics and offices.
  • Any member of a volunteer group we allow to help you while you are in the hospital.
  • All employees, staff, and other hospital personnel.

All of the above entities will follow the terms of this notice. In addition, these entities, sites, and locations may share medical information with each other for the treatment, payment, or hospital operations purposes described in this notice.

Our Privacy Pledge
We do not disclose your nonpublic personal medical and financial information, except as required or permitted by law. Mercy Iowa City does not sell patient information. We do not disclose this information, even when our patient relationships end, except as required or permitted by law.

We will ensure that our practices and standards comply with HIPAA and other applicable federal and state laws and regulations. We will work with appropriate regulatory and accreditation agencies to ensure consistency between Mercy Iowa City's policies and HIPAA. Consistent with Mercy Iowa City's policy on statutory variances, we will uphold the higher privacy standard when there is a conflict between applicable state and federal regulations.

Top

Information We Receive
We receive nonpublic personal medical and financial information about patients from the following sources:

  • Applications, consents, authorizations and other forms you or your representative provides;
  • Documentation collected during your care (test results, physician orders, etc.);
  • Billing and payment transactions (such as claims submission with insurance companies and payment) with us, our affiliates or others; and
  • Outside sources pertaining to your care, such as health care providers, insurance companies and federal and state agencies.

As of April 14, 2003, we are required by law to document the receipt of this privacy notice to all patients.

How We Protect Your Information
Our policies restrict access of your information to hospital employees and staff who need this information to provide care and services to you and as permitted by law. We maintain physical, electronic, and procedural safeguards that comply with legal requirements to protect your nonpublic personal medical and financial information.

We have undertaken an initiative to educate our Board, officers, employees, medical staff, volunteers, and others about HIPAA compliance. This training includes an annual refresher course in privacy and confidentiality.

How We Use Patient Information
We use patient medical and financial information to provide and facilitate treatment, collect payment for services, and conduct hospital operations.

We may, as permitted or required by law, make discretionary use or disclosures of protected health information.

We may use patient medical and financial information for contacting you to provide appointment reminders, describing or recommending treatment alternatives, providing information about health-related benefits and services that may be of interest to you, or soliciting funds to benefit Mercy Iowa City and its Foundation.

Other uses of your information may require separate written authorizations from you.

Top

Your Rights
With Mercy Iowa City and its affiliates, you have the following rights: 1) the right to authorize disclosure of your protected health information to third parties, 2) the right to revoke previously authorized disclosures, 3) the right to request limited disclosure of your health information, 4) the right to inspect and copy your protected health information, 5) the right to request to amend information, and 6) the right to request a listing of personnel who have accessed your information for reasons other than treatment, payment, or health care operations (after April 14, 2003). You also have the right to request to be placed on a mailing list to receive notice of updates to Mercy Iowa City's Privacy Notices.

Questions
If you have any questions about this privacy notice, wish to request personal disclosure documentation, or to confidentially report an incident, please call the Compliance Hotline at 319-887-2964 or 1-888-771-0872 or send an e-mail to <hipaa@mercyic.org>. You may also contact your personal health care provider. Mercy Iowa City or your health care provider will respond to your request. Requesting information or reporting an incident will not adversely affect your care at Mercy Iowa City.

For more information on HIPAA or in the event of a complaint, you may also contact the HHS Office Inspector General Hotline:

By Phone: 1-800-HHS-TIPS (1-800-447-8477)
By Fax: 1-800-223-8164
By E-Mail: HTips@os.dhhs.gov
By TTY: 1-800-377-4950

By Mail: Office of Inspector General
Department of Health and Human Services
Attn: HOTLINE
330 Independence Ave., SW
Washington, DC 20201

For more information on HIPAA, please refer to: <http://cms.hhs.gov/hipaa>.

Copyright 2002 Mercy Iowa City
Revised 03/25/02, 3/10/03

Top

 

 
 
 
Home | E-mail A Nurse | E-mail Webmaster | Disclaimer | HIPAA/Privacy | Site Map