Home Contact Us Site Map
Search for:
About Us Services News Calendar
Health Info Find a Job Find a Physician
Hospitals
Children’s Hospital
Clinic
Health Plans
Foundation
Ways to Give
Areas of Excellence
Web Nursery
For Patients and Visitors
Patient Rights
Privacy
Visiting Hours
Lodging
Health Information
Calendar
Spiritual Care
E-mail a Patient
Patient Pre-registration
For Physicians,
Co-workers and Volunteers
Libraries
Vendor Resources
Privacy Practices and Web Use Information
 
Home > Patient & Visitor Information 

Privacy Booklet
 

Disclaimer

The information outlined in this booklet does not serve to replace or override any legal HIPAA SJHS policies and procedures.  Information outlined in this booklet also does not replace the actual SJHS Notice of Privacy Practices.

Overview

The purpose of this booklet is to inform patients about the current HIPAA regulations and what information is available to them.  This booklet serves as a guide for the various SJHS forms, policies, and procedures the patient will encounter as a result of HIPAA regulations.

The following topics introduce the various SJHS forms, policies, and procedures the patient will encounter as a result of HIPAA regulations. You can either scroll through this document in its entirety, or click on any of the following bookmarks to go to individual topics of interest:

Getting a Hold on HIPAA:
 

Helpful HIPAA Procedures:


Topics in this section introduce HIPAA, including its history, key terms, and its positive impact on your patient rights.

What is HIPAA?

HIPAA is short for the Health Insurance Portability and Accountability Act.  HIPAA establishes privacy standards that U.S. healthcare providers, clearinghouses, and healthcare plan providers must adhere to in order to ensure the security and privacy of patient information.  By providing safeguards to protect individually identifiable health information, HIPAA regulations allow the patient to have more control over who may access their patient information.

What is the History of HIPAA?

HIPAA came about in an effort to provide a nationwide privacy protection standard for patient information.  Signed in 1996 by President Bill Clinton, HIPAA establishes federal privacy regulations throughout the United States. These regulations aim to inform patients of their privacy rights and establish policies for protecting confidential patient information.  Ultimately, HIPAA regulations give patients more control over their patient information.  HIPAA also aims to safeguard and protect information deemed private by the act--Protected Health Information or PHI--without adversely affecting access to healthcare delivery.

How Will HIPAA Benefit Me?

You will not notice any change in the quality of care received, nor in the standard healthcare practices implemented to provide you with medical care.   The change occurs in how private patient information is handled by those involved in your care and treatment.   HIPAA benefits patients by securing their protected healthcare information (PHI) with strict regulations.   These regulations include boundaries for the use and release of your health information and medical records, as well as other safeguards to protect your private healthcare information.  Violators of HIPAA regulations are subject to civil and criminal penalties.

What is PHI?

PHI refers to your patient Protected Health Information.  Your PHI is any information related to a healthcare facility visit, including the following:

  • Personal Information such as your name, address, and phone number
  • Medical Record Number (MRN) or Account Number
  • Specific information contained in your medical record such as clinical or treatment information
  • Billing Information

This information is considered private, and may not be released to unauthorized individuals.

What is a Personal Representative?

A Personal Representative is someone authorized, by law, to speak and/or act on the patient’s behalf concerning health care decisions, should it become necessary.  In order to be designated as a Personal Representative, an individual must have appropriate legal documentation on file.  For example, legal documentation such as a General Power of Attorney or a court appointed legal guardian must be on file.   Examples of individuals who might act as the patient's Personal Representative include the following:

  • The patient’s spouse.
  • An adult child of the patient who has agreement and consent of all other qualified children to act as a sole decision maker.
  • A majority of the patient’s reasonable available adult children.
  • The minor patient/child's biological parents.
  • The individual clearly identified to act for the patient (before the patient’s incapacity), the patient’s nearest living relative, a member of the clergy, or the patient’s attorney.

A Personal Representative may have the right to both access and request amendments to the patient's PHI, including an account of PHI disclosures and disclosure restrictions.  A Personal Representative may also have the right to make a privacy complaint on the patient's behalf.

Remember, granting individuals access to your PHI via the PHI Communication Resource Tool does not mean they are also your Personal Representative.  Only those with the appropriate legal documentation may be designated as a Personal Representative.

To receive written documentation containing PHI, according the SJHS policy, a valid HIPAA authorization is required to be signed by the patient and/or the Personal Representative.

What are My Rights as a Patient?

The following is a summary of your privacy rights as fully addressed in the SJHS Notice of Privacy Practices.  

Patient Health Information Rights:

Although your health record is the physical property of your doctor, hospital, or a clinic, the information belongs to you.  You have the right to:

  • Request a restriction on certain uses and disclosures of your information for treatment, payment, health care operations, and as to disclosures permitted to persons, including family members involved with your care and as provided by law.  However, we are not required by law to agree to a requested restriction.
  • Obtain a paper copy of the full Notice of Privacy Practices upon request.
  • Inspect and copy your PHI as provided by law.
  • Request that we amend your health record as provided by law.  We will notify you if we are unable to grant a request to amend your health record.
  • Obtain an accounting of disclosures of your PHI as provided by law.
  • Request communications of your health information by alternate means or at alternate locations.  We will accommodate reasonable requests.
  • Revoke your authorization to use or disclose health information except to the extent that action has already been taken.

                                                                                                                              Return to Top

Helpful HIPAA Procedures

 Topics in this section further detail HIPAA's positive impact on your patient rights, including complaint procedures and the appropriate use of associated forms.

What Forms Will I Be Given?

In accordance with HIPAA regulations, you will be given the following information as specified:

  • Notice of Privacy Practices
  • Acknowledgement of Privacy Notice
  • PHI Communication Resource Tool

On the PHI Communication Resource Tool, you will be asked to indicate individuals (such as a relative or friend) who may access your PHI.   The patient may also designate if they wish to be left off of the hospital, clinic, or Mercy Villa (Long Term Care) “directories,” thus restricting any acknowledgment that the patient is receiving health care.  The PHI Communication Resource Tool provides a reference for healthcare providers when determining whether private patient information can be released to friends and relatives, or other patient contacts. 

What is the PHI Communication Resource Tool?

Every patient will be given the opportunity to designate on the PHI Communication Resource Tool those individuals involved in the treatment of the patient.  You may list as many individuals as you wish on this form. 

Please note that if you do not complete the PHI Communication Resource Tool in its  entirety, or you elect not to be included in the hospital or clinic directory, no information is shared, with the exception of:

  • Payment information to authorized health care providers or third party agencies.
  • Treatment information to authorized health care providers or third party agencies.
  • Information necessary for normal health care operations to authorized health care providers or third party agencies.

In addition, if you do not complete the form, or elect to be excluded from the directory, you will also not receive flowers, visitors, or cards.  It is very important you make sure this form is signed and filled out completely.

A valid HIPAA Authorization signed by the patient and/or the Personal Representative is required for electronic or paper documentation of PHI.  It is the responsibility of the patient to notify the SJHS site of updates/changes to their PHI Communication Tool form.

What is SJHS Required To Do

It is our responsibility to:

  • Protect and maintain the privacy of your health information.
  • Provide you with a notice (Notice of Privacy Practices) as to our legal duties and privacy practices with respect to information we maintain about you.
  • Abide by the terms of the Notice of Privacy Practices.
  • Notify you if we are able or unable to agree to a requested restriction on certain uses and disclosures.
  • We reserve the right to change our practices and to make the new provisions effective for all protected health information we maintain, including information created or received before the change.  Should our information practices change, we will have the revised notice available to you upon request.
  • We will not disclose your health information without your written authorization, except as fully addressed in the SJHS Notice of Privacy Practices.

What Information Can Be Disclosed Without My Authorization?

Medical information relating to your treatment, payment for services, or other healthcare operations may be disclosed as necessary.   Disclosure without a patient’s authorization may occur in the instance of an emergency, when required by law, to aid in investigations, or for mandatory reporting--such as disease control or victims of abuse and violence.  For a more complete listing, please refer to the SJHS Notice of Privacy Practices.

Who Do I Contact For Additional Information?

To learn more about HIPAA, consult the Notice of Privacy Practices.  For specific information or questions about your patient privacy rights or complaints, contact a Privacy Site Coordinator at any of the following locations:

  • St. John’s Hospital:  (417) 820-2000
  • St. John’s Clinic (Springfield):  (417) 829-4326
  • St. John's Clinic (Rolla):  (573) 341-8044
  • St. John's Homecare:  (417) 820-5550
  • Mercy Villa:  (417) 820-8510
  • St. John’s Hospital - Aurora:  (417) 678-2122
  • St. John’s Hospital - Cassville:  (417) 847-6000
  • St. John's Hospital - Lebanon:  (417) 533-6100
  • St. John's Hospital - Berryville:  (870) 423-3355
  • St. John's - St. Francis Hospital:  (417) 934-7000
  • St. John's Health Plans:  (417) 820-3815

You may also contact the Corporate Privacy Officer.

  • Outside Springfield:  1-888-664-4722 (1-888-MO-HIPAA)
  • Inside Springfield:  (417) 820-6185

Who Do I Contact For HIPAA Privacy Concerns?

Contact thel HIPAA coordinator for your facility listed above,, or the Corporate Privacy Officer to obtain the following:

  • Request for Access to PHI (to view your medical record)
  • Accounting of Disclosure of PHI (to see a record of who has viewed your PHI)
  • Request to Amend Medical Record (to make changes to your medical record)
  • Request a Form for Filing a Privacy Complaint

                                                                                                                              Return to Top

   

Click on any of the following links for:


A member of the
Sisters of Mercy Health System

© 2008 St. John's Health System