Gold Seal of Approval

Gold Seal of Approval

VNA Family of Services has earned The Joint Commission's Gold Seal of Approval.







 
HOME  |  CONTACT US  |  SITE MAP    
   
 
 

Privacy Statement

What is the HIPAA Privacy Rule and why does it exist?

The HIPAA Privacy Rule is effective April 14, 2003 and ensures that patients’ personal medical information shared with doctors, hospitals and others providing and paying healthcare costs is protected. Because of the increasing use of technology currently being used in healthcare, there is a greater danger of inadvertent or intentional breeches of patient confidentiality.

The HIPAA Privacy Rule is the first comprehensive federal protection guideline developed for the protection of patient health information. It (1) places new restrictions on the use and disclosure of personal health information, (2) gives patients greater access to their medical records, and (3) gives patients greater protection of their medical records. Protected Health Information (PHI) is any personal health information that a patient gives to a health care provider, health plan, affiliated health agency, or a business associate who has access to patient records. The information includes all forms of communication - oral, recorded, paper, or sent electronically. It can also be any personal health information that connects the patient to the information such as information that contains the patient’s name, address, social security, other identification numbers, physician’s personal notes, or billing information. HIPAA’s Privacy Rule is all about the use and disclosure of Protected Health Information (PHI). PHI cannot be used or disclosed by anyone unless it is permitted or required by the Privacy Rule. PHI can be used or disclosed for treatment, payment, and healthcare operations; with authorization or agreement from the individual patient; and for disclosure to the individual patient. PHI is required to be released for use and disclosure when requested or authorized by the individual (although some exceptions do apply) and when required by the Department of Health and Human Services for compliance or investigation. Health care providers must instruct patients on these rights.

Authorization or consent forms must be utilized to cover the use and disclosure of the patient’s PHI and should contain a clear description of the PHI to be used, who will use the PHI and for what purpose, whether or not it will result in financial gain for the agency, and the patient’s right to revoke the authorization.

Patient authorization is not required (although the patient still needs to agree): to maintain a facility’s patient directory; to inform family members or significant others involved in the patient’s care or to notify them of patient location, condition, or death; or to inform appropriate agencies during disaster relief. Disclosures that do not require patient agreement include: public health activities related to disease prevention or control; reporting victims of abuse, neglect, or domestic violence; health oversight activities such as audits, legal investigations, licensure; for certain law enforcement purposes or government functions; for coroners, medical examiners, funeral directors, tissue/organ donations, or certain research purposes; and to avert a serious threat to health and safety.

Health care information disclosure should be limited to the least amount of information necessary when communicating about treatment, payment, and operations, unless the provider receives the patient’s authorization. This Minimum Necessary Rule does not apply to medical records used for treatment, since healthcare providers need the entire record to provide quality care. The Privacy Rule grants patients new rights over their PHI. This is achieved by educating patients about the Privacy Notice during the first home visit; restricting use and disclosure of PHI as much as possible; communicating the PHI by alternate means and at alternate locations to protect confidentiality; allowing the patient to request to inspect, correct, and amend their PHI and to obtain copies of their records; and the ability to contact designated persons regarding any privacy concern or breach of privacy within the facility or to the Department of Health and Human Services (DHHS).

In general, parents have the right to access and control the PHI of their minor children except when state law overrides parental control. Examples of when parents would not have control of children’s rights would be: in the event of HIV testing of minors without parental permission, cases of abuse, and when parents have agreed to give up control over their minor child.

To comply with the Privacy Rule, healthcare agencies should allow patients to see and copy their PHI and designate a full or part-time privacy official responsible for implementing the programs. The VNA Family of Services has appointed a Privacy Officer who will implement the Privacy programs and processes and oversee the processing of any requests or formal complaints. The Privacy Officer may be contacted through the agency’s general phone number, (listed at the bottom of this page) Monday through Friday, 8 AM to 4:30PM. The Privacy Rule is a Federal law and must be enforced by each healthcare facility and agency covered by this rule.

HIPAA protects our fundamental rights to privacy and confidentiality.

To view the Privacy Policy of the VNA Family of Services, click on the link below. To view the document you will need Adobe Acrobat Reader, available free to download from the internet.

VNA Privacy Policy

  
     

 

© 2007 VNA Family of Services  |  154 Hindman Road, Butler, PA 16001 USA  |  Phone: 877-862-6659 or within PA 800-245-3042  |  Fax: 724-282-7517