Privacy Policy

THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN OBTAIN ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.

PRIVACY OF PERSONAL HEALTH INFORMATION. We are required to protect the privacy of your confidential personal health information, referred to below as protected health information (PHI). Notice of Privacy Practices (Notice) is provided to you as required by the privacy regulations issued under the Health Insurance Portability and Accountability Act of 1996 (HIPAA). This Notice describes how we may use and disclose your PHI to carry out payment and healthcare operations and for other purposes that are permitted or required by law. This Notice also describes your rights to access and control your PHI.

USES AND DISCLOSURES FOR PAYMENT AND HEALTH CARE OPERATIONS. While, as we explain later in this Notice, we generally will not disclose your PHI without your written authorization, we may use or disclose your PHI for the purposes of payment and healthcare operations, described in more detail below, without obtaining written authorization from you.

Payment- We may use and disclose PHI in order to obtain premiums or to determine or fulfill our responsibility for coverage and benefits. Our activities may include, but are not limited to, uses and disclosures for the following purposes:

  • Determinations of eligibility or coverage (including coordination of benefits or the determination of cost sharing amounts) and adjudication or subrogation of health benefit claims
  • Risk adjusting amounts due based on enrollee health status and demographic characteristics
  • Billing, claims management, obtaining payment under a contract for reinsurance (including stop-loss insurance and excess of loss insurance) and related healthcare data processing
  • Review of healthcare services with respect to coverage
  • Utilization review activities, including precertification and preauthorization of services and concurrent and retrospective review of service
  • Healthcare Operations. We may use and disclose PHI as follows for the purposes of our health care operations:
  • Conducting our internal quality assessment and improvement activities
  • Underwriting, premium rating, and other activities relating to our creation, renewal or replacement of a contract of health insurance or health benefits, and ceding, securing, or placing a contract for reinsurance of risk relating to claims for healthcare, including stop-loss insurance and excess of loss insurance
  • Conducting or arranging for medical review, legal services, and our auditing functions, including fraud and abuse detection and compliance programs
  • Our business planning and development, such as conducting cost-management and planning-related analyses related to our management and operation, development or improvement of methods of payment or coverage policies
  • Our business management and general administrative activities, including, but not limited to: Management activities relating to compliance with HIPAA, customer service, and creating health related data that does not identify an individual.

 

OTHER USES AND DISCLOSURES FOR WHICH AUTHORIZATION IS NOT REQUIRED. In addition to using or disclosing PHI for payment and healthcare operations, we may use and disclose PHI without your written authorization under the circumstances described below.

As Required by Law and Law Enforcement. We will disclose PHI when required or permitted to do so by applicable law. For example, we will disclose PHI to respond to a court or administrative order, a subpoena, a summons or other form of legal process. We will also comply with a law enforcement request for PHI to the extent that we are legally required or permitted to comply with such a request. For example, we will disclose PHI as necessary to prevent, detect, or aid in the prosecution of insurance fraud.

For Public Health Activities and Public Health Risks. We will disclose PHI to government officials responsible for the administration of public health activities and public health risks as we are expressly required or permitted by law to disclose. For example, when the law requires us to assist in the prevention and control of disease, including communicable disease, we will disclose PHI to the appropriate official.

For Health Oversight Activities. We may disclose PHI to the government, including State Insurance Departments, for oversight activities authorized by law, such as audits, complaint resolution, investigations, inspections, licensure or disciplinary actions, and other proceedings, actions or activities necessary for monitoring the healthcare system, government programs and compliance with civil rights laws.

To Avoid a Serious Threat to Health or Safety. Under certain circumstances, we may use and disclose PHI to law enforcement personnel or other appropriate persons to prevent or lessen a serious threat to the health or safety of a person or to assist in disaster relief efforts.

Specialized Government Functions. We may use and disclose PHI of military personnel and veterans under certain circumstances. We may also disclose PHI to authorized federal officials for intelligence, counterintelligence, and other national security activities, and for the provision of protective services to the President or other authorized persons or foreign heads of state or to conduct special investigations. If you are an inmate of a correctional institution or under the custody of a law enforcement official, we may disclose PHI to the correctional institution or official in certain circumstances.

Workers’ Compensation. We may disclose PHI to comply with workers’ compensation or other similar laws. These programs provide benefits for work-related injuries or illnesses.

Health-Related Benefits and Service. We may use and disclose PHI for the purpose of contacting you to provide information to you regarding our health-related benefits and services that may be of interest to you.

Disclosures to You or for HIPAA Compliance Investigations. We may (and in some circumstances must) disclose PHI to you. We must disclose PHI to the Secretary of the United States Department of Health and Human Services when requested by the Secretary in order to investigate our compliance with HIPAA.

 

USES AND DISCLOSURES OF PHI TO PERSONS INVOLVED IN YOUR CARE OR PAYMENT FOR HEALTH CARE. With your oral agreement, we may disclose PHI to a family member or other person you identify as being involved with your health care or payment for health care. For example, if you orally agree we may disclose to your spouse the status of your claim for benefits. If you are incapacitated or other emergency circumstances prevent you from having the opportunity to agree to such a disclosure, the law permits us to make the disclosure if, in the exercise of our professional judgment, we determine that disclosure is in your best interest. If we make a disclosure to a person involved in your care or payment for health care, we will limit our disclosure to the minimum necessary and directly relevant PHI.

USES AND DISCLOSURES OF PHI FOR WHICH AUTHORIZATION IS REQUIRED. HIPAA’s privacy rules require your written authorization for the use or disclosure of: Psychotherapy notes, except in connection with certain treatment and health care operations, PHI for marketing purposes, except for the marketing of our own related products or services, and PHI, when the disclosure involves the sale of PHI.

Other types of uses and disclosures of PHI not described in this Notice will be made only with your written authorization. Unless we have taken some action in reliance on your authorization or are exercising a legal right to contest a claim or the policy, you may revoke your authorization by writing to the address at the end of this Notice.

GENETIC INFORMATION. HIPAA regulations prohibit our health plans, except for long-term care policies, from using or disclosing your genetic information for underwriting purposes.

REGULATORY REQUIREMENTS. We are required by law to maintain the privacy of PHI, to provide individuals with notice of our legal duties and privacy practices with respect to PHI, to notify affected individuals following a breach of unsecured PHI, and to abide by the terms described in the Notice currently in effect. We reserve the right to change the terms of this Notice and of its privacy policies, and to make the new terms applicable to all of the PHI we maintain. An updated notice, when it occurs, will be made available in our office and will be given to you at your next visit.

 

INDIVIDUAL RIGHTS. You have the following rights regarding your PHI:

You may request that we restrict our use and disclosure of PHI. We are required, under certain conditions, to agree to a restriction you request to prevent disclosure of PHI to a health plan that did not pay for a health care item or service that relates to that PHI. We are not required to agree to any other restrictions you request, but if we do so we will be bound by the restrictions to which we agree except in certain emergency situations.

You have the right to receive our communications of your PHI to you by an alternative method or at an alternative location if you write to us explaining that any disclosure of your PHI could endanger you, and you propose a reasonable alternative method or location.

Generally, you have the right to inspect and copy PHI that we maintain, provided that you make your request in writing to the address at the end of this Notice. If you request copies of PHI, we may impose a reasonable fee to cover copying, postage, and related costs. We may deny access in certain circumstances. If we deny access to your PHI, we will explain the basis for denial and whether you have an opportunity to have your request and the denial reviewed by a licensed healthcare professional who was not involved in the initial denial decision. If we do not maintain the PHI you request, we will tell you how to redirect your request, if we know where that PHI is located.

If you believe that your PHI maintained by us contains an error or needs to be updated, you have the right to request that we correct or supplement your PHI. Your request must be made in writing to the address at the end of this Notice, and it must explain why you are requesting an amendment to your PHI. In certain circumstances, you have the right to amend your PHI. We may deny your request in certain circumstances.

You generally have the right to request and receive a list of certain disclosures of your PHI that we have made at any time during the six (6) years prior to the date of your request, provided that such a list would not include disclosures made prior to April 14, 2003. You should send your request to the address at the end of this Notice. We will provide the first list to you at no charge, but if you make more than one request in a year you will be charged a fee for each additional request. We will notify you of the cost involved and you may choose to withdraw or modify your request before any costs are incurred to you.

You have the right to receive a paper copy of this Notice upon request, even if you have received this notice in some other form. To obtain a paper copy of this Notice, please write to the address at the end of this Notice.

You may complain to us if you believe your privacy rights with respect to your PHI have been violated by contacting the office at the address at the end of this Notice and submitting a written complaint. We will in no manner penalize you or retaliate against you for filing a complaint regarding our privacy practices. You also have the right to file a complaint with the Secretary of the Department of Health and Human Services.

 

If you have any questions about this notice, please write to:

Gastroenterology Specialists, Inc.
6565 S. Yale, #1200
Tulsa, Ok 74136

Or call: (918) 494-9433