Your Privacy

How Do We Handle Your Confidential Information?

Protecting your confidentiality is critically important to us. Any sensitive, medical, identifying and/or business information, which you disclose, is kept confidential unless we first obtain your written consent to share specific details with specific persons or resources. We will not disclose your personal information on a public platform or allow unauthorized individuals to access it. As part of our protection program, we have the following measures in place:

We require all our personnel, independent contractors, and volunteers to sign a Confidentiality & Non-Disclosure Agreement as a condition of employment, contract, or service. In addition, they are required to strictly adhere to our policies to protect:

the privacy, confidentiality, and security of your records; and,

your records from loss, destruction, tampering and unauthorized use.

All forms of your personal information are handled in the same confidential and secure manner, whether it is written, electronic or verbal.

Your records and information are stored under secure conditions at our Agency office.

No one may access your confidential information unless it is necessary to do so in the performance of their assigned duties.

Your sensitive information is protected against unauthorized access or disclosure.

We follow established laws and will not divulge, copy, distribute, sell, loan, review, alter or destroy your records, except as properly authorized by our Administrator.

All requests to review your sensitive information must be referred to the Supervisor for guidance.

None of your information can be released until consent to do so is given by our supervisor or administrator.

If your confidential or sensitive information needs to be destroyed, it is shredded.

We require anyone who suspects or is aware of a confidentiality breach to report it immediately to our Administrator, who will investigate.

What is Protected Health Information?

Under the Health Insurance Portability & Accountability Act (HIPAA), Protected Health Information is any identifiable health information that is used, maintained, stored, or transmitted by a HIPAA-covered entity. It is not only your past and current health information, but also future information about medical conditions or physical and mental health related to the provision of care or payment for care. The information can be in any form, including physical records, electronic records, or spoken information. Essentially, it includes any health information that can be tied to you, including:

full or last name and initial

all geographical identifiers smaller than a state, except for the initial three digits of a zip code

dates (other than year) directly related to an individual

phone numbers

fax numbers

email addresses

social security numbers

medical record numbers

health insurance beneficiary numbers

account numbers

certificate/license numbers

vehicle identifiers (including serial numbers and license plate numbers)

device identifiers and serial numbers

web uniform resource locators (URLs)

internet protocol (IP) address numbers

biometric identifiers, including fingerprints, retina & iris patterns and voice prints

full face photographic images and any comparable images; and,

any other unique identifying number, characteristic, or code except the unique code assigned by the investigator to code the data.

How We Use & Disclose Your PHI

Health information generally refers to information about your past or present health status, condition, diagnosis, treatment, prognosis, or payment for health care.

Before we use or disclose your Protected Health Information (PHI), you must give us your written authorization.

If your Agency needs a HIPAA authorization form for the use or disclosure of Protected Health Information, you can obtain one that is state-specific at:

Standard Form: https://eforms.com/images/2016/10/HIPAA-Authorization-for-Use-or-Disclosure-of-Health-Information.pdf

State-Specific Form:

Form Type: https://eforms.com/release/medical-hipaa/#By_Type

We may use your or disclose your PHI to:

Assist in the planning and developing of your Care Plan to ensure the services and care provided will meet your functional needs.

Determine the skills required to provide the services you need (e.g. skilled services such as Nursing, Physiotherapy) or (e.g., non-skilled services such as Personal Care, Respite, Homemaking).

Refer you to another Service Provider if we are unable to deliver, or do not offer, the services that your health and functional condition(s) require (e.g., 24-hour care, skilled nursing services).

Refer you to a Medical Professional when specialized services are indicated (e.g., Medical Practioner, Registered Nurse, Occupational Therapist).

Report changes in your condition to an appropriate person (e.g.

Supervisor, Registered Nurse, Medical Practioner).

Determine the service charges for the type(s) of care and services you need.

Obtain payment, where applicable, from your Insurance Plan (e.g., we may need to disclose your diagnosis, treatment and supplies used for billing purposes).

Contact you by phone, address, or other means, which you have provided:

for operational purposes (e.g., schedule changes, appointment reminders, welfare checks, billing issues)

to inform you about related benefits, services, and treatment options.

If you do not want us to communicate with you in any of these ways, contact: Christy Mendoza 765-586-9683. Disclose your medical information to family members or others who are involved in your care or payment for your care.

You may cancel your written authorizations at any time by notifying: Christy Mendoza 765-586-9683.

Refer to the Notice of Privacy Practices in Appendix “A” for more details about how we use and disclose your PHI information.

How We Secure Your Protected Health Information

To ensure the confidentiality, integrity, and availability of your Protected Health Information we have implemented physical, technical, and administrative security safeguards to protect your PHI against reasonably anticipated threats.

How our Agency secures PHI and define the safeguards you have implemented as specified by HIPAA:

Our Technologies such as encryption software and firewalls are covered under technical safeguards. Physical safeguards for PHI data include keeping physical records and electronic devices containing PHI under lock and key. Administrative safeguards include access controls to limit who can view PHI information and security awareness training.

How You Can Access Your Protected Health Information

You have the right to inspect and/or obtain copies of a broad selection of your PHI including:

medical records

billing and payment records

insurance information

clinical laboratory test results

medical images such as X-rays

wellness & disease management files; and

clinical case notes

There are certain types of PHI that you cannot access including:

PHI that is not part of your personal record

the personal notes made by a mental health care provider a counsellor summarizing a counselling session; and,

documentation that is expected to be required for legal purposes (e.g., a civil, criminal, or administrative action or proceeding).

You may submit a request to access your PHI. Please email: caringheartsathome@yahoo.com. It is your Agency’s decision whether to require requests for accessing PHI to be made in writing. You may also offer the option of using electronic means (e.g., e-mail, secure web- portal) or you might require they sign your Agency’s authorization form. If you choose to use your Agency’s form, you must ensure that usage of the form does not create barriers or delays for clients to access their PHI.

We may, at our discretion, verify your identity or the identify of your representative before making this information available. Verification may be done in-person, orally or in writing.

Your request will be processed as quickly as possible but no later than 30-working days from the time your request is received. The length of time will largely depend on whether the information is provided in person or is sent by certified mail or by electronic means.

There may be a fee for providing you with your Protected Health Information (e.g., hardcopies/paper copies, labor, postage).

What is a “Notice of Privacy Practices”?

We are required by the Health Insurance Portability & Accountability Act (HIPAA) Privacy Rule to provide a “Notice of Privacy Practices” to inform you about:

how your medical information may be used and disclosed; and,

how you can get access to your health information.

We are also required, by law, to state in writing that you received the notice:

The law does not require you to sign the “Acknowledgement of receipt of notice of Notice of Privacy Practices”.

Signing the acknowledgment does not mean that you have agreed to any special uses or disclosures (sharing) of your health records.

Refusing to sign the acknowledgement does not prevent us from using or disclosing health information as HIPAA permits.

If you refuse to sign the acknowledgement, we must keep a record of this fact.

Following is a summary our Notice of Privacy Practices:

Your Rights:

Get an electronic or paper copy of your medical record.

Ask us to correct your medical record.

Request confidential communications.

Ask us to limit what we use or share.

Get a list of those with whom we have shared information.

Get a copy of this Privacy Notice.

Choose someone to act for you.

File a complaint if you feel your rights are violated.

Your Choices

For certain health information you can tell us your choices about what we share.

In some cases, we never share your information unless you give us written permission.

Our Uses & Disclosures

Treat you.

Run our organization.

Bill for your services.

Help with public health and safety issues.

Do research.

Comply with the law.

Respond to organ & tissue donation requests.

Work with medical examiner or funeral director.

Address workers’ compensation, law enforcement and other government requests.

Respond to lawsuits and legal actions.

Our Responsibilities

Maintain privacy and security of your PHI.

Advise you of breaches that might compromise your PHI.

Follow the duties & practices of this notice.

Not use or disclose your information other than as prescribed

Where You Can Find Our “Notice of Privacy Practices”

Our Notice of Privacy Practices can be found:

located in Appendix “A” of this Client Handbook

posted in our Agency office; and/or,

displayed on our website: (If you have a website, enter its URL).

You will receive a Notice of Privacy Practices:

usually at your first appointment

in an urgent situation, you will receive notice as soon as possible after the event

Anyone may request to see our Notice of Privacy Practices.

How Do We Determine Your Satisfaction Level?

As your total satisfaction is our priority, we have established procedures and activities to ensure we continually provide you with quality service, e.g.:

We conduct formal “Client Satisfaction Surveys” which will enable you to give feedback to us about our agency, staff, services, and practices. (You have the option of completing the form anonymously.) Your feedback will help us assess and improve the quality of the services that we provide to you.

Our supervisor will visit your home to:

Discuss your overall satisfaction and areas of concern with you

observe the effectiveness of your current services and, with your input, determine if any changes need to be made to your Care Plan

monitor the safety and quality of the services being provided to you; and,

observe Direct Care Workers in the performance of their duties.

We have client services policies and procedures in place, which incorporate governmental regulations, best practices, and industry standards. They are stringently monitored and enforced.

We encourage you to contact Caring Hearts At Home, LLC. at 765-586-9683 if:

you need clarification on something

you have a complaint

you want to discuss your services; and/or,

you want changes made to your schedule.

We will address your wishes and concerns and will always do our best to gain and maintain your confidence.