NOTICE OF PRIVACY PRACTICES

THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND
DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION.

PLEASE REVIEW IT CAREFULLY.

We are required by law to maintain the privacy of your protected health information, to notify you of our legal duties and privacy practices with respect to your health information, and to notify affected individuals following a breach of unsecured health information. This Notice summarizes our duties and your rights concerning your information. Our duties and your rights are set forth more fully in 45 CFR Part 164. We are required to abide by the terms of our Notice that is currently in effect.
1.Uses And Disclosures We May Make Without Written Authorization.
We may use or disclose your health information for certain purposes without your written authorization, including the following:

Treatment: We may use or disclose your information for purposes of treating you. For example, we may disclose your information to another health care provider so they may treat you; to provide appointment reminders; or to provide information about treatment alternatives or services we offer.

Payment: We may use or disclose your information to obtain payment for services provided to you. For example, we may disclose information to your health insurance company or other payer to obtain pre-authorization or payment for treatment.

Healthcare Operations: We may use or disclose your information for certain activities that are necessary to operate our practice and ensure that our patients receive quality care. For example, we may use information to train or review the performance of our staff or make decisions affecting the practice.

Other Uses or Disclosures: We may also use or disclose your information for certain other purposes allowed by 45 CFR § 164.512 or other applicable laws and regulations, including the following:

• To avoid a serious threat to your health or safety or the health or safety of others.
• As required by state or federal law such as reporting abuse, neglect or certain other events.
• As allowed by workers compensation laws for use in workers compensation proceedings.
• For certain public health activities such as reporting certain diseases.
• For certain public health oversight activities such as audits, investigations, or licensure actions.
• In response to a court order, warrant or subpoena in judicial or administrative proceedings.
• For certain specialized government functions such as the military or correctional institutions.
• For research purposes if certain conditions are satisfied.
• In response to certain requests by law enforcement to locate a fugitive, victim or witness, or to report deaths or certain crimes.
• To coroners, funeral directors, or organ procurement organizations as necessary to allow them to carry out their duties.

2. Disclosures We May Make Unless You Object. 
Unless you instruct us otherwise, we may disclose your information as described below:

• To a member of your family, relative, friend, or other person who is involved in your healthcare or payment for your healthcare. We will limit the disclosure to the information relevant to that person’s involvement in your healthcare or payment.
• To maintain our facility directory. If a person asks for you by name, we will only disclose your name, general condition, and location in our facility. We may also disclosure your religious affiliation to clergy.
• To contact you to raise funds for Madison Memorial. You may opt out of receiving such communications at any time by notifying the Privacy Officer identified below.

3. Uses and Disclosures With Your Written Authorization.  Other uses and disclosures not described in this Notice will be made only with your written authorization, including most uses or disclosures of psychotherapy notes; for most marketing purposes; or if we seek to sell your information. You may revoke your authorization by submitting a written notice to the Privacy Contact identified below. The revocation will not be effective to the extent we have already taken action in reliance on the authorization.

4. Health Information Exchange (HIE). Madison Memorial Hospital, Madison Memorial Rexburg Medical Clinic, Madison Memorial Orthopedics, Madison Surgery Center, and Seasons Medical by Madison Memorial currently participate in health information exchanges (HIE’s), which ultimately help enhance the quality of your care. The goal of the HIE’s is to help participating physicians and providers give better, more efficient care to their patients by the sharing of health information across secure systems. This means that wherever a patient goes, the patient’s health information may be available to all doctors who use the HIE’s, which helps to provide safer, more coordinated patient care.

MMH, MMRMC, MMO, MSC, and SMMM currently utilize Idaho Health Data Exchange (IHDE) and CommonWell Health Alliance to access and share your health information with other participants of these HIE’s for treatment purposes and for payment of treatment services. These HIE’s allow any health information organization that participates in the HIE’s to have secure electronic access to patients’ records. You may opt out of the Health Information Exchange by doing one or both of the following:

Idaho Health Data Exchange: Complete and sign IHDE’s “Request to Restrict Disclosure of Health Information” form and mail or fax it to IHDE. You can find the form here: https://idahohde.org/patients/.

CommonWell Health Alliance: Complete and sign MMH’s “Request to Restrict Disclosure of Health Information” form and mail or fax it to MMH. You can find the form here: https://madisonmemorial.org/restrict-disclosure.

5. Your Rights Concerning Your Protected Health Information. You have the following rights concerning your health information. To exercise any of these rights, you must submit a written request to the Privacy Officer identified below.

• You may request additional restrictions on the use or disclosure of information for treatment, payment or healthcare operations. We are not required to agree to the requested restriction except in the limited situation in which you or someone on your behalf pays for an item or service, and you request that information concerning such item or service not be disclosed to a health insurer.
• We normally contact you by telephone or mail at your home address, or through email if you have provided us with your email address. You may request that we contact you by alternative means or at alternative locations. We will accommodate reasonable requests.
• You may inspect and obtain a copy of records that are used to make decisions about your care or payment for your care, including an electronic copy. We may charge you a reasonable cost-based fee for providing the records. We may deny your request under limited circumstances, e.g., if we determine that disclosure may result in harm to you or others.
• You may request that your protected health information be amended. We may deny your request for certain reasons, e.g., if we did not create the record or if we determine that the record is accurate and complete.
• You may receive an accounting of certain disclosures we have made of your protected health information. You may receive the first accounting within a 12-month period free of charge. We may charge a reasonable cost-based fee for all subsequent requests during that 12-month period.
• You may obtain a paper copy of this Notice upon request. You have this right even if you have agreed to receive the Notice electronically.

6. Changes To This Notice. We reserve the right to change the terms of this Notice at any time, and to make the new Notice effective for all protected health information that we maintain. If we materially change our privacy practices, we will post a copy of the current Notice in our reception area and on our website. You may obtain a copy of the operative Notice from our receptionist or Privacy Officer.

7. Complaints. You may complain to us or to the Secretary of Health and Human Services if you believe your privacy rights have been violated. You may file a complaint with us by notifying our Privacy Officer. All complaints must be in writing. We will not retaliate against you for filing a complaint.

8. Contact Information. If you have any questions about this Notice, or if you want to object to or complain about any use or disclosure or exercise any right as explained above, please contact the Privacy Officer: 208-359-6539 | PO Box 310, Rexburg, ID 83440-0310 | HIMDirector@mmhnet.org

9. Effective Date. This Notice is effective October 28, 2019.