Information regarding your health care, including payment for health care, is protected by two federal laws: the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), 42 U.S.C. $ 1320d et seq., 45 C.F.R. Parts 160 & 164, and the Confidentiality Law, 42 U.S.C. $290dd-2, 42 C.F.R. Part 2. Under these laws, Mental Health Resources, Inc. may not say to a person outside Mental Health Resources, Inc. that you attend the program, nor may Mental Health Resources, Inc. disclose any information identifying you as an alcohol and drug abuser, or disclose any other protected information except as permitted by federal law.
Mental Health Resources, Inc. must obtain your written consent before it can disclose information about you for payment purposes. For example, Mental Health Resources, Inc. must obtain your written consent before it can disclose information to your health insurer in order to be paid for services. Generally, you must also sign a written consent before Mental Health Resources, Inc. can share information for treatment purposes or for health care operations. However, federal law permits Mental Health Resources, Inc. to disclose information without your written permission:
For example, Mental Health Resources, Inc. can disclose information without your consent to obtain legal or financial services, or to another medical facility to provide health care to you, as long as there is a qualified service organization/business associate agreement in place.
Before Mental Health Resources, Inc. can use or disclose any information about your health in a manner which is not described above, we must first obtain your specific written consent allowing it to make the disclosure. Any such written consent may be revoked by you in writing.
Under HIPAA you have the right to request restrictions on certain uses and disclosures of your health information. Mental Health Resources, Inc. is not required to agree to any restrictions you request, but if it does agree then it is bound by that agreement and may not use or disclose any information which you have restricted except as necessary in a medical emergency.
You have the right to request that we communicate with you by alternative means or at an alternative location. Mental Health Resources, Inc. will accommodate such requests that are reasonable and will not request an explanation from you. Under HIPAA you also have the right to inspect and copy your own health information maintained by Mental Health Resources, Inc. except to the extent that the information contains psychotherapy notes or information compiled for use in a civil, criminal or administrative proceeding or in other limited circumstances.
Under HIPAA you also have the right, with some exceptions, to amend health care information in Mental Health Resources, Inc.’s records, and to request and receive an accounting of disclosures of your health related records.
Mental Health Resources, Inc. Duties
Mental Health Resources, Inc. is required by law to maintain the privacy of your health information and to provide you with notice of its legal duties and privacy practices with respect to your health information. Mental Health Resources, Inc. is required by law to abide by the terms of this notice. Mental Health Resources, Inc. reserves the right to change the terms of this notice and to make new notice provisions effective for all protected health information it maintains. Revised notices will be posted in all Mental Health Resources, Inc. offices as well as given to all active patients.
Complaints and Reporting Violations
You may complain to the Secretary of the United States Department of Health and Human Services at 200 Independence Avenue S.W. , Washington, D.C. 20201 and to the Mental Health Resources, Inc. Privacy Officer if you believe that your privacy rights have been violated under HIPAA. Mental Health Resources, Inc. will take no retaliatory action against you if you file a complaint about our privacy practices.
Client Authorizations for HIPAA Omnibus Rule
The Mega Rule requires most covered entities to revise their NOPPS to include statements including: (i) that most disclosures of PHI for marketing purpose or that constitutes a sale of PHI require authorization: (ii) the patient's right to opt out receiving fundraising communications: (iii) the patient's right to restrict disclosures of PHI in certain situations: and (iv) the patient's tight to receive notification of a breach of their unsecured PHI.
In the event that there is a suspected breach of privacy or security of Protect Health Information(PHI) Mental Health Resources, Inc. (MHR) will contact individuals telephonically, via mail, or newspaper publication.
In the event of a suspected breach, Mental Health Resources, Inc. will conduct an objective analysis to determine the probability that PHI was compromised.
Requesting of Records
Individuals have the right to receive access to their PHI in electronic or paper format.
If you have questions about this notice or any complaints, please contact:
Mr. David Brown – Mental Health Resources, Inc. Privacy Security Officer, 575-769-2345 ext. 126.
Violation of Confidentiality Law by a program is a crime. Suspected violations of this Confidentiality Law may be reported to the United States Attorney in the district where the violation occurs.