Notice of Privacy Practices
Effective Date: July 2018
This notice describes how medical information about you may be used and disclosed and how you can get access to this information. Please review it carefully.
OUR PLEDGE REGARDING YOUR MEDICAL INFORMATION:
This notice is intended to inform you about our practices related to the protection of your medical information. We are required by law to follow the terms of the current notice.
This notice explains how we may use and disclose (i.e. share) your medical information, our responsibilities related to the use and disclosure of that medical information, and your rights related to medical information we have and maintain about you. When we use the words “medical information,” we mean health information that identifies you, known as Protected Health Information or “PHI.” This notice applies to all such information about your past, present, or future health or conditions; genetic information; pharmacy and prescription records; the reasons you sought care from us; the care received; and the payment for services.
We may ask, but we are not required to ask, your permission for the use or disclosure of your medical information for treatment, payment, or health care operations. We are required to ask for your permission for the use or disclosure of information for other specific purposes or reasons. We have listed some of the types of uses and disclosures below. Not every use or disclosure is covered, but all of the ways we can use and disclose information will fall into one of these categories.
WHO WILL FOLLOW THIS NOTICE: All CoxHealth facilities, departments, clinics and Affiliated Covered Entities existing now or in the future. This notice also applies to all employees, contractors, physicians and other health care providers, volunteers, and students in our facilities. These individuals may share medical information as described here. All are referred to collectively as “CoxHealth”.
Your Rights -
When it comes to your medical information, you have the right to:
Get a copy of your information. We will provide a copy or a summary of your medical information, usually within 30 days of your request. We can charge a reasonable, cost-based fee for this service. Please contact Health Information Management for records.
Ask us to correct or amend your record if you believe it to be incorrect or incomplete. We have the right to deny your request, but we will tell you why in writing within 60 days. Please contact Health Information Management about this process.
Request confidential communications or ask us to contact you in a specific way (for example, home or office phone) or to send mail to a different address. We will agree to all such requests that are reasonable. Please let CoxHealth know if you have such a request.
us not to use or share certain information with others. We are not required to agree to your request
and certain laws require us to share that information. We may also deny the
request if it would affect your care. In
addition, if you pay for a service or health care item out-of-pocket in full,
you can ask us not to share that information with your health insurer. Please
let the HIPAA Privacy and Security Officer know if you have such a request.
Get a list of who we shared your information with for the last 6 years and why. We will include all the disclosures except for those for treatment, payment, and health care operations, and certain other disclosures (such as any you asked us to make). One list a year is free. There will be a reasonable, cost-based fee if you ask for another one within 12 months. Please contact the HIPAA Privacy and Security Officer for an accounting of disclosures.
get a copy of this privacy notice in
paper or electronic form upon request.
Please contact the HIPAA Privacy and Security Officer for an additional
copy of this notice or visit our website, www.coxhealth.com.
someone to act for you. We
will make sure this person has legal authority to act on your behalf before we
take any action. Please let registration, case management or care staff know
about this choice.
there is a breach of your information, we may be required to notify you,
including telling you what happened and what you can do to protect yourself.
a complaint. Please
contact our HIPAA Privacy and Security Officer.
You can also file a complaint with the U.S. Department of Health and
Human Services Office for Civil Rights by sending a letter to 200 Independence
Avenue, S.W., Washington, D.C. 20201, calling 1-877-696-6775,
or visiting www.hhs.gov/ocr/privacy/hipaa/complaints/. We will not retaliate against you for filing
Our Uses and Disclosures -
We use or share your medical information in the following ways:
For Treatment. We use your medical information and share it with others treating you. For example:
doctor treating you for an injury asks another doctor about your overall health
as part of treating you.
- A doctor
needs to review your records to know your allergies before prescribing drugs.
need to share your medical information with each other to provide the best
healthcare, before and after discharge or treatment.
- We manage your treatment within our different hospitals and clinics.
- We share
with outside organizations for them to provide services to you on our behalf,
such as a referral for care.
- We ask
you to rate our staff’s performance and combine it with other patients’ opinions
to help us judge whether CoxHealth should add or change services and evaluate
- We may give information about you to your health insurance plan so it will pay for your services.
give your information to your health insurance plan to pay for your services.
- We give
your information to our outside billing companies, collections agencies or
other covered entities that have provided services to you on our behalf (such
as ambulance service providers, Ozark Anesthesia Associates, Inc., and
Pathology Services of Springfield, P.C.) so they can collect a payment from
you. Please be aware you may receive
- We will
share your information to a court of law as part of the collections process.
Health Information Exchanges. We participate in one or more Health Information Exchanges ("HIE") and may electronically share your information for treatment, payment and health care operations purposes with other participants in the HIEs. HIEs allow your health care providers, inside and outside the CoxHealth system, to access and use your information for treatment and other lawful purposes. If you do not opt-out of this exchange of information, we may provide your information to the HIEs in accordance with applicable law.
How else can we use or share your health information? We also share your information as follows:
help with public health and safety issues. Your
information is helpful to: prevent or notify others about certain diseases;
help with product recalls; report adverse reactions to medications; report
suspected abuse, neglect, or violence; an emergency or disaster event; a public
health reporting authority; health oversight activities such as audits,
investigations, inspections and licensures; and prevent or reduce a serious
threat to anyone’s health or safety.
- For research.
- To comply with local, state, and federal law.
- To respond to organ and tissue donation requests.
- To work with a medical examiner, coroner or funeral director.
- To address workers’ compensation, criminal activity, law enforcement, and other government requests.
- To respond to lawsuits, legal actions, administrative orders, or in response to a subpoena.
- Immunization Records. We are required to obtain agreement, whether in writing or verbally, from a parent, guardian, or person acting in loco parentis prior to disclosing or providing proof of immunizations to an educational institution admitting a minor student. No separate written HIPAA authorization is required for this action by CoxHealth.
- Available Services. Unless you tell us otherwise, we will use your information to find benefits or services that may help you.
- Special Circumstances. In addition, CoxHealth reserves the right to allow your medical information to be de-identified and combined with other information in accordance with all applicable laws for uses such as research, public health activities, or other health care operations.
Your Choices -
For certain medical information, you can tell us your choices about what we share. For example:Facility Directories (Hospital patients only). A facility directory may include your name, location in the facility, general condition, and religious affiliation (if provided). Unless you tell us otherwise, you will be included in the directory and information may be disclosed to people who ask for you by name. Unless you object, visiting community clergy or their staff may obtain your religious affiliation without asking for you by name. This can be prevented by not providing your religious affiliation or by affirmatively objecting.
Individuals Involved in your Care. We will only disclose your information to a member of your family, a relative, or any other person you identify to us and we will limit such information to what they need to know about your care, unless you tell us otherwise. You will be asked to provide the names of these individuals. We are further permitted to make relevant disclosures to a deceased person’s family and friends under essentially the same circumstances such disclosures were permitted when the patient was alive.
In an Emergency. Unless
we know otherwise, we will use your information in an emergency. We will try to
obtain your permission as soon as possible.
Appointment Reminders/Scheduling/Follow-up Calls. We may use and disclose information to contact you about an appointment, a referral visit, or to follow-up with you after a visit. For example, unless you tell us not to, we may leave a brief reminder on your answering machine or voicemail system about an appointment or procedure.
Fundraising Activities. We may use or disclose your demographic information, health insurance status, general department of service information, treating physician information, outcome information and the dates you received treatment, as necessary, to contact you for fundraising activities supported by our organization. You have the right to opt out of such solicitations by notifying in writing the HIPAA Privacy and Security Officer.
If you are not able to tell us your preferences in the above situations (for example, if you are unconscious), we may share your information if we believe it is in your best interest. We may also share your information when needed to lessen a serious and imminent threat to health or safety.
We may never share your information without permission for marketing purposes; any transaction in which CoxHealth receives direct or indirect financial payment in exchange for your information; or share your psychotherapy notes with other providers.
Our Responsibilities -
are required by law to maintain the privacy and security of your information
and to let you know promptly if a breach occurs that may have compromised the
privacy or security of your information.
We must follow the duties and privacy practices described in this notice
and give you a copy of it. We will not
use or share your information other than as described here unless you tell us
we can do so. If you tell us we can, you
may change your mind at any time by letting us know in writing.For more information see: www.hhs.gov/ocr/privacy/hipaa/understanding/consumers/noticepp.html.
Changes to the Terms of this Notice. This notice can change, and the changes will apply to all your information. The new notice will be available upon request, in our clinics and facilities, and on our website, www.coxhealth.com.
If you have any questions about this Notice, please contact:
CoxHealth HIPAA Privacy and Security Officer
3801 South National Avenue
Springfield, Missouri 65807
Telephone: 417-269-6068 or 1-888-340-5297
The information on this web site is for informational purposes only, and is not intended to provide medical or other professional advice. If you suspect you may have a health problem, you should contact your health care provider for specific advice suitable to your situation.
Although CoxHealth makes reasonable efforts to provide accurate and complete information, we cannot guarantee the accuracy, completeness or usefulness of any information or materials contained on this web site. Visitors to this web site assume the risk of using any information or materials contained herein.
CoxHealth provides links to other web sites solely for the convenience of the visitors to our web site. CoxHealth takes no responsibility for the content or information contained on any other site, and does not recommend, endorse or approve any materials, products or services which may be available or advertised on any other site.
Visitors to our web site are advised that CoxHealth cannot guarantee the confidentiality and security of electronic mail submitted via the Internet.
CoxHealth reserves all rights to the information on this web site, including the right of distribution. Information on this web site may be protected under copyright laws.
As a user of this site, you take on certain risks and responsibilities. You also have the right to know how we protect your privacy and ensure your confidentiality and what you should expect from us.
Your Role, Responsibilities, and Risks
Pay special attention to your risks as a user. Web site users open themselves up to certain risks, such as data collection.
Understand how we collect data and how it is used. It is our goal to protect your personal information from misuse. We do, however, offer programs that collect data for special reasons, such as research, scientific studies, and statistics, in which case you may be interested in participating.
Be aware that use of this site, its services, programs, and the health information on it cannot replace nor is it intended to serve as a health care provider-patient relationship. You must always consult with a professional for diagnosis and treatment for specific health problems.
What You Should Expect From Us
It is our goal to ensure your trust and confidence by providing you with as much information as we can about data collection procedures and information when needed.
We will not intentionally use your data without your permission, unless for purposes of maintaining the site or for reviewing the site's use.
We will make every effort to notify you accordingly of all data collection practices.
It is our intention to clearly inform you when your risks or privacy may change during the course of using this site.
It is our goal to make you aware when you leave our site for another, either by telling you in writing or by another technical mechanism.
We want you to know that this system operates on a secure server and your personal and professional information and health-related personal information is encrypted before it is transmitted. Encryption is a form of scrambling and de-scrambling that ensures that no unauthorized person can see your information.
We will separate health information content from advertising and sponsorship programs so you can distinguish between the two.
Where health professionals may interact with consumers, we will make every effort to tell you if this establishes a patient-provider relationship and make available the credentials and qualifications of professionals.
We will not accept or show you health information content, advertising, sponsored programs, or services that we know to contain false or misleading information or that promote ineffective or dangerous products.
Our Security Measures
Although we make every reasonable effort to protect personal information and health-related personal information from loss, misuse, or alteration by third parties, you should be aware that there is always some risk involved in transmitting information via the Internet and that hackers or thieves do find ways to thwart security systems.
About the Information We Collect
We understand that the personal information and health-related personal information you provide during your visit to our site is highly sensitive and you may have concerns about sharing such information with us. It is our goal to protect your privacy and we strive to develop practices and policies to safeguard your personal and health-related personal information.
At different places on our site, you may be asked to volunteer your name, e-mail, address and telephone number. We refer to this type of information as "personal information" because it can be used to identify or contact you. When this information is combined with any information on your health or medical status, we refer to this information as "health-related personal information." We often collect information on site use that has nothing to do with you as an individual, only as an anonymous user of the site. We call this information "aggregate information." We intend to use the personal information, health-related personal information, and aggregate information only for the purposes for which it was provided.
Some personal information and health-related personal information is needed to use this site, and we ask that you provide it with the knowledge that it will be used to enhance your experience. This information is kept confidential. We do offer special data collection programs that you can "opt-in" to use, in some cases to receive e-mail on health topics or to participate in a new service. For opt-in programs we provide you, when applicable, with detailed information on:
Who is collecting the data;
What data are collected;
Why and how the data are transferred to a third party;
How the data are being used;
How long the data are being collected;
Who has access to the data;
What revenue that is generated from data use in relation to advertisers and sponsors; and
How to opt-out of data collection.
Where this Information Is Collected
We collect information about you at several places throughout the site. You will be informed on how this information is collected at that time. You will also have the ability to opt-in to information collection when you enter the site or use a service. Most information is collected in the following instances:
In order to have access to all of the services and content available on our site, you are required to complete a registration form that requests certain information, such as name, telephone number and e-mail address. In addition, you are asked during registration to tell us about health topics that you are interested in. We offer specialized registration for certain programs, events, and classes that may request some or all of the above information.
We may use your registration information to send you an e-mail confirming your registration with our site, to respond to questions from you, or to notify you if there is a problem with any order for goods or services that you placed. We may also, from time to time, send e-mails, with your permission, on special promotions or newsletters we think may be of interest to you.
Some of the interactive tools on our site ask you for personal information and health-related personal information. Specifically, our health risk assessment tools may ask for information on your personal and/or family medical history including height, weight, blood pressure, history of certain conditions and/or diseases and medication history. Our health care professional directory may ask you for information on your insurance plan and geographic location in order to identify listed professionals in your area. The health risk assessment tools use the personal health information you provide to generate a personal health record to help you manage your health. Your personal health record is kept strictly confidential and can only be accessed by using your password and login ID. We will make every effort not to use or disclose your personal health record to any one without your express consent. In some cases, you can permit your physician, pharmacist or other health care-related professional to have access to your personal health record.
Chat Rooms/Bulletin Boards
Chat Rooms/Bulletin Boards - As a service to our users, we may feature chat rooms/bulletin boards where users with similar medical conditions can share information and support one another. In addition, we may also offer online discussions on a variety of topics moderated by medical experts. You should be aware that any information shared in a chat room/bulletin board is public information and you should think carefully before disclosing any personal and/or health-related personal information in any chat room/bulletin board.
When this service is offered on this site and you purchase nonprescription products and services from us, such as ordering flowers for delivery to a local hospital, we will request that you provide your name, e-mail address, credit card number and expiration date, phone number and billing and shipping addresses.
If you order prescription drugs or medical equipment, we will ask for all of the information above, as well as the information that you would ordinarily provide to your pharmacist, including your prescribing doctor's name, your residential address, your gender and birth date, any drug allergies and existing medical conditions. If applicable, we will also ask for your health insurance information including the name, address and telephone number of your insurer and your member identification number (which may be your social security number). We may also ask for additional information about your current prescriptions and medical history.
This information will help us provide you with the necessary information to make the safest and most effective use of your prescription medication or equipment. This information will be kept in the strictest confidence. We will make every effort to maintain the privacy and security of this information at all times.
Your browser software can be set to reject all cookies, including cookies from our site. Most browsers offer instructions on how to reset the browser to reject cookies in the Help section of the toolbar. If you reject our cookie, certain functions and conveniences of the site may not work properly. You do not have to accept our cookie in order to productively use our site. If you accept our cookie, we will never link the cookie to personal information and/or health-related personal information you provide to us. We will not allow other sites or third parties to use our cookies.
How We Use Your Personal Information
We continually seek new ways to maintain your trust as a user and improve our offerings. To provide new and better services, we tend to monitor user traffic patterns and try to analyze what our users like and do not like about our current offerings so we can design better services for you. We may also use certain information for testing purposes, site development and planning, and during the normal course of maintaining the site. When you use our site, you automatically allow us to collect this information. In these cases, researchers, business analysts, system designers, and others may have access to the data we collect.
We do not intend to use or disclose any personal information or health-related personal information you provide on our site to an unrelated third party without your express permission, except as explained in this section. You should know that there are circumstances when, in the ordinary course of business, we will share some information about you with a related third party.
If you have insurance coverage for your prescriptions, your insurance company or prescription benefit manager may have access to information about your orders so they can process your benefits or assist you with your prescription orders, if necessary. This information is shared in accordance with the terms of your health plan and the information remains confidential.
We may also share aggregate statistical information on our users, sales, traffic patterns and site usage with our business partners and sponsors. There is nothing in this information that could be used to identify or contact you.
We may, from time to time, contract with vendors to provide specific services, such as data analysis, data storage, e-mail processing, customer service, sweepstakes or special promotions. We ask vendors to adhere to our confidentiality standards and do not permit a vendor to use our customer information for any other purpose. In many of these instances, you will be given the opportunity to opt-in to this collection of information and can opt-out at any time.
We may share registration data with business partners that maintain a co-branded service or content, only with your affirmative consent. For more information on co-branded sites, read the information below on our relationships with third parties.
In certain limited circumstances, we may be legally compelled to release your personal information in response to a court order, subpoena, search warrant, law or regulation. In the event that we are compelled to disclose personal information and/or health-related personal information to a third party, we will notify you unless doing so would violate the law or court order. We also reserve the right to cooperate with law enforcement authorities in investigating and prosecuting users that violate our rules or engage in behavior that is harmful (or illegal) to other users.
Our Relationship with Third Parties
We request that third-party vendors supply us with information on their security procedures, and we evaluate them periodically to ensure that they are using data in the agreed upon way. You should know that our relationship with some third party vendors provide us with revenues based on the number of users who view an advertisement or use a sponsored or co-branded program. These revenues are based on the use of a site and not on you as an individual.
In some cases we also receive revenue from the use of external services, such as buying flowers online or other such services, and may get a commission on specific purchases made online. In addition, we may allow third-party vendors to buy aggregate data collected on our site but that data cannot be used to identify you. There are three types of relationships that differ from our standard business partner relationship in which we license content or a product for integration. These exceptions are:
Sponsored or Co-branded Sites
We allow other companies to make services and/or content available to you, sometimes on a sponsored or co-branded basis. To access the services on a sponsored or co-branded site, you may have to complete an online registration form in addition to the registration you completed for us. Whenever you provide registration information on sponsored or co-branded sites, data can be collected. You should read the individual privacy policies of sponsored or co-branded sites. Reading the policies will help you make an informed decision on whether or not you want to use the site.
You should know that we might allow advertising to be coordinated with health information content on our site. This happens through linking up identification codes with an ad and a health topic. In no way is your use of this site and the health information you view directly connected with advertising.
Our Children's Policy
Parents and guardians of minors who permit their children to use our site should be aware that any information volunteered by a child in a chat room, bulletin board, moderated online discussion or other public forum on our site could be used by other persons participating or observing activities on the site to contact the child via e-mail or in some other manner. We do not have control over the actions of these third parties and are not responsible for any contacts that may occur. When it is brought to our attention that a 13 or under user has volunteered personal information on a chat room or other public forum on our site, we will delete such information from our active databases in accordance to our deletion policy.
To obtain more information on a child's use of this site, parents or guardians can contact us in writing using the address in our Contact Us link.
Your Privacy Choices
Change/Update Personal Information
You may change or update your personal information and/or health-related personal information at any time by contacting us in writing using the address in our Contact Us link.
Remove or Delete Personal Information
You may remove previously provided personal and/or health-related personal information at any time by contacting us in writing using the address in our Contact Us link.
Users should be aware that it is not always technically possible to remove or delete the information you provide to us. We back-up our systems to protect information from inadvertent loss, and that means a copy of your personal information may exist in a non-erasable form that may be difficult or impossible for us to locate. Nevertheless, upon receiving your request we will try to remove or delete all personal information and/or health-related personal information stored in the databases that we use for research and daily business activities. We will not intentionally disclose any personal information stored in a non-erasable format after receiving your request for removal, except as required by law.
There are certain restrictions on your ability to correct, update or remove the health information you enter into a personal health record. If your doctor or other health care professional has access to your personal health record, and they add information to that record, your personal record could be considered an official medical record for legal purposes. In this case, information cannot be deleted or removed, only updated or annotated.
We want you to rely on us as a trustworthy, quality resource of health information. Medical experts have reviewed the content on this site for clinical accuracy. You'll have information on who wrote an article and when it was written and updated.