HIPAA Compliance (Sharing Your Personal Information)
There are limited situations when we are permitted or required to disclose personal information without your signed authorization.
These situations are:
- To protect victims of abuse, neglect, or domestic violence.
- To reduce or prevent a serious threat to public health and safety.
- For health oversight activities such as investigations, audits, and inspections.
- For local, state, federal agencies to monitor your services.
- For lawsuits and similar proceedings.
- For public health purposes such as reporting communicable diseases, work-related illnesses, or other diseases and injuries permitted by law; reporting births and deaths, and reporting reactions to drugs and problems with medical devices.
- When required by law.
- When requested by law enforcement as required by law or court order, except as limited by laws regarding disclosure of alcohol and other drug treatment.
- To coroners, medical examiners, and funeral directors.
- For organ and tissue donation.
- For workers’ compensation or other similar programs if you are injured at work and are covered by workers’ compensation or other similar programs.
- For specialized government functions such as intelligence and national security.
All other uses and disclosures, not described in this notice, require your signed authorization. You may revoke your authorization at any time with a written statement.
SAFEGUARDING YOUR PERSONAL INFORMATION
We maintain physical, electronic and procedural safeguards that comply with applicable federal and state laws and regulations to guard your personal information against unauthorized use or disclosure. Any third party processor or consultant used by the Board has signed an agreement with us requiring such entity to maintain the confidentiality of your personal information. We also restrict access to your personal information to those employees who need to know the information in order to perform their job duties. The Board maintains policies and procedures that prohibit employees and agents of the Board from using, disclosing, transferring, providing access to or otherwise divulging client health information to any person or entity other than to the individual who is the subject of the information.