HIPAA PRIVACY PROTECTION NOTICES
Revised August 9, 2019
Therapy for Ladies
BLDG 27, ste 300 Marietta, GA 30067 || 770-481-2104
Therapy for Ladies will use commercially reasonable efforts to always respond and resolve any problem or question as promptly as possible
THIS NOTICE DESCRIBES HOW OUR MENTAL HEALTH RECORDS MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE READ IT CAREFULLY. THIS POLICY IS POSTED ON OUR WEBSITE AT www.therapyforladies.com. A PAPER COPY IS AVAILABLE UPON YOUR REQUEST FOR YOUR REVIEW AS WELL.
Your Rights to Privacy under HIPAA Preamble:
Communications between psychotherapists and their clients are privileged and, therefore, are protected from forced disclosure in cases arising under federal law. There is a difference between privileged conversations and documentation in your mental health Records are kept documenting your care as required by law, professional standards, and other review procedures. HIPAA very clearly defines what kind of information is to be included in your “Designated Medical Record” as well as some material, known as “Psychotherapy Notes” which is not accessible to insurance companies and other third-party reviewers and in some cases, not to the client himself/herself. HIPAA provides privacy protections about your personal health information, which is called “protected health information” (PHI) which could personally identify you. PHI consists of three(3) components: treatment, payment, and health care operations. Treatment refers to activities in which I provide, coordinate or manage your mental health care or other services related to your mental health care. Examples include a psychotherapy session, psychological testing, or talking to your primary care physician about your medication or overall medical condition. Payment is when I obtain reimbursement for your mental health care. The clearest example of this parameter is filing insurance on your behalf to help pay for some of the costs of the mental health services provided you. Health care operations are activities related to the performance of my practice such as quality assurance. In mental health care, the best example of health care operations is when utilization review occurs, a process in which your insurance company reviews our work together to see if your care is “really medically necessary.” The use of your protected health information refers to activities my office conducts for filing your claims, scheduling appointments, keeping records and other tasks within my office related to your care. Disclosures refer to activities you authorize which occur outside my office such as the sending of your protected health information to other parties (i.e., your primary care physician, the school your child attends).
Uses and Disclosures of Protected Health Information Requiring Authorization
The law requires authorization and consent for treatment, payment and healthcare operations. I may disclose PHI for the purposes of treatment, payment and healthcare operations with your consent. You have signed this general consent to care and authorization to conduct payment and health care operations, authorizing me to provide treatment and to conduct administrative
steps associated with your care (i.e., file insurance for you) .Additionally, if you ever want me to send any of your protected health information of any sort to anyone outside my office, you will always first sign a specific authorization to release information to this outside party. A copy of that
authorization formis available upon the request. The requirement of your signing an additional authorization form is an added protection to help insure your protected health information is kept strictly confidential. An example of
this type of release of information might by your request that I talk to your child’s schoolteacher about his/her ADHD condition and what this teacher might do to be of help to your child. Before I talk to that teacher, you will have
first signed the proper authorization for me to do so. There is a third, special authorization provision potentially relevant to the privacy of your records: my psychotherapy notes. In recognition of the importance of the confidentiality of conversations between psychotherapist -client in
treatment settings, HIPAA permits keeping separate “psychotherapy notes” separate form the overall “designated medical record.” “Psychotherapy notes” cannot be secured by insurance companies nor can they insist upon their release for payment of services as has unfortunately occurred over the last two decades of managed mental health care. “Psychotherapy notes” are my notes “recorded in any medium by a mental health provider documenting and analyzing the contents of a conversation during a private, group or joint family counseling session and separated from the rest of the individual’s medical record.” “Psychotherapy notes” are necessarily more private and contain much more personal information about you hence, the need for increased security of the notes. “Psychotherapy notes” are not the same as your “progress notes” which provide the following information about your care each time you have an appointment at my office: medication prescriptions and monitoring, assessment/treatment start and stop times, the modalities of care, frequency of treatment furnished, results of clinical tests, and any summary of your diagnosis, functional status, treatment plan, symptoms, prognosis and progress to date. Certain payors of care, such as Medicare and Workers Compensation, require the release of both your progress notes and my psychotherapy notes in order to pay for your care. If I am forced to submit your psychotherapy notes in addition to your progress notes for reimbursement for services rendered, you will sign an additional authorization directing me to release my psychotherapy notes. Most of the time I will be able to limit reviews of your protected health information to only your “designated record set” which include the following: all identifying paperwork you
completed when you first started your care here, all billing information, a summary of our first appointment, your mental status examination, your individualized, comprehensive treatment plan, your discharge summary, progress notes, reviews of you care by managed care companies, results of psychological testing, and any authorization letters or summaries of care you have authorized me to release on your behalf. Please note that the actual test questions or raw data of psychological tests, which are protected by copyright laws and the need to protect clients from unintended, potentially harmful use, are not part of your “designated mental health record.” You may, in writing, revoke all authorizations to disclose protected health information at any time. You cannot revoke an authorization for an activity already done that you instructed me to do or if the authorization was obtained as a condition for obtaining insurance and the insurer has the right to contest the claim under the policy.
Business Associates Disclosures
HIPAA requires that I ensure that all those performing ancillary administrative service for my practice and refers to these people as “Business Associates” sign and enter into a HIPAA compliant Business Associate Agreement so that your privacy is ensured at all times.
Uses and Disclosures Not Requiring Consent nor Authorization
By law, protected health information may be released without your consent or authorization for the following reasons:
I never release any information of any sort for marketing purposes.
Client’s Rights and My Duties
You have a right to the following:
Samantha Edu, LPC, CPCSis the appointed “Privacy Officer” for Therapy for Ladies per HIPAA regulations. If you have any concerns of any sort that my office may have compromised your privacy rights, please do not hesitate to speak to Lynn immediately about this matter. You will always find us willing to talk to you about preserving the privacy of your protected mental health information. You may also send a written complaint to the Secretary of the U.S. Department of Health and Human Services.
HIPAA provides client protections related to the electronic transmission of data (the transaction rule), the keeping and use of client records (“privacy rules”), and storage and access to health care records (“the security rules”).
HIPAA applies to all health care providers, including mental healthcare, and providers and health care agencies throughout the country are now required to provide clients a notification of their privacy rights as it relates to their health care records.
As you might expect, the HIPAA law and regulations are extremely detailed and difficult to grasp if you don’t have formal legal training. My Client Notification of Privacy Rights is my attempt to inform you of your rights in a simple yet comprehensive fashion. Please read this document as it is important you know what client protections HIPAA affords all of us. In mental health care, confidentiality and privacy are central to the success of the therapeutic relationship and as such, you will find I will do all I can to protect the privacy of your mental health records. If you have any questions about any of the matters discussed in this document, please do not hesitate to ask me for further clarification.
Address: BLDG 27, ste 300 Marietta, GA 30067