THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.
As an essential part of our commitment to you, Booker EMS maintains the privacy of certain confidential health care information about you, known as Protected Health Information or PHI. We are required by law to protect your health care information and to provide you with the attached Notice of Privacy Practices.
The Notice outlines our legal duties and privacy practices with respect to your PHI. It not only describes our privacy practices and your legal rights, but lets you know, among other things, how Booker EMS is permitted to use and disclose PHI about you, how you can access and copy that information, how you may request amendment of that information, and how you may request restrictions on our use and disclosure of your PHI.
Booker EMS is also required to abide by the terms of the version of this Notice currently in effect. In most situations we may use this information as described in this Notice without your permission, but there are some situations where we may use it only after we obtain your written authorization, if we are required by law to do so.
We respect your privacy, and treat all health care information about our patients with care under strict policies of confidentiality that all of our staff are committed to following at all times.
If you have any questions about this Notice please contact Booker EMS by calling (806) 650-2366.
Purpose of This Notice: We are required by law to maintain the privacy of Protected Health Information/electronic Protected Health Information (PHI/e-PHI) and to provide patients with notice of our legal duties and privacy practices with respect to PHI/e-PHI. This Notice of Privacy Practices describes how we may use and disclose your PHI/e-PHI to carry out treatment, payment or health care operations and for other purposes that are permitted or required by law. It also describes your rights to access and control your PHI/e- PHI. “PHI/e-PHI” is information about you, including demographic information, that may identify you and that relates to your past, present or future physical or mental health or condition and related health care services.
We are required to abide by the terms of this Notice of Privacy Practices. We may change the terms of our notice, at any time. The new notice will be effective for all PHI/e-PHI that we maintain at that time. Upon your request, we will provide you with any revised Notice of Privacy Practices by either mailing the revised Notice to an address you provide or by delivering a revised Notice to you at our office.
- Uses and Disclosures of PHI/e-PHI
Uses and Disclosures of PHI/e-PHI for Treatment, Payment and Health Care Operations
We are permitted to use and disclose your PHI/e-PHI for treatment, payment and health care operations as described in Section 1. Your PHI/e-PHI may be used and disclosed by us and others outside of our office that are involved in your care and treatment for the purpose of providing health care services to you. Your PHI/e-PHI may also be used and disclosed to facilitate payment of your health care bills and to support our operations.
Following are examples of the types of uses and disclosures of your protected health care information that we are permitted to make. These examples are not meant to be exhaustive, but to describe the types of uses and disclosures that may be made by our office.
Treatment: We will use and disclose your PHI/e-PHI to provide, coordinate, or manage your health care and any related services. This includes the coordination or management of your health care with a third party that has already obtained your permission to have access to your PHI/e-PHI. For example, we would disclose your PHI/e-PHI, as necessary, to a home health agency that provides care to you. We will also disclose PHI/e-PHI to other physicians and health care providers who may be treating you. For example, your PHI/e-PHI may be provided to a physician to whom you have been referred to ensure that the physician has the necessary information to diagnose or treat you.
In addition, we may disclose your PHI/e-PHI from time-to-time to another physician or health care provider (e.g., a specialist or laboratory) who, at our request, becomes involved in your care by providing assistance with your health care diagnosis and treatment.
Payment: Your PHI/e-PHI may be used, as needed, to obtain payment for your health care services. This may include certain activities that a payor (whether a govt. entity or private insurance or other health plan) may undertake before it approves or pays for the health care services we recommend for you, such as making a determination of eligibility or coverage for insurance benefits, reviewing services provided to you for medical necessity, and undertaking utilization review activities.
Health Care Operations: We may use or disclose, as-needed, you PHI/e-PHI in order to support the business activities of our office. The activities include, but are not limited to: quality assessment activities; employee review activities; training or medical students, other practitioners, or non-health care professionals; accreditation; certification; licensing; credentialing; and conducting or arranging for other business activities. For example, we may use and disclose your PHI/e-PHI when training and reviewing our staff.
We will share your PHI/e-PHI with third party “business associates” that perform various activities (e.g., auditing, legal, operating and troubleshooting our health information technology) for us. Whenever arrangement between our office and a business associate involves the use or disclosure of your PHI/e-PHI, we will have a written contract that contains terms that will protect the privacy of your PHI/e-PHI. This requirement will not apply if the business associate is a “health care component” designated by our governing body.
We may use or disclose your PHI/e-PHI, as necessary, to provide you with information about treatment alternatives or other health-related benefits and services we offer that may be of interest to you. You may contact our Privacy Official to request that these materials not be sent to you.
Emergencies: We may use or disclose your PHI/e-PHI in an emergency treatment situation.
Other uses and Disclosures of PHI/e-PHI Based upon your Written Authorization
Other uses and disclosures of your PHI/e-PHI will be made only with your written authorization, unless otherwise permitted or required by law as described below. You may revoke this authorization, at any time, in writing, except to the extent that we have taken action in reliance on the use or disclosure indicated in the authorization.
Other Permitted Uses and Disclosures to Which You May Agree or Object
We may use and disclose your PHI/e-PHI in the following instances. You have the opportunity to agree or object to the use or disclosure of all or part of your PHI/e-PHI. If you are not present or able to agree or object to the use or disclosure of the PHI/e-PHI, then we may, using professional judgment, determine whether the disclosure is in your best interest. In this case, only the PHI/e-PHI that is relevant to your health care will be disclosed.
Others involved in Your Health Care: Unless you object, we may disclose to a member of your family, a relative, a close friend or any other person you identify, your PHI/e-PHI that directly relates to that person’s involvement in your health care. If you are not present or unable to agree or object to such a disclosure because of your incapacity or an emergency circumstance, we may disclose such information as necessary if we determine that it is in your best interest based on our professional judgment. We may use or disclose PHI/e-PHI to notify or assist in notifying a family member, personal representative or any other person that is responsible for your care of your location, general condition or death. Finally, we may use or disclose your PHI/e-PHI to an authorized public or private entity to assist in disaster relief efforts and to coordinate uses and disclosures to family or other individuals involved in your health care.
Other Permitted and Required Uses and Disclosures That May Be Made Without Your Consent, Authorization or Opportunity to Object
We may use or disclose your PHI/e-PHI in the following situations without your consent or authorization. The situations include:
Required By Law: We may use or disclose your PHI/e-PHI to the extent that the use or disclosure is required by law. The use or disclosure will be made in compliance with the law and will be limited to the relevant requirements of the law. If required by law, you will be notified of any such uses or disclosures.
Public Health: We may disclose your PHI/e-PHI for public health information for public health activities and purposes to a public health authority that is permitted by law to collect or receive the information. The disclosure will be made for the purpose of controlling disease, injury or disability. We may also disclose your PHI/e-PHI, if directed by the public health authority, to a foreign government agency that is collaborating with the public health authority.
Communicable Diseases: We may disclose your PHI/e-PHI, if authorized by law, to a person who may have been exposed to a communicable disease or may otherwise be at risk of contracting or spreading the disease or condition.
Abuse or Neglect: We may disclose your PHI/e-PHI to a public health authority or other government authority that is authorized by law to receive reports of child abuse or neglect. In addition, if we believe that you have been a victim of abuse, neglect or domestic violence we may disclose your PHI/e-PHI to the governmental entity or agency authorized to receive such information. In this case, the disclosures will be made consistent with the requirements of applicable federal and state laws.
Health Oversight: We may disclose PHI/e-PHI to a health oversight agency for activities authorized by law, such as audits, investigations, and inspections. Oversight agencies seeking this information include government agencies that oversee the health care system, government benefit programs, other government regulatory programs and civil rights laws.
Food and Drug Administration: We may disclose your PHI/e-PHI to a person or company required by the Food and Drug Administration to report adverse events, product defects or problems, biological product deviations; to track products; to enable product recalls; to make repairs or replacements; or to conduct post marketing surveillance, as required.
Legal Proceedings: We may disclose PHI/e-PHI in the course of any judicial or administrative proceeding in response to an order of a court or administrative tribunal (to the extent such disclosure is expressly authorized), and in response to a subpoena, discovery request or other lawful process as permitted by law.
Law Enforcement: We may disclose PHI/e-PHI, so long as applicable legal requirements are met, for law enforcement purposes. Such disclosures include (1) the reporting of certain physical injuries; (2) responding to legal processes; (3) providing limited information for identification and location purposes; (4) providing law enforcement officials with information pertaining to victims of a crime; (5) reporting deaths possibly resulting from criminal conduct; (6) reporting a crime that occurs on our premises; and (7) reporting criminal activity outside our premises that results in emergency medical services.
Coroners, Funeral Directors, and Organ Donation: We may disclose PHI/e-PHI to a coroner, or medical examiner for identification purposes, determining cause of death or for the coroner or medical examiner to perform other duties authorized by law. We may also disclose PHI/e-PHI to a funeral director, as authorized by law, in order to permit the funeral director to carry out his/her duties. We may disclose such information in reasonable anticipation of death. PHI/e-PHI may be used and disclosed or cadaveric organ, eye or tissue donation purposes.
Research: We may disclose your PHI/e-PHI to researchers when their research has been approved by an institutional review board that has reviewed the research proposal and established protocols to ensure the privacy of your PHI/e-PHI.
Serious Threat to Health and Safety: Consistent with applicable federal and state laws, we may disclose your PHI/e-PHI if we believe that the use or disclosure is necessary to prevent or lessen a serious and imminent threat to the health and safety of a person or the public. We may also disclose PHI/e-PHI if it is necessary for law enforcement authorities to identify or apprehend an individual.
Military Activity and National Security: When the appropriate conditions apply, we may use or disclose PHI/e-PHI of individuals who are Armed Forces personnel (1) for activities deemed necessary by appropriate military command authorities; (2) for the purpose of a determination by the Department of Veterans Affairs of your eligibility for benefits, or (3) to foreign military authority if you are a member of that foreign military services. We may also disclose your PHI/e-PHI to authorized federal officials for conducting national security and intelligence activities, including for the provision of protective services to the President or certain other individuals.
Inmates: We may use or disclose your PHI/e-PHI if you are an inmate of a correctional facility and we created or received your PHI/e-PHI in the course of providing care to you.
Worker’s Compensation: Your PHI/e-PHI may be disclosed by us as authorized to comply with worker’s compensation laws and other similar legally-established programs.
Required Uses and Disclosures: Under the law, we must make disclosures to you and when required by the Secretary of the Department of Health and Human Services to investigate or determine our compliance with the requirements of Title 45, Code of Federal Regulations, Parts 160 and 164.
- Your Rights
Following is a statement of your rights with respect to your PHI/e-PHI and a brief description of how you may exercise these rights.
You have the right to request a restriction of your PHI/e-PHI. This means you may ask us not to use or disclose any part of your PHI/e-PHI for the purposes of treatment, payment or health care operations. You may also request that any part of your PHI/e-PHI not be disclosed to family members or friends who may be involved in your care, for notification purposes as described in the Notice of Privacy Practices. Your request must state the specific restriction requested and to whom you want the restriction to apply.
We are not required to agree to a restriction that you may request, unless you are asking us to restrict the use and disclosure of your PHI to a health plan for payment or health care operation purposes and such information you wish to restrict pertains solely to a heath care item or service for which you or another party on your behalf have paid us “out of pocket” in full prior to submission for billing. If we believe it is in your best interest to permit use and disclosure of your PHI/e-PHI, your PHI/e-PHI will not be restricted. If we agree to the requested restriction, we may not use or disclose your PHI/e-PHI in violation of that restriction unless it is needed to provide emergency treatment. With this in mind, please discuss any restriction you wish to request with your health care provider. You may request a restriction by completing a “Restriction of use and Disclosures Request Form,” which you may obtain from our Privacy Official.
You have the right to request to receive confidential communications from us by alternative means or at an alternative location. We will accommodate reasonable requests. We may also condition this accommodation by asking you for information as to how payment will be handled or specification of an alternative address or other method of contact. We will not request an explanation from you as to the basis for the request. Please make this request in writing to our Privacy Official.
You have the right to inspect and copy your PHI/e-PHI. This means you may inspect and obtain a copy of PHI/e-PHI about you that is contained in a designated record set for as long as we maintain the PHI/e-PHI. A “designated record set” contains medical and billing records and any other records that we use for making decisions about you. If such information is maintained in an Electronic Health Record, your access rights include the right to access and copy in an electronic format.
Texas law requires that we must provide records/access within 15 business days of receipt of the request in most cases.
Under federal law, however, you may not inspect or copy the following records: psychotherapy notes; information compiled in reasonable anticipation of, or use in, a civil, criminal, or administrative action or proceeding; and PHI/e-PHI that is subject to any law that prohibits access to PHI/e-PHI.
You may have the right to have us amend your PHI/e-PHI. This means you may request an amendment of PHI/e-PHI about you in a designated record set for as long as we maintain this information. Requests for amendment must be in writing and must provide a reason to support each requested amendment. In certain cases, we may deny your request for an amendment and must notify you in writing within 60 days. If we deny your request for amendment, you have the right to file a statement of disagreement with us and we may prepare a rebuttal to your statement and will provide you with a copy of any such rebuttal. Please contact our Privacy Official if you have questions about amending your PHI/e-PHI.
You have the right to receive an accounting of certain disclosures we have made, if any, of your PHI/e-PHI. This right applies to disclosures for purposes other than treatment, payment or health care operations as described in the Notice of Privacy Practices. It excludes disclosures we may have made to you, to family members or friends involved in your care, for notification purposes, and for other purposes, as permitted by law. You have the right to receive specific information regarding these disclosures that occurred after April 14, 2003 and during the six years prior to your request. You may request a shorter timeframe. The right to receive this information is subject to certain exceptions, restrictions and limitations.
You have the right to obtain a paper copy of this notice from us, upon request, even if you have agreed to accept this notice electronically.
- PHI/e-PHI Breach Notification
Booker EMS must notify you of all unsecured PHI/e-PHI that has been, or is reasonably believed to have been breached. We will provide you with an individual notice, written, via first-class mail to the last known address, or email if you specify, no later than 60 days after discovery of the breach.
You may complain to us or to the Secretary of Health and Human Services if you believe your privacy rights have been violated by us. You may file a complaint with us by notifying the person named below of your complaint. We will not retaliate against you for filing a complaint.
For further information about the complaint process, or to file a complaint, contact:
Privacy Official and Custodian of Records
P.O. Box 429
Booker, TX 79005
Phone (806) 650-2366
FAX (806) 650-2367
Revised July 2023.