Brett Swenson, M.D.

Notice of Privacy Practices for Protected Health Information (“PHI”) (Condensed Version)

THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.

This office is required by a federal regulation, known as the HIPAA Privacy Rule, to maintain the privacy of your health information and to provide you with notice of its legal duties and privacy practices. This office will not use of disclose your health information except as described in this Notice. This office is permitted by federal privacy laws to make uses and disclosures of your health information for purposes of treatment, payment, and health care operations in accordance with the American Recovery and Reinvestment Act (ARRA), Health Insurance Portability and Accountability Act (HIPAA) and Health Information Technology for Economic and Clinical Health (HITECH) Act. Protected health information is the information we create and obtain in providing our services to you. The health information about you is documented in medical record and on a computer. Such information my include documenting your symptoms, medical history, examination and test results, diagnoses, treatment, and applying for future care of treatment. It also includes billing documents for those services.

HOW WE MAY USE AND DISCLOSE MEDICAL INFORMATION ABOUT YOU

• Notification/Communication of or with family/friends

• Employers/Worker’s Compensation

• Organ Procurement Organizations

• Food and Drug Administration (FDA)

• Abuse, Neglect and Domestic Violence

• Law Enforcement/ Inmates

• Health Oversight/Serious Threat

• Research

• Public Health/Disaster Relief

• Coroners, Medical Examiners, and Funeral Directors

• Appointment Reminders, Marketing & Treatment Alternatives

• Sign in Sheet/ Hospital Directory

• Mental health care

• Judicial/Administrative Proceedings

• For Specialized Governmental Functions

• Fund Raising

The health and billing records we maintain are the physical property of the doctor’s office. The information in it, however, belongs to you.

YOU HAVE THE FOLLOWING RIGHTS REGARDING MEDICAL INFORMATION WE MAINTAIN ABOUT YOU

The patient has the right to receive electronic copies of his or her PHI. This office will now provide patients with copies of PHI that is maintained by the office electronically, either in the electronic form or in a format requested by the patient (if such a format is readily producible). If the requested format is not readily available, the office will offer at lease one readable electronic format on a disk. If the patient and practice cannot agree on a format, a readable hard copy of the record will be provided. The practice can charge a “reasonable” fee for this record (paper or electronic) that covers the cost of producing it. Most states have laws that identify what you can charge the patient for this service. Practices, however, are not required to purchase software or hardware to accommodate the patients’ request. The patient also has the following rights:

• Right to Inspect and Copy

• Right to an Accounting of Disclosures

• Right to request Confidential Communications

• Right to Appeal Denials or File a Statement of Disagreement

• Right to Amend, Right to Choose Someone to Act for You

• Right to Request Restrictions [Section 13405 of Subtitle D of the

• Hitech Act (42USC 17935)]

• Right to Revoke Authorizations

• Right to a Paper Copy of this Notice

OUR RESPONSIBILITIES

The office is required to:

• Abide by the terms of this Notice;

• Maintain the privacy of your health information as required by law;

• Notify you if there is a breach in unsecured PHI

• Provide you with a notice as to our duties and privacy practices as to

• the information we collect and maintain about you;

• Notify you if we cannot accommodate a requested restriction or request; and

• Accommodate your reasonable requests regarding methods to communicate health information to you.

The Privacy Rule allows covered health care providers to communicate electronically, such as through e-mail, with their patients, provided they apply reasonable safeguards when doing so. See 45 C.F.R. § 164.530(c) Our office will take all necessary steps in ensuring the safeguarding of this information but there may be some level of risk that the information in the email could be read by a third party. If you prefer unencrypted email, you have the right to receive protected health information in this manner. Please understand that we are not responsible for unauthorized access of protected health information while in transmission to you based on your request. Further, we are not responsible for safeguarding information once delivered to the individual. We reserve the right to amend, change, or eliminate provisions in our privacy practices and access practices and to enact new provisions regarding the protected health information we maintain. If our information practices change, we will amend our Notice. You are entitled to receive a revised copy of the Notice by calling and requesting a copy of our “Notice” or by visiting our office and picking up a copy.

TO REQUEST INFORMATION OR FILE A COMPLAINT

If you have questions, would like additional information, want to report a problem regarding the handling of your information or if you believe your privacy rights have been violated and wish to file a written complaint with our office, please contact this office and ask to speak with the Privacy Officer. You may also file a complaint by mailing it or e-mailing it to the Secretary of Health and Human Services. We cannot, and will not, require you to waive your rights under the Privacy Rule including the right to file a complaint with the Secretary of Health and Human Services (HHS) as a condition of receiving treatment from the office. We cannot, and will not, retaliate against you for filing a complaint with the Secretary of Health and Human Services.

Original Effective Date: April 14, 2003 Effective Date of Last Revision: April 7, 2016