Privacy Policies and Procedures
These Privacy Policies and Procedures describe our obligations to protect the privacy of individually identifiable health information that we create, receive or maintain on our patients. The policies and procedures address how we protect their privacy interests and comply with our legal obligations under the Health Insurance Portability and Accountability Act of 1986 (HIPAA). This written plan addresses our legal responsibilities under HIPAA regulations 45 CFR parts 160 and 164 (54 Federal Regulation 82462 (12/28/2000)) (also referred to as the “Privacy Rules”), as amended (67 Federal Regulations 53182 (8/14/2002)) and state privacy laws that may be more stringent than the federal law.
Dr. Aldoroty requires all of his employees, other members of his workforce and Business Associates to follow his Privacy Policies and Procedures. Failure to faithfully follow the rules of our Privacy Plan can result in disciplinary action up to, and including, termination of employment or affiliation with my practice. All employees and members of my workforce have been trained on this Privacy Plan and are required to sign a Confidentiality Statement.
These written Policies and Procedures address the way HIPAA Privacy Rules apply to this practice and do not cover the entire Rule. In addition to the following Policies and Procedures, Dr. Aldoroty's practice uses forms, agreements, contracts, logs, and other documentation to support and comply with our legal obligations. My practice has elected to use the word “patient” interchangeably with the word “individual,” which HIPAA uses in their Privacy Rule. When “patient” is used, it has the same meaning as “individual,” which HIPAA uses in their Privacy Rule. When “patient” is used, it has the same meaning as “individual” and refers to former patients, prospective patients, patients of record and their organized representatives.
Name of Privacy Officer: Robert A. Aldoroty, MD, PhD, PLLC
Effective Date: 1/1/07