Joseph Bryer, M.D.
Joseph Bryer, M.D.


HIPAA stands for the “Health Insurance Portability and Accountability Act”, a federal law signed in 1996 and implemented April 14, 2003. In essence, the purpose of HIPAA is to set federal standards on the protection of personal health information. There are number of aspects to HIPAA, but two critical ones that were implemented in 2003: the Privacy Rule (having to do with protection of personal information and to whom such information may be released without specific patient authorization) and the Electronic Transaction Rule (having to do with the protection of personal health information during electronic transmission of personal health data, such as via internet and even fax transmissions).


As a health care provider, it is my obligation to do several things in order to meet the requirements of HIPAA. First, I need to enter into certain agreements with business associates that compel the business associate to protect patients’ personal health information from unauthorized disclosure. Second, I need to assess my existing privacy and security standards, compare them to those minimum standards mandated by HIPAA, and then bring any deficiencies in my standard practices into compliance. Third, I need to create and supply to patients a description of the privacy standards I employ in my practice. Fourth, I must ask you to sign a statement that you have been informed of my Privacy Practices in writing, which I will ask you to do at our first meeting.


The Health Insurance Portability & Accountability Act of 1996 ("HIPAA”) is a federal program that requires that all medical records and other individually identifiable health information used or disclosed by me in any form, whether electronically, on paper, or orally, are kept properly confidential. This Act gives you, the patient, significant rights to understand and control how your health information is used. HIPAA provides penalties to covered entities that misuse personal health information.
As required by "HIPAA”, we have prepared this explanation of how we are required to maintain the privacy of your Personal Health Information (PHI) and how we may use and disclose your health information.
We may use and disclose your medical records for each of the following purposes: treatment, payment and health care operations.
· Treatment means providing, coordinating, or managing health care and related services by one or more health care providers. An example of this would include sharing results of a physical examination with another of your medical providers.
Unless you exercise your right to prohibit it, minimally necessary personal health information may be provided to your pharmacy, insurance company or pharmacy benefit manager for any necessary prior authorizations for medications or other treatments.
· Payment means such activities as obtaining reimbursement for services, confirming coverage, billing or collection activities, and utilization review. An example of this would be sending a bill for your visit to your insurance company for payment.
Personal health information necessary for billing and insurance operations may be provided to insurance companies with which I am a participating provider (Aetna Dupont and Medicare are the only networks for which I am an in-network provider).
· Health care operations include the business aspects of running my practice, such as conducting quality assessment and improvement activities, auditing functions, cost management analysis and customer service. An example would be an internal quality assessment review.
We may also create and distribute de-identified health information by removing all references to individually identifiable information.
We may contact you to provide appointment reminders or information about treatment alternatives or other health-related benefits and services that may be of interest to you.
In emergency situations in which I judge that there is imminent risk of harm to self or others which cannot be resolved via intervening solely with the patient directly, I may communicate this risk (along with supporting, minimally necessary medical information) to law enforcement officials, inpatient treatment facilities, putative victims as far as is known, and/or next of kin, as necessary to ensure safety.
Finally, from time to time as necessary, I may provide minimally necessary PHI to my professional liability insurer. .
Except as described above, any other uses and disclosures will be made only with your written authorization. You may revoke such authorization in writing at any time and we are required to honor and abide by that written request, except to the extent that we have already taken actions relying on your authorization.
You have the following rights with respect to your protected health Information, which you can exercise by presenting a written request to Joseph Bryer, M.D. or other appointed Practice Privacy Officer:
· The right to request restrictions on certain uses and disclosures of protected health information, including disclosures to any person identified by you. If I agree to a restriction, I must abide by it unless you agree in writing to remove it.
· The right to reasonable requests to receive confidential communications of protected health information from us by alternative means or at alternative locations.
· The right to inspect and copy your protected health Information.
· The right to receive an electronic copy of your medical records.
· The right to submit a written amendment of, or request to amend, your protected health information.
· The right to receive an accounting of disclosures of protected health information.
· The right to restrict the communication of any personal health information by me to your insurance carrier.
· The right to obtain a paper copy of this notice from us upon request.
I am required by law to provide a detailed accounting of any breach, or unauthorized and improper disclosure, of your personal health information.
I am required by law to maintain the privacy of your protected health information and to provide you with notice of my legal duties and privacy practices with respect to protected health information.
This notice is effective as of September 23, 2013, and I am required to abide by the terms of the Notice of Privacy Practices currently in effect. I reserve the right to change the terms of the Notice Privacy Practices and to make the new notice provisions effective for all protected health information that I maintain. I will post and you may request a written copy of a revised Notice of Privacy Practices from this Office.
You have recourse if you believe that your privacy protections have been violated. You have the right to file written complaint with my office, or with the Department of Health & Human Services, Office of Civil Rights, about violations of the provisions of this notice or the policies and procedures of my office. I will not retaliate against you for filing a complaint.
For more information about HIPAA or to file a complaint:
The U S Department of Health & Human Services, Office of Civil Rights
200 Independence Avenue, S.W.
Washington, D.C. 20201
Toll Free: 1-877-696-6775
If you have any questions or concerns about what you’ve read, or about any privacy or related issue you have in the future, please notify and discuss with me at any time.
Print Print | Sitemap
Copyright, Joseph Bryer, M.D. 2006-2017