Health Insurance Portability and Accountability Act (HIPAA), signed into federal law in 1996, sets national standards regarding security and privacy of a person’s health information and defines provisions for electronic data interchange.
As defined by 45 C.F.R. §164.501 of HHS’ HIPAA Rules, MKPA is considered a hybrid organization, i.e. both a business associate and a covered entity, with different rights and responsibilities depending on the defined status.
As such, MKPA has implemented processes and procedures related to management of protected health information (PHI) that comply with HIPAA requirements. These include:
- Appointing a HIPAA Privacy Officer as a single point of contact
- Creating and implementing an employee HIPAA training program
- Creating a HIPAA Policy and Procedure Reference Manual
- Refining communication processes to enhance the security of client information
- Maintaining an internal communication and hotline to ensure compliance
MKPA is committed to protecting the privacy, security and integrity of individually identifiable health information received from or on behalf of our clients. The Company adheres to the highest standards of integrity in the performance of its business and is prepared to maintain compliance with HIPAA and other regulatory requirements by adopting and adjusting policies and processes as necessary.
For more information about HIPAA, please visit http://www.cms.hhs.gov If you have further questions about MKPA’s HIPAA policies or compliance, please contact:
Amy Gilchrist, Provider Relations Privacy Officer : (316) 634-2000
Addendum to Notice of Privacy Practices
Effective September 01, 2015
MID-KANSAS PEDIATRIC ASSOCIATES, P.A.
THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU/YOUR CHILDREN MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION.
PLEASE READ IT CAREFULLY!
Mid-Kansas Pediatric Associates, P.A. participates in electronic health information technology or HIT. This technology allows a provider or health plan to make a single request through a health information organization or HIO to obtain electronic records for a specific patient from other HIT participants for purposes of treatment, payment, or health care operations. HIOs are required to use appropriate safeguards to prevent unauthorized uses and disclosures. Unless you direct otherwise, your electronic health records will be accessible through the HIO to properly authorized users for treatment, payment, and health care operations only.
If you want to restrict access to your records through the HIO, you must submit a request for restriction through KanHIT. Visit www.KanHit.org for more information.
You cannot restrict access to certain information only; your choice is to permit or restrict access to all of your information. Even if you restrict access, your information still will be available through the HIO by a properly authorized individual as necessary in the event of an emergency when consent cannot be obtained or to report specific information to a government agency as required by law (for example, reporting of certain communicable diseases or suspected incidents of abuse).
If you have questions regarding HIT or HIOs, please visit http://www.KanHit.org for additional information.
If you receive health care services in a state other than Kansas, different rules may apply regarding restrictions on access to your electronic health information. Please communicate directly with your out-of-state health care provider regarding those rules.