This notice describes how medical information about you may be used and disclosed and how you can get access to this information. Please review it carefully.
Effective Date: April 14, 2003
Revised: June 1, 2022
AFFILIATED COVERED ENTITY
Luminis Health, Inc. and its affiliated entities and subsidiaries are under common ownership and control and are organized as a single Affiliated Covered Entity (ACE) for the purposes of the HIPAA Privacy Rule. We will share Protected Health Information (PHI) with each other as necessary to carry out treatment, payment, or health care operations as otherwise permitted by applicable law, or as stated in this Notice. We will do so through access to a shared electronic medical record.
WHO WILL FOLLOW THIS NOTICE
This notice applies to Luminis Health, Inc. and all of its subsidiaries, all healthcare professionals authorized to enter information into your chart, all volunteers authorized to help you while you are here, all of our employees and on-site contractors, all departments and units within the hospital, all healthcare students, all healthcare delivery facilities and providers within the Luminis Health system, and your personal doctor and others while they are providing care at this site. Your doctor may have different policies or notices regarding your medical information created in their private office or clinic.
OUR PLEDGE REGARDING MEDICAL INFORMATION
Luminis Health is committed to protecting your medical information. We understand that medical information about you and your health is personal. We create a record of the care and services you receive at Luminis Health. This Notice tells you about the ways in which we may use and disclose your medical information and applies to all of the records of your care generated by Luminis Health. It also describes your rights and certain obligations we have regarding the use and disclosure of medical information.
We are required by law to:
- Make sure your medical information is protected.
- Give you this notice of our legal duties and privacy practices with respect to your medical information.
- Follow the terms of the notice that is currently in effect.
HOW WE MAY USE AND DISCLOSE MEDICAL INFORMATION ABOUT YOU
The following categories describes different ways that we may use and disclose your medical information. Not every use or disclosure in a category will be listed. However, all of the ways we are permitted to use and disclose information will fall within one of these categories.
Treatment. We may use medical information about you to provide you with medical treatment or services. For example, a doctor treating you for a broken hip may need to know if you have diabetes because diabetes may slow the healing process. We may also share medical information about you with other Luminis Health personnel or non-Luminis Health people Luminis Health who may be involved in your ongoing care, such as family members, clergy, or others who provide services that are part of your care, such as therapists or physicians. As part of our Collaborative Care Network, your medical information may be used to facilitate ongoing care management activities.
Payment. We may use and disclose medical information about you to bill and collect payment from you, your insurance company or a third-party payor for the services you received. For example, we may need to give your health plan information about treatment you received at Luminis Health Luminis Health so your health plan will pay us or reimburse you for the treatment. We may also tell your health plan about a treatment you are going to receive to obtain prior approval or to determine whether your plan will cover the treatment.
Healthcare Operations. We may use and disclose medical information about you for day-to-day operations. These uses and disclosures are made to enhance quality of care and for certain medical staff activities. For example, we may use medical information to evaluate our services and the performance of our staff in caring for you. Medical information about many Luminis Health patients may be combined to decide what additional services Luminis Health should offer, what services are not needed, and whether certain new treatments are effective. Information may also be disclosed to doctors, nurses, technicians, medical students, and other Luminis Health personnel for review and learning purposes. We may disclose information about you for another hospital’s health care operations if you also have received care at that hospital. We may also include your health information in registry databases to evaluate treatment and outcomes at a state and national level. We may contact you to determine how satisfied you are with our services. We may contract with vendors and outside agencies to provide care and/or to assist in collecting information to assess and improve our services. We may also disclose information to accrediting agencies which review hospital operations to ensure quality of care.
Health Information Exchange. We may share information that we obtain or create about you with other health care providers or other health care entities, such as your health plan or health insurer, as permitted by law, through Health Information Exchanges (HIEs) in which we participate. For example, information about your past medical care and current medical conditions and medications can be available to us or to your non-Luminis Health primary care physician or hospital, if they participate in the HIE as well. Exchange of health information can provide faster access, better coordination of care and assist providers and public health officials in making more informed decisions.
The Chesapeake Regional Information System for our Patients, Inc. (CRISP) is a regional internet based HIE in which we participate. We may share information about you through CRISP for treatment, payment, health care operations, or research purposes. You may “opt-out” and prevent searching of your information available through CRISP by calling 1-877-952-7477 or completing and submitting an Opt-Out form to CRISP by mail, fax or through their website at www.crisphealth.org.
Luminis Health may also participate in other HIEs, including HIEs that allow your provider to share your information directly through our electronic medical record system. For example, if you were seen by a different provider, they may electronically view your information to see the care you were provided at Luminis Health. You may choose to opt-out of these other HIEs by contacting the Luminis Health privacy office.
Photographs, Video and Audio Recordings. We may obtain photographs, video and audio recording of your healthcare treatment at Luminis Health for the purpose of healthcare treatment, teaching and operations. Such photographs, video or audio recordings will not be used for marketing purposes unless you specifically authorize such use. If you do not want photographs, video or audio records made of your healthcare treatment, you may specifically request that such photographs, video or audio records not be made by notifying your physician.
Appointment reminders and service information. We may use and disclose your medical information to contact you to provide appointment reminders or to let you know about treatment alternatives or other health related services or benefits that may be of interest to you.
Fundraising Activities. We may contact you in an effort to raise money for Luminis Health and its non-profit patient care programs. For this purpose, we may use your contact information, such as your name, address, phone number, the dates of service and the department from which you received treatment or services at Luminis Health, your treating physician’s name, your treatment outcome and your health insurance status. You may restrict use of your information for this purpose by contacting 888-890-6919 or by email at [email protected]. Your choice to opt out of fundraising communications in no way will affect your right to receive treatment by Luminis Health.
Luminis Health Facility Directory. We may include certain limited information about you in the Luminis Health facility directory while you are an in-patient at Luminis Health. This information may include your name, location in the hospital, your general condition (e.g., fair, stable, etc.), and your religious affiliation. The directory information, except for your religious affiliation, may also be released to anyone who asks for you by name. Your religious affiliation may be given to a member of the clergy, such as a priest or rabbi, even if they don’t ask for you by name. This is so your family, friends, and clergy can visit you and generally know how you are doing. If you do not want anyone to know directory information about you, if you want to limit the amount of directory information that is disclosed, or if you want to limit who gets directory information, this type of information may be restricted from being released. Please alert the registration staff or your caregiver to request to opt out of the facility directory.
Individuals Involved in Your Care or Payment for Your Care. We may release medical information about you to a friend or family member who is involved in your medical care. This includes persons named in any durable health care power of attorney or similar document provided to us. We may also give information to someone who helps pay for your care. In addition, we may disclose medical information about you to an entity assisting in a disaster relief effort so that your family can be notified about your condition, status and location. If you are not present or cannot agree or object, we will use our professional judgment to decide whether it is in your best interest to release relevant information to someone who is involved in your care or to an entity assisting in a disaster relief effort. You may request us to restrict sharing of your health status with someone who is involved in your care or for disaster relief efforts.
Marketing. We may use your medical information to forward promotional gifts of nominal value, to communicate with you about a service, products and educational programs offered by Luminis Health. We do not share your medical information to any third party for their marketing activities unless you sign an authorization allowing us to do this.
Research. We may use and disclose medical information about you for research purposes. All research projects must be approved by a research review board which evaluates the research proposal and establishes standards to protect the privacy of your health information. We may use or disclose your medical information to a researcher preparing to conduct a research project.
Organ and Tissue Donation. If you are an organ donor, we may release medical information to organizations that handle organ procurement or organ, eye, or tissue transplantation, or to an organ donation bank as necessary to facilitate organ or tissue donation and transplantation.
Workers’ Compensation. We may release medical information about you for Workers’ Compensation or similar programs. These programs provide benefits for work-related injuries or illness.
Public Health activities. We may disclose medical information about you for public health activities. These activities generally include the following:
- To prevent or control disease, injury, or disability.
- To report deaths.
- To report reactions to medications or problems with products; to notify people of recalls of products they may be using.
- To notify a person who may have been exposed to a disease or may be at risk for contracting or spreading a disease or condition.
- To notify the appropriate government authority if we believe a patient has been the victim of abuse, neglect, or domestic violence. We will only make this disclosure if you agree or when required or authorized by law.
As Required by Law, Legal Proceedings, Health Oversight Activities and Law Enforcement. We may disclose your health information when we are required to do so by federal, state and other law. For example, we may be required to report victims of abuse, neglect or domestic violence, as well as patients with gunshot and other wounds. We will disclose your health information when ordered in a legal or administrative proceeding, such as a subpoena, discovery request, warrant, summons, or other lawful process. We may disclose health information to a law enforcement official to identify or locate suspects, fugitives, witnesses, victims of crime, or missing persons. We may disclose health information to a law enforcement official about a death we believe may be the result of criminal conduct or about criminal conduct that may have occurred at our facility. We may disclose health information to a health oversight agency for activities authorized by law, such as audits, investigations, inspections, and licensure. We may disclose your health information to the Secretary of Health and Human services for the purpose of determining compliance with and enforcement of these rules.
To Avert a Serious Threat to Health or Safety. We may use and disclose medical information about you when necessary to prevent a serious threat to your health and safety or the health and safety of the public or another person. However, any disclosure would only be to someone able to help prevent the threat.
Coroners, Medical Examiners, and Funeral Directors. We may release medical information to a coroner or medical examiner. This may be necessary, for example, to identify a deceased person or determine the cause of death. We may also release medical information about deceased patients of Luminis Health to funeral directors as necessary to carry out their duties upon the request of the patient’s family.
Specialized Government Functions. If you are a member of the armed forces, we may release medical information about you as required by military command authorities. We may also release medical information about foreign military personnel to the appropriate foreign military authority. We may disclose health information to make medical suitability determinations for Foreign Service. We may disclose health information to authorized federal officials for national security purposes, such as protecting the President of the United States or the conduct of authorized intelligence operations.
Correctional facilities. If you are an inmate of a correctional institution or under the custody of a law enforcement official, we may release your medical information to the correctional institution or law enforcement official. We may release your health information for your health and safety, for the health and safety of others, or for the safety and security of the correctional institution.
Authorization. Other uses and disclosures of health information not covered by this Notice or the laws that apply will be made only with your written permission. If you provide our facilities with an authorization to use and disclose health information about you, you may revoke that permission at any time by sending a request in writing to the facility’s Health Information Management Department or Privacy Office. These include the sale of your health information, use of your health information for marketing purposes and certain disclosures of psychotherapy notes. You may revoke your authorization in writing at any time, and we will discontinue future uses and disclosures of your health information for the reasons covered by your authorization. We are unable to take back any disclosures that were already made with your authorization, and we are required to retain the records of the care that we provided to you.
YOUR RIGHTS REGARDING YOUR MEDICAL INFORMATION
Although your medical record is the physical property of our facilities, you have the following rights regarding medical information we maintain about you:
Right to a Copy of this Notice. You have the right to receive a copy of this notice of privacy practices. We will post a copy of our current Notice in our facilities and on our website. A copy of our current Notice will be available at our registration areas or upon request. To request a copy of our current Notice of Privacy Practices, please contact the privacy office listed below.
Right to See and Copy your Health Record. You have the right to see and receive a copy of your medical information. Usually, this includes medical and billing records, but does not include psychotherapy notes.
To see and copy your medical information, you must submit your request in writing to the Health Information Management (Medical Record) Department of the facility where you were seen. If you request a copy of the information, we may charge a fee for the costs of copying, mailing, or other supplies associated with your request. You may request an electronic copy of this information, and we will provide access in the electronic form and format requested if it is readily reproducible in the requested format. If not, we will discuss the issue with you and provide a copy in a readable electronic form and format upon which we mutually agree, depending on the information and our capabilities at the time of the request. You may also request that we send your health information directly to a person you designate if your request is in writing and clearly identifies both the person designated and an address to send the requested information. If you agree, we may provide you with a summary of the information instead of providing you with access to it, or with an explanation of the information instead of a copy. Before providing you with such a summary or explanation, we first will obtain your agreement to pay the fees, if any, for preparing the summary or explanation.
We may deny your request to see and copy your medical information in certain very limited circumstances, such as when your physician determines that for medical reasons this is not advisable. If you are denied access to medical information, we will tell you the reasons for the denial and explain your right to have the denial reviewed.
Right to Amend your Medical Record. If you feel that your medical or billing information is incorrect or incomplete, you have the right to request that we add an amendment to your record. Your request must be in writing, and it must contain the reason for your request. To request a correction to your medical record, you must complete a “Request for Amendment of the Medical Record” form available in the Health Information Management (Medical Records) department of the facility where you received treatment, or the Privacy Office listed below. We will make every effort to fulfill your request usually within 60 days. We may deny your request to amend your record if the information being amended was not created by us, if we believe that the information is already accurate and complete, or if the information is not contained in records that you would be permitted by law to see and copy. If we deny your request, you will be notified in writing usually within 60 days. Even if we accept your amendment, we will not delete any information already in your records.
If your request is denied, you have the right to submit a Statement of Disagreement which will be included in your medical record.
Right to an Accounting of Disclosures. You have the right to request an “accounting of disclosures.” This is a list of some of the disclosures we made of your medical information. This list is not required to include disclosures made for treatment, payment, and health care operations, and certain other disclosure exceptions.
You must submit your request in writing to the Luminis Health’s Privacy Office. Your request must state a time period that may not be longer than six years prior to the date of the request. Your request should indicate in what form you want the list, for example: on paper or electronically. The first list you request within a 12-month period will be free. For additional lists, we may charge a fee as permitted by law.
Right to Request Restrictions. You have the right to request a restriction or limitation on the medical information we use or disclose about you for treatment, payment, or healthcare operations. You also have the right to request a limitation on the medical information we disclose about you to someone who is involved in your care or the payment for your care, like a family member or friend. We are not required to agree to your request and will notify you if we are unable to agree. Your request must be made in writing to the Luminis Health’s Privacy Office.
You may request that we not submit your medical information to a health plan or your insurance company, if you, or someone on your behalf, pays for the treatment or service out-of-pocket in full. To request this restriction, you must make your request in writing prior to the treatment or service. In your request you must tell us the information you want to restrict and to what health plan the restriction applies. If we do agree with your request, we will comply with your request unless the information is needed to provide emergency treatment.
Right to Confidential Communications. You have the right to request to receive communications from us on a confidential basis by using alternative means for receipt of information or by receiving the information at alternative locations. For example, you can ask that we only contact you at work or by mail, or at another mailing address, besides your home address. We must accommodate your request if it is reasonable. You are not required to provide us with an explanation as to the reason for your request. If you would like to receive copies of medical information after your treatment, you will specify the method and location that information should be sent to you.
If you believe your privacy rights have been violated, you may file a complaint with the Luminis Health Privacy Office using the contact information below. You may also file a complaint with the Secretary of the Department of Health and Human Services. We will not retaliate against you for filing a complaint.
If you have questions about this Notice, please contact the Luminis Health Privacy Office.
Luminis Health, Inc.
Belcher Pavilion Suite 203
2001 Medical Parkway
Annapolis, MD 21401
Phone: (833) 543-8442 (toll free)
Fax: (410) 481-3729
CHANGES TO THIS NOTICE
We reserve the right to change the terms of this notice, and the changes will apply to all information we have about you as well as any information we receive in the future. We will post a copy of the current notice throughout Luminis Health and on our website. In addition, each time you register at, or are admitted to, the hospital for treatment or healthcare services as an inpatient or outpatient, we will offer you a copy of our current Notice in effect.