Notice of Privacy Practices



Each time you visit us, we keep a record of your care and treatment. We take the protection of your personal information seriously. We are required to provide you with this Notice of Privacy Practices to tell you about our legal duties and ways we may use and share your information, and to inform you about your rights regarding your health information. We give a small number of examples to describe what the categories mean, but not every use or disclosure can be listed on this Notice.

You have a right to a paper copy of this Notice of Privacy Practices.

This Notice is effective as of: January 1, 2018. We will ask you to sign a written acknowledgment of receipt of our Notice. We reserve the right to change the terms of this Notice and post the current Notice in our office. You may obtain an updated Notice from our practice at any time.

If you have any questions about this Notice of Privacy Practices, please contact our Privacy Officer:
Michelle LeFay Compliance and Privacy Officer 529 South Patten Road, Patten ME 04765 or (207) 538-3700, Ext 306

How We May Use and Disclose Protected Health Information:

For Treatment: We will use and disclose your protected health information to provide, coordinate, or manage your healthcare and related services in our office or with a third party. For example, we may share your protected health information with a pharmacy for filling prescriptions, a laboratory or imaging center if you need diagnostic services, with a specialist to whom we refer you, or with other Healthcare Providers who may be involved in your care and treatment. We may share information with persons involved in your care, such as family members. For Payment: We will use your protected health information to get paid for your healthcare services. We may share information with your insurance company to obtain payment for services or to seek pre-approval for healthcare services that we recommend for you such as a hospital stay or procedures.

For Our Healthcare or Business Operations: We may disclose your protected health information to support the business activities of this office, such as reviewing our care and our employees, for education and training, to support our electronic health record system, or for legal or accounting matters. We may contact you via telephone or other means to remind you of your appointment, to provide results from exams or tests and/or to provide information that describes or recommends treatment alternatives regarding your care. We may use or disclose PHI while engaging in teaching activities with Students from an Educational Institute with which we have an affiliated agreement. If we involve third parties, such as billing services, in our business activities, we will have them sign a “business associate agreement” obligating them to safeguard your protected health information according to the same legal standards we follow.

HealthInfoNet: We participate in a state-wide health information exchange called HealthInfoNet. This means that certain portions of your health information, maintained electronically, may be shared with other doctors and hospitals to care for you. For example, if you were injured in an accident and were treated by a hospital or provider that is part of HealthInfoNet, that new provider would have access to your electronic medical information, including your allergies, medications, and certain test results and diagnoses. Specially protected information including substance abuse treatment program records, mental health treatment facility records, HIV/AIDS information and genetic test results are not automatically included in HealthInfoNet. However, your mental health, substance abuse or HIV status may be learned by other HealthInfoNet providers based upon the listing of your medications, or through your services received by this office. If you do not wish to be included in HealthInfoNet, you may “opt-out” by filling out a form found online at http:, by calling 1-866-592-4352, or by completing a paper form we can provide. If you change your mind, you may choose to join again later, but your previous health information will not be included.

Accountable Care Organization: Katahdin Valley Health Center is a member of the Community Care Partnership of Maine (CCPM), an Accountable Care Organization. Under this organized health care arrangement, PHI may be shared with CCPM members for the purpose of payment and other health care operations including quality improvement. Any PHI shared with a CCPM member will be in accordance with the HIPAA Privacy and Security Rule, HITECH Act, Maine State and Federal Laws governing privacy and security of PHI.

When Allowed by Law: The law allows us to use or disclose your protected health information without your written authorization, in certain situations, including:
• When required by state or federal law;
• To report abuse or neglect;
• To persons authorized by law to act on your behalf, such as a guardian, health care power of attorney or surrogate;
• For disaster relief purposes, such as to notify family about your whereabouts and condition;
• For public health activities such as reporting on or preventing certain diseases;
• To comply with Food and Drug Administration requirements;
• For health oversight purposes such as reporting to Medicare, Medicaid or licensing audits, investigations or inspections;
• Where required by U.S. Department of Health and Human Services to determine our compliance;
• In connection with Workers’ Compensation claims for benefits; and
• To assist coroners or funeral directors in carrying out their duties.
• For organ donation
• To comply with a valid court order, subpoena or other appropriate administrative or legal request if you are involved in a lawsuit or to assist law enforcement where there was a possible crime on the premises. We may also share your information where necessary to prevent or lessen a serious or imminent threat to you or another.
• If you are an inmate, we may release your information for your health or safety in the correctional facility; We may share your information with appropriate military entities if you are a member or veteran of the armed forces; We may be required to disclose information for national security or intelligence purposes.

With your Authorization: Other uses and disclosures will be made only with your written authorization. For example, we will ask for your written permission before promoting a product or service to you for which we will be paid by a company, and generally before sharing your health information in a way that is considered a sale under the law. If you sign an authorization, you may revoke it at any time, except where we have already shared your information based upon your permission.

Your Rights: Following is a statement of your rights with respect to your protected health information.

You have the right to receive and we are required to provide you with, a copy of this Notice of Privacy Practices. We are required to follow the terms of this notice. We reserve the right to change the terms of our notice at any time. Upon your request we will provide you with a revised Notice of Privacy Practices. The Notice will also be posted in each practice waiting room and the KVHC website.

You have the right to access, inspect and copy your protected health information.
• This usually includes medical and/or billing records. You must submit a written request to us and you agree to pay the reasonable costs associated with complying with your request before we provide you with your record
• You may ask us to provide your electronic record in electronic format. If we are unable to provide your record in the format you request, we will provide the record in a form that works for you and our office. You may ask us to transmit your record to a specific person or entity by making a written, signed request.
• Under certain circumstances, your provider may not allow you to see or access certain parts of your record. You may ask that this decision be reviewed by another licensed professional. You have the right to request to receive confidential communications and request contact from us by alternative means or at an alternative location. This request must be made in writing. KVHC will follow all reasonable requests.

You have the right to request a restriction of your protected health information.

• This means you may ask us not to use or disclose all or part of your protected health information for certain purposes. We will consider your request carefully, and may honor reasonable requests where possible. The law does not require us to agree to every request. You must make this request in writing.
• However, you may request to restrict certain sensitive or other health information from your insurer after you or your personal representative have paid out of pocket in full for your service. We are not permitted to deny this specific type of restriction request. You will need to make a new restriction request at each office visit. If your insurance plan “bundles” your services together so that we cannot withhold only one item or service from your claim, we will discuss your options with you.
• You may also request that any part of your protected health information not be disclosed to family members or friends who may be involved in your care or for notification purposes as described in this Notice of Privacy Practices. Your request must state the specific restriction requested and to whom you want the restriction to apply.

You have the right to receive an accounting of certain disclosures we have made of your protected health information. Please speak with us if you have this request.

You may have the right to request amendment of your protected health information. While we cannot erase your record, we may add your written statement to your protected health information to correct or clarify the record where your provider approves. If the provider disapproves, you may submit a statement of disagreement and we may submit a rebuttal, which will remain with your record. Fundraising. We do not currently conduct fundraising campaigns. If we do so in the future, you have the right to opt-out of any fundraising solicitation or communication.

Breach notification. We are required to have safeguards in place that protect your health information. In the event that there is a breach of those protections, we will notify you, the U.S. Department of Health and Human Services and others, as the law requires.

You may file a complaint with us by notifying our Privacy Officer with your written complaint. We will not retaliate against you for filing a complaint with us or the Office of Civil Rights. You may complain to the Office of Civil Rights at the Department of Health and Human Services (OCR) if you believe your privacy rights have been violated by us. You should contact the OCR in writing at: