The Health Insurance Portability & Accountability Act of 1996 (HIPAA) requires that all health care records and other individually identifiable health information used or disclosed to us in any form whether electronically, on paper, or orally be kept confidential. This federal law gives you, the patient, significant rights to understand and control how your health information is used. HIPAA provides penalties for covered entities that misuse personal health information. As required by HIPAA, we have prepared this explanation of how we are required to maintain the privacy of your health information and how we may use and disclose your health information.

Without specific written authorization, we are permitted to use and disclose your health care records for the purpose of treatment, payment, and health care operations.
Treatment means providing, coordinating or managing health care and related services by one or more health care provider(s). For example, we may share information with other providers or specialists involved in the continuation of your care.

Payment means such activities as obtaining reimbursement for services, confirming coverage, billing or collection activities and utilization review. For example, we may disclose treatment information when billing an insurance plan for your medical services.

Health Care Operations include the business aspects of running our practice. For example, patient information may be used for training purposes or quality assessment.

Unless you request otherwise, we may use or disclose health information to a family member, friend, or other personal representative to the extent necessary to help with your health care or with payment for your health care. In addition, we may use your confidential information to communicate via mail and/or to leave phone messages at home or work. Any other uses and disclosures will be made only with your written authorization. You may revoke such authorization in writing, and we are required to honor and abide by that written request (for revocation), except to the extent that we have already taken actions relying on your authorization.

You have certain rights in regard to your protected health information, which you can exercise by presenting a written request to our Compliance Officer at the practice address listed below. Those rights are:
The right to request restrictions on certain uses and disclosures of protected health information, including those related to disclosures to family members, other relatives, close personal friends, or any other person identified by you. We are, however, not required to agree to a requested restriction. If we do agree to a restriction, we must abide by it unless you agree in writing to remove it.
The right to request to receive confidential communications of protected health information from us by alternative means or at alternative locations.
The right to access, inspect and copy your protected health information.
The right to request an amendment to your protected health information.
The right to receive an accounting of disclosures of protected health information outside of treatment, payment and health care operations.
The right to obtain a copy of this notice from us upon request.
We are required by law to maintain the privacy of your protected health information and to provide you with notice of our legal duties and privacy practices with respect to protected health information.

This notice is revised and effective as of April 5, 2005, and we are required to abide by the terms of the Notice of Privacy Practices currently in effect. We reserve the right to change the terms of our Notice of Privacy Practices and to make the new terms effective for all protected health information that we maintain. Revisions to our Notice of Privacy Practices will be posted on the effective date, and you may request a written copy of the revised notice from this office.

In the event that you feel your privacy rights have been violated, you have the right to file a formal written complaint with us at our address below or with the Department of Health and Human Services, Office of Civil Rights. We will not retaliate against you for filing a complaint.

For more information about our privacy practices, please contact:

Compliance Officer

Rockford Dermatology, S.C.
345 Executive Parkway, Ste L1
Rockford, IL 61107

For more information about HIPAA, or to file a complaint, contact:

The U.S. Department of Health and Human Services
Office of Civil Rights
200 Independence Avenue, S.W.
Washington, D.C. 20201
(877)696-6775 (Toll-free)