Privacy Policy

It is the policy of Foothills Facial Plastic Surgery that all physicians and staff preserve the integrity and the
confidentiality of protected health information (PHI) pertaining to our patients. The purpose of this policy is to ensure that our
practice and its physicians and staff have the necessary medical and PHI to provide the highest quality medical care possible while
protecting the confidentiality of the PHI of our patients to the highest degree possible. Patients should not be afraid to provide
information to our practice and its physicians and staff for purposes of treatment, payment and health care operations (TPO). To that
end, our practice and its physicians and staff willl:

  • Adhere to the standards set forth in the Notice of Privacy Practices
  • Collect, use and disclose PHI only in conformance with state and federal laws and current patient covenants and/or authorizations, as appropriate. Our practice and its physicians and staff will not use or disclose PHI for any uses outside of practice’s TPO, such as
    marketing, employment, life insurance applications, etc. without an authorization from the patient.
  • Use and disclose PHI to remind patients of their appointments unless they instruct us not to.
  • Recognize that PHI collected about patients must be accurate, timely, complete, and available when needed. Our practice and Its
    physicians and staff will:

    • Implement reasonable measures to protect the integrity of all PHI maintained about patients.
  • Recognize that patients have a right to privacy. Our practice and its physicians and staff respect the patients’ individual dignity at all times. Our practice and its physicians and staff will respect patient’s privacy to the extent consistent with providing the highest quality medical care possible and with the efficient administration of the facility.
  • Act as responsible information stewards and treat all PHI as sensitive and confidential. Consequently, our practice and its physicians and staff will:
    • Treat all PHI data as confidential in accordance with professional ethics, accreditation standards, and legal requirements.
    • Not disclose PHI data unless the patient (or his or her authorized representative) has properly authorized the release or the
      release is otherwise authorized by law.
  • Recognize that, although our practice “owns” the medical record, the patient has a right to Inspect and obtain a copy of his/her PHI. In addition, patients have a right to request an amendment to his/her medical record if she/he believes his/her information is inaccurate or incomplete. Our practice and its physicians and staff will :
    • Permit patients access to their medical records when their written requests are approved by our practice. If we deny their
      request, then we must inform the patients that they may request a review of our denial. In such cases, we will have an onsite
      healthcare professional review the patients’ appeals.
    • Provide patients an opportunity to request the correction of inaccurate or incomplete PHI in their medical records in accordance with the law and professional standards.
  • All physicians and staff at our practice will maintain a list of certain disclosures of PHI for purposes other than TPO for each patient and those made pursuant to an authorization as required by HIPAA rules. We will provide this list to patients upon request, so long as
    their requests are in writing.
  • All physicians and staff of our practice will adhere to any restrictions concerning the use or disclosure of PHI that patients have
    requested and have been approved by our practice.
  • All physicians and staff of our practice must adhere to this policy. Our practice will not tolerate violations of this policy. Violation of this policy is grounds for disciplinary actions, up to and including termination of employment and criminal or professional sanctions in accordance with our practice’s personal rules and regulations.
  • Our practice may change this privacy policy in the future . Any changes will be effective upon the release of a revised privacy policy and
    will be made available to patients upon request.

PLEASE SIGN _____________________________________________ DATE ___________________

*These Guidelines for Policy Adherence may not be explicitly stated in the Privacy Rule. Some are based on our interpretation of the
“minimum necessary” standard and our experience in practice management. If stated in the Pr ivacy Rule, it is so indicated by the
notation (Regulation) at the end of the Guidelines.