Privacy and Security

Protected health information (PHI) may be communicated in many forms.  Traditionally, PHI was communicated verbally, in print and over the phone.  Medical records are also held in the form of electronic data (ePHI) which may be transmitted via fax or through networks.  The privacy and security of all forms of your PHI are actively maintained in our office to insure that we communicate only the information you choose to those individuals you have specifically selected.  This is done to protect you from a breach of privacy or security that might expose you to threats from people that may cause you harm.  It is important for you to understand how your information and electronic data is protected by every facility that serves you and how individuals you know may be trusted with your private matters.

Your Privacy:
Keeping your PHI private involves a series of measures.  Examples are as follows:

  • When we call, we may ask to speak to only you or an individual you have listed in writing that we are permitted to speak with.
  • Your printed records are housed separately from common areas within our practice where your name is not readily visible to the public.
  • We will only communicate with agencies that have a legal right to know the details of your history while under our care. This may include insurance companies and other doctors involved in your care.

Your Security:
Keeping your PHI secure involves a different set of measures, such as:

  • Protecting our computer systems from unauthorized access with physical barriers and high-level electronic file encryption.
  • Keeping our patient database offline so it is separated from the internet.
  • Transmitting patient data electronically through clearly defined portals.

In addition to these types of measures, our office does not ask for information such as credit card or social security numbers unless it is absolutely necessary in the delivery of your care and we don’t save such information after its immediate use.

Security measures often create inconveniences.  Our hope is to minimize interferences that seem costly and unnecessary while providing you with the safest and most effective care.  You may view our HIPAA Notice of Privacy Practices by clicking here and fill out a HIPAA Authorization by clicking here.  We urge you to keep your privacy preferences updated whenever you visit our office.  If at any time you have a concern regarding how we manage your PHI, we welcome you to contact our HIPAA Compliance Officer Dr. Robert Garfield.