HIPAA stands for Health Insurance Portability & Accountability Act of 1996. Congress passed this landmark law to provide consumers with greater access to health care insurance, to protect the privacy of health care data, and to promote more standardization and efficiency in the health care industry. Among other things, the law requires that health care providers take steps to protect the privacy and confidentiality of patient information.

HIPAA rules are intended to provide nationwide privacy standards for all health care providers, payers, and claims clearinghouses. The HIPAA Privacy Regulation is an attempt to fill gaps where medical privacy laws have been non-existent or where the state laws have been weak. The Privacy Regulation allows that if a state law is stricter than HIPAA, then it takes precedence. Essentially, HIPAA sets a nationwide minimum legal standard for patient privacy. The HIPAA Privacy Regulations have three main goals:

1. Protecting and enhancing the rights of health care consumers by giving them access to their health information and preventing improper use of that information.
2. Improving the quality of health care in the United States by restoring trust in the health care organization.
3. Improving the efficiency and effectiveness of health care delivery by creating a national framework for health care privacy.

• Central Minnesota Mental Health Center supports every client’s right to privacy and it is the responsibility of everyone to protect it.
• Central Minnesota Mental Health Center’s clients have access to and control over their protected health information. Responsible use of clients’ protected health information by all employees at CMMHC will help improve health care by increasing trust in the system.

In Minnesota, the Patient Bill of Rights law serves as the foundation for CMMHC’s client privacy, confidentiality, and the client rights and responsibilities policies and procedures. HIPAA supplements those rights.

CMMHC’s procedure states that “Clients, at the time of intake, shall be provided a Client Rights and Data Privacy Statement”. This includes the Tennessen Warning. It is documented that each statement was distributed to the client.

CMMHC is permitted to make uses and disclosures of protected health information in the following examples:

         Treatment

• To evaluate your need for care.
• To plan the types of care that will most help you.

         Payment

• To enable this Center to collect payment from a private or government agency for the care we give you.
• To see if you are eligible for public assistance, should you request it.

         Healthcare Operations

• To fulfill state, federal, and local requirements for reports, statistics and internal reviews.
• To provide you with appointment reminders.

Complete HIPAA regulations are available upon request at the initial service date. If you believe that your privacy rights have been violated, you can file a complaint with our designated Privacy Officer. You may also submit a written complaint to the U.S. Department of Health and Human Services. We will provide you with the information to file a complaint with either entity upon request.

We support your right to the privacy of your health information. We will not retaliate in any way if you choose to file a complaint