Note: To get a free example wording, in PDF or editable Word Document format, complete the registration form below.
As of September 23, 2013, you must include the following in your “Notice of Privacy Practices.”
1. How you will use and disclose your patients’ protected health information to outside parties, if at all.
2. The patients’ rights regarding their health information and how they can exercise these rights.
3. A statement that you will notify them if your privacy or security measures are ever breached.
4. How patients can submit complaints about violations of their privacy rights.
The notice must be written in plain language. You must make it available to patients before or on the day of their first visit. You must also post the notice in a prominent location in your office and on your website. If you make any changes to your notice, you need to notify each patient of the changes, in writing.
Per the law, you need to get a written acknowledgment from each patient that he or she received the notice. If you cannot get a written acknowledgment, record the fact that you tried, and why you could not get it.
For more information, go to www.hhs.gov/ocr/privacy/hipaa/understanding/summary/index.html.