HIPAA

At Mountain of Light, we are committed to protecting the privacy and security of our patients’ health information in compliance with the Health Insurance Portability and Accountability Act (HIPAA). Our practice upholds the highest standards to ensure that all Protected Health Information (PHI) remains confidential, secure, and used only for appropriate medical and administrative purposes.

How We Ensure HIPAA Compliance

  1. Confidentiality of Patient Information
    • All PHI is handled with strict confidentiality and is only shared with authorized individuals involved in the patient’s care, insurance processing, or as required by law.
    • We obtain written patient consent before sharing information, except in cases where disclosure is legally mandated.
  2. Secure Record-Keeping & Technology Safeguards
    • Electronic health records (EHR) are protected with encryption, firewalls, and access controls to prevent unauthorized access.
    • Physical records, if maintained, are securely stored in locked areas with restricted access.
    • Our systems are regularly updated and monitored for security vulnerabilities.
  3. Staff Training & Compliance
    • All staff members undergo HIPAA training upon hiring and receive regular updates to stay informed of compliance regulations.
    • Employees are required to follow strict protocols for handling PHI and are held accountable for any breaches of confidentiality.
  4. Patient Rights & Access to Records
    • Patients have the right to access and request copies of their medical records.
    • Patients may request corrections to their health information if they believe it to be inaccurate.
    • We provide patients with a Notice of Privacy Practices, detailing how their information may be used and shared.
  5. HIPAA-Compliant Communication
    • We use secure messaging and encrypted email services when communicating sensitive information.
    • Phone conversations regarding PHI are conducted in private settings to maintain confidentiality.
    • Patients can request alternative methods of communication to enhance their privacy.
  6. Responding to Privacy Concerns & Breaches
    • We have a HIPAA Compliance Officer responsible for overseeing privacy policies and handling any concerns.
    • In the event of a data breach, we have procedures in place to promptly notify affected individuals and take corrective action.
    • Patients can file complaints regarding privacy concerns without fear of retaliation.

At Mountain of Light, we take HIPAA compliance seriously and continuously review our policies and procedures to ensure we meet or exceed all legal requirements. If you have any questions or concerns about our HIPAA practices, please contact us.