Notice of Privacy Practices & HIPAA Compliance Policy

Introduction:

At San Diego Eye and Face, we prioritize protecting the confidentiality, privacy, and security of our patients’ Protected Health Information (PHI) in accordance with the Health Insurance Portability and Accountability Act (HIPAA) regulations. This document serves both as our Notice of Privacy Practices and our HIPAA Compliance Policy.

HIPAA Compliance Responsibility:

  • Privacy Officer: Dr. Kellie Satterfield, MD is designated as the Privacy Officer, overseeing compliance with HIPAA rules, investigating potential breaches, and managing privacy practice documentation.
  • Training: We ensure all employees and associates undergo comprehensive HIPAA training to fully understand their obligations under HIPAA concerning patient PHI.
  • Notice of Privacy Practices: All patients receive a detailed Notice of Privacy Practices, explaining their rights regarding their PHI and our obligations.

PHI Protection Measures:

  • Limited Access: Employees should only access PHI necessary to perform their job. Access to PHI is restricted to authorized personnel.
  • Transmission Security: When electronically transmitting PHI, employees must use designated secure channels with password protection. Email, in particular, should be used with caution.
  • Data Encryption: Electronic devices storing PHI should be password protected and have data encryption.
  • Secure Disposal: When disposing of PHI, it should be shredded or destroyed to prevent unauthorized access.

Reporting and Responding to Incidents:

  • Breach Notification: Suspected breaches must be immediately reported to the Privacy Officer for investigation.
  • Mitigation Actions: In the event of a confirmed breach, steps will be taken to mitigate the impact, which may include notifying affected individuals as required.

Patient Rights:

  • Access and Correction: Patients can access their PHI and request corrections to any inaccuracies.
  • Disclosure Accounting and Restrictions: Patients can request an accounting of disclosures and place restrictions on the use or disclosure of their PHI.

Compliance and Penalties:

San Diego Eye and Face acknowledges the serious implications of HIPAA violations, which can lead to disciplinary actions against non-compliant employees, up to and including termination.

Policy Review and Updates:

This policy will be reviewed and updated annually or as needed to ensure ongoing compliance. The Privacy Officer is tasked with implementing updates and maintaining compliance standards.

Contact Information:

For questions, concerns, or to report a HIPAA-related incident, please contact our Privacy Officer:
Attn: HIPAA Privacy Officer, Dr. Kellie Satterfield
3911 Cleveland Ave #635175, San Diego, CA 92103

San Diego Eye and Face is dedicated to maintaining HIPAA compliance to protect the privacy and security of patient information. This policy should be adhered to by all employees and associates. Any questions or concerns should be directed to the Privacy Officer. Thank you for entrusting your healthcare needs to our practice.

San Diego Eye and Face
3399 First Ave, San Diego CA, 92103
Office: 858-284-0608
SDeyeface.com

Effective: 03/06/2024