NOTE: Effective Nov 2004; updated June 2011
This notice describes how medical information about you may be used and disclosed and how you can get access to this information. Please review it carefully.
Protecting Your Privacy
Intermountain Healthcare (Intermountain) understands the importance and sensitivity of your health information. We protect the privacy of your health information because that is the right thing to do. We also follow federal and state laws that govern the use of your health information. We use your health information (and allow others to have it) only as permitted by federal and state laws. These laws give you certain rights regarding your health information.
Your Health Information Rights
- Review and get a paper copy of your medical or billing records as allowed by law, usually within 30 days of your request (you can also ask us to provide a copy on electronic media, and we will do that if we can readily produce it);
- Request and be provided a paper copy of our current Notice of Privacy Practices;
- Ask us to contact you at a specific address or phone number;
- Request that we not share with your health plan information about certain health services or items if you pay in full for those healthcare items or services (to ensure that we don’t automatically bill your health plan for these services or items, you will need to notify Intermountain’s staff before receiving these services or items if you want this restriction);
- Request and receive an accounting, as specified by law, of certain circumstances when your information is shared without your consent..
- Receive notice if Intermountain or an Intermountain business associate has improperly shared or used your health information;
- Report a privacy concern and be assured that Intermountain will investigate your concern thoroughly, supporting you appropriately, and not retaliate against you in any way (in fact, Intermountain will provide you with information on how to report any privacy concerns to a local Intermountain Privacy Coordinator, the Intermountain Corporate Privacy Office, or the Office for Civil Rights, U. S. Department of Health and Human Services); and
- Request in writing other restrictions on the use of your health information or amendments to your health information if you think it is wrong, though Intermountain may not always be able to grant those requests.
How Your Health Information is Used
1. Common Uses of Health Information
When we care for you, we will gather some of your health information. The law allows us to use or share this health information for the following purposes:
- To understand your health condition and to treat you when you are sick. For example, we may look at your x-rays or share x-rays we take of you with your treating doctor, who may be outside of Intermountain, or we may receive your prescription information from other health services companies to help you avoid harmful drug interactions.
- To bill your healthcare services and to receive payment for our services. For example, we share with and receive health information from your health insurance company and/or other health care providers to receive payment and to better manage your care.
- To improve our care. For example, we may contact you to understand what you thought of our care and to learn how to enhance our services to you.
- To request your support for improving healthcare by contributing to one of Intermountain’s charitable foundations. (If you don’t want to be contacted for this purpose, call Intermountain’s Privacy Office at 1-800 442-4845 to let us know).
- To improve our services to you by allowing companies with whom we contract, called “business associates,” to perform certain specialized work for us. The law requires these business associates to protect your health information and obey the same privacy laws that we do.
- To perform a very limited, specific type of health-related research, where the researcher keeps any patient-identifiable information safe and confidential. Intermountain reviews every research request to make sure your privacy is appropriately protected before sharing any health information.
- To law enforcement, but only as authorized by law, i.e., to investigate a crime against Intermountain or any of its patients.
2. Required Uses of Health Information
The law sometimes requires us to share information for specific purposes, including the following:
- To the Department of Health to report communicable diseases, traumatic injuries, or birth defects, or for vital statistics, such as a baby’s birth;
- To a funeral director or an organ-donation agency when a patient dies, or to a medical examiner when appropriate to investigate a suspicious death;
- To the appropriate governmental agency if an injury or unexpected death occurs at an Intermountain facility;
- To state authorities to report child or elderly abuse;
- To governmental inspectors who, for example, make sure our facilities are safe;
- Under certain conditions, to military command authorities or the Department of Veterans Affairs, for patients who are in the military or veterans;
- To a correctional institution, if a patient is an inmate, to ensure the correctional institution’s safety;
- To the Secret Service or NSA to protect, for example, the country or the President;
- To a medical device’s manufacturer, as required by the FDA, to monitor the safety of a medical device;
- To court officers, as required by law, in response to a court order or a valid subpoena;
- To governmental authorities to prevent serious threats to the public’s health or safety;
- To governmental agencies and other affected parties, to report a breach of health-information privacy;
- To an employer, but only if the employer contracts with us to help the employer meet OSHA requirements about workplace and employee safety; and
- To a worker’s compensation program if a person is injured at work and claims benefits under that program.
3. Uses According to Your Requests
Your preferences matter. If you let us know how you want us to disclose your information in the following situations, we will follow your directions:
- When you are in the hospital, you decide if you want callers or visitors to know how to reach you. When you’re admitted, you will be asked if you want to be in the “hospital directory”. If you say “yes”, the hospital can tell visitors who ask for you by name how to find you or talk to you. The hospital may also tell the visitor — only in general terms — how you are doing. If you say “no”, the hospital won’t let any visitor know you are in the hospital and won’t direct phone calls or flowers to you.
- You decide if you want us to share any health or payment information related to your care with your family members or friends. Please let our Intermountain employees know what you want us to share. If you can’t tell us what health or payment information you want us to share, we may use our professional judgment to decide what to share with your family or friends for them to be able to help you.
- You decide who we should contact in an emergency. But if you aren’t able to tell us who to contact, we may ask the public authorities to help. For example, we may ask the police to help find your family or, in a disaster, we may help the Red Cross reconnect you with your family.
- You decide if you want to indicate your religious preference when you are admitted to one of our facilities. If you indicate your religious preference, we may provide your name to a visiting representative of your religion. But if you don’t want that, tell our staff at any time that you do not want us to share your name with a religious representative.
- You decide if you don’t want us to remind you of your upcoming appointments. When you make an appointment, let the scheduling staff know that you don’t want these reminders.
- You decide if you don’t want to receive marketing information about non-Intermountain Healthcare products or services when they become available. In general, Intermountain is not paid to provide this information to you. If you don’t want to receive marketing information about non-Intermountain products or services, let us know by calling 1(800) 442-4845.
4. Uses with Your Authorization
Any sharing of your health information, other than as explained above, requires your written authorization. For example, we will not use your health information unless you authorize us in writing to:
- Share any of your psychotherapy notes, if they exist, with a third party;
- Share any of your health information with marketing companies; or
- Sell any of your health information.
You can change your mind at any time about sharing your health information with an authorization. Simply notify in writing the Intermountain facility that has your authorization on file. Please understand that we may not be able to get back health information that was shared before you changed your mind.
5. Special Legal Protections for Certain Health Information
Intermountain complies with federal laws that require extra protection for your health information if you receive treatment in an addiction treatment program, or from a psychotherapist who keeps notes on your therapy that are kept outside of your regular medical record.
If You Still Have Questions
Intermountain’s Privacy Coordinators can help you with any questions you may have about the privacy of your health information. They can also address any privacy concerns you may have about your health information and can help you fill out any forms that are needed to exercise your privacy rights. If you are at an Intermountain facility, please ask one of our staff members to help you contact a local Privacy Coordinator, or call (800) 442-4845 to reach Intermountain’s Privacy Office.
This privacy notice became effective on January 01, 2011. We may change this privacy notice at any time, and we may use new ways to protect your health information. We always post our current privacy notice in our hospitals, clinics, and on our website at IntermountainHealthcare.org.
You can also obtain a copy of this notice from any of Intermountain’s staff by asking for a copy, by visiting our website, or by calling Intermountain’s Privacy Office at (800) 442-4845.
This notice of privacy practices describes the practices of Intermountain and of Intermountain’s employees and volunteers working in its hospitals, clinics, doctors’ offices, service departments. This notice also describes the privacy practices of affiliated healthcare providers — who are not employees of Intermountain — while treating you in an Intermountain facility, unless they provide you with a notice of their own privacy practices. (For more information about the specific privacy practices of affiliated providers, please contact them directly.)
For more information about SelectHealth privacy practices.
If you would like further information about your privacy rights, are concerned that your privacy rights have been violated, or disagree with a decision that we made about access to your health information, contact:
- The privacy coordinator in the Intermountain facility where you received care.
- Intermountain Privacy Office
36 S. State Street
Salt Lake City, UT 84111
Toll free: 1-800-442-4845
We will investigate all complaints and will not penalize or treat you any differently for filing a complaint. You may also file a written complaint with the Office of Civil Rights of the U.S. Department of Health and Human Services.
Privacy Practices on IntermountainHealthcare.org
Intermountain Healthcare offers you this Service on these conditions:
- that you are 18 years of age or older;
This Service is intended for use by adults and, in some cases, teenagers over thirteen. Some areas of this Service may, however, be attractive to children, such as the “LIVE” site and SelectHealth’s STEP Express web pages. Consistent with the Children’s Online Privacy Protection Act of 1998, we will never knowingly request personal information from anyone less than 13 years of age without prior verifiable parental consent. If you become aware that your child who is less than 13 years of age has provided us with personal information without prior verifiable parental consent, please contact us at firstname.lastname@example.org and we will use our best efforts to promptly remove such information from our files.
Proprietary Information – In addition to the publicly available information, intermountainhealthcare.org also provides access to personal health-related information to those who provide the necessary information to make that possible. For example, in the "My Health" section on intermountainhealthcare.org, a user can view his or her personal online health records, provided that they have registered and logged in a user name and password.
System Security – Intermountain has taken reasonable steps and has employed industry-standard practices and technology to ensure the integrity and confidentiality of personally identifiable information; but because even the most secure computer system can be violated, Intermountain cannot guarantee security.
Third Party Services – Intermountainhealthcare.org offers the opportunity to apply online for employment with Intermountain. This online employment service is provided through a third party entity ("Taleo") under contract with Intermountain. A statement of Taleo's privacy practices can be accessed and viewed online: