NOTE: Effective Nov 2004; updated January 6, 2015
This notice describes how medical information about you may be used and disclosed and how you can get access to this information. Please review it carefully.
Protecting Your Privacy
Intermountain Healthcare (Intermountain) understands the importance and sensitivity of your health information. We protect the privacy of your health information because that is the right thing to do. We also follow federal and state laws that govern the use of your health information. We use your health information (and allow others to have it) only as permitted by federal and state laws. These laws give you certain rights regarding your health information.
Intermountain participates in organized healthcare arrangements (OHCAs) with other entities including but not limited to, SelectHealth, Inc., The Intermountain Life and Health Benefit Plan, and the University of Utah Medical Group (with respect to certain defined pediatric specialty services). These OHCA members share information for treatment, payment and healthcare operations to improve, manage and coordinate your care.
Learn more about OHCA activities and see a current list of all OHCA members.
Your Health Information Rights
- Inspect and get a copy of your medical or billing records (including an electronic copy if we maintain the records electronically), as allowed by law, usually within 30 days of your request.
- Request and be provided a paper copy of our current Notice of Privacy Practices.
- Require us to communicate with you using an alternate address or phone number.
- Require that we not send information about a healthcare service or related item to your health plan if you or someone else pays in full for that service or item and if you notify us in advance that you — and not your health plan — are going to pay for this service or item (so we don’t automatically bill your health plan).
- Request in writing that restrictions be placed on how your health information is normally used or shared for treatment or other purposes.
- Request an accounting of when your identifiable health information is shared outside of Intermountain for a purpose other than treatment or payment, for example.
- Receive notice if we or our business associates have breached the confidentiality of your health information.
- Report a privacy concern and be assured that we will investigate your concern thoroughly, support you appropriately, and not retaliate against you in any way (You may report any privacy concerns to the Compliance or Privacy Coordinator at one of our facilities, to our main Privacy Office at (800) 442-4845 or Privacy@imail.org, or to the Office for Civil Rights, U.S. Department of Health and Human Services, Denver Office.).
- Request in writing that your health information be amended if you think that information is in error.
How Your Health Information is Used
1. Common Uses of Health Information
When we care for you, we will gather some of your health information. The law allows us to use or share this health information to:
- Understand your health condition and to treat you when you are sick. For example, we may look at your x-rays or share x-rays we take of you with your treating doctor, who may be outside of Intermountain, or we may receive your prescription information from other health services companies to help you avoid harmful drug interactions.
- Bill for your healthcare services and to receive payment for our services (for example, we share your health insurance information with other healthcare providers who treat you — like your anesthesia doctor or a specialty laboratory — so they can bill for those services).
- Determine if a patient is eligible for Medicaid or the Children's Health Insurance Program by submitting personally identifiable information to these state databases.
- Improve our care. For example, we may contact you to understand what you thought of our care and to learn how to enhance our services to you.
- Contact you for the purpose of raising money for the Intermountain Healthcare Foundation (This money is used to expand and improve the services and programs we provide for the community. The law limits the information about you that the Foundation gets and gives you the right to opt out of receiving these communications.Opting out will have no impact on your care or payment for your care. To opt out or to opt back in to these communications, call (800) 442-4845 or contact your local Intermountain Healthcare Foundation office).
- Improve our services to you by allowing companies with whom we contract, called “business associates,” to perform certain specialized work for us. The law requires these business associates to protect your health information and obey the same privacy laws that we do.
- Perform limited health-data research, where the researcher keeps patient-identifiable information confidential. Intermountain reviews every research request to make sure your privacy is appropriately protected before sharing health information.
- Law enforcement, but only as authorized by law, i.e., to investigate a crime against Intermountain or any of its patients.
2. Required Uses of Personal Health Information
The law sometimes requires us to share information for specific purposes, with:
- The Department of Health to report communicable diseases, traumatic injuries, or birth defects, or for vital statistics, such as a baby’s birth.
- A funeral director or an organ-donation agency when a patient dies, or with a medical examiner when appropriate to investigate a suspicious death.
- The appropriate governmental agency if an injury or unexpected death occurs at an Intermountain facility.
- State authorities to report child or elderly abuse.
- Law enforcement for certain types of crime-related injuries, such as gunshot wounds.
- Governmental inspectors who, for example, make sure our facilities are safe.
- Military command authorities or the Department of Veterans Affairs when we treat patients who are in the military or are veterans.
- A correctional institution if a patient is an inmate.
- The Secret Service or NSA to protect the country or the President.
- A medical device’s manufacturer, as required by the FDA.
- Court officers, as required by law, in response to a court order or a valid subpoena.
- Governmental authorities to prevent serious threats to the public’s health or safety.
- Governmental agencies and other affected parties, to report a breach of health-information privacy.
- An employer, but only if the employer contracts with us to help the employer meet OSHA requirements about workplace and employee safety.
- A worker’s compensation program if a person is injured at work and claims benefits under that program.
3. Uses According to Your Requests
Your preferences matter. If you let us know how you want us to disclose your information in the following situations, we will follow your directions. You decide:
- If you want callers or visitors to know how to reach you while you are in the hospital. When you’re admitted, you will be asked if you want to be in the “hospital directory”. If you say “yes,” the hospital can tell visitors who ask for you by name how to find you or talk to you. The hospital may also tell the visitor — only in general terms — how you are doing. If you say “no,” the hospital won’t let any visitor know you are in the hospital and won’t direct phone calls or flowers to you.
- If you want us to share any health or payment information related to your care with your family members or friends. Please let our Intermountain employees know what you want us to share. If you can’t tell us what health or payment information you want us to share, we may use our professional judgment to decide what to share with your family or friends for them to be able to help you.
- Who we should contact in an emergency. If you aren’t able to tell us who to contact, we may ask the public authorities to help. For example, we may ask the police to help find your family, or in a disaster, we may help the Red Cross reconnect you with your family.
- If you want to indicate your religious preference when you are admitted to one of our facilities. If you indicate your religious preference, we may provide your name to a visiting representative of your religion. If you don’t want us to do so, tell our staff at any time that you do not want us to share your name with a religious representative.
- if you want us to provide immunization information about you or your child to a school.
4. Uses of Health Information with Your Authorization
Any sharing of your health information, other than as explained above, requires your written authorization. For example, we will not use your health information unless you authorize us in writing to:
- Send copies of your health information to a life insurance company.
- Share any of your psychotherapy notes, if they exist, with a third party who is not part of your care.
- Send information to encourage you to buy a non-Intermountain product if we are paid to send that information or make the communication.
- Sell your identifiable health information.
If you authorize us to share your health information but then change your mind, please notify the appropriate Intermountain facility in writing that you revoke the authorization. We will honor your revocation, but, of course, we will not able to get back the health information that you authorized us to send before revoking that authorization.
5. Special Legal Protections for Certain Health Information
Intermountain complies with federal and state laws that require extra protection of special records. These records may include records of treatment in an addiction-treatment program, genetic information, or psychotherapy notes from a treating psychotherapist.
If You Still Have Questions
Our staff is trained to help you with any questions you may have about the privacy of your health information. They can also address any privacy concerns you may have about your health information and help you fill out any forms that are needed to exercise your privacy rights. If you are at one of our Intermountain facilities, please ask one of our staff members to help you contact a local Compliance or Privacy Coordinator, or call (800) 442-4845 to reach our main Privacy Office.
This privacy notice became effective on 07/01/2013. We may change this privacy notice at any time. You can see our current privacy notice on our website, at IntermountainHealthcare.org, or posted in our hospitals, clinics, and offices. You can also obtain a copy of this notice from any of our staff by asking for a copy, by visiting our website, or by calling our Privacy Office at (800) 442-4845.
This notice describes our privacy practices of Intermountain employees and volunteers working in our hospitals, clinics, doctors’ offices, service departments. This notice also describes the privacy practices of associated healthcare providers — who are not Intermountain employees — while treating you in our facilities, unless they provide you with a notice of their own privacy practices. (For more information about the specific privacy practices of associated providers, please contact them directly.)
Learn more about SelectHealth privacy practices.
If you would like further information about your privacy rights, are concerned that your privacy rights have been violated, or disagree with a decision that we made about access to your health information, contact:
- The privacy coordinator in the Intermountain facility where you received care.
- Intermountain Privacy Office
36 S. State Street
Salt Lake City, UT 84111
Toll free: 1-800-442-4845
We will investigate all complaints and will not penalize or treat you any differently for filing a complaint. You may also file a written complaint with the Office of Civil Rights of the U.S. Department of Health and Human Services.