NOTE: Effective January 1, 2017
This notice describes how medical information about you may be used and disclosed and how you can get access to this information. Please review it carefully.
Protecting Your Privacy
Intermountain Healthcare (Intermountain) understands the
importance and sensitivity of your health information. We protect
the privacy of your health information because it is the right thing
to do. We also follow federal and state laws that govern your health
information. We use your health information (and allow others to
have it) only as permitted by federal and state laws. These laws give
you certain rights regarding your health information.
Intermountain participates in organized healthcare arrangements
(OHCAs) with other entities including but not limited to,
SelectHealth, Inc., the Intermountain Life and Health Benefit Plan,
and the University of Utah Medical Group (with respect to certain
defined pediatric specialty services). These OHCA members share
information for treatment, payment and healthcare operations to
improve, manage and coordinate your care.
Learn more about OHCA activities and see a current list of all
OHCA members on Intermountain’s public website (https://
Your Health Information Rights
- Inspect and obtain a copy of your medical or billing records
(including an electronic copy if we maintain the records
electronically), as allowed by law, usually within 30 days of your
- Request and receive a paper copy of our current Notice of
- Require us to communicate with you using an alternate address
or phone number.
- Require that we not send information about a healthcare
service or related item to your health plan if you or someone
else pays in full for that service or item and if you notify us in
advance that you — and not your health plan — are going to
pay for this service or item (so we don’t automatically bill your
- Request in writing that restrictions be placed on how your
health information is used or shared for treatment or other
- Request an accounting of when your identifiable health
information is shared outside of Intermountain for a purpose
other than treatment or payment.
- Receive notice if we or our business associates have
breached the confidentiality of your health information.
- Report a privacy concern and be assured that we will
investigate your concern thoroughly, support you appropriately,
and not retaliate against you in any way (you may report any
privacy concerns to the Compliance or Privacy Coordinator at
one of our facilities, to our main Privacy Office at 1-800-442-4845
or Privacy@imail.org, or to the Office for Civil Rights, U.S.
Department of Health and Human Services, Denver Office).
- Request in writing that your health information be amended if
you think there is an error.
How Your Health Information Is Used
- Common Uses of Health Information. When we care for you, we will gather your health information.
The law allows us to use or share this health information to:
Required Uses of Health Information. The law sometimes requires us to share information for specific purposes, with:
- Understand your health condition and to treat you when you
are sick. For example, we may look at your x-rays or share
x-rays we take of you with your treating doctor, who may be
outside of Intermountain, or we may receive your prescription
information from other health services companies to help you
avoid harmful drug interactions.
- Bill for your healthcare services and receive payment for
our services; for example, we share your health insurance
information with other healthcare providers who treat you —
like your anesthesia doctor or a specialty laboratory — so they
can bill for those services.
- Determine if a patient is eligible for Medicaid or the Children’s Health Insurance Program by submitting personally identifiable
information to these state databases.
- Improve our care. For example, we may contact you to
understand what you thought of our care and to learn how to
enhance our services to you.
- Contact you to invite your support of the Intermountain
Foundation. The Intermountain Foundation raises money to
expand critically important patient programs, research, capital
projects, and services for individuals living in the Intermountain
area. If the Intermountain Foundation contacts you, you will
have the opportunity to help meet this goal, or to opt out of
receiving further fundraising communications. Opting out will
have no impact on your care or payment for your care. Also,
Intermountain Foundation does not sell or otherwise release
donor information without the donor’s authorization.
- Improve our services to you by allowing companies with whom
we contract, called “business associates,” to perform certain
specialized work for us. The law requires these business
associates to protect your health information and obey the
same privacy laws that we do.
- Perform limited health-data research, where the researcher
keeps patient-identifiable information confidential.
Intermountain reviews every research request to make sure
privacy is appropriately protected before sharing health
information. Law enforcement, but only as authorized by law.
- Investigate a crime against Intermountain or any of its patients.
Uses According to Your Requests. Your preferences matter. If you let us know how you want us
to disclose your information in the following situations, we will
follow your directions. You decide:
- The Department of Health, to report communicable diseases,
traumatic injuries, or birth defects, or for vital statistics, such as
a baby’s birth.
- A funeral director or an organ-donation agency, when a
patient dies, or with a medical examiner when appropriate to
investigate a death.
- The appropriate governmental agency, if an injury or unexpected
death occurs at an Intermountain facility.
- State authorities, to report child or elderly abuse.
- Law enforcement, for certain types of crime-related injuries,
such as gunshot wounds.
- Governmental inspectors, who, for example, make sure our
facilities are safe.
- Military command authorities or the Department of Veterans
Affairs, when we treat patients who are in the military or are
- A correctional institution, if a patient is an inmate.
- The Secret Service or NSA, to protect the country or the
- A medical device’s manufacturer, as required by the FDA.
- Court officers, as required by law, in response to a court order
or a valid subpoena.
- Governmental authorities, to prevent serious threats to the
public’s health or safety.
- Governmental agencies and other affected parties, to report a
breach of health-information privacy.
- An employer, but only if the employer contracts with us to help
the employer meet OSHA requirements about workplace and
- A worker’s compensation program, if a person is injured at work
and claims benefits under that program.
Uses of Health Information with Your Authorization. Any sharing of your health information, other than as explained
above, requires your written authorization. For example, we
will not use your health information unless you authorize us in
- If you want callers or visitors to know how to reach you while
you are in the hospital. When you’re admitted, you will be
asked if you want to be in the “hospital directory.” If you say
“yes,” the hospital can tell visitors who ask for you by name
how to find you or talk to you. The hospital may also tell the
visitor — only in general terms — how you are doing. If you
say “no,” the hospital won’t let any visitor know you are in the hospital and won't direct phone calls or visitors to you.
- If you want us to share any health or payment information
related to your care with your family members or friends. Please
let our employees know what you want us to share. If you can’t
tell us what health or payment information you want us to
share, we may use our professional judgment to decide what
to share with your family or friends for them to be able to help
- Who we should contact in an emergency. If you aren’t able
to tell us who to contact, we may ask the public authorities
to help. For example, we may ask the police to help find your
family, or in a disaster, we may help the Red Cross reconnect
you with your family.
- If you want to indicate your religious preference when you
are admitted to one of our facilities. If you indicate your
religious preference, we may provide your name to a visiting
representative of your religion. If you don’t want us to do so,
tell our staff at any time that you do not want us to share your
name with a religious representative.
- If you want us to provide immunization information about you
or your child to a school.
- Send copies of your health information to a life insurance
- Share any of your psychotherapy notes, if they exist, with a third
party who is not part of your care.
- Send information to encourage you to buy a non-Intermountain
product if we are paid to send that information or make the
- Sell your identifiable health information.
If you authorize us to share your health information but then
change your mind, please notify the appropriate Intermountain
facility in writing that you revoke the authorization. We will
honor your revocation, but we will not be able to get back the
health information that you authorized us to send before your revocation.
Special Legal Protections for Certain Health Information. Intermountain complies with federal and state laws that require
extra protection of special records. These records may include
records of treatment in an addiction-treatment program,
genetic information, or psychotherapy notes from a treating
If You Still Have Questions
Our staff is trained to help you with any questions you may have
about the privacy of your health information. They can also address
any privacy concerns you may have about your health information
and help you fill out any forms that are needed to exercise your
privacy rights. If you are at one of our Intermountain facilities,
please ask one of our staff members to help you contact a local
Compliance or Privacy Coordinator, or call 1-800-442-4845 to reach
our main Privacy Office.
This privacy notice became effective January, 2017. We may change
this privacy notice at any time. You can see our current privacy
notice that affects all PHI maintained by Intermountain on our
website, at IntermountainHealthcare.org, or posted in our hospitals,
clinics, and offices. You can also obtain a copy of this notice from
any of our staff by asking for a copy, by visiting our website, or by
calling our Privacy Office at 1-800-442-4845.
This notice describes the privacy practices of Intermountain
employees and volunteers working in our hospitals, clinics, doctors’
offices, and service departments and all are required to abide by the
terms of this notice. This notice also describes the privacy practices
of associated healthcare providers — who are not Intermountain
employees — while treating you in our facilities, unless they
provide you with a notice of their own privacy practices. For more
information about the specific privacy practices of associated
providers, please contact them directly.