THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.
Please Review This Notice Carefully
Esta información está disponible en español. (This information is available in Spanish.)
This Notice applies to all protected health information (“PHI”) maintained by the current or future covered entity affiliates of Froedtert Health, Inc. (“Froedtert Health”) that are designated by Froedtert Health as part of its Affiliated Covered Entity (the “Froedtert Health Affiliates”) and by The Medical College of Wisconsin, Inc. (“MCW”). For purposes of this Notice, the Froedtert Health Affiliates and MCW are referred to collectively as “Froedtert & MCW.” One or more of the Froedtert Health Affiliates and MCW participate in one or more Organized Health Care Arrangements (each, an "OHCA") and provide clinically integrated health care services. More information about the OHCAs and about the Froedtert Health Affiliates to which this Notice applies is available at www.froedtert.com, or you may obtain a copy from Froedtert Health’s Privacy Officer or from MCW’s Privacy Officer at the addresses or phone numbers listed under the HOW TO CONTACT US section at the end of this Notice.
This Notice describes how members of the Froedtert Health Affiliates’ and MCW’s respective workforces, including employees, medical staff members, students and volunteers, will use and disclose PHI maintained by Froedtert & MCW. If you have any questions after reading this Notice, please contact Froedtert Health’s Privacy Officer or MCW’s Privacy Officer. This Notice does not apply to Froedtert Health, the Froedtert Health Affiliates, or MCW as employers. This Notice also does not apply to the health plans of Froedtert Health, the Froedtert Health Affiliates, or MCW. Health plans are separate covered entities for purposes of the Health Insurance Portability and Accountability Act (HIPAA) and have their own notice of privacy practices.
Our Pledge Regarding Your Protected Health Information
Protected Health Information (“PHI”) is any individually identifiable information, whether oral or recorded in any form or medium, that is created or received by a health care provider, health plan, or health care clearinghouse, and that relates to the past, present, or future physical or mental health or condition of an individual, the provision of health care to an individual, or the past, present or future payment for the provision of health care to an individual, and that either identifies an individual (for example, an individual’s name, social security number, or medical record number) or can reasonably be used to identify the individual (for example, your address, telephone number, or birth date).
We are committed to the privacy of your PHI, and we comply with applicable law and accreditation standards regarding patient privacy. PHI about you is personal. PHI may be in paper or electronic records but could also include photographs, videos and other electronic transmissions or recordings that are created during your care and treatment. A record of the care and services you receive is needed to provide you with quality care and to comply with legal requirements.
The law requires us to:
- Make sure that PHI is kept private.
- Give you this Notice of our legal duties and privacy practices with respect to PHI about you.
- Notify you in the event of a breach of your unsecured PHI.
- Follow the terms of this Notice that are currently in effect.
Uses and Disclosures of Your PHI
Froedtert & MCW may use or disclose your PHI for treatment purposes or for other purposes permitted or required by applicable laws, rules, or regulations. Except when using or disclosing your PHI for treatment purposes or when using or disclosing your PHI as required by applicable laws, rules, or regulations, Froedtert & MCW will follow a “Minimum Necessary” standard and will make reasonable efforts to limit the use and disclosure of your PHI in order to accomplish the intended purpose.
Uses and disclosures of PHI not covered by this Notice or the laws that apply to Froedtert & MCW will be made only with your permission.
In Certain Circumstances We May Use And Disclose PHI About You Without Your Written Permission.
- For Treatment: Froedtert & MCW may use or disclose your PHI to provide you with medical treatment or services. We may disclose PHI about you to doctors, residents, nurses, technicians, students in health care training programs, or other personnel who are involved in taking care of you. For example, a doctor treating you for a broken leg may need to know if you have diabetes because diabetes might slow the healing process. In addition, the doctor may need to tell the dietitian if you have diabetes so that we can arrange for appropriate meals. Different departments of Froedtert & MCW may share PHI about you in order to coordinate the services you need, such as prescriptions, lab work and x-rays. We may disclose PHI about you to people outside of Froedtert & MCW who provide your medical care. For example, we may provide PHI about your care and treatment to a doctor or nursing home that provides your care following your hospital or clinic services.
- For Payment: We may use and disclose your PHI to send bills and collect payment from you, your insurance company, or other payers, such as Medicare, for the care, treatment, and other related services you receive. We may provide your name, address and insurance information to other health care providers related to your care. We may tell your health insurer about a treatment your doctor has recommended to obtain prior approval to determine whether your plan will cover the cost of the treatment. For billing information, you may contact the Froedtert Health Patient Financial Services Department or the MCW Patient Financial Services Department.
- For Health Care Operations: We may use and disclose PHI about you for the purpose of our business operations. These business uses and disclosures are necessary to make sure that our patients receive quality care and cost-effective services. For example, we may use and disclose PHI to review the quality of our treatment and services, and to evaluate the performance of our employees, contracted staff, students, and trainees in caring for you. We may use and disclose your information, including to our employees, contracted staff, students, and trainees, for review and learning purposes. We may use and disclose your information for case management and care coordination purposes.
- Appointments and Transportation Services: We may use and disclose your PHI to remind you of or to confirm your appointments, such as your appointments for treatment or medical care. For example, if your provider has sent you for a test, the place where the testing will be done may call you to remind you of the date you are scheduled for such test. We may use and disclose your PHI to third-party transportation services to confirm the time and place of your appointment.
- Business Associates: We may use or disclose your PHI to certain contractors that assist us in operating our business. For example, when your doctor dictates a summary of the visit with you, a contracted company or individual may type up the document for our medical records. These contractors that assist us, if they are not providing the service in the capacity of a member of our workforce, may be “Business Associates”. We enter into agreements with our Business Associates where they agree to keep any PHI received from us confidential.
- Family Members and Friends: We may disclose PHI about you to a family member, relative, or another person identified by you who is involved in your health care or payment for your health care. If you are not present or are incapacitated or it is an emergency or disaster relief situation, we will use our professional judgment to determine whether disclosing limited PHI is in your best interest under the circumstances.
- Hospital Directory: When you are an inpatient admitted to the hospital, or are admitted as an outpatient to the surgery center, Froedtert & MCW may list certain information about you, such as your name, your location in the hospital, and your religious affiliation in a hospital directory. The hospitals can disclose this information, except for your religious affiliation, to people who ask for you by name. Your religious affiliation may be given to members of the clergy even if they do not ask for you by name. You may request that no information contained in the directory be disclosed. To restrict use of information listed in the directory, please inform the admitting staff or your nurse. They will assist you in this request. In emergency circumstances, if you are unable to communicate your preference, you will be listed in the directory.
- Fundraising Activities: We may use information, such as your name, address, phone number, the dates you received services, department of service information, treating physician, outcome information, and health insurance status to contact you to raise money for Froedtert & MCW. We may share this information with a foundation associated with Froedtert & MCW. You have the right to opt out of receiving fundraising communications from us.
- Future Communications: We may use your name, address, email and phone number to contact you to provide you information about new programs or other services we offer, or Froedtert & MCW newsletters. An example of this would be mailers to all patients regarding a walk or run for breast cancer. This same information may be used to develop new programs as part of promoting health.
- Public Health and Government Functions: We will disclose your PHI in certain circumstances to:
- Control or prevent a communicable disease, injury or disability, to report births and deaths, and for public health oversight activities or interventions.
- The Food and Drug Administration (FDA), to report adverse events or product defects, to track products, to enable product recalls, or to conduct post-market surveillance as required by law.
- To a state or federal government agency to facilitate their functions.
- Serious and Imminent Threats: We may use and disclose your PHI when doing so is determined necessary to prevent a serious and imminent threat to the health and safety of you, the public, or another person, including disclosing your PHI to persons who may be able to prevent or lessen the threat or help the potential victim of the threat. State law may require such disclosure when an individual or group has been specifically identified as the target or potential victim, such as when the threat involves school violence.
- Required or Permitted by Law: We will disclose your PHI when required to do so by federal, state, or local law. We are permitted, and required in some cases, to release your PHI in certain circumstances to:
- Report suspected elder or child abuse to law enforcement or other governmental agencies responsible to investigate or prosecute abuse.
- Respond to a valid court order.
- The Department of Health Services (DHS), the Department of Children and Families (DCF), a protection or advocacy agency, law enforcement authorities investigating abuse, neglect, physical injury, death, and suspicious wounds, burns, or gunshot wounds.
- Your court appointed guardian or agent you have appointed under a health care power of attorney.
- A prisoner's health care provider.
- A medical examiner, coroner, and funeral director regarding a death.
- Law enforcement officials with regard to crime victims, crimes on our premises, crime reporting in emergencies, and identifying or locating suspects or other persons.
- Organ, Eye and Tissue Donation: We will disclose PHI to organizations that obtain, bank or transplant organs or tissues.
- Research: Froedtert & MCW may use and share your PHI for certain kinds of research. Froedtert & MCW have one or more research review boards that review and approve research projects. A review board may approve using your PHI without your written permission when the board determines that the researcher will follow all privacy rules. Other research projects submitted to a review board will require your written permission to use the PHI before the research begins. Whether or not your PHI is used in a research project, your care and treatment will not be affected.
- Workers’ Compensation: We will disclose your PHI that is reasonably related to a worker’s compensation illness or injury following written request by your employer, worker’s compensation insurer, or the Department of Workforce Development or its representative.
- Employer-Sponsored Health and Wellness Services: We maintain information about employer sponsored health and wellness services, including services we provide at employment sites. We may use and disclose your information that we maintain relating to employer-sponsored health and wellness services, including to persons who provide you medical care or health or wellness services. For employer sponsored services provided at your employment site, information may be provided to your employer and/or your employer’s health plan as permitted by applicable laws, rules, or regulations.
- Medical Record/Health Information Exchanges: We maintain PHI about our patients in electronic medical records that allow Froedtert & MCW to share PHI. We also participate in various electronic health information exchanges that facilitate access to PHI by other health care providers who provide you care. For example, if you are admitted on an emergency basis to another hospital that participates in the health information exchange, the exchange will allow us to make your PHI available electronically to those who need it to treat you at the hospital.
- Sensitive Information: We may limit certain uses and disclosures of sensitive information; for example, in cases of behavioral and mental health information, substance use disorder information, or HIV status, Froedtert & MCW may be subject to more stringent state or federal laws applicable to your information.
Your Protected Health Information Rights
Right to Request Restrictions: You have the right to request certain restrictions of our use or disclosure of PHI for treatment, payment or health care operations. You also have the right to request a restriction on our disclosure of your PHI to someone who is involved in your care or the payment for your care. We are not required to agree to your request in most cases. If we agree to the restriction, we will comply with your request unless the PHI is needed to provide you emergency treatment. We must, however, agree to your request to: (1) restrict our disclosure of your PHI to your health plan when you have paid us out-of-pocket in full for the health care item or service we provided you; or (2) restrict our disclosure of your immunization data to the Wisconsin Immunization Registry. A request for restriction should be made in writing. To request a restriction, please contact the Health Information/Medical Records Department.
Right to Inspect and Copy: You have the right to inspect and receive a copy of PHI about you that may be used to make decisions about your health. A request to inspect your records may be made to your nurse or doctor while you are an inpatient or to the Health Information/Medical Records Department while an outpatient or in other circumstances. For copies of your PHI, requests must go to the Health Information/Medical Records Department. There may be a charge for these copies. For copies of billing records, you may contact the appropriate Patient Financial Services Department.
Right to Amend: If you feel that PHI we have about you is incorrect or incomplete, you may ask us to amend the PHI, for as long as Froedtert & MCW maintains the PHI. Requests for amending your PHI should be made to the Health Information/ Medical Records Department. The Froedtert Health Affiliate that maintains the PHI, or MCW if it maintains your PHI, will respond to your request within 60 days after you submit the written amendment request form. If we deny your request, we will provide you a written explanation. You may respond with a statement of disagreement to be appended to the PHI you wanted amended. If we accept your request to amend the PHI, we will make reasonable efforts to inform others, including people you name, of the amendment and to include the changes in any future disclosures of that PHI.
Right to a List of Disclosures: You have the right to request a list of instances in which we or our business associates disclosed your PHI for purposes other than treatment, payment, health care operations, disclosures authorized by you or made to you, and certain other activities. A request for this list of disclosures should be made in writing to the Health Information/Medical Records Department. The first list you request from each Froedtert Health Affiliate and/or MCW within a 12-month period will be free. For additional lists, we may charge you for the costs of providing the list. We will notify you of the cost involved, and you may choose to withdraw or modify your request at that time before any costs are incurred.
Right to Request Alternate Means of Communication: You have the right to request that we communicate with you about your PHI in a certain way or at a certain location. We will accommodate all reasonable requests. You must make any such request in writing submitted to the Privacy Officer.
Right to Require Permission: Your permission is required for most uses and disclosures of psychotherapy notes, uses and disclosures of PHI for marketing purposes, and disclosures that constitute a sale of PHI.
Right to Revoke Permission: If you authorize Froedtert & MCW to use or disclose your PHI, you may revoke that permission, in writing, at any time. We are unable to take back any disclosures we have already made with your permission. To revoke a permission, please contact the Health Information/Medical Records Department.
Right to Complain: If you believe your privacy rights have been violated, you may file a complaint with MCW or the applicable Froedtert Health Affiliate or with the Secretary of the Department of Health and Human Services. To file a complaint with MCW or a Froedtert Health Affiliate, you must put your complaint in writing and address it to the Privacy Officer for MCW or the Privacy Officer for Froedtert Health, as applicable. Filing a complaint will not affect your care and treatment.
Right to Appoint a Personal Representative: If you have given someone medical power of attorney or if someone is your legal guardian, that person can exercise your rights and make choices about your PHI.
Important Notice: We reserve the right to revise or change this Notice and to make the new Notice provisions effective for all PHI that Froedtert & MCW maintain. Each time you register for health care services at a site covered by this Notice, the most current copy of this Notice will be available for you. You have a right to obtain a paper copy of this Notice upon request.
How to Contact Us
Medical College of Wisconsin (MCW), 1-844-703-8171
8701 Watertown Plank Rd, Wauwatosa, WI 53226
Health Information/Medical Records Department
Froedtert Health & Affiliates and MCW, 414-805-2909
How to Contact the Office for Civil Rights, Region V:
Office for Civil Rights, Region V
U.S. Department of Health and Human Services
233 N. Michigan Ave., Suite 240
Chicago, IL 60601
Voice Phone: 1-800-368-1019
E-mail: [email protected]
ACA Section 1557 Notice of Nondiscrimination
We comply with applicable federal civil rights laws and do not discriminate on the basis of race, color, national origin, age, disability or sex. Attention: If you speak another language, assistance services, free of charge, are available to you. Call: 414-805-3000 (TTY: 1-800-947-3529)
Español (Spanish): ATENCIÓN: si habla español, tiene a su disposición servicios gratuitos de asistencia lingüística. Llame al: 414-805-3000 (TTY: 1-800-947-3529)
Hmoob (Hmong): LUS CEEV: Yog tias koj hais lus Hmoob, cov kev pab txog lus, muaj kev pab dawb rau koj. Hu rau: 414-805-3000 (TTY: 1-800-947-3529)”
Effective Date: April 14, 2003
Last Revision Date: May 30, 2023
Item #:37974 (supersedes 3/20, 10/19, 10/16, 06/16, 05/15, 07/13, 03/12, 09/10, 04/10, 07/09)