University of Pittsburgh - Clinical Psychology Center

NOTICE OF POLICIES AND PRACTICES UTILIZED BY THE
CLINICAL PSYCHOLOGY CENTER
TO PROTECT THE PRIVACY OF YOUR HEALTH INFORMATION
(continued)

IV. Client rights and CPC duties.

CLIENT RIGHTS:

Right to request restrictions. You have the right to request restrictions on certain uses and disclosures of PHI about you. However, the CPC is not required to agree to a restriction you request.
Right to receive confidential communications by alternative means and at alternative locations. You have the right to request and receive confidential communications of PHI by alternative means and at alternative locations. For example, you may not want a family member to know that you are being seen here. In such a case, upon request the CPC would send any communications to another address.
Right to inspect and copy. You have the right to inspect or obtain a copy (or both) of such PHI in the CPC’s clinical and billing records as is used to make decisions about you, for as long as the PHI is maintained in the record. The CPC may deny your access to PHI under certain circumstances, but in some cases you may have this decision reviewed. On your request, CPC staff will discuss with you the details of the request and denial process.
Right to an accounting. You generally have the right to receive an accounting of disclosures of PHI for which you have neither provided consent nor authorization (as described in Section III of this Notice). On your request, CPC staff will discuss with you the details of the accounting process.
Right to a paper copy. You have the right to obtain a paper copy of this Notice from the CPC upon request, even if you have agreed to receive the Notice electronically.
Right to restrict disclosures when you have paid for your care out-of-pocket. You have the right to restrict certain disclosures of PHI to a health plan when you pay out-of-pocket in full for CPC services. At present, however, the CPC does not accept insurance.
Right to be notified if there is a breach of your unsecured PHI. You have a right to be notified if: (a) there is a breach (a use or disclosure of your PHI in violation of the HIPAA Privacy Rule) involving your PHI; (b) that PHI has not been encrypted to government standards; and (c) the CPC risk assessment fails to determine that there is a low probability that your PHI has been compromised.

CPC DUTES:

The CPC is required to maintain the privacy of PHI and to provide you with a Notice of its legal duties and privacy practices with respect to PHI.
The CPC reserves the right to change the privacy policies and practices described in this Notice. Unless the CPC notifies you of such changes, however, it is required to abide by the terms currently in effect.
If the CPC revises its policies and procedures, it will provide clients with a revised Notice, either at the time of their next appointment or by mail.

Click here to continue. For a printer-friendly version of this Notice, click here.