ICAN - Privacy Practices
Notice of Privacy Practices for Prospective and Current ICAN Patients
Protecting Your Personal Information is of Overarching Importance
to Our Organization
The personal information collected from the visitors of our website, including their identity, remains confidential. We respect the law(s) on confidentiality applicable to this website (hosting country) and we will never pass on these data to any third party, unless required by law. Our website only collects cookies via Google Analytics.
I. Specific ICAN Patient Privacy Practices pursuant to HIPAA. At ICAN, your privacy as a cancer patient is of the utmost importance to us, and protecting your personal information is a responsibility we take very seriously. ICAN will not share any information we receive from you with any third party without your express written permission.
All ICAN operations and ICAN Cancer Patient Advocacy Programs are in strict compliance with The Health Insurance Portability and Accountability Act of 1996 (HIPAA); the HIPAA Security Rules; the Gramm, Leach, Bliley Safeguard Rule; and the Fair and Accurate Credit Transaction Act.
Please do not mail or fax ANY information that contains Social Security Numbers or Dates of Birth without thoroughly blacking out such confidential information first.
We zealously protect our patients’ privacy at ICAN.
ICAN observes the strictest patient privacy guidelines and does not dispense medical advice. We do, however, dispense patient advocacy and empowerment services in the form of creative, detailed information as well as outline additional treatment options which patients subsequently share with their medical teams in order to make crucial decisions – at key turning points – in their battle for life.
Once ICAN receives conﬁdential medical reports, such as biopsy or surgical pathology reports, laboratory tests, imaging reports, surgical notes, physician correspondence, or other medical records, we routinely destroy such documents (by shredding such reports) when our patient advocacy research has been ﬁnalized for a particular case. We retain no records that would contain your personal identifying information such as your date of birth, Social Security number, or insurance coverage. Moreover, in receiving such materials, we routinely request that our patients - and their family members or friends who are transmitting materials on their behalf - blacken out all personal identifying information prior to sending any documentation to the ICAN oﬃces. is helps ensure that the patient’s privacy is protected to the fullest.
It has been our long-standing policy that ICAN staﬀ members (or members of ICAN Physicians Advisory Council or Scientiﬁc Advisory Council who work with ICAN staﬀ ) will not disclose in any manner to any third party, including oﬃcers, other directors of the organization, or staﬀ not directly involved in Program Services, either patient names, patient information, or the status of any ICAN patient’s treatment.
Some of our patients desire using their name in signing testimonials about ICAN Program Services, but to the extent that they disclose their name, city of residence, or type of cancer or the services they received from ICAN is a matter of individual choice. No information pertinent to their case shall ever be disclosed to any third party by their ICAN Program Services staﬀ member liasion. II. General Privacy Rules Applicable to All ICAN Patients Pursuant to HIPAA. TheHealth Insurance Portability & Accountability Act of 1996 (HIPAA) requires all health care records and other individually identiﬁable health information (protected health information) used or disclosed to us in any form, whether electronically, on paper, or orally, be kept conﬁdential. is federal law gives you, the patient, signiﬁcant rights in order to understand and control how your health information is used. HIPAA provides penalties for covered entities that misuse personal health information. While ICAN is not a healthcare organization, and we do not treat patients or dispense medical advice, we feel that it is important for you to understand not only how physicians and other healthcare professionals you may encounter during the course of treatment are required to maintain the privacy of your health information but also how those providers may use and disclose your health information.
Without speciﬁc written authorization, healthcare providers are permitted to use and disclose your health care records for the purposes of treatment, payment, and healthcare operations.
- Treatment means providing, coordinating, or managing health care and related services by one or more healthcare providers. Examples of treatment would include surgeries, follow-up care, and administering chemotherapy and other medications, etc.
- Payment means such activities as obtaining reimbursement for services, conﬁrming coverage, billing, or collection activities, and utilization review. An example of this would be billing your medical health plan for your medical services.
Healthcare operations include the business aspects of running a medical practice, such as conducting quality assessment and improvement activities, auditing functions, cost-management analysis, and customer service. An example would include a periodic assessment of the medical practice’s documentation protocols, etc. In addition, your conﬁdential information may be used to remind you of an appointment (by phone or mail) or provide you with information about treatment options or other health-related services including release of information to friends and family members that are directly involved in your care who assist in taking care of you. Providers will use and disclose your protected health information when required to do so by federal, state; or local law. ey may disclose your protected health information to public health authorities that are authorized by law to collect information; to a health oversight agency for activities authorized by law included but not limited to responding to a court or administrative order, if you are involved in a lawsuit or similar proceeding, responding to a discovery request, subpoena; or other lawful process by another party involved in the dispute, but only if they have made an eﬀort to inform you of the request or to obtain an order protecting the information the party has requested.
Providers will release your protected health information if requested by a law enforcement oﬃcial for any circumstance required by law. Providers may release your protected health information to a medical examiner or coroner to identify a deceased individual or to identify the cause of death. If necessary, they also may release information in order for funeral directors to perform their jobs. ey may release protected health information to organizations that handle organ, eye, or tissue procurement or transplantation, including organ donation banks, as necessary, to facilitate organ or tissue donation and transplantation if you are an organ donor. ey may use and disclose your protected health information when necessary to reduce or prevent a serious threat to your health and safety or the health and safety of another individual or the public. Under these circumstances, they will only make disclosures to a person or organization able to help prevent the threat.
Providers may disclose your protected health information if you are a member of the U.S. armed forces (including veterans) and if required by the appropriate authorities. Providers may disclose your protected health information to federal oﬃcials for intelligence and national security activities authorized by law. Providers may disclose protected health information to federal oﬃcials in order to protect the President, other oﬃcials or foreign heads of state, or to conduct investigations. Providers may disclose protected health information to correctional institutions or law enforcement oﬃcials if you are an inmate or under the custody of law enforcement oﬃcial. Disclosure for these purposes would be necessary: continued on next page
(a) for the institution to provide health care services to you, (b) for the safety and security of the institution, and/or (c) to protect your health and safety or the health and safety of other individuals or the public. Providers may release your protected health information for workers’ compensation and similar programs.
Any other uses and disclosures will be made only with your written authorization. You may revoke such authorization in writing, and providers are required to honor and abide by that written request, except to the extent that they have already taken actions relying on your authorization.
You have certain rights in regards to your protected health information, which you can exercise by presenting a written request to your provider’s Privacy Oﬃcer, which include:
- The right to request restrictions on certain uses and disclosures of protected health information, including those related to disclosures to family members, other relatives, close personal friends, or any other person identiﬁed by you. Providers are, however, not required to agree to a requested restriction. If they do agree to a restriction, they must abide by it unless you agree in writing to remove it.
- The right to request to receive conﬁdential communications of protected health information from your provider by alternative means or at alternative locations.
- The right to access, inspect, and copy your protected health information.
- The right to request an amendment to your protected health information.
- The right to receive an accounting of disclosures of protected health information outside of treatment, payment and health care operations.
- The right to obtain a paper copy of such notice from your Provider upon request.
Providers are required by law to maintain the privacy of your protected health information and to provide you with notice of their legal duties and privacy practices with respect to protected health information.
You have the right to ﬁle a formal, written complaint with your Provider, or with the Department of Health & Human Services, Oﬃce of Civil Rights, in the event you feel your privacy rights have been violated. Your Provider may not retaliate against you for ﬁling a complaint.
For more information about ICAN’s Privacy Practices, please contact:
For more information about HIPAA, please contact:
The U.S. Department of Health & Human Services
Office of Civil Rights
200 Independence Avenue, S.W.
Washington, D.C. 20201
Special thanks to Signature Specialists at http://www.signaturespecialists.com and Genworth Life Insurance Company