Privacy and Security | UnityPoint Health Protecting Your Privacy and Security Protecting the privacy and security of our patients' protected health information is part of our goal to provide the best outcome for every patient every time. Across the United States, the privacy and security of patients' health information is protected by a federal law and regulations (commonly referred to as HIPAA) that establish minimum standards for maintaining the privacy and security of patient information. In addition, other federal laws such as 42 CFR Part 2 which governs the confidentiality of substance use disorder information, as well as state law, may provide added protections for certain types of health information. At UnityPoint Health, we have a compliance program that includes policies implementing patient privacy and security requirements mandated under all applicable federal and state law. We provide training to our team members on the importance of complying with these policies and regularly conduct audits to confirm the effectiveness of our privacy and security compliance policies. Our Notice of Privacy Practices describes how your medical information may be used and disclosed and how you can get access to it. Notice of Privacy Practices - English Notice of Privacy Practices - Spanish Contact a Privacy Officer If you have questions regarding our privacy and security program, or the use of your information, please contact the privacy officer for the facility where you received treatment. Region Email Phone Central Iowa (Des Moines, Grinnell) UPH_CentralIAPrivacyOfficer@unitypoint.org (515) 241-8199 Eastern Iowa (Anamosa, Cedar Rapids, Dubuque, Marshalltown, Waterloo) UPH_EasternIAPrivacyOfficer@unitypoint.org (319) 235-3920 Western Iowa (Fort Dodge, Sioux City) UPH_WesternIAPrivacyOfficer@unitypoint.org (515) 574-6675 Illinois (Quad Cities) UPH_ILPrivacyOfficer@unitypoint.org (608) 417-5834 Wisconsin (Madison) UPH_WIPrivacyOfficer@unitypoint.org (608) 417-5834 UnityPoint Clinic UPH_UPCPrivacyOfficer@unitypoint.org (515) 440-5200 UnityPoint at Home UPAH_PrivacyOfficer@unitypoint.org (515) 557-3214 UnityPoint Health UPH_PrivacyOfficers@unitypoint.org (515) 241-4652 Frequently Asked Questions Regarding our Notice of Privacy Practices Who will follow these privacy practices? Our rules to protect you privacy are followed by all workforce members of the site where you’re treated, as well as clinicians and other healthcare practitioners with permission to provide services at our sites independent of a UnityPoint Health affiliate. For a full list of the sites covered under the Notice of Privacy Practices, please see Addendum B in the Notice of Privacy Practices above. What health information is covered under this notice? This notice covers health information at UnityPoint Health that may be written (such as a hard copy medical record file), spoken (such as physicians discussing treatment options) or electronic (such as billing records kept on a computer). How can UnityPoint Health use your health information? We may use or disclose (share) identifiable health information, for the following purposes or to the following entities: Treatment, payment, and healthcare operations Certain fundraising activities Facility directory Family, friends, or others involved in your care or payment for care As required by law Public health activities Abuse neglect or domestic violence Health oversight activities Legal proceedings Law enforcement Coroners, medical examiners and funeral directors Organ donation Research Threats to health or safety Specialized government functions Workers compensation Incidental uses and disclosures Business Associates Health Information Exchanges (HIE) What activities require your written permission? If we need to use or disclose your health information for other purposes not described in our Notice of Privacy Practices, then UnityPoint Health must ask for your written authorization. What activities do you have a right to object to? In many circumstances, you may have the right to object before we do the following: Share your information with family members, friends or others involved in your care List your name, room number and condition in a directory available to hospital visitors, as well as list your religion in a directory available to clergy members. What are your privacy rights as a patient? You have the following rights with respect to your health information: The right to inspect and request your health information we maintain The right to request restrictions on certain uses of your health information The right to request an amendment of your health information The right to an accounting of certain disclosures of your health information The right to receive notice of a breach of your unsecured health information The right to receive confidential communications and request different methods of communication What if I live in a state with more protective privacy laws? If HIPAA and another federal or state law conflict, we follow the law that is most protective of you in the state where you receive care, which may be reflected in Addenda. State specific Addenda’s to the Notice of Privacy Practices can be found here: Illinois: Addendum D to Notice of Privacy Practices – English Illinois: Addendum D to Notice of Privacy Practices – Spanish