HIPAA & Notice of Privacy Practice

This Document is Effective July 1st 2013

HIPAA (Health Insurance Portability and Accountability Act) was signed into law on August 21, 1996, Public Law 104-191. This law was designed to provide insurance portability, to improve the efficiency of health care by standardizing the exchange of administrative and financial data. It will also protect the privacy, confidentiality and security of health care information. It affects all areas of the health care industry.

RehabAuthority has a long-standing history of supporting and participating in supporting standards programs for more than 12 years. RehabAuthority upholds the HIPAA objectives and is proactively enhancing our existing HIPAA-compliance initiatives. RehabAuthority has committed to track and provide coordination, education, and communication for all HIPAA activities company-wide. This is for monitoring and verifying that all HIPAA efforts for readiness are proceeding successfully within RehabAuthority responsible organizations.

MBS software programs created by RehabAuthority have been reviewed in order to determine how to best assist our clinics and customers with their HIPAA readiness issues.

The complete text of the proposed and finalized rules, along with comments, is available at: http://aspe.hhs.gov/admnsimp.

If you have any further questions regarding RehabAuthority processes or HIPAA-readiness issues, please ask your HIPPA question through the links on this site. When making your inquiry, please mention that you are requesting additional information.



Patient Health Information (PHI)

Under federal law, your patient health information (PHI) is protected and confidential. Patient health information (PHI) includes information about your symptoms, test results, diagnosis, treatment, and related medical information. Your patient health information (PHI) also includes payment, billing and insurance information. We are committed to protect the privacy of your PHI.

How we use your patient health information (PHI)

This Notice of Privacy Practices (Notice) describes how we may use within our practice or network and disclose (share outside of our practice or network) your PHI to carry out treatment, payment or health care operations, for administrative purposes, for evaluation of the quality of care, and so forth. We may also share your PHI for other purposes that are permitted or required by law. This Notice also describes your rights to access and control your PHI. Under some circumstances we may be required to use or disclose your PHI without your consent.


We will use and disclose your PHI to provide you with medical treatment or services. We may also disclose your PHI to other health care providers who are participating in your treatment, to pharmacists who are filling your prescriptions, to laboratories performing tests, and to family members who are helping with your care, and so forth.


We will use and disclose your PHI for payment purposes. For example, we may need to obtain authorization from your insurance company before providing certain types of treatment. We will submit bills and maintain records of payments from your health plan. PHI may be shared with the following: billing companies, insurance companies (health plans), government agencies in order to assist with qualifications of benefits, or collection agencies.


We may ask you to complete a sign-in sheet or staff members may ask you the reason for your visit so we can better care for you. Despite safeguards, it is always possible in a doctor’s office that you may learn information regarding other patients or they may inadvertently learn something about you. In all cases, we expect and request that our patients maintain strict confidentiality of PHI.

We may use and disclose your PHI to perform various routine functions (e.g. quality evaluations or records analysis, training students, other health care providers or ancillary staff such as billing personnel, to assist in resolving problems or complaints within the practice). We may use your PHI to contact you to provide information about referrals, for follow-up with lab results, to inquire about your health or for other reasons. We may share your PHI with Business Associates who assist us in performing routine operational functions, but we will always obtain assurances from them to protect your PHI the same as we do.

Special Situations that DO NOT require your permission

We may be required by law to report gunshot wounds, suspected abuse or neglect, and so on; we may be required to disclose vital statistics, diseases, and similar information to public health authorities; we may be required to disclose information for audits and similar activities, in response to a subpoena or court order, or as required by law enforcement officials. We may release information about you for worker’s compensation or similar programs to protect your health or the health of others or for legitimate government needs, for approved medical research, or to certain entities in the case of death. Your PHI may also be shared if you are an inmate or under custody of the law which is necessary for your health or the health and safety of other individuals.

Military Activity and National Security

When the appropriate conditions apply, we may use or disclose PHI of individuals who are Armed Forces personnel for activities deemed necessary by appropriate military command authorities, for the purpose of a determination by the Department of Veterans Affairs of your eligibility for benefits, or to foreign military authority if you are a member of that foreign military services.

In some situations, we may ask for your written authorization before using or disclosing any identifiable health information about you. If you sign an authorization, you can later revoke the authorization.

Individual Rights

You have certain rights with regard to your PHI, for example: Unless you object, we may share your PHI with friends or family members, or other persons directly identified by you at the level they are involved in your care or payment of services. If you are not present or able to agree/object, the healthcare provider using professional judgment will determine if it is in your best interest to share the information.

We may use or disclose PHI to notify or assist in notifying a family member, personal representative or any other person that is responsible for your care of your location, general condition or death. We may use or disclose your PHI to an authorized public or private entity to assist in disaster relief efforts.

You may request restrictions on certain uses and disclosures of your PHI. We are not required to accept all restrictions. If you pay in full for a treatment or service immediately, you can request that we not share this information with your medical insurance provider or our Business Associates. We will make every attempt to accommodate this request and, if we cannot, we will tell you prior to the treatment.

You may ask us to communicate with you confidentially by, for example, sending notices to a special address.

In most cases, you have the right to get a copy of your PHI. There will be a charge for the copies. You have the right to obtain an electronic version of your PHI upon request. There may be a charge to receive an electronic copy of your PHI.

If you believe information in your record is incorrect, or if important information is missing, you have the right to request that we amend the existing information by submitting a written request. You may request a list of instances where we have disclosed PHI about you for reasons other than treatment, payment, or operations. The first request in a 12 month period is free. There will be charges for additional reports.

You have the right to obtain a paper copy of this Notice from us, upon request. We will provide you a copy of this Notice on the first day we treat you at our facility. In an emergency situation we will give you this Notice as soon as possible. You have the right to receive notification of any breach of your protected health information.

Our Legal Duty

We are required by law to protect and maintain the privacy of your PHI, to provide this Notice about our legal duties and privacy practices regarding PHI , and to abide by the terms of the Notice currently in effect. We may update or change our privacy practices and policies at any time. Before we make a significant change in our policies, we will change our Notice and post the new Notice in the admissions area and on our website at www.RehabAuthority.com. You can also request a copy of our Notice at any time.

If you are concerned about your privacy rights, or if you disagree with a decision we made about your records, you may contact the Compliance Officer listed below. You may also send a written complaint to the U.S. Department of Health and Human Services. You will not be penalized in any way for filing a complaint.

Cookies and Behavioural Targeting on This Website

This website includes a pixel that enables cookies to be dropped onto your computer or internet enabled device. These cookies may be used to target ads (to our site visitors) on third party websites within hibu’s network.
For more information about behavioural targeting, or to opt out of being targeted for any behavioral advertising by any member of the Internet Advertising Bureau – including hibu – visit www.youradchoices.com.

Contact Person

If you have any questions, requests, or complaints, please contact:

RehabAuthority Corporate Office
Attn: Matthew Smith, Compliance Officer
1560 South Carol Street
Boise, ID 83646

P: (208) 288-1155F: (208) 288-0424E: matt@rehabauthority.com

You may also go the health and human services web site to file a complaint: http://www.hhs.gov/ocr/privacy/hipaa/complaints/

Learn More With Our Unique Patient Guides

Get a Patient Guide

Expert Therapists

We’re the back and neck pain experts, and have been for over 18 years.

About Us

Learn About Your Pain

There are so many flavors of back & neck pain. Help us help you with our patient guides.

Learn More