Skip to main content
Home » Contact Us » Privacy Policy

Privacy Policy


A law known as HIPAA requires this notice. It applies to Dr. Susan A. Vaughan and any provider whom she employs. We share your Protected Health Information (PHI) within our facilities to provide you with health care services, payment for your care and to conduct our business operations.

Purpose of this Notice

In the course of doing business, we gather and maintain personal information about you, we respect the privacy of your PHI as required by law. This notice describes our privacy practices and how we protect the confidentiality of your PHI.

What is Protected Health Information?

PHI is information that identifies who you are and relates to your past, present or future physical or mental health condition, the provision of health care to you, or a past, present or future payment for the provision of health care to you. If does not include information about you that is publicity available or that is not individually identifiable.

How We Protect your PHI

Access to your PHI is limited to those employees who have a need to use the information for billing, administrative or similar purposes, or who become involved with an issue regarding your health or a claim on your behalf. We maintain safeguards to protect your PHI against unauthorized use or disclosure.

Types of uses and disclosures of PHI we may make without your Authorization.

Federal law allows us to use and disclose your PHI in order to provide health care services to you, as well as bill and collect payments for the health care services provided to you by your provider. Federal law also allows us to use and disclose your PHI as necessary in connection with health care operations of our office.

Treatment – We may disclose PHI about you to doctors, nurses, technicians, students or other personnel involved in taking care of you. For example, these professionals may include outside care to you.

Different departments or sites may share your PHI in order to coordinate your care such as prescriptions, lab testing and x-rays. We may also provide information to others involved in your continued care, such as authorized family members, nursing service providers, or to contact you to remind you of your appointments. If time allows, we may mail a postcard reminder. We may leave this information on your answering machine or in a message left with the person answering the phone.

Payment – We may use and disclose your PHI so the treatment and services you receive may be billed and payments collected from you, an insurance company or a third party. Examples of common payments activates include, but are not limited to: determining eligibility or coverage under a plan and settling claims; risk adjustments; billing and collection activates; reviewing healthcare services for medical necessity, coverage, justification of charges and the like.

Health Care Operations – We may use and disclose your PHI for certain administrative, financial, legal, and quality improvement activities that are necessary to run our business and support the core functions of treatment and payment. Activities include; utilization review activities; reviewing the competence or qualification of health care professional (certification, licensing, or credentialing); conduction or arranging for medical review, legal, and auditing services, including fraud and abuse detection and compliance programs. Business planning and development; business management and general administrative activates, customer service, grievance process, sale or transfer of assets; underwriting and other activities relating to the creation, renewal or replacement of a contract of health insurance or health benefits. We may have you sign in when you arrive at our office and call out your name when we are ready to see you or have questions.

We are also allowed by law to use and disclose your PHI without your consent or authorization for the following purposes: When required by law but only to the extent and under circumstances provided in that law for public health activities, such as reports about child abuse, domestic violence, or neglect or certain injuries; for health oversight activities such as reports to governmental agencies responsible for licensing physicians, audits, inspections or investigations. In connection with court proceedings or proceeding before administrative agencies or to defend us in legal dispute, as required by a subpoena, warrant or similar document in a criminal proceeding. For law enforcement purposes, limited to information for identification, victims of crime, suspicion of heath as result of criminal conduct, the crime occurs on premises of practice and medical emergency that a crime has occurred, to avert a serious threat to the health or safety of a person or public; in connection with services provided under worker compensation laws.

If you are under the custody of a law enforcement agency, it may be necessary for the institution to provide you with health care and/or protect the health and safety of you and/or others.

In the event that this medical practice is sold or merged with another organization, your medical information will be the property of the new owner(s) who will have access to it; you will maintain the right to request that copies of your medical information be transferred to another physician or medical practice.

We may disclose your PHI to your family members if they are involved in your care or payment for that care with either your consent or your authorization, however, you must be provided with an opportunity to object to the disclosure.

You, as a parent, can generally control your minor child’s PHI. However, in some cases we are permitted to even require by law to deny your access to your child’s PHI, such as when your child can legally consent to medical services without your permission, or when you do not have legal custody.


All other uses and disclosures of your PHI will be made by our office only with your written authorization. You may revoke any authorization at any time in writing. It is important for you to understand we are unable to take back any disclosures we have already made with your prior authorization.

You’re Rights Regarding your PHI

Access to Personal Information:
As a matter of federal and state law, you have the right to review and copy your PHI we maintain, if you desire to access you’re PHI, you must notify our office in writing. We will respond to your request within 30 days and provide a time and place, within normal business operating hours, for your inspection, if you request a copy of your PHI, a copy may be provided, and a responsible fee for copying may be charged to the extent permitted by applicable law.

Right to Amend Your PHI:
For as long as your PHI is maintained by our office you have the right to request a correction if you believe the information is incorrect or incomplete. Your request to amend must be made in writing with a reason to support the request. We will respond within 60 days of receiving your written request. If we deny your request, we will explain why. In addition we may deny your request if you ask us to amend information that: is accurate and complete, was not created or is not part of the information maintained by our office, is not part of the information which you would be permitted to inspect and have copied, or is consistent with our policy. Any agreed upon correction will be included as an addition to, and not a replacement of already existing records.

Right to receive copy of this notice :
You have the right to request and receive a copy of this notice at any time, at no charge; we will ask you to acknowledge receipt of this notice. You may obtain a copy of this notice at our website,

This effective date of this Notice is April 14, 2003