Privacy Policy

Privacy Policy Statement

(919) 567-9001


Purpose: The following privacy policy is to ensure that Premier Health Center (PHC) complies with requirements of the Health Insurance Portability & Accountability Act of 1996 (HIPPA) as well as North Carolina privacy protection laws and regulations. Protection of patient privacy is of paramount importance to PHC. Violations of any of these provisions knowingly or unknowingly will result in disciplinary action including termination of employment and possible referral for criminal prosecution.

Notice of Privacy Practices

This Notice of Privacy Policy will be provided to patients at their first encounter and all uses and disclosures of protected health information (PHI) will be accord with PHC’s notice of privacy practices. PHC will have copies of the most current Notice of Privacy Policy available for review and for distribution at the reception desk.

Assigning Privacy and Security Responsibilities

Specific individuals at PHC are assigned the responsibility of implementing and maintaining the HIPAA Privacy and Security Rules’ requirements.  At a minimum, PHC will designate the Practice Manager as the privacy official.

Deceased Individuals

PHC privacy protections extend to information concerning deceased individuals.

Minimum Necessary Use and Disclosure of Protected Health Information

PHC will ensure that for all routine and recurring uses and disclosures of PHI (except for uses or disclosures made for treatment purposes; to or as authorized by the patient; or as required by law for HIPAA compliance) such uses and disclosures of PHI must be limited to the minimum amount of information needed to accomplish the purpose of disclosure.

Verification of Identity

PHC will ensure that the identity of all persons who request access to protected health information be verified before such access is granted.


Appropriate safeguards will be in place at PHC to reasonably protect health information from any intentional or unintentional use or disclosure that is in violation of the HIPAA Privacy Rule. These safeguards include physical protection of premises and PHI, technical protection of PHI maintained electronically and administrative protection of PHI. These safeguards will extend to the oral communication of PHI and to PHI removed from PHC.

Business Associates

PHC will ensure business associates comply with the HIPAA Privacy Rules to the same extent as PHC, and that they be contractually bound to protect health information to the same degree as set forth in this policy. Business associates permitted to receive PHI include, for example PHC’s billing service, patients’ health insurers, and other healthcare providers with whom we consult and coordinate patients’ care or to whom we refer patients for specialized care.

Training and Awareness

PHC will ensure that all employees are trained on the policies and procedures governing protected health information and how PHC complies with the HIPAA Privacy.  New employees will receive training within a reasonable time of employment.


PHC will ensure that sanctions will be in effect for any member of the workforce who intentionally or unintentionally violates any of these policies or any procedures related to the fulfillment of these policies. Such sanctions will be recorded in the individual’s personnel file.

Retention of Records

PHC will adhere to the HIPAA Privacy records retention requirement of six years. All records designated by HIPAA in this retention requirement will be maintained in a manner that allows for access within a reasonable period of time. This records retention time requirement may be extended at PHC’s discretion to meet with other governmental regulations or those requirements imposed by our professional liability carrier.


PHC will investigate and resolve all complaints relating to the protection of health in a timely fashion. All complaints will be directed to Practice Manager, who is duly authorized to investigate complaints and implement resolutions.

Prohibited Activities-No Retaliation or Intimidation

No employee or contractor of PHC may engage in any intimidating or retaliatory acts against persons who file complaints or otherwise exercise their rights under HIPAA regulations. No employee or contractor may condition treatment or payment on the provision of an authorization to disclose protected health information.

Cooperation with Privacy Oversight Authorities

PHC will ensure that oversight agencies such as the Office for Civil Rights of the Department of Health and Human Services will receive cooperation in any investigation relative to protection of health information within PHC.   All personnel will cooperate fully with all privacy reviews and investigations.

Investigation and Enforcement

In addition to cooperation with Privacy Oversight Authorities, PHC will follow procedures to ensure that investigations are supported internally and staff of PHC will not be retaliated against for cooperation with any authority. It is our policy to attempt to resolve all investigations and avoid any penalty phase if at all possible.

For more information about HIPPA or to file a complaint:

Office for Civil Rights
U.S. Department of Health and Human Services
Sam Nunn Atlanta Federal Center, Suite 16T70
61 Forsyth Street, S.W.
Atlanta, GA 30303-8909
(800) 368-1019