Gaul Dermatology






Please read it carefully

As our patient, you have entrusted your medical information to our care.  We know your relationship with us is based on trust, and you expect us to act in your best interests.  As your personal medical history is your private information, we hold ourselves to the highest standards in its safekeeping.

The Health Insurance Portability & Accountability Act of 1996 (HIPAA) is a Federal program that requests all medical records and other individually identifiable health information used or disclosed by us in any form, whether electronically, on paper, or orally be kept properly confidential.  HIPAA provides penalties for covered entities that misuse personal health information.  We are required by law to maintain the privacy of your protected healthcare information and to provide you with this notice of our legal duties and our privacy practices.  HIPAA gives you, the patient, the right to understand and control how your protected health information (PHI) is used.  

Under HIPAA regulations, we may use and disclose your Protected Health Information (PHI) without written consent for treatment, payment and health care operations ( TPO).

  • Treatment means providing, coordinating, or managing health care and related services by one or more healthcare providers. An example of this is communicating with your referring physician, pharmacy or laboratory.
  • Payment means activities related to obtaining reimbursement for services, confirming coverage, billing or collections activities, and utilization review. An example of this would include verifying insurance coverage or sending you a billing statement.
  • Health Care Operations include business aspects of running our practice, such as conducting quality assessments and improving activities, auditing functions, cost management analysis, and customer service. Examples of this would be patient survey cards or contacting you, by phone or in writing, to remind you of an appointment.
  • We may also be required or permitted to disclose your PHI for law enforcement, matters of public health and safety and other legitimate reasons. In all situations, we shall do our best to assure its continued confidentiality to the extent possible.

We will not use your information for marketing or fundraising.  We will not sell your information.

In compliance with federal and state privacy laws, written authorization by the patient or legal guardian is required before we can release records for reasons other than treatment, payment and healthcare operations.   If you give authorization to release your records, you may revoke such authorization in writing and we will honor your request from the date we receive your written request forward.

Protecting Your Privacy Online
Our concern for your privacy naturally extends to our online communication.  We transfer your data over the Internet to submit health insurance claims and send electronic prescriptions to your pharmacy via a secure server.  We do NOT use Electronic Medical Records so your chart is not accessible over the internet or kept in digital format. 

We will file an insurance claim to your private insurance, Medicare or Supplement if you authorize us to do so.  If you ask us to withhold information about a service from an insurance company who will not be covering the service, such as a cosmetic service, we will honor your request. 

You may have the following rights with respect to your PHI:

  • You have the right to request restrictions on certain uses and disclosures of PHI, including those related to disclosures of family members, other relatives, close personal friends, or any other person identified by you. We are, however, not required to honor a request restriction except in limited circumstances which we shall explain if you ask. If we do agree to the restriction, we must abide by it unless you notify us in writing.
  • You can advise us of the best location to contact you to protect your private information.
  • You can request a copy of your medical record in writing.
  • You can request an amendment of your PHI. This request must be done in writing and will be honored at our discretion.
  • We keep a log of disclosures of your medical information for the past six years and you can request a copy.
  • We will notify you if a breach of your protected health information occurs.

Please let us know if you feel regulations regarding your privacy have been violated by our office. You have the right to file a formal, written complaint with our practice and with the Department of Health and Human Services, Office of Civil Rights. We will not retaliate against you for filing a complaint.

Contact information:  Feel free to contact our office if you have any concerns regarding the privacy of your personal information.  Please contact our Practice Compliance Officer, Carrie Gaul, at Gaul Dermatology, PO Box 1144, Spencer, IA  51301 or by phone at (712) 262-6906.

A copy of our privacy policy is available at our office and on our website

This revised notice is effective as of September 13, 2013 and it is our intention to abide by the terms of the Notice of Privacy Practices and HIPAA Regulations currently in effect. We reserve the right to change the terms of our Notice of Privacy Practice and to make the new notice provision effective for all PHI we maintain.  A copy of the revised Notice of Privacy Practices is posted on our website and a copy of the written policy is available at our office and can be mailed upon request.

PO Box 1144   -   Spencer, IA  51301   -   (712) 262-6906


Site design by Emagine Marketing
Web Design, Online Marketing, Hosting and more!