COMPLAINTS & HIPAA – Health Insurance Portability and Accountability Act

Patient Privacy is Important

Patient privacy is important to us. The Health Insurance Portability and Accountability Act (HIPAA) is a federal privacy rule that took effect April 14, 2003. It gives patients more control over their health information and greater protection of personal medical records. It also gives patients a choice of whether or not they want to be listed in the hospital's patient directory. Here are some changes you may encounter as a patient or a family member at hospitals:

  • Patients will be given a Notice of Privacy Practices and asked to sign that they received it
  • Family members may be asked additional questions to confirm their relationship to a patient and their identity before information is released
  • Families and friends will only receive information if the patient has consented to this
  • Patients and families may be asked to designate a family communicator

Patient Directory

The patient directory is used to refer callers or visitors to a patient's nurse or room. If the patient has chosen to be listed in the patient directory, callers and visitors must provide the patient's first and last name before the hospital can give out any information about the patient, including the patient's location. If the patient has chosen not to be listed in the directory, by law the hospital is not allowed to release any information to callers and visitors, including confirmation of the patient's presence in the hospital. Callers and visitors will be told that there is no information for a patient by that name.

Know Your Options as a Patient

Opt In - If you decide to be listed in the hospital's directory, friends or family calling or visiting will need to provide your first and last name before they will be connected to your room or told your room location.

Opt Out - If you decide not to be listed in the hospital's patient directory, no one (including family, friends, pastoral counsel and media) will be able to find out if you are a patient at the hospital, your location or your condition. No flowers can be delivered to you. Callers and visitors will be told that there is no information for a patient by that name.

Remember, if you decide not to be listed in the hospital directory, no one will be able to find out how you are doing or if you are a patient at our hospital.

Mason Health respects the confidentiality of its patients' medical information. We are committed to making the medical privacy rule work for patients and those who care for them.

Thank you for your cooperation and understanding.

Current Notice of Privacy Practice


Public Hospital District No. 1 of Mason County’s (PHD No. 1) Privacy Commitment To You PHD No. 1 owns and operates: Mason Health and our healthcare providers (i.e., physicians, nurses, certified nurses’ assistants, therapists, etc.) recognize that the cornerstone of our success is the trust and confidence of our patients. To provide you with the most effective and convenient access to our services, PHD No. 1, and our healthcare providers must maintain information about you. Keeping your information secure and private is one of our top priorities. This notice is to let you know how we collect information about you, the type of information we collect and what we may disclose. It details the steps we take to protect private health information in order to carry out treatment, payment and healthcare operations.

Collection of Information

We must collect a certain amount of information to provide customer service, evaluate and develop new services, process claims, administer our services, and fulfi ll legal and regulatory requirements. Specifi c language and examples may not apply to all patients, and the information we collect varies accordingly. Examples include, but may not be limited to:

  • demographic information in your record and related forms, such as name, address, date of birth, social security number, gender, marital status, mother’s maiden name, driver's license and/or government issued photo ID card, and employers name;
  • each time you visit a hospital, physician, or other healthcare provider, a record of your visit is made. Typically, this record contains your symptoms, examination and test results, diagnoses, treatment a plan for future care or treatment, your medical history, details about your lifestyle (such as smoking or involvement in high-risk sports), and family medical history. In addition, your medical records contain laboratory test results, medications prescribed, and report that indicate the results of operations and other medical procedures and the results of genetic testing used to predict your future health.
  • information you provide on applications for disability, life or accidental insurance with private insurers or government programs can also become part of your medical file; and
  • information from other sources, such as ambulance reports, medical information and demographic information.

Sharing and Use of Information

While acknowledging the importance of protecting your information we may fi nd it necessary in the course of conducting business to disclose information, without your consent, that we collect about you as described above, in some or all of the following circumstances:

  • Information may be shared with our healthcare providers to enable them to provide continuity and/or additional care.
  • Information may be shared with those who are assisting us in the performance of our daily treatment, payment and healthcare operations.
  • Information may be shared with other fi nancial service companies, such as collection agencies and insurance companies and their sponsors.
  • Information may be shared with third parties as permitted or required by law, such as compliance with a subpoena, fraud prevention attorney, or compliance with an inquiry from a government agency or regulator, like the Department of Health; and
  • Information provided to or from your employer to process Labor and Industry claims.
  • For public health agencies. For example, we report information about various diseases, to government officials in charge of collecting that information, and we provide coroners, medical examiners, and funeral directors necessary information relating to an individual’s death.
  • In order to avoid a serious threat to the health or safety of a person or the public, we may provide protected health information to law enforcement personnel or persons able to prevent or lessen such harm.
  • General Directory Information will be released to the public, unless you specify that you want to be a “Confidential Patient”. Then no information will be released including transferring phone calls to your room.
  • For appointment reminders. For example the Pre-Admit Clinic may contact you about an upcoming appointment.
  • Information is shared with healthcare providers that are participating in the Health Information Exchange (HIE). This information is private, secure and viewable only to authorized healthcare providers and follows national recognized standards.
  • Data is exchanged through a local EDIE (Emergency Department Information Exchange). This data contains basic information regarding dates of service for local ED care.

All other Releases of Information:

Protected health information will be shared only with proper written authorization or as required by law. We will not share medical information for marketing purposes without written authorization. We are committed to uphold our pledge to maintain the security of your personal information. To ensure such information is used only in the manner we have described in this policy, we have instituted the following safeguards:

  • Employees are required to comply with our established privacy policies and procedures, which exist to protect the confidentiality of your information. Any employee who violates our privacy policies will be subject to a disciplinary process
  • Employees access the information only on a business need-to-know basis for payment, treatment and healthcare operations delivery and administration.
  • We use manual and electronic security procedures to maintain the confidentiality of the information we collect and to guard against its unauthorized access. Such methods include locked files, user authentication, encryption and firewall technology.
  • Disclosures to family, friends or others. We may provide your protected health information to a family member, friend, or other person that you indicate is involved in your care or the payment for your health care or as authorized by law, unless you object in whole or in part. The opportunity to consent may be obtained retroactively in emergency situations.

Your Health Information Rights

Although your health record is the physical property of the healthcare practitioner or facility that compiled it, the information belongs to you. You have the right, as provided by law, to:

  • Request a restriction on certain uses, disclosures, and communications of your information;
  • You may opt-out of participation in our customer satisfaction surveys, provider notification, etc.
  • Obtain a paper copy of the notice of information practices and or related policies upon request;
  • Inspect and request a paper copy of your health record;
  • Amend your health record;
  • Obtain an accounting of disclosures of your health information; we will respond within 60 days of request.
  • Revoke your authorization to use or disclose health information except to the extent that action has already been taken.
  • Join the Mason Health Patient Portal which gives you free online access to your medical history from anywhere. Go to for more information

If you would like to exercise these rights, you may do so by contacting the Privacy Officer between the hours of 9:00am to 3:00pm, Monday through Friday.

Review and Access to Your Information

As required and allowed by law and upon written request, we will make information from your file available for your review.

If you notify Mason General Hospital that any information is incorrect, we will review it. If we agree, we will correct our records. If we do not agree, you may submit a short statement of dispute, which will be included in any future disclosure of information.

If you have any questions, please contact us at the address below and include a copy of your personal identification, such as a driver’s license or photo identification.

Privacy Officer:

Mason Health
P.O. Box 1668 Shelton, WA 98584

If you believe your privacy rights have been violated, you can file a complaint with the Privacy Officer or with the Secretary of Health and Human Services, by calling 1-877-696-6775 or writing to the Federal Department of Health, 200 Independence Ave SW, Washington DC, 20201. The requirements for filing complaints to the Secretary of Health and Human Services must meet the following requirements: A complaint must be filed in writing, either on paper or electronically, and be filed within 180 days; must name the entity that is the subject of the complaint; describe the acts or omissions believed to be in violation of the applicable requirements, and the Secretary may prescribe additional procedures for the filing of complaints, as well as the place and manner of filing, by notice in the Federal Register. There will be no retaliation for filing a complaint.

This Notice pertains to services provided at Mason Health and may be revised and/or reviewed at any time. Revisions or updates will be posted in Central Registration of Mason General Hospital and on the Mason General Hospital internet website:

To read about Mason Health's Privacy Statement, please click on the links below.

To contact the privacy department, please fill out the form below and we will work to get back to you. Thank you!