Skip to Content

Privacy Policy

HIPAA Joint Notice of Privacy Practices

This statement outlines the policy and procedure of Rush-Copley Medical Center regarding the collection and use of your personal information from your visit(s) to our website.

We collect no information about you, other than information automatically collected and stored (see below), when you visit our Web site unless you choose to provide that information to us.

Rush-Copley Medical Center (“Rush-Copley”) is committed to protecting the privacy of all visitors to our website. It is our goal to maintain compliance with the highest standards of website privacy so our visitors may use the site for healthcare information needs. Rush-Copley is committed to making certain that our Web site is used as a resource to fulfill our mission by working to serve your healthcare needs through excellence in education and technology.

Information gathered on our website is used to monitor effectiveness in providing relevant and credible health information, in answering questions, and in improving our website.

Information collected

We gather general information to monitor site usage and improve the quality of the website that is not linked to any personal identifying information.

The website recognizes and collects the domain name of a visitor’s server (for example, aol.com). We do not automatically collect personally identifiable, such as, name, e-mail address, physical address, unless you specifically provide that information to us. Examples of how you might provide us with such personal information include:

  • Completing a survey or feedback form;
  • Emailing us with a comment;
  • Subscribing to our email notification service;
  • Establishing a personalized homepage via our website.

Using collected information

  • Rush-Copley does not sell, share, or release personal information about its website visitors to any third parties, unless compelled by law.
  • Personal information provided by you may be used to distribute materials related to your areas of interest.
  • The information we collect about the domain name of the server from which you are visiting is aggregated and used solely to determine the number of visitors to our site each day, and sources of traffic.
  • Email addresses provided by visitors are used to respond to comments submitted through our feedback and surveys forms, when indicated. Email addresses provided when subscribing to email bulletins are used to distribute the bulletins via email to subscribers. Information provided by visitors who choose to establish a personal homepage is used to furnish that page with the data requested by the visitor and to send information requested by the visitor.
  • If a website visitor asks us to send material that cannot be transmitted electronically, we will need to know the visitor's name, email address and mailing address. We will use that information only to fulfill the visitor's request.
  • Web site visitors who complete a website survey and indicate a willingness to participate in future surveys are asked to provide their name, email address and telephone number. That information is shared with carefully screened market research firms with which Rush-Copley has business relationships.

Who has access to the information

Only Rush-Copley web team employees have access to information collected from our website. If a visitor submits additional identifying information, that information is available only to the staff who are involved in implementing the requested activity.

Cookies

“Cookies” are small pieces of information that are stored by your web browser on your computer’s hard drive. Cookies are used by most Web sites. Cookies can contain information about your use of our site, but they are not used to identify or track you personally. Rush-Copley uses cookies to monitor the number of visitors from certain Web sites.

Most web browsers automatically accept cookies, but you can change your browser setting to prevent acceptance of cookies. Check with your Internet Service Provider for assistance in changing this setting. You should be aware that significant portions of our Web site will not function properly if you do not accept cookies.

Your consent

By using our website, you consent to the collection and use of the information discussed above. Changes in this policy will be posted on this page so that you may always be aware of what information is being collected, how it is being used, and under what circumstances it is being disclosed.

Accessing other websites through links on this website

Our website provides links to websites of agencies and organizations when we believe that the other websites may be of interest to our visitors. This does not constitute an endorsement of those websites. Once you link to another site, you are subject to the privacy policy and the “cookie” policy of that site

Email Security

We offer the opportunity to communicate to health care providers and programs via email. Because normal email is not encrypted, the possibility exists that unauthorized individuals may intercept email messages with Rush-Copley. Rush-Copley is not responsible for privacy of email messages except those stored in our system.

Our Commitment

Rush-Copley will protect the personal information that you share with us. Our website, www.rushcopley.com, is developed by Rush-Copley Medical Center and Geonetric, Inc. Our address is: 2000 Ogden Avenue, Aurora, IL, 60504. Our eHealth Manager can be contacted by e-mail at clord@rushcopley.com, or by telephone at 630-375-2935.

Back to top

HIPAA Joint Notice of Privacy Practices

This notice describes how medical information about patients may be used and disclosed and how patients can get access to this information.

Effective date of this notice: April 14, 2003.
This notice will remain in effect until it is revised and/or updated.

Summary

In the course of receiving services from Rush-Copley Medical Center, patients provide us with personal information about their health, with the understanding that this information will be kept confidential. We may obtain health information from examinations, tests, or from others who have provided care to our patients. This notice of our privacy practices is intended to inform patients of the ways we may use information and disclose it to others.

We use patient information when providing treatment, and we disclose patient information to other health care providers to assist them in providing treatment. We may disclose information to insurance companies to receive payment. We may use the information within our organization to evaluate quality and improve our processes, and we may disclosure patient information as required by law or as permitted by our policies.

Kinds of Information that this Notice Applies To

This notice applies to personal health information, consisting of any information in our possession that would allow someone to identify a patient and learn something about his or her health.

Who Must Abide by this Notice

  • Rush-Copley Medical Center
  • All employees, students, volunteers and other personnel whose work is under the direct control of Rush-Copley Medical Center
  • Physicians who are members of Radiology, Anesthesia, Pathology, and the Emergency Department
  • Rush-Copley Medical Group (our employed physicians and office practices)
  • Copley Memorial Hospital
  • Yorkville Physical Therapy and Sports Medicine, LLC.

The people and organizations to which this notice applies (referred to as “we,” “our,” and “us”) have agreed to abide by its terms. We may share patient information with each other for purposes of treatment, and as necessary for payment and other activities as described below.

This notice applies to services received at Rush-Copley Medical Center’s facilities. This includes services from some of the physicians who are not employed by Rush-Copley Medical Center. If services are received from any of these physicians in their own offices, they may give patients a different notice of privacy practices that applies to their offices.

Some physicians who provide care at Rush-Copley Medical Center are independent contractors and are not agents, servants or employees of the hospital, unless otherwise identified. The physicians exercise their own medical judgment in treating and providing services to patients and are solely responsible for their compliance with state and federal privacy laws. Nothing in this privacy notice is meant to imply or create any agency or employment relationship between the physicians and the hospital, either actual or implied, nor does this privacy notice alter, limit or modify any other consents for treatment or procedures that patients may sign while receiving care at Rush-Copley Medical Center.

Our Legal Duties

  • We are required by law to maintain the privacy of patient health information.
  • We are required to provide this notice of our privacy practices and legal duties regarding health information to anyone who asks for it.
  • We are required to abide by the terms of this notice until we officially adopt a new notice.

How We May Use or Disclose Your Health Information

We may use patient health information, or disclose it to others, for a number of different reasons. We also provide some examples. These examples do not include all of the specific ways we may use or disclose patient information.

  1. Treatment. We will use patient health information to provide medical care and services. This means that our employees, students, volunteers and others who work under our direct control, may read patient health information to learn about patient’s medical conditions and use it to make decisions about care. For instance, a hospital nurse may read a medical chart in order to care for that patient properly. We will also disclose patient information to others who need it in order to provide medical treatment or services. For instance, we may send a doctor the results of laboratory tests we perform.
  2. Payment. We will use patient health information, and disclose it to others, as necessary to obtain payment for the services we provide. For instance, an employee in our business office may use a patient’s health information to prepare a bill. We may send that bill, and any health information it contains, to their insurance company. We may also disclose some patient health information to companies who we utilize for payment-related services. For instance, we may give patient information to a collection company that we contract with to collect bills for us. We will not use or disclose more information for payment purposes than is necessary.
  3. Health Care Operations. We may use patient health information for activities that are necessary to operate this organization. This includes reading health information to review the performance of our staff. We may also use patient information to plan services we need to provide, expand, or reduce. We may also provide health information to students who are authorized to receive training here. We may disclose health information as necessary to others who we contract with to provide administrative services. This may include our lawyers, auditors, accreditation services, and consultants.
  4. Legal Requirement to Disclose Information. We will disclose patient information when we are required to do so by law. This includes reporting information to government agencies that have the legal responsibility to monitor the health care system. For instance, we may be required to disclose patient health information if we are audited by Medicare or Medicaid. We will also disclose health information when we are required to do so by a court order or other judicial or administrative process.
  5. Public Health Activities. We will disclose patient health information when required to do so for public health purposes. This includes reporting patient visits, certain diseases, births, deaths, and reactions to certain medications. It may also include notifying people who have been exposed to a disease.
  6. To Report Abuse. We may disclose patient health information when the information relates to a victim of abuse, neglect or domestic violence. We will make this report only in accordance with laws that require or allow such reporting, or with patient permission.
  7. Law Enforcement. We may disclose patient health information for law enforcement purposes. This includes providing information to help locate a suspect, fugitive, material witness or missing person, or in connection with suspected criminal activity. We must also disclose health information to a federal agency investigating our compliance with federal privacy regulations.
  8. Specialized Purposes.We may disclose patient health information for a number of other specialized purposes. We will only disclose as much information as is necessary for the purpose. For example, we may disclose:
    • The health information of members of the armed forces as authorized by military command authorities.
    • Information to coroners, medical examiners, funeral directors and to organ procurement organizations (for organ, eye, or tissue donation).
    • Information for national security, intelligence, and protection of the President.
    • Health information about an inmate to a correctional institution or to law enforcement officials to provide the inmate with health care, to protect the health and safety of the inmate and others, and for the safety, administration, and maintenance of the correctional institution.
    • Health information to an employer for purposes of workers’ compensation and work site safety laws (OSHA, for instance).
  9. To Avert a Serious Threat. We may disclose patient health information if we decide that the disclosure is necessary to prevent serious harm to the public or to an individual. The disclosure will only be made to someone who is able to prevent or reduce the threat.
  10. Family and Friends. We may disclose a patient’s health information to a member of their family or to someone else involved in their medical care or payment for care. We may disclose a patient’s health information to notify a family member, personal representative or another person responsible for their care, of their location, general condition, or death. If the patient is present, then prior to use or disclosure of information we will obtain their agreement or provide them with an opportunity to object. We will not disclose information to family or friends if the patient objects. In the event of a disaster, we may provide information about patients to a disaster relief organization so they can notify family of the patient’s condition and location. In the event of the patient’s incapacity or emergency circumstances, we may disclose their medical information based upon a determination using professional judgment.
  11. Facility Directory and Doors. We may list patients in our patient directory and on patient doors if they are admitted to the hospital. The directory listing includes name, general condition, and location in the hospital. We will also list the patient’s religion in the directory, but will disclose that information only to members of the clergy. Except for members of the clergy, we will only disclose the information in the directory to visitors who ask for a patient by name. If a patient asks, we will not list them in the directory or place their name on their door.
  12. Research. We may disclose patient health information in connection with medical research projects. Federal rules govern any disclosure of patient health information for research purposes without patient authorization.
  13. Information to Patients. We may use patient health information to provide patients with additional information. This may include sending appointment reminders to the patient’s address. This may also include giving patient’s information about treatment options or other health-related services that we provide.
  14. Fund Raising. We may use patient information to contact them to ask for donations to the facility. We may disclose patient information to a related foundation for the same purpose. If patients do not want us to do this, they must contact the person listed under “Whom to Contact” at the end of this notice.

Patient Rights

  1. Authorization. We will not use or disclose patient health information for any purpose that is not listed in this notice without written authorization. If a patient authorizes us to use or disclose their health information, they have the right to revoke the authorization at any time. For information about how to authorize us to use or disclose patient health information, or about how to revoke an authorization, contact the person listed under “Whom to Contact” at the end of this notice. Patients may not revoke an authorization for us to use and disclose their information to the extent that we have taken action in reliance on the authorization. If the authorization is to permit disclosure of information to an insurance company, as a condition of obtaining coverage, other laws may allow the insurer to continue to use patient information to contest claims or coverage, even after revoking the authorization.
  2. Request Restrictions. Patients have the right to ask us to restrict how we use or disclose their health information. We will consider the request. If we do agree, we will comply with the request unless the information is needed to provide the patient with emergency treatment. We cannot agree to restrict disclosures that are required by law.
  3. Confidential Communication. Patients have the right to ask us to communicate with them at a special address or by special means. For example, they may ask us to send mail to a different address rather than to their home. Or they may ask us to speak to them personally on the telephone rather than sending health information by mail. We will not ask them to explain why they are making the request. We will agree to reasonable requests.
  4. Inspect And Receive a Copy of Health Information. Patients have a right to inspect their health information contained in our records, and to receive a copy of it. This right is limited to information about them that is kept in records that are used to make decisions about them. For instance, this includes medical and billing records. If patients want to review or receive a copy of these records, they must make the request in writing. We may charge a fee for the cost of copying and mailing the records. To ask to inspect records, or to receive a copy, contact the medical records department at Rush Copley Medical Center. We will respond to your request within 30 days. We may deny access to certain information. If we do, we will give the reason, in writing. We will also explain how patients may appeal the decision.
  5. Amend Health Information. Patients have the right to ask us to amend health information about them which they believe is not correct, or not complete. Patients must make this request in writing, and give us the reason they believe the information is not correct or complete. We will respond to the request in writing within 30 days. We may deny the request if we did not create the information, if it is not part of the records we use to make decisions about the patient, if the information is something patients would not be permitted to inspect or copy, or if it is complete and accurate.
  6. Accounting of Disclosures. Patients have a right to receive an accounting of certain disclosures of their information to others. This accounting will list the times we have given their health information to others. The list will include dates of the disclosures, the names of the people or organizations to whom the information was disclosed, a description of the information, and the reason. Patients must tell us the time period they want the list to cover. Patients may not request a time period longer than six years. We cannot include disclosures made before April 14, 2003. Disclosures for the following reasons will not be included on the list: disclosures for treatment, payment, health care operations; disclosures of information in a facility directory, disclosures for national security purposes, disclosures to correctional or law enforcement personnel, disclosures that patients have authorized, and disclosures made directly to the patient.
  7. Paper Copy of this Privacy Notice. Patients have a right to receive a paper copy of this notice. If patients receive this notice electronically, they may receive a paper copy by contacting the person listed under “Whom to Contact” at the end of this notice.
  8. Complaints. Patients have a right to complain about our privacy practices, if they think their privacy has been violated. Patients may file a complaint with the person listed under “Whom to Contact” at the end of this notice. A complaint may also be filed directly with the Secretary of the U. S. Department of Health and Human Services, at the Office for Civil Rights, U.S. Department of Health and Human Services, 200 Independence Avenue, S.W., Room 509F HHH Bldg., Washington, D.C. 20201. All complaints must be in writing. We will not take any retaliation against anyone for filing a complaint.

Our Right to Change this Notice

We reserve the right to change our privacy practices, as described in this notice, at any time. We reserve the right to apply these changes to any health information which we already have, as well as to health information we receive in the future. Before we make any change in the privacy practices described in this notice, we will write a new notice that includes the change. We will post the new notice in our facility and on our website. The new notice will include an effective date.

Who to Contact

  • For more information about this notice
  • For more information about our privacy policies
  • To exercise any of the patient rights, as listed on this notice
  • To request a copy of our current notice of privacy practices

Privacy Officer
Rush-Copley Medical Center
2000 Ogden Avenue
Aurora, IL  60504