CUMC Home | Columbia University | Jobs at CUMC | Contact CUMC | Find People
     
Columbia University Medical Center logo,Positioning Line Discover. Educate. Care. Lead., image for New York Skyline Students Interacting
 
HIPAA Home
HIPAA Compliance
Columbia University Medical Center
601 West 168th Street
Apt. #22, 2nd Floor
New York, NY 10032
Tel: (212) 342-0059
Fax: (212) 342-5173
HIPAA Policies
Authorization to Release Medical Informationn
Accounting for Disclosures
Disclosures to Family/Friend
Email Policy and Forms
- Email Policy (112K pdf) pdf file
- Provider/Patient Email information (70K pdf) pdf file
- Patient Request for Email Communications (90K pdf) pdf file
Fax
Fundraising
Genetic Information
HIPAA Training
HIV/AIDS Information
Marketing
Minimum Necessary
Minors
Non-Retaliation
Notice of Privacy Practices
Ownership of Medical Record
Patient Complaints
Patient Rights
Research and HIPAA
Psychotherapy Notes
Organ Donation/Coroners
Required by Law
Health and Safety
Sanctions
Telephone Disclosures
Treatment and Payment
HIPAA Security
 

TITLE:

  

MARKETING

POLICY:
Columbia University Medical Center will not use or disclose a patient's Protected Health Information (PHI) for marketing purposes without first obtaining the patient's written authorization.


PURPOSE :
The Health Insurance Portability and Accountability Act of 1996 (HIPAA) specifically prohibits using or disclosing a patient's PHI for marketing purposes unless the marketing communication is made face-to-face with the patient or it involves a promotional gift of nominal value. Columbia University Medical Center is committed to complying with the requirements and prohibitions surrounding marketing communications to protect the privacy of its patients as mandated by city, state, and federal laws and regulations, including HIPAA.

This Policy describes the procedures by which Columbia University Medical Center will manage and control patients' PHI when it is needed or requested, or would be disclosed for marketing purposes.


PROCEDURES:

  1. When the patient's written authorization must be obtained..

    1. Columbia University Medical Center will obtain a valid authorization from the patient before marketing to the patient.


    2. If Columbia University Medical Center will receive either direct or indirect remuneration from a third party as a result of its marketing to the patient, this fact will be prominently included on the authorization provided to the patient to sign.


    3. Authorizations that must be executed prior to initiating marketing activities with the patient will be provided when the patient is physically present at Columbia University Medical Center or will be sent to the patient or his/her personal representative by U.S. mail.


    4. Authorizations that are obtained for purposes of marketing will be maintained for a minimum of six (6) years. They may be stored in the patient's file, but will not be considered part of the patient's Designated Record Set.

  2. When the patient's written authorization is not required.

    1. If marketing is to be conducted in a face-to-face meeting with the patient, Columbia University Medical Center may, but is not required to, obtain a written authorization from the patient prior to the marketing meeting.


    2. If a promotional gift of nominal value (e.g., a pen with "Columbia University Medical Center" or the health care provider's name embossed on it, a tie tack pin with the Columbia University Medical Center logo, etc.) is given or sent to the patient, Columbia University Medical Center may, but is not required to, obtain a written authorization from the patient prior to providing or sending the promotional gift.

  3. What is not considered to be "marketing." Columbia University Medical Center will not be considered to be marketing if the communication it makes to patients:
    1. describes a health-related product or service provided by Columbia University Medical Center;


    2. is for purposes of treating the patient; or


    3. is for case management or care coordination of the patient (e.g., for directing or recommending alternative treatments, therapies, health care providers, or care settings).

  4. Definitions

    5. Designated Record Set (DRS) means the set of clinical and/or financial information, records, and documents the healthcare provider would provide to the patient upon a request from the patient to access his/her PHI at that healthcare provider's office.

    Marketing means to make a communication about a product or service that encourages recipients of the communication to purchase or use the product or service. Marketing also means an arrangement between Columbia University Medical Center and another organization where Columbia University Medical Center would receive direct or indirect compensation in return for providing a list of Columbia University Medical Center patients to the other organization for its use in marketing to the list of patients.

    Protected Health Information is information about a patient, including demographic information that may identify a patient, that relates to the patient's past, present or future physical or mental health or condition, related health care services or payment for health care services.


RESPONSIBILITY:         Departments, HIPAA Privacy Officer



ISSUED: December 2003
REVIEWED: October 2007

| TOP |

Last updated 3/21/2007



  
CUMC Home | © Columbia University | Affiliated with New York-Presbyterian Hospital | Comments | Text-Only Version