top of page

HIPAA / Patient Privacy Resources

Patient Consent

Santa Cruz Health Information Exchange (SCHIE) is a community information system that helps health care providers securely share medical records.  SCHIE enables authorized medical professionals and support staff  to quickly access the information they need to provide the best care possible to their patients.

Sharing of Electronic Health Records provides many benefits to patients, physicians and other healthcare clinicians.  Tracking and management of Electronic Medical Records is much easier.  In the event of an emergency or disaster, your health care records can be retrieved by authorized health care professionals to ensure the best possible care and treatment plan.

The types of information that are shared in the SCHIE include, but not limited to; Emergency room records, hospital records, clinical notes, laboratory results, pathology reports, and x-ray reports.  Certain other types of information such as mental health or substance abuse, may not be shared without patient explicit consent.

SCHIE has an Opt-Out model in which SCHIE participating providers share Electronic Health Records with the SCHIE.   The decision to participate in the SCHIE is voluntary.  Patients have the right to explicitly opt out of the SCHIE by completing the form below and submitting to their provider.  Patients have the right to change their decision at any time and may opt-in by contacting their provider.


Patient Demographic Integrity – Successfully moving clinical patient documents from one electronic system to another requires that the patient be exactly identified so that documents are correctly linked to the patient.  This identification requires that great care and consistency be used in registering and updating the patient in every system. This document provides standards recognized across multiple systems that results in clean registration and improves patient matching results. This is a great tool to use for training and future reference, download it today!

Model Notice of Privacy Practices – 2013:

The U.S. Department of Health and Human Services (HHS) published the Omnibus HIPAA Final Rule in January 2013. Providers, as covered entities, are required to maintain and distribute a notice that describes their HIPAA privacy practices to all their patients. The notice should include how the practice will use and disclose Protected Health Information (PHI) about an individual and under what circumstances authorization from the individual may not be necessary. 

Privacy and Disclosure Statements


Our Personal Health Information (PHI) Privacy Policy

For information about Santa Cruz Health Information Organization (SCHIO) and the Health Insurance Portability and Accountability Act of 1996 (HIPAA) visit our section on HIPAA.

Omnibus HIPAA 2013


The “HIPAA 2013 Omnibus Final Rule” is 500+ pages and contains a significant amount of discussion related to the changed definition of Business Associate.  HHS goes into great detail of who is, and who is not, considered a Business Associate.  It is essential that you identify your business relations in your organization and ensure you have current appropriate agreements in place.

bottom of page