800-543-9055 - 24 Hour Customer Care Line


Uses and Disclosures of Protected Health Information That Do Not Require Authorization
We are generally permitted to make disclosures of your Protected Health Information (PHI) without your authorization for purposes of treatment, payment, and healthcare operations. You should understand that, except in the circumstances described below, we will not disclose your PHI without a written authorization from you. Except for disclosures of PHI made directly to you, for your treatment, or pursuant to your authorization, the federal rules that govern the privacy of PHI generally require us to use and disclose only the minimum PHI necessary to accomplish the purpose of the disclosure.

Please note that we may limit certain information we disclose in accordance with laws regarding the special nature of the information (e.g. HIV/AIDS, substance abuse, or genetic information). Also, as state law permits minors of a certain age to seek particular treatment services without parental consent, information that would normally be provided to our customers may be impacted as Mid-Delta protects the privacy of minors’ information in accordance with those state laws.

  • Treatment activities. As a healthcare provider, Mid-Delta uses your PHI as part of our treatment processes and discloses your PHI to physicians and other authorized healthcare providers, such as a nursing home or hospital, who need access to your medical information.
  • Payment activities. We will use your PHI in our billing department and disclose your PHI to insurance companies, hospitals, physicians, and health plans for payment purposes, or to third parties to assist us in creating bills, claim forms, or getting paid for our services. For example, we may send your name, date of service, service performed, diagnosis code, and other information to a health plan so that the plan will pay us for the services we provided. In some cases, we may have to contact you to obtain billing information or for other billing purposes, or when required, we may use an outside collection agency to obtain payment.
  • Healthcare Operations activities. We may use or disclose your PHI in the course of activities necessary to support our healthcare operations, such as performing quality checks for teaching purposes, or for developing normal reference ranges for services that we perform.
  • Treatment, Payment, and Healthcare Operations of Other Covered Entities. We may disclose your PHI for another covered entity’s treatment and payment purposes. For example, we may disclose your PHI to your healthcare provider for any ongoing treatment or when it would facilitate payment for services between multiple health plans with respect to coordination of benefits. In addition, we are permitted to disclose PHI to other covered entities so that they can conduct certain aspects of their healthcare operations or for purposes, such as fraud and abuse detection or compliance. We will only disclose PHI to other covered entities for these healthcare operations purposes if that covered entity has or has had a relationship with you
  • Additional reasons for disclosure. We may also use or disclose PHI to:

      • A governmental agency or its agents as required by state or federal law;
      • Military authorities if you are or were previously a member of the armed forces;
      • Further public safety or, when requested by federal officials, for national security or intelligence activities or for the protection of public officials;
      • Appropriate bodies for public health activities, including the reporting of child abuse or neglect, reporting adverse events, product defects, or for Food and Drug Administration reporting;
      • A health oversight agency for activities such as audits, investigations, licensure or for disciplinary actions or civil, administrative or criminal proceedings. These disclosures are necessary for the government to oversee the healthcare system, government benefits programs for compliance with standards, and compliance with civil rights laws;

      • Appropriate bodies in response to a subpoena or court order, or in response to litigation which directly involves Mid-Delta;
      • The correctional institution or the law enforcement agency if you are an inmate or are in the custody of law enforcement; and
      • Prevent a serious threat to your health and safety or the health and safety of the public or another person. Any disclosure, however, would only be to someone able to help prevent the threat.
      • Organizations that handle organ procurement or organ, eye or tissue transplantation or to an organ donation bank, as necessary to facilitate organ or tissue donation and transplantation.
      • Comply with laws relating to workers’ compensation or similar programs (These programs provide benefits for work-related injuries or illness.);
      • A court or administrative tribunal in response to a court or administrative order, including in response to a subpoena, discovery request, or other lawful process by someone else involved in the dispute, but only if efforts have been made to tell you about the request or to obtain an order protecting the information requested;
      • A coroner or medical examiner, which may be necessary, for example, to identify a deceased person or determine the cause of death or the Plan may also release health information to funeral directors as necessary to carry out their duties.

Legal Rights Related to Protected Health Information

  • Request for Restriction. The Federal Privacy Rule, entitles you to request restrictions regarding our allowed use and disclosure of Protected Health Information (PHI) for treatment, payment or healthcare operations purposes described above. Mid-Delta will consider each request but is not required to agree to any restrictions.
  • Request for Confidential Communication. The Federal Privacy Rule also entitles you to request to receive confidential communications of PHI (such as requesting an alternative means or location of receiving confidential PHI) if disclosing this information by the usual means could endanger you. Mid-Delta will accommodate all reasonable requests, subject to the restrictions and capabilities of our information processing systems.
  • Use of Your Patient Information In Marketing Activities. Use of your patient information in marketing activities requires prior disclosure and authorization from you.
  • Fundraising Communications. You may opt out of receiving fundraising communications from your agency, but Mid-Delta does not conduct fundraising events and does not intend to send such communications.
  • Self-Payment for Medical Treatment. If you paid out of pocket for your medical treatment, you may ask us to withhold information about that treatment from your health plan.
  • Data Breach. You have the right to be notified in case of a data breach.

Uses and disclosures of your patient information not described in this notice will be made only with your authorization.

  • Request for Accounting of Disclosures. The Federal Privacy Rule entitles you to request to receive an accounting of certain disclosures of your PHI made by Mid-Delta, such as disclosure to health oversight agencies. These do not include disclosures made for purposes of treatment, payment or healthcare operations.
  • Request for Access. You have a right to request, in writing, to inspect and obtain a copy of PHI that we maintain about you that is included in what is called a “designated record set.” Additionally, when requesting information, you must reasonably describe the information you seek in your written request; and the information must be reasonably locatable and retrievable by us. We may charge you a fee to cover the cost of providing copies of this requested PHI.
  • Request for Amendment. You have the right to amend your PHI included in the designated record set. We may deny your request pursuant to those rules if we determine that our records are accurate and complete, if we determine that the information was not created by us, the information is not contained in our designated record set, or if access is otherwise restricted by law.

If you wish to exercise any of the legal rights described above, you must do so in writing. To obtain further information about these rights, or if you would like to make such a request, contact the Executive Director/Administrator/Manager at the agency providing your care.

Keeping Up-To-Date With Our Privacy Policy

We will provide you with notice of our privacy policy upon admission to service with us. Our policies may change as we periodically review and revise them, and as we complete our implementation of the federal rules on privacy of health information. For these patients or clients, we will provide a new Notice if the changes are significant. It may be necessary to use or disclose your Protected Health Information for the purposes described above even after our relationship with you has terminated. Thus, we do not necessarily destroy your PHI upon the termination of our relationship. We maintain all records pursuant to federal and state document retention policies.


You may file a complaint with Mid-Delta if you feel that your privacy rights have been violated. To file a complaint, please call Mid-Delta’s Privacy Officer at 855-MID-DELTA or write to:

Mid-Delta Health Systems, Inc.
Attn: Privacy Officer
PO Box 373
Belzoni, MS 39038-0373

You may also complain to the U.S. Secretary of Health and Human Services, who is responsible for overseeing compliance with federal privacy law. You will not be retaliated against for filing a complaint. If you would like to file a complaint with the U.S. Department of Health and Human Services Office of Civil Rights (OCR), send the complaint to the director at OCR headquarters or to the Regional Manager at the appropriate OCR Regional office:

Office for Civil Rights

Centralized Case Management Operations
U.S. Department of Health and Human Services
200 Independence Avenue, S.W.
Room 509F HHH Bldg.
Washington, D.C. 20201