Skip to main content

NewYork-Presbyterian Hospital

Privacy Office

About the Privacy Office

About the Privacy Office

Welcome to the Privacy Office at NewYork-Presbyterian Hospital. Our team is committed to ensuring the confidentiality, security, and integrity of your information through ongoing education and awareness programs.

If you have any questions, please see our Frequently Asked Questions section below or email our office at [email protected] for further questions. You may also report your concerns to us anonymously through our Compliance Helpline, by phone (888) 308-4435 or filling out this web-based form.

Frequently Asked Questions

Frequently Asked Questions

In general, your health information cannot be shared without your consent. However, there are certain situations where healthcare providers may disclose information without your consent, such as for treatment purposes, public health reporting, or when required by law.

We take patient privacy very seriously here at New York-Presbyterian Hospital. Our staff is routinely educated on HIPAA and their role in upholding patient privacy. Additionally, our Privacy Team continuously monitors employee access into our electronic medical record system. However, we understand that patients may still have concerns regarding inappropriate access into their medical records for various reasons. Please report any of these concerns to our Compliance and Privacy teams by email [email protected] or by phone (888) 308-4435.

Health Care Information Exchange (HIE) is a way for health care professionals and patients to access and share medical records electronically. All records are shared securely through an electronic medical record system. Records can only be shared with participating facilities. If you would like to participate or opt out of HIE, fill out this form and send to [email protected]. We will update our system once we receive the completed form.

Learn more about Health Care Information (HIE).

Many patients are interested in reducing their digital footprint and have begun requesting that their information be deleted from our electronic medical record systems.

However, as a health care provider, NewYork-Presbyterian (NYP) is required under New York law to maintain patient records for at least six years from the date of the patient’s last visit. In the case of minors, NYP must keep obstetrical records and records for children for at least six years or until the child is age twenty-one (21), whichever is later. Patient records include medical information, test results, doctor’s notes, and other demographic information, including but not limited to financial information, that may identify a specific individual.

Federal and state law restrict the way NYP can share this information and we take this responsibility very seriously. For more information on the ways in which NYP may use your health information, please review our Notice of Privacy Practices (NOPP).

Patients can opt out of receiving promotional materials or marketing communications related to healthcare products or services. If you would no longer like to receive such communications, please email us directly at [email protected].

We offer a few options to enhance the security on your medical records.

Option 1: Break the Glass – Break the Glass (BTG) is an extra layer of protection that requests each user to provide a reason for entering a chart and requires them to input their password.

Option 2: Private Encounter – By making your encounter private, we limit the number of employees able to view a particular visit to your direct care team.

If you feel that your healthcare team did not do their best to minimize the risk of disclosures when discussing your information, please report these concerns to our Compliance and Privacy teams by email [email protected] or by phone (888) 308-4435.

If you believe your patient privacy rights have been violated, please report your concerns to our Compliance and Privacy teams by email [email protected] or by phone (888) 308-4435. You may also file a complaint with the Office for Civil Rights (OCR) within the Department of Health and Human Services (HHS). The OCR investigates complaints related to HIPAA violations and ensures compliance with patient privacy regulations.

Report Your Privacy Concerns

Report Your Privacy Concerns

New York-Presbyterian Compliance Helpline offers an easy option for you to ask questions and report concerns.

When should you report a privacy concern?

  • You are handed another patient’s paperwork upon discharge
  • You receive a bill relating to another patient in the mail
  • You login to your MyChart account and see records that do not pertain to you
  • You are concerned that someone has accessed your information inappropriately
  • You have any other concern or question relating to the privacy and confidentiality of your personal information

At NewYork-Presbyterian Hospital, we take patient privacy very seriously. We believe in creating a safe and secure environment, where your personal information is protected with the utmost care. However, in the event that you should ever have any concerns, our privacy team is dedicated to thoroughly investigating all reported privacy issues and taking appropriate actions to resolve them promptly. Your privacy and well-being are our top priority, and we invite you to share any privacy concerns you may have without fear of retaliation by emailing us at [email protected] or by calling our Compliance Helpline at (888) 308-4435.

Patient Rights

Patient Rights

Here at NewYork-Presbyterian Hospital, your privacy matters, and we are committed to providing you with essential information regarding how HIPAA (Healthcare Insurance Portability and Accountability Act) safeguards your sensitive medical information. Understanding your patient rights is crucial in maintaining the confidentiality, integrity, and availability of your health data, ensuring that you have control over its use and disclosure.

Through HIPAA, patients have several important rights that are designed to protect their privacy and control over their health information. View your patient rights in additional languages. 

These rights include:

Patients can request a record of who has accessed or received their health information for certain purposes other than treatment, payment, or healthcare operations. View and complete the form to receive an accounting of disclosures

If patients believe that their health information is incorrect or incomplete, they can request amendments or corrections to be made to their records. Please review our process for requesting amendments.

Healthcare providers and health plans are required to provide patients with a notice explaining how their health information is used, disclosed, and protected. View our Notice of Privacy Practices (NOPP).

Patients can request restrictions on how their health information is used or disclosed for certain purposes, though these requests are not always guaranteed. If you would like to request restrictions on how your health information is used or disclosed, please email us directly at [email protected].

Patients have the right to receive communications about their health information in a way that ensures confidentiality, such as through encrypted emails or in sealed envelopes. Patients can indicate their communication preferences on the Notice of Privacy Practices (NOPP) that is signed at time of registration. If you would like to update preferences after time of registration, please email directly us at [email protected].

Patients can request a record of who has accessed or received their health information for certain purposes other than treatment, payment, or healthcare operations. View and complete the form to receive an accounting of disclosures.

Patients can opt out of receiving promotional materials or marketing communications related to healthcare products or services. If you would no longer like to receive such communications, please email us directly at [email protected].

If patients believe their privacy rights have been violated, they have the right to file a complaint with the Office for Civil Rights (OCR). You may also report any concerns you have to use directly by emailing [email protected] or calling our Compliance Helpline at (888) 308-4435.

Our Privacy Notices

Our Privacy Notices

NewYork-Presbyterian Hospital is committed to providing the highest quality patient care and to acting with absolute integrity at all times. Your privacy is important to us. To learn more about how medical information about you, as a NewYork-Presbyterian patient, may be used and disclosed, and how you can get access to your information, please review our Notice of Privacy Practices (NOPP)

Safeguarding Your Data

Safeguarding Your Data

Safeguard your Data
#
Learn more on Health Information Exchange
Learn more on Data Removal
#

Health Information Exchange (HIE)

Health Care Information Exchange (HIE) is a way for health care professionals and patients to access and share medical records electronically. All records are shared securely through an electronic medical record system. Records can only be shared with participating facilities.

At NYP, we strictly adhere to legal requirements and industry best practices when it comes to maintaining the confidentiality of your information and also recognize the importance of sharing your information in the most secure way. 
As such, we participate in Health Care Information Exchange (HIE), a way for health care professionals and patients to access and share medical records electronically. All records are shared securely through an electronic medical record system but can only be shared with participating facilities.

If you would like to participate or opt out of HIE, fill out this form and send it to [email protected]. We will update our system once we receive the completed form.

Learn more about Health Care Information Exchange (HIE).

Data Removal

Many patients are interested in reducing their digital footprint and have begun requesting that their information be deleted from our electronic medical record systems.

As a health care provider, NewYork-Presbyterian (NYP) is required under New York law to maintain patient records for at least six years from the date of the patient’s last visit. In the case of minors, NYP must keep obstetrical records and records for children for at least six years or until the child is age twenty-one (21), whichever is later. Patient records include medical information, test results, doctor’s notes, and other demographic information, including but not limited to financial information, that may identify a specific individual.

Federal and state law restrict the manner in which NYP can share this information and we take this responsibility very seriously. For more information on the ways in which NYP may use your health information, please review our Notice of Privacy Practices (NOPP).