Privacy Practices for Protected Health Information

Share on Facebook Share on X Share on LinkedIn Email

This notice describes how medical information about you may be used and disclosed and how you can get access to it. Please review it carefully.

The Cooper Health System is committed to protecting the privacy of patients. As required by law, we treat all health information confidentially. Cooper has developed a Privacy Compliance Program to ensure the privacy and confidentiality of your health information. This Notice describes the privacy practices of The Cooper Health System, which includes Cooper Hospital/University Medical Center, its employees, medical staff and doctors’ offices that are affiliated with The Cooper Health System, along with the employees at those doctors’ offices.

Understanding Your Health Record Information

Each time you visit Cooper, we create a record of your visit. Typically, this record contains your symptoms, examination and test results, diagnoses, treatment, and a plan for future care or treatment. This medical record is a valuable tool that serves a number of purposes, such as:

•    Planning your care and treatment
•    Communicating with those who provide you with care services;
•    Allowing your insurer to verify that services provided are billed accurately;
•    Educating healthcare professionals:
•    Providing information for planning and marketing activities:
•    Assessing our own performance so that we can continue to improve our care and services.

Our Legal Duty

We are required by law to protect your health information. If there is a security breach of your protected health information (PHI), in most instances, we are required by law to notify you. We are also required to give you this Notice about our privacy practices, our legal duties and your rights concerning your health information. We will follow the privacy practices that are in this Notice while it is in effect.

Reasons Why Your Health Information Is Shared

Treatment, Payment and Health Care Operations Activities ("TPO")

We may use or disclose your health information for TPO purposes without your written authorization. This means that those who are involved in your care and treatment will have access to your health information. In order for us to receive payment for the care we provide to you, we will tell your insurance company about that care. We may also use your health information for our own purposes, such as monitoring, planning and developing our care services, and educating our staff.

We may also provide health information from your medical records for the TPO activities for another healthcare provider agency that is not affiliated with us. We would release information about you only if it were needed in conjunction with care services that have been or will be delivered to you (including payment for such care services).

Cooper participates in the Camden Health Information Exchange ("Camden HIE") and the NJ Health Information Network, electronic health information sharing networks. Your electronic medical record will be included in the Exchanges, and may be accessed by other HIE participants for the purpose of your care and treatment, unless you affirmatively choose not to participate by submitting an Opt-Out Notification to Cooper.

Cooper participates in Epic Care Everywhere. Care Everywhere allows clinicians to electronically exchange medical information. Cooper will receive information from, and provide access to your information to, outside medical institutions who are also treating you, unless you affirmatively choose not to participate by submitting an Opt-Out Notification to Cooper. 

Cooper maintains a formal international medical graduate (IMG) observership program. The program provides the IMG with an introduction to American medicine and allows Cooper to evaluate the IMG for a position as a medical resident . Your visit to Cooper may be part of the observership program unless you affirmatively choose not to participate by submitting an Opt-Out notification to Cooper.
Other Uses and Disclosures Not Requiring Your Written Authorization

We may also use or disclose your health information for the following:

  • To inform you about treatment options or alternatives, or health related benefits or services that we think may be of interest to you;
  • To provide you with appointment reminders, such as voicemail messages, texts, post cards or letters;
  • To business associates that perform certain key functions or processes for us.  Business Associates must provide written assurances that they will safeguard and protect the privacy of your health information;
  • To inform you about Cooper sponsored activities, including fundraising programs and events. Only limited information will be used for this purpose. You have no obligation to respond to these communications any may choose to discontinue them. To opt out of these communications, please call 1-833-435-1006 and request to opt out of Cooper communications.
  • To communicate with authorities when we are required to do so by law, for health oversight activities conducted for or by governmental agencies, such as participating in surveys to improve quality of care and patient satisfaction and for public health activities, such as to report suspected child abuse, communicate diseases for certain types of injuries;
  •  For purposes of organ donation;
  • For workers compensation or similar programs as permitted or required by law;
  • For certain research purposes, provided that certain established measures are taken to protect your privacy;
  • To military command authorities as required by law if you are or were a member of the armed forces; 
  • To prevent or lessen a serious threat to your health and safety or the health and safety of someone else;
  • For law enforcement purposes, if we are permitted to do so by law, and to authorized federal officials for purposes of national security; if we are directed to do so by court order;
  • To provide certain information to a coroner, medical examiner, or funeral director;
  • To correctional institutions if required to do so by law, if you are a prisoner.
  • To a family member, relative or friend—or anyone else you identify— as follows: (i) if you are present at the time agree; or (ii) if you are not present (or you are incapacitated or in an emergency situation) and, in the exercise of our professional judgment and in our experience with common practice, we determine that the disclosure is in your best interests. In these cases we will only disclose the PHI that is directly relevant to the person’s involvement in your health care.
  • Unless prohibited by law, we may disclose your PHI to your personal representative, if any. A personal representative has legal authority to act on your behalf in making decisions related to your health care if you are unable to act on your own behalf. For example, a health care proxy, or a parent or guardian of an unemancipated minor are personal representatives.
  • For disaster relief purposes to appropriate organizations involved.

Unless you opt out, for our patient directory, for purposes of notification of your location in the hospital, your religious affiliation to members of the clergy, your general condition or death.

If one of the above reasons does not apply, we will not use or disclose your PHI without your written permission (“authorization”). You may give us written authorization to use or disclose your PHI to anyone for any purpose. You may later change your mind and revoke your authorization in writing. However, your written revocation will not affect actions we’ve already taken in reliance on your authorization. Where state or other federal laws offer you greater privacy protections, we will follow those more stringent requirements. For example, under certain circumstances, records that contain information about drug or alcohol abuse treatment; HIV/AIDS-related testing or treatment; or certain mental health records may not be disclosed without your written authorization. We must also have your authorization for any uses or disclosures for marketing purposes and any disclosures that constitute sale of your information.  

Your Rights Regarding Your Health Information

  • You have the right to review and copy your health information, with limited exceptions. You must submit your request in writing to the medical records department We may charge you a fee to provide you with copies.
  • We may deny your request to look at or get a copy of your health information. If we do, we will explain the reasons to you, and in most cases you may have the denial reviewed.
  • You have the right to request corrections to your health information. Your request must be in writing, and it must explain the corrections to be made. We may deny your request under certain circumstances; and if we do, we will explain the reasons to you.
  • With certain exceptions, you have the right to know when (after April 14,2003) we have shared your health information without your authorization that is outside of TPO. We will provide you with a listing of those disclosures if you request it. If you request this listing more than once in a 12 month period, we may charge you a fee for the additional requests.
  • You have the right to request that we restrict or limit some of our uses or disclosures of your health information. We are not required to agree to those restrictions except that you may restrict disclosure of health information top your health plan if that information pertains to a healthcare service for which you, or a person other than your health plan, paid Cooper in full.
  • You have the right to request that we communicate with you about medical matters in a certain way or at a certain location. For example, you can ask that we contact you only at work or by mail. Your request must be in writing, and you must tell us where or how to contact you. We may require you to explain how payments will be handled under the alternative means or location your request.
  • If you received this notice on our website or by electronic mail (e-mail), you have the right to receive this notice in written form. To obtain a paper copy of this notice, use the contact information below or request a paper copy at your physician office

Reproductive Health Care Services

With regard to reproductive health care services, which includes all medical, surgical, counseling, or referral services related to the human reproductive system, including, but not limited to , services related to pregnancy, contraception, or termination of pregnancy, we will not share that information in any civil action or proceeding preliminary thereto (including an investigation for a state or federal agency) or in any probate, legislative, or administrative proceeding, without you or your legal representative’s written consent, which are permitted to withhold. We may still provide information related to your reproductive health care services without your consent in civil actions, investigations, or other proceedings:

  • If required by State law or Court Rule;
  • To our attorneys, professional liability insures or their agents, if a claim is filed against us or there is a reasonable belief of such a claim, in order to defend ourselves against such claim;
  •  If requested by the Commissioner of Health, Human Services, or Banking and Insurance, or any professional licensing board in connection with an investigation of a complaint; or
  • If related to suspected child abuse, elder abuse, abuse of an incapacitated person, or abuse of an individual with a disability.

In all other situations, we will follow our general privacy practices regarding the disclosure of medical information related to reproductive health care services. For example, we may share your health information with other medical professionals who are treating you without your written consent.

Use and Disclosure of Substance User Disorder (SUD) Records

We have a duty to protect your SUD treatment records and provide this notice pursuant to 42 CFR Part 2.  We may use and disclose your SUD treatment information for purposes of treatment, payment, and healthcare operations, including future treatment, payment, and healthcare operations, only with your consent.  This includes coordination of care, billing, and administrative functions.  Uses and disclosures of SUD information for purposes of treatment, payment and healthcare operations, including future uses and disclosures, may be made pursuant to a single consent as permitted by 42 CFR Part 2.  For any uses or disclosures not described in this notice, further written consent is required.

Patient Rights Under 42 CFR Part 2

  • You have the right to receive a copy of this notice in paper form.
  • You may request restrictions on disclosures of your SUD records. We may not be able to accommodate such requests, unless the request strictly concerns disclosure of SUD treatment information for payment and healthcare operations, and your costs for the SUD treatment have been paid in full.
  • You may revoke your consent at any time, except to the extent that action has already been taken based on your prior consent.
  • You have the right to request an accounting of disclosures of your SUD records  and to be notified of data breaches.

Redisclosure Limitations

A person or entity who receives  your SUD information for treatment payment and healthcare operations purposes is prohibited from further disclosures unless permitted by HIPAA. A notice of this prohibition and your written consent will accompany any disclosure.

Disclosures Requiring Additional Authorization

Certain disclosures, such as those for legal or law enforcement proceedings or certain oversight purposes, or for release of SUD counseling notes, will require a separate signed consent or subpoena with a court order in compliance with Part 2 regulations. Records shall only be used or disclosed for legal or law enforcement proceedings based on a court order after notice and an opportunity to be heard is provided to the patient or the holder of the record, where required by 42 U.S.C. 290dd-2 and 42 CFR Part 2.

Disclosures Without Consent

Federal law permits limited disclosures of SUD records without your consent in specific circumstances, including medical emergencies, research, audits or evaluations, public health authority requests, and/or subpoenas with accompanying court orders that meet federal requirements.  For a complete list of permissible disclosures of SUD treatment records without consent, please refer to 42 CFR Part 2 Subpart D.
Important Statement

Once your information is disclosed pursuant to your consent (other than your consent for treatment, payment and healthcare operations), it may be subject to redisclosure and may no longer be protected by HIPAA, except where 42 CFR Part 2 applies.

For more information or to file a complaint, please contact the Chief Privacy Officer at Privacy@cooperhealth.edu or the Secretary of HHS at https://www.hhs.gov/hipaa/filing-a-complaint/index.html

For More Information

If you have questions or like additional information, you may contact our:
Chief Privacy Officer
The Cooper Health System 
One Cooper Plaza Camden, NJ 08103-1489
856.361.1697
privacyofficer@cooperhealth.edu

If you believe your privacy rights have been violated, you can file a complaint with the Secretary of the U.S. Department of Health and Human Services, or directly with Cooper by contacting the privacy officer at the above address and phone number.

Effective Date; Revisions

The effective date of this Notice is February 2026

We reserve the right to change our privacy practices and the terms of our Notice at any time, as permitted by law. We reserve the right to make those changes effective for all health information that we maintain, even if we created or received it before we made the changes.

Our privacy practices, as described in this Notice, will remain in effect until we change this Notice. If significant changes are made to our privacy practices, we will change this Notice and make the new Notice available upon request.