Data Privacy & HIPAA

Our framework for protecting your health information and privacy.

Our Commitment

Rosewood Plus at Iowa is fully committed to compliance with the Health Insurance Portability and Accountability Act (HIPAA) and all applicable federal and Iowa state privacy regulations. We recognise that the data we handle—especially Protected Health Information (PHI)—requires the highest level of security and transparency.

Privacy

Strict controls on who can access your health information and how it is shared.

Security

Administrative, physical, and technical safeguards to protect electronic PHI.

Breach Notification

Prompt notification in the unlikely event of a data breach, as required by law.

Your HIPAA Rights

Under HIPAA, you have the following rights regarding your Protected Health Information:

Right to access and obtain a copy of your health records.
Right to request amendments to inaccurate information.
Right to receive an accounting of disclosures of your PHI.
Right to request restrictions on certain uses and disclosures.
Right to request confidential communications.
Right to receive our Notice of Privacy Practices.
Right to file a complaint without fear of retaliation.

HIPAA Safeguards We Employ

We implement the three categories of safeguards required by the HIPAA Security Rule:

Administrative Safeguards – Written policies and procedures, workforce training, risk assessments, and designated Privacy and Security Officers.
Physical Safeguards – Secure storage of paper records, controlled facility access, and proper disposal of documents containing PHI.
Technical Safeguards – Encrypted electronic communications, access controls, audit logs, and secure data transmission.

If you wish to exercise any of your privacy rights, please contact our Privacy Officer at:
info@rosewoodplus.com

You also have the right to file a complaint with the U.S. Department of Health and Human Services Office for Civil Rights:
hhs.gov/hipaa