Protecting Your Privacy and Security

Protecting the privacy and security of our patients' protected health information is part of our goal to provide the best outcome for every patient every time. Across the United States, the privacy and security of patients' health information is protected by a federal law and regulations (commonly referred to as HIPAA) that establish minimum standards for maintaining the privacy and security of patient information.  

In addition, other federal laws, as well as state law, may provide added protections for certain types of health information.

At UnityPoint Health, we have a compliance program that includes policies implementing patient privacy and security requirements mandated under all applicable federal and state law. We provide training to our team members on the importance of complying with these policies and regularly conduct audits to confirm the effectiveness of our privacy and security compliance policies.

Our Notice of Privacy Practices describes how your medical information may be used and disclosed and how you can get access to it. 

Notice of Privacy Practices - English

Notice of Privacy Practices for UnityPoint Health Eyerly Ball Community Mental Health Services (Des Moines)

Eyerly Ball Notice of Privacy Practices - English

Contact a Privacy Officer

If you have questions regarding our privacy and security program, or the use of your information, please contact the privacy officer for the facility where you received treatment. 

Region Email Phone
Central Iowa (Des Moines, Grinnell) (515) 241-8199
Eastern Iowa (Anamosa, Cedar Rapids, Dubuque, Marshalltown, Waterloo) (319) 235-3920
Western Iowa (Fort Dodge, Sioux City) (515) 574-6675
Illinois (Quad Cities) (309) 672-4831
Wisconsin (Madison) (608) 417-5834
UnityPoint Clinic (515) 440-5200
UnityPoint at Home (515) 557-3236
UnityPoint Health (515) 241-4652 

Frequently Asked Questions Regarding our Notice of Privacy Practices

Who will follow these privacy practices?

Our rules to protect your privacy are followed by all workforce members of the site where you're treated, as well as clinicians and other healthcare practitioners with permission to provide services at our sites independent of a UnityPoint Health affiliate. For a full list of the facilities covered under the Notice of Privacy Practices, please see Appendix A in the Notice of Privacy Practices.

What health information is covered under this notice?

This notice covers health information at UnityPoint Health that may be written (such as a hard copy medical record file), spoken (such as physicians discussing treatment options) or electronic (such as billing records kept on a computer).

How can UnityPoint Health use your health information?

The law allows UnityPoint Health to use or share your health information for routine activities without requiring your permission, such as:

  • For treatment
  • For payment
  • To run the hospital or physician group
  • For appointment reminders and communication

The law also allows UnityPoint Health to use and share health information without your permission for other limited reasons, including:

  • Public health activities
  • Some research activities
  • Health and safety reasons
  • Organ and tissue donation requests
  • Law enforcement requests
  • Some marketing and fundraising activities
  • Uses and sharing permitted or required by law


What activities require your written permission?

If we need to use or disclose your health information for other purposes not described in our Notice of Privacy Practices, then UnityPoint Health must ask for your written authorization.

What activities do you have a right to object to?

In many circumstances, you may have the right to object before we do the following:

  • Share your information with family members, friends or others involved in your care
  • List your name, room number and condition in a directory available to hospital visitors, as well as list your religion in a directory available to clergy members.
What are your privacy rights as a patient?

You have the right to do the following:

  • Get a copy of your medical and billing records
  • Ask us to change your medical and billing records if you think we made a mistake
  • Request a preferred method of contact (for example, having calls go to your cell phone rather than to your home or work)
  • Get a list of certain health information shared for reasons other than treatment, billing or health care operations or as otherwise specified under law
  • Receive a paper copy of our Notice of Privacy Practices (you can request one from any registration desk)
  • Ask us to limit the information we share (but note we may not be able to grant requests beyond what the law requires)
  • Complain in writing to us if you believe your privacy rights have been violated