Notice of Privacy Practice

This Notice describes how medical information about you may be used and disclosed and how you can get access to this information. Please review it carefully.

We understand your medical information is private and we strive to protect the confidentiality of your medical records. The new federal regulations require that we issue this official notice of our practices. You have the right to the confidentiality of your medical information, and this practice is required by law to maintain the privacy of that information. The practice is required to abide by the terms of the Notice of Privacy currently in effect and to provide notice of its legal duties and privacy practice with respect to the protected health information.
Prior to making important changes to our privacy practice, we will make available on request a revised Notice of Privacy Practices.
This notice will be followed by any health care professional authorized to enter information in your medical record. All employees, staff and other personnel at this practice who may need access to your information must abide by this Notice. All subsidiaries, business associates, site and locations of this practice may share medical information with each other for treatment, payment purposes or health care operations described in this notice. Except where treatment is involved, only the minimum necessary information needed to accomplish the task will be used.


The following categories describe different ways that we may use and disclose medical information without your specific consent or authorization. Examples are provided for each category of uses or disclosures. Not all possible uses or disclosures are listed.

For Treatment: We may use and disclose medical information about you to provide you with medical treatment or services. Example: In treating you for specific condition, we may need to know if you are allergic to specific drugs that could influence which medications we prescribe for the treatment purpose.

For Payment: We may use and disclose medical information about you so that treatment and services you receive from us may be billed and payment may be collected from your insurance, third party or you. Example: We may need to send your protected health information, such as your name, address, office visit date and codes identifying your diagnosis and treatment to your insurance company for payment.

Health Care Operations: We may use and disclose medical information about you for health care operations to assure that you receive quality care. Example: We may use medical information to review our treatment and services and evaluate the performance of our staff in caring for you.

Other Uses or Disclosures that Can Be Made Without Consent or Authorization

  • As required during an investigation by Law enforcement agencies.
  • To avert a serious threat to public health safety.
  • As required by military command authorities for their medical records.
  • To workers’ compensation or similar programs for processing of claims.
  • In response to legal proceeding.
  • To a coroner or medical examiner for identification of body.
  • If an inmate, to the correctional institution or law enforcement official.
  • As required by the US Food and Drug Administration (FDA).
  • Other healthcare providers treatment activities.
  • Other covered entities= healthcare operations activities (to the extent permitted under HIPPA).
  • Uses and disclosures required by law.
  • Uses and disclosures in domestic violence or neglect situations.
  • Health oversight activities.
  • Other public activities.
  • We may contact you to provide appointment reminders, information about treatment alternatives, or other health related benefits and services that may be of interest to you.


How are your processes and practices verified?

Periodically, our operations and business practices are reviewed for compliance with corporate policies and procedures governing the confidentiality of information.
These reviews are conducted by external auditing firms, government regulators, accreditation agencies, as well as our own internal staff.
Included in these examinations and self-assessments are review of the controls and safeguards related to consumer privacy.

How would I know if my personal information was compromised?

We take great care of personal information and any situation that involves misuse or theft of confidential information is treated very seriously.
If your information is compromised at our site you will receive a letter from us informing you of the situation and what the next steps are.
If you think you are a victim of stolen identification resulting from the use of our services, please call the Compliance Helpline at 212-535-5020.

For more information on protecting yourself against identify theft and fraud, please go to

What happens to the security and privacy of my personal information if I follow links to third-party sites?

In order to provide visitors with other valuable information, Dr. Shim may provide links to third-party sites. However, Dr. Shim exercises no authority over third-party sites, each of which maintains independent privacy and data collection policies and procedures.

Dr. Shim does not warrant or represent that the information submitted to the site will be protected against, loss, misuse, or alteration by third parties. This office and Dr. Shim assume no responsibility or liability for these independent methods or actions and are not responsible for the independent policies or procedures of destination sites.

The site cannot and does not assume responsibility or liability for any information you submit to the site or for third parties' use or misuse of information transmitted or received from this site.

These destination links are provided only for your convenience and, as such, you access them at your own risk.

  • ASGE
  • Lenox Hill Hospital
  • North Shore LIJ
JAN J. SHIM, M.D. 4 EAST 88TH STREET, SUITE 1A NEW YORK, NY 10128 TEL: (212) 535-5020