Insurance
 
FOIS
 
 
 

Operating Standards—Health Information Privacy (HIPAA)

Health plans need to create, receive, and maintain certain records, some of which contain health information about individual participants, in order to administer the plan and provide health care benefits. In addition to creating guidelines regulating this activity, the Health Insurance Portability and Accountability Act of 1996 (HIPAA) requires health plans to notify participants about policies and practices related to the plan’s handling of such information. While the content of such notices is determined mainly by each plan’s specific provisions and administrative practices, the information below describes the general nature of health information privacy practices that must be followed by most group health plans. Foundation One Insurance practices and procedures fully support these operating standards for its affected clients. Please see our HIPAA Information Page for more details on specific HIPAA criteria.

General Guidelines

HIPAA requires health plans to protect information that identifies specific persons and that relates to a physical or mental health condition. Such individually identifiable health information is known as “protected health information,” or “PHI.” Except for purposes related to health care treatment, payment of plan benefits or other aspects of the plan’s administration (known collectively as “treatment, payment or health care operations,” or “TPO”), PHI may generally not be used or disclosed without a written authorization from the individual who is the subject of the PHI. Plans may use and disclose PHI without authorization for reasons in addition to TPO, including: Communication with participants regarding wellness programs, treatment alternatives and health-related benefits and services; court orders, administrative law proceedings, subpoenas, discovery requests or similar legal processes; medical research; interaction with government officials in national security or public health matters; and under certain other circumstances required or permitted by HIPAA and/or other federal and state law.

Notice of Privacy Practices

Health plans subject to HIPAA must publish and make available a notice of the plan’s legal obligations and privacy practices, as well as a summary of participants’ rights regarding the use and disclosure of PHI. Depending on the plan’s administrative practices, this notice may be included with other plan documents or produced and distributed separately.

Participant Rights

HIPAA extends certain rights to plan participants regarding: Access and changes to PHI; obtaining an “accounting,” or record of certain PHI disclosures; requests for restrictions on PHI disclosures; confidentiality of PHI-related communications; and formal complaint procedures. Such rights are detailed in each plan’s Notice of Privacy Practices or equivalent document.

Foundation One Insurance Services LTD. does not use, disclose, sell, or otherwise make available non-public personal information to any party unaffiliated with, or for any purpose unrelated to, the administration of its clients’ benefit plans, unless required to do so by law, regulatory authority, court proceeding, or pursuant to a specific authorization by the affected individual(s).
     
 
 

 

Use of this web site is intended for brokers and employers only, and is not intended for employees or other individual consumers.
HIPAA               Disclaimer               Privacy
Copyright 2006 Foundation One Insurance Services, Ltd. All rights reserved.
2601 Network Blvd. Suite 107  Frisco, TX 75034
Toll free 1-877-712-4004
E-SB-263-0906
Login