THIS NOTICE DESCRIBES HOW
MEDICAL INFORMATION ABOUT YOU
MAY BE USED AND DISCLOSED AND HOW
YOU CAN GET ACCESS TO THIS INFORMATION.
PLEASE REVIEW IT CAREFULLY.
This Notice tells you about the ways in which
PIBT referred to as “we” or “the Plan”, may
collect, use and disclose your Protected Health Information (PHI) and your
rights concerning your PHI. “PHI” is information about you, including demographic information, that can reasonably
be used to identify you and that relates to your past, present or future
physical or mental health or condition, the provision of health care to you or
the payment for that care.
We are required by federal and state laws to provide you with this Notice about your rights and our legal duties and privacy practices with
respect to your PHI. We must follow the terms of this Notice while it is in effect. Some of the uses and disclosures described in this Notice
may be limited in certain cases by applicable state laws that are more stringent than the federal standards.
This Notice is intended to comply with the requirements of the Health Insurance Portability and Accountability Act of 1996 (HIPAA), the
Health Information Technology for Economic and Clinical Health Act of 2009, the Genetic Information
Nondiscrimination Act and regulations issued under these statues and is effective September 23, 2013.
We understand that medical information about
you and your health is personal. We are committed to protecting medical
information about you. We are obligated to provide you with a copy of this
Notice of our legal duties and of our privacy practices with respect to PHI,
and we must abide by the terms of this Notice. We reserve the right to change
the provisions of our Notice and make the new provisions effective for all PHI that we maintain. If we make a material change to this
Notice, we will mail a revised Notice to the address that we have on record to
MAY USE AND DISCLOSE YOUR PROTECTED HEALTH INFORMATION
may use and disclose your PHI for different purposes.The examples below are provided to illustrate
the types of uses and disclosures we may make without your authorization for
payment, health care operations and treatment.
Payment We use and disclose your PHI in order to pay for your covered health
expenses. For example, we may use your PHI to process claims or be reimbursed by another insurer that may be responsible for payment.
Health Care Operations
We use and disclose your PHI in order to perform our plan activities, such as quality assessment activities or administrative
activities, including data management or customer service. In some cases, we may use or disclose the information for underwriting or
Business Associates. We contract with
individuals and entities (Business Associates) to perform various functions on
our behalf or to provide certain types of services. To perform these functions
or to provide the services, our Business Associates will receive, create,
maintain, use or disclose PHI, but only after we require the Business Associate
to agree in writing to contract terms designed to appropriately safeguard your
We may use and disclose your PHI to assist
your health care providers (doctors, dentists, pharmacies, hospitals and
others) in your diagnosis and treatment.For example, we may disclose your PHI to providers to provide
information about alternative treatments.
Plan Sponsor If you are enrolled through a group
health plan, we may provide summaries of claims and expenses for enrollees in a group health plan to the plan sponsor, who is usually the
POTENTIAL IMPACT OF
The HIPAA Privacy Regulations generally do not preempt (or take precedence over) state privacy or other applicable laws that provide
individuals greater privacy protections. As a result, to the extent state law applies, the privacy laws of a particular state, or other
federal laws, rather than the HIPAA Privacy Regulations, might impose a privacy standard under which we will be required to operate. For
example, where such laws have been enacted, we will follow more stringent state privacy laws that relate to uses and disclosures of PHI
concerning HIV or AIDS, mental health, substance abuse dependency, genetic testing, and reproductive rights.
PERMITTED OR REQUIRED DISCLOSURES
As Required by Law We must disclose PHI about you when required to do so by law.
Public Health Activities We may disclose PHI to public health
agencies for reasons such as preventing or controlling disease, injury or disability.
Victims of Abuse, Neglect or Domestic Violence
We may disclose PHI to government agencies about abuse, neglect or domestic violence.
Health Oversight Activities We may disclose PHI to government
oversight agencies (e.g., state insurance departments) for activities authorized by law.
Judicial and Administrative Proceedings
We may disclose PHI in response to a court or administrative order. We may also disclose PHI about you
in certain cases in response to a subpoena, discovery request or other lawful process.
Law Enforcement We may disclose PHI under
limited circumstances to a law enforcement official in response to a warrant or similar process; to identify or locate a suspect; or to
provide information about the victim of a crime.
Coroners, Funeral Directors, Organ Donation
We may release PHI to coroners or funeral directors as necessary to allow them to carry out their duties.
We may also disclose PHI in connection with organ or tissue donation.
Research Under certain circumstances, we may
disclose PHI about you for research purposes, provided certain measures have been taken to protect your privacy.
To Avert a Serious Threat to Health or Safety We may disclose PHI
about you, with some limitations, when necessary to prevent a serious threat to your health and safety or the health and safety of the
Special Government Functions We may disclose information as
required by military authorities or to authorized federal officials for national security and intelligence activities.
Workers’ Compensation We may disclose PHI to the extent necessary
to comply with state law for workers’ compensation programs.
OTHER USES OR DISCLOSURES WITH AN AUTHORIZATION
uses or disclosures of your PHI will be made only with your written
authorization, unless otherwise permitted or required by law. You may revoke an
authorization at any time in writing, except to the extent that we have already
taken action on the information disclosed or if we are permitted by law to use
the information to contest a claim or coverage under the Plan.
REGARDING YOUR PROTECTED HEALTH INFORMATION
have certain rights regarding PHI that the Plan maintains about you.
Right To Access Your Protected Health
Information You have the right to review or obtain copies of your PHI records, with some limited
exceptions. Usually the records include enrollment, billing, claims payment and case or medical management records. Your request to review
and/or obtain a copy of your PHI records must be made in writing. We may charge a fee for the costs of producing, copying and mailing your
requested information, but we will tell you the cost in advance.
Right To Amend Your Protected Health
Information If you feel that PHI maintained by the Plan is incorrect or incomplete, you may request
that we amend the information. Your request must be made in writing and must include the reason you are seeking a change. We may deny your
request if, for example, you ask us to amend information that was not created by the Plan, as is often the case for health information in
our records, or you ask to amend a record that is already accurate and complete.
If we deny your request to amend, we will notify you in writing. You then have the right to submit to us a written statement of
disagreement with our decision and we have the right to rebut that statement.
Right to an Accounting of Disclosures by the Plan You have the
right to request an accounting of disclosures we have made of your PHI. The list will not include our disclosures related to your treatment,
our payment or health care operations, or disclosures made to you or with your authorization. The list
may also exclude certain other disclosures, such as for national security purposes.
Your request for an accounting of disclosures must be made in writing and must state a time period for which you want an accounting.
This time period may not be longer than six years and may not include dates before April 14, 2003.
Your request should indicate in what form you want the list (for example, on paper or electronically).The first accounting that you request
within a 12-month period will be free. For additional lists within the same time period, we may charge for providing the accounting, but we
will tell you the cost in advance.
Right To Request Restrictions on the Use and Disclosure
of Your PHI. You have the right to request that we restrict or
limit how we use or disclose your PHI for treatment, payment or health care operations. We may not agree with your request. If we
do agree, we will comply with your request unless the information is needed for an emergency. Your request for a restriction must be made in
writing. In your request, you must tell us (1) what information you want to limit; (2) whether
you want to limit how we use or disclose your information, or both; and (3) to whom you want the restrictions to apply.
Right To Receive Confidential
Communications. You have the right to request that we use a certain method to communicate with you
about the Plan or that we send Plan information to a certain location if the communication could endanger you. Your request to receive
confidential communications must be made in writing. Your request must clearly state that all or part of the communication from us could
endanger you. We will accommodate all reasonable requests. Your request must specify how or where you wish to be contacted.
Right to a Paper Copy of This
Notice. You have a right to request a paper copy of this Notice at any time,
even if you had previously agreed to receive an electronic copy.
Right to a Notice of Breach of Unsecured Protected Health
Information. You have the right to be notified following a breach of unsecured PHI. In the event of a breach
requiring notice, you will be notified by the Plan or, if applicable, the business associates responsible for the breach.
Contact Information for Exercising Your Rights.
You may exercise any of the rights described above by contacting our privacy office. See the end of
this Notice for the contact information.
requires their employees to follow the PIBT security policies and procedures
that limit access to health information about members to those employees who
need it to perform their job responsibilities.
In addition, PIBT maintains physical, administrative and technical security
measures to safeguard your PHI.
CHANGES TO THIS
We reserve the right to change the terms of this Notice at any time, effective for PHI that we already have about you as well as any
information that we receive in the future. We will provide you with a copy of the new Notice whenever we make a material change to the privacy
practices described in this Notice. We also post a copy of our current Notice on our website at www.piasc.org. Any time we make a material
change to this Notice, we will promptly revise and issue the new Notice with the new effective date.
If you believe that your privacy rights have been violated, you may file a complaint with us and/or with the Secretary of the Department of
Health and Human Services. All complaints to the Plan must be made in writing and sent to the privacy office listed at the end of this Notice.
support your right to protect the privacy of your PHI. We will not retaliate against you
or penalize you for filing a complaint.
CONTACT THE PLAN
you have any complaints or questions about this Notice or you want to submit a
written request to the Plan as required in any of the previous sections of this
Notice, please contact:
Phone #: (323) 728-9500 ext. 242 or
(800) 449-4898 outside Southern
Fax #: (323) 722-7386