This provides notice of the privacy practices and policies of Ken Williams, CHFC, CLTC, CLU, CHRS INC. These protections have been adopted to ensure that the information that we obtain and maintain for our clients and customers, which may also include information about the employees, dependents, former employees and dependents, and other eligible participants on a group health plan for which we are providing services (“Protected Parties”), is protected in accordance with relevant state and federal rules. The Notice outlines our practices, policies, and legal duties to maintain and protect against prohibited disclosure of personally-identifiable financial information (as required by the federal Gramm-Leach-Bliley Financial Modernization Act (“GLB Act”), and the various state laws implementing those requirements), Protected Health Information of those Protected Parties (under the privacy regulations mandated by the Health Insurance Portability and Accountability Act and further expanded by the Health Information Technology for Economic and Clinical Health Act provisions in Title XIII of the American Recovery and Reinvestment Act (“HITECH”) and the regulations related to these laws and mandates), and the protection of personally-identifiable information under 45 CFR § 155.260 (collectively referred herein as “Privacy Rules”).
THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT A PROTECTED PARTY MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.
THE PROTECTION OF THE PRIVACY OF THE INFORMATION WE MAINTAIN IS IMPORTANT TO US.
Primary Uses and Disclosures of Protected Information. We use and disclose Protected Information about Protected Parties for payment and health care operations. Privacy Rules does not generally “preempt” (or take precedence over) state privacy or other applicable laws that provide individuals greater privacy protections. As a result, to the extent state law applies, the privacy laws of a particular state, or other federal laws, rather than the Privacy Rules, might impose a privacy standard under which we will be required to operate. For example, where such laws have been enacted, we will follow more stringent state privacy laws that relate to uses and disclosures of the Protected Information concerning HIV or AIDS, mental health, substance abuse/chemical dependency, genetic testing, reproductive rights.
In addition to these law requirements, we also may use or disclose Protected Information in the following situations:
Payment: We might use and disclose your Protected Information for all activities that are included within the definition of “payment” within the Privacy Rules. For example, we might use and disclose a Protected Party’s Protected Information to assist with the payment of claims for services provided to that Protected Party by doctors, hospitals, pharmacies and others for services that are covered by a group health plan. We might also use your information to determine your eligibility for benefits, to coordinate benefits, to examine medical necessity, to obtain premiums, and to issue explanations of benefits to the person who subscribes to the health plan in which you participate.
Health Care Operations: We might use and disclose a Protected Party’s Protected Information for all activities that are included within the definition of “health care operations” within the Privacy Rules. For example, we might use and disclose the Protected Information of a Protected Party to an insurer to determine the premiums for your health plan, to conduct quality assessment and improvement activities, to engage in care coordination or case management, and to manage our business.
Business Associate Subcontractors: In connection with our payment and health care operations activities, we contract with individuals and entities (called “subcontractors”) to perform various functions on our behalf or to provide certain types of services. To perform these functions or to provide the services, our subcontractors will receive, have access to, create, maintain, use, or disclose Protected Information, but only after we require the subcontractor to agree in writing to contract terms designed to appropriately safeguard your information.
Other Covered Entities: In addition, we might use or disclose your Protected Information to assist health care providers in connection with their treatment or payment activities, or to assist other covered entities in connection with certain of their health care operations. For example, we might disclose a Protected Party’s Protected Information to a health care provider when needed by the provider to render treatment to that party, and we might disclose Protected Information to another covered entity or subcontractor to conduct health care operations related to billing, claims payment or enrollment.
For all other uses and disclosures, we first must obtain your permission.
In addition, you have the following rights:
Contact Person for Filing Complaint or Obtaining Other Information. If you believe your privacy rights have been violated, you may file a written complaint with our Privacy Officer at the following address: