|
HIPAA is comprehensive
law enacted by Congress. The law has several subparts
providing such benefits as guaranteed portability and
renewal of insurance benefits between employers, tax
provisions for medical savings accounts and administrative
simplification to improve the efficiency and effectiveness
of the health care system.
During the latter part of the 1990’s, the Secretary
of the Department of Health and Human Services drafted
regulations for standardizing the electronic interchange
of administrative and financial data and protecting the
security and privacy of personal health information.
HIPAA requires health care providers, health plans and
health care clearinghouses to transition to the use of
standard code sets and “electronic data interchange
(EDI) and to maintain reasonable and appropriate administrative,
technical, and physical safeguards to insure the integrity
and confidentiality of healthcare information; to protect
against reasonably foreseeable threats and hazards to
the security or integrity of the information; and, to
protect against unauthorized uses or disclosure of the
information. Compliance with first of the HIPAA rules
is scheduled for early 2003.
All Legionnaire Insurance Trust officers, employees,
and agents shall preserve the integrity and the confidentiality
of individually identifiable health information (IIHI)
pertaining to each client. This IIHI is protected health
information (PHI) and shall be safeguarded to the highest
degree possible in compliance with the requirements of
the security rules and standards established under the
Health Insurance Portability and Accountability Act of
1996 (HIPAA).
The Legionnaire Insurance Trust shall publish and distribute
a Notice of Privacy Practices that informs the client
in plain language about the uses and disclosures of PHI
the organization will make; client rights in regard to
uses and disclosures; and, limitations on the organization
in that it could not use or disclose information in a
manner not covered in the Notice.
The Legionnaire Insurance Trust and its officers, employees,
and agents will not use or disclose an individual’s
protected health information for any purpose without
the properly documented consent or authorization of the
client or his/her authorized representative unless required
to do so by federal and or state law or regulation; unless
an emergency exists; or, unless the information has been
sufficiently de-identified that the recipient would be
unable to link the information to the client.
The Legionnaire Insurance Trust shall establish contractual
assurances from all business associates to which PHI
is disclosed that the information will be used only for
the purposes for which they were engaged, will safeguard
the information from misuse, and will help the agency
comply with its duties to provide clients with access
to health information about them and a history of certain
disclosures.
The Legionnaire Insurance Trust shall provide adequate
training and timely updates related to the policies and
procedures for compliance with the HIPAA privacy standards
for all current employees, new hires, agents and business
associates. Training content and participation will be
documented and retained by the Privacy Officer.
All officers, employees and agents of The Legionnaire
Insurance Trust shall comply with the standards set forth
in this policy. Violation of this policy and unauthorized
uses and/or disclosures of protected health information
are very serious offenses. Not only is violation of this
policy grounds for disciplinary action, up to and including
termination of employment, but violations related to
unauthorized use and disclosure of protected health information
may be subject to civil and criminal penalties including
significant monetary costs and incarceration.
The Legionnaire Insurance Trust shall maintain policies
and procedures to implement HIPAA standards and regulations.
The Legionnaire Insurance Trust shall also maintain documentation
in written or electronic form of any communication required
by the regulation and documentation of any action, activity
or designation that may be required. Such documentation
shall be maintained by the organization for a period
of six (6) years from the date of its creation or the
date when it last was in effect, whichever is later.
If you have any questions about this privacy statement,
the practices of this site, or your dealings with this
Web site, you can contact:
theLIT.com
The Legionnaire Insurance Trust
P.O. Box 21908
Santa Barbara, CA 93121 |
