Employee Handbook

14.2 HIPAA Privacy Policies and Procedures Overview

14.2.1 Policy Statement

HIPAA requires covered entities to have policies and procedures reflecting HIPAA's privacy mandates. The Health Plan, as a covered entity, has developed administrative policies and procedures reflecting the Health Insurance Portability and Accountability Act of 1996 (HIPAA) privacy regulations.

14.2.2 Policy Interpretation and Implementation

HIPAA Policies and Procedures

HIPAA requires covered entities to have policies and procedures to ensure compliance with HIPAA's regulations. A health plan is a “covered entity” under HIPAA. Consequently, the Health Plan is responsible for the research, development, implementation, monitoring and maintenance of the Health Plan's HIPAA privacy policies and procedures.



Revisions to HIPAA Policies

The Health Plan's HIPAA privacy policies and procedures may be revised at any time, in order to comply or enhance compliance with HIPAA.



Distribution of Revisions to HIPAA Policies

Any revisions to the Health Plan's HIPAA's privacy policies and procedures will be distributed to individual's family members, representatives, employees, business associates, etc., within five (5) working days of the release of such revisions.



Policy Inquiries

Inquiries relative to HIPAA policies and procedures should be directed to the HIPAA Privacy Officer.



Specific Policies and Procedures

The Health Plan's specific policies and procedures have been created in order to satisfy HIPAA's requirements.



Record Retention

A copy of all HIPAA covered information and any revisions shall be maintained for a period of at least six (6) years. Such retention may be in printed or electronic format, or both.



Privacy Officer

The Privacy Officer is responsible for the development and implementation of the HIPAA policies and procedures. The Privacy Officer is also the contact person for any questions or complaints regarding HIPAA. If you have a question or concern about your HIPAA rights contact the Privacy Officer during regular business office hours Monday through Friday, except holidays, at (651) 696-6280.




Violations of this policy will be subject to discipline.