Skip to Main Content Skip to Footer Toggle Navigation Menu

14.2 HIPAA Privacy Policies and Procedures Overview

14.2.1 POLICY STATEMENT

HIPAA requires covered entities to have policies and procedures reflecting HIPAA’s privacy mandates. The Health Plan, as a covered entity, has developed administrative policies and procedures reflecting the Health Insurance Portability and Accountability Act of 1996 (HIPAA) privacy regulations.

14.2.2 POLICY INTERPRETATION AND IMPLEMENTATION

HIPAA Policies and ProceduresHIPAA requires covered entities to have policies and procedures to ensure compliance with HIPAA’s regulations. A health plan is a “covered entity” under HIPAA. Consequently, the Health Plan is responsible for the research, development, implementation, monitoring and maintenance of the Health Plan’s HIPAA privacy policies and procedures.
  
Revisions to HIPAA PoliciesThe Health Plan’s HIPAA privacy policies and procedures may be revised at any time, in order to comply or enhance compliance with HIPAA.
  
Distribution of Revisions to HIPAA PoliciesAny revisions to the Health Plan’s HIPAA’s privacy policies and procedures will be distributed to individual’s family members, representatives, employees, business associates, etc., within five (5) working days of the release of such revisions.
  
Policy InquiriesInquiries relative to HIPAA policies and procedures should be directed to the HIPAA Privacy Officer.
  
Specific Policies and ProceduresThe Health Plan’s specific policies and procedures have been created in order to satisfy HIPAA’s requirements.
  
Record RetentionA copy of all HIPAA covered information and any revisions shall be maintained for a period of at least six (6) years. Such retention may be in printed or electronic format, or both.
  
Privacy OfficerThe Privacy Officer is responsible for the development and implementation of the HIPAA policies and procedures. The Privacy Officer is also the contact person for any questions or complaints regarding HIPAA. If you have a question or concern about your HIPAA rights contact the Privacy Officer during regular business office hours Monday through Friday, except holidays, at (651) 696-6280.
  
ViolationsViolations of this policy will be subject to discipline.