HIPAA Notice of Privacy Practices
DELTA DENTAL OF ARKANSAS
THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.
This Notice describes the privacy practices of Delta Dental Plan of Arkansas, Inc. (referred to here as “we” or “us” or “our”). We agree to abide by the terms of this Notice.
We are required by law to maintain the privacy of your health information, to provide you with this notice of our legal duties and privacy practices with respect to your health information, and to notify you of a breach of your unsecured protected health information. We are committed to protecting your health information.
We comply with the provisions of the Health Information Technology for Economic and Clinical Health (HITECH) Act. We maintain a breach reporting policy and have in place appropriate safeguards to track required disclosures and meet appropriate reporting obligations. In addition, we comply with the “Minimum Necessary” requirements of HIPAA and the HITECH amendments.
The HIPAA Privacy Rule protects only certain medical information known as “protected health information” (“PHI”). Generally, PHI is individually identifiable health information, including demographic information, collected from you or received by a health care provider, a health care clearinghouse, a health plan or your employer on behalf of the Group Health Plan that relates to:
(1) your past, present or future physical or mental health or condition;
(2) the provision of health care to you; or
(3) the past, present or future payment for the provision of health care to you.
HOW WE MAY USE AND DISCLOSE HEALTH INFORMATION ABOUT YOU
The following categories describe different ways that we may use or disclose your PHI without first obtaining your permission.
For We may use or disclose your PHI to facilitate medical treatment or services by providers. We may disclose PHI about you to providers, including dentists, doctors, nurses, or technicians, who are involved in taking care of you. For example, we might disclose information about your prior dental X-ray to a dentist to determine if the prior X-ray affects your current treatment.
For We may use or disclose PHI about you to obtain payment for your treatment and to conduct other payment related activities, such as determining eligibility for Group Health Plan benefits, obtaining customer payment for benefits, processing your claims, making coverage decisions, administering Group Health Plan benefits, and coordinating benefits.
For Health Care Operations We may use and disclose PHI about you for our operations, including setting rates, conducting quality assessment and improvement activities, reviewing your treatment, obtaining legal and audit services, detecting fraud and abuse, business planning and other general administration activities.
To Business Associates We may contract with individuals or entities known as Business Associates to perform various functions or to provide certain types of services on our behalf. In order to perform these functions or provide these services, Business Associates may receive, create, maintain, use and/or disclose your PHI, but only if they agree in writing with us to implement appropriate safeguards regarding your PHI. For example, we may disclose your PHI to a Business Associate to administer claims or provide support services, such as utilization management, quality assessment, billing collection or audit services, but only after the Business Associate enters into a Business Associate Agreement with us.
Health-Related Benefits and Services We may use or disclose health information about you to communicate to you about health-related benefits and services. For example, we may communicate to you about health-related benefits and services
that add value
but are not part of, your Group Health Plan.
To Avert a Serious Threat to Health or Safety We may use and disclose PHI about you to prevent or lessen a serious and imminent threat to the health or safety of a person or the general public.
Military and Veterans If you are a member of the armed forces, we may release PHI about you if required by military command authorities.
Worker's Compensation We may release PHI about you as necessary to comply with worker's compensation or similar programs.
Public Health Risks We may release PHI about you for public health activities, such as to prevent or control disease, injury or disability, or to report child abuse, domestic violence, or disease or infection exposure.
Health Oversight Activities We may release PHI to help health agencies during audits, investigations or inspections.
Lawsuits and Disputes If you are involved in a lawsuit or a dispute, we may disclose PHI about you in response to a court or administrative order. We also may disclose PHI about you in response to a subpoena, discovery request, or by someone else involved in the dispute, but only if efforts have been made to tell you about the request or to obtain an order protecting the information requested.
Law Enforcement We may release PHI if asked to do so by a law enforcement official:
- In response to a court order, subpoena, warrant, summons or similar process;
- To identify or locate a suspect, fugitive, material witness, or missing person;
- About the victim of a crime if, under certain limited circumstances, we are unable to obtain the person’s agreement;
- About a death we believe may be the result of criminal conduct; and
- In emergency circumstances to report a crime; the location of the crime or victims; or the identity, description or location of the person who committed the crime.
Coroners, Medical Examiners Funeral Directors We may release PHI to a coroner or medical examiner. This may be necessary, for example, to identify a deceased person or determine the cause of death.
National Security and Intelligence Activities We may release PHI about you to authorized federal officials for intelligence, counterintelligence, and other national security activities authorized by law.
To Group Sponsor We may disclose your PHI to certain employees of the Group Sponsor (i.e., the Company) for the purpose of administering the Group Health Plan. These employees will only use or disclose your PHI as necessary to perform our administrative functions or as otherwise required by HIPAA.
Disclosure to Others We may use or disclose your PHI to your family members and friends who are involved in your care or the payment for your care. We may also disclose PHI to an individual who has authority to make health care decisions on your behalf.
The following is a description of disclosures of your PHI we are required to make:
As Required By Law We will disclose PHI about you when required to do so by federal, state or local law. For example, we may disclose PHI when required by order in a litigation proceeding, such as a malpractice action.
Government Audits We are required to disclose your PHI to the Secretary of the United States Department of Health and Human Services when the Secretary is investigating or determining our compliance with HIPAA.
Disclosures to You Upon your request, we are required to disclose to you the portion of your PHI that contains medical records, billing records, and any other records used to make decisions regarding your health care benefits.
We will use or disclose your PHI only as described in this Notice. Any other uses and disclosures not described in the notice will only be made with your written authorization. It is not necessary for you to do anything to allow us to disclose your PHI as described here. If
you want us to use or disclose your PHI for another purpose, you must authorize us in writing to do so. For example, we may use your PHI for research purposes if you provide us with written authorization to do so. We must also get your written authorization
in order to use or disclose your PHI for marketing purposes if it involves financial remuneration to us or if we intend to sell your PHI. You may revoke your authorization in writing at any time by notifying our Privacy Officer. When we receive your
revocation, it will be effective only for future uses and disclosures. It will not be effective for any PHI that we may have used or disclosed in reliance upon your written authorization
YOUR RIGHTS REGARDING PHI THAT WE MAINTAIN
You have the following rights regarding PHI we maintain about you:
Your Right to Inspect and Copy Your PHI You have the right to inspect and copy your PHI. You must submit your request in writing and if you request a copy of the information, we may charge you a reasonable fee to cover expenses associated with your request.
We may deny your request to inspect and copy PHI in certain limited circumstances. If you are denied access to PHI, you may request that the denial reviewed by submitting a written request to the Contact Person listed below.
Your Right to Amend Incorrect or Incomplete Information If you believe that the PHI we have about you is incorrect or incomplete, you may request that we change your PHI by submitting a written request. You also must provide a reason for your request. We are not required to amend your PHI, but if we deny your request, we will provide you with information about our denial and how you can disagree with the denial.
Your Right to Request Restrictions on Disclosures to Health Plans Where applicable, you may request that restrictions be placed on disclosures of your PHI.
Your Right to an Accounting of Disclosures We Have Made You may request an accounting of disclosures of your PHI that we have made, except for disclosures we made to you or pursuant to your written authorization, or that were made for treatment, payment or health care operations, national security or incident to other permissible disclosures.
You must submit your request in writing. Your request should specify a time period of up to six years but may not include dates before April 14, 2003. We will provide one list of disclosures to you per 12-month period free of charge; we may charge you for additional lists.
Your Right to Request Restrictions on Uses and Disclosures You have the right to request restrictions or limitations on the way that we use or disclose PHI. You must submit a request for such restrictions in writing, including the information you wish to limit, the scope of the limitation and the persons to whom the limits apply. We may deny your request.
Your Right Not To Be Underwritten Using Genetic Information You have a right not to have your PHI that is genetic information used or disclosed by us for purposes of underwriting.
Your Right to Request Confidential Communications Through a Reasonable Alternative Means or at an Alternative Location You may request that we direct confidential communications to you in an alternative manner (i.e., by facsimile or e-mail). You must submit your request in writing. We are not required to agree to your request.
Your Right to a Paper Copy of This Notice To obtain a paper copy of this Notice or a more detailed explanation of these rights, send us a written request at the address listed below. You may also obtain a copy of this Notice at our website: www.deltadentalar.com.
CHANGES TO THIS NOTICE
We may amend this Notice of Privacy Practices at any time in the future and make the new Notice provisions effective for all PHI that we maintain. We will advise you of any significant changes to the Notice. We are required by law to comply with the current
version of this Notice.
If you believe your privacy rights or rights to notification in the event of a breach of your PHI have been violated, you may file a complaint with us or with the Office of Civil Rights. Complaints about this Notice or about how we handle your PHI should
be submitted in writing to the Contact Person listed below.
A complaint to the Office of Civil Rights should be sent to Office of Civil Rights, U.S. Department of Health & Human Services, 233 N. Michigan Ave. – Suite 240, Chicago, IL 60601, (312) 886-2359; (312) 353-5693 (TDD), (312) 886-1807 (fax). You also may visit OCR’s website at www.hhs.gov/hipaa/filing-a-complaint/index.html for more information.
You will not be penalized, or in any other way retaliated against for filing a complaint with us or the Office of Civil Rights.
SEND ALL WRITTEN REQUESTS REGARDING THIS PRIVACY NOTICE TO:
Delta Dental Plan of Arkansas, Inc.
Attn: Privacy Officer
P.O. Box 15965
North Little Rock, AR 72231
Para asistencia en español, llame al número de servicio al cliente (customer service) que aparece en el reverso de su tarjeta para miembros.
This document is also available in alternative formats upon request and at no cost to persons with disabilities.
Effective Date: February 1, 2015