THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.
HIPAA is the acronym for the Health Insurance Portability and Accountability Act. Originally, HIPAA established minimum federal standards regarding access to and the portability and renew-ability of private health insurance. The HIPAA “Administrative Simplification” provisions focus on health data transmission, security, and privacy. Generally, HIPAA imposes certain electronic data interchange (EDI), privacy, and security requirements upon covered entities (health plans, health care providers, and health care clearinghouses), and by contract or plan amendment, upon third-party service providers that contract with such entities (also known as Business Associates) and employer-sponsors of health plans.
Certilytics, Inc. as a business associate to a covered entity may receive or create health information about you in order to carry out activities on behalf of the covered entity for activities involving treatment, payment or health care operations. This health information is called “protected health information” and we refer to it throughout this Statement as “PHI.”
This section generally describes how Certilytics, Inc. uses and discloses health information to administer benefits under your group health plan. Please note that this Statement does not list every use or disclosure; instead it gives examples of the most common uses and disclosures.
2.1 Primary Uses and Disclosures of PHI
Certilytics, Inc. may use and disclose PHI about you for additional related healthcare operations necessary to operate your health plan. For example, your health information may be received or created by members of the staff through business operations. Certilytics, Inc. also may use your PHI for administrative activities such as business planning and development, cost management, business management and conducting quality assessment and improvement activities.
Required by law. Certilytics, Inc. may use and disclose information about you as required by law. For example, Certilytics, Inc. may disclose information for the following purposes:
Public Health Your health information may be used or disclosed for public health activities such as assisting public health authorities or other legal authorities to prevent or control disease, injury, or disability, or for other health oversight activities.
Health and Safety Your health information may be disclosed to avert a serious threat to the health or safety of you or any other person pursuant to applicable law.
Government Functions Your health information may be disclosed for specialized government functions such as protection of public officials or reporting to various branches of the armed services that may require use or disclosure of your health information.
Workers Compensation Your health information may be used or disclosed in order to comply with laws and regulations related to Workers Compensation.
Other uses Other uses and disclosures will be made only with your written authorization, and you may revoke the authorization except to the extent Certilytics, Inc. has taken action in reliance on such.
Material Limitations: State laws may be more stringent. Material limitations such as records surrounding mental health / HIV, that are imposed by state or other applicable law on permitted uses and disclosures will be applied.
You may have certain rights to access, amend, and request an accounting of certain disclosures of the PHI. Certilytics, Inc. handles on behalf of your employer’s plan. These rights are described in more detail in the separate Notice of Privacy Practice provided by your plan.
You have the right to: [R-0847]
You may contact Certilytics, Inc. at (800) 333-3760 or the Department of Health and Human Services if you believe your privacy rights have been violated. You will not be retaliated against for filing a protected health information-related complaint. Revised notices will be provided in writing upon request.
Certilytics, Inc. is committed to:
If you have any questions or complaints, please contact:
9200 Shelbyville Road, Suite 700
Louisville, KY 40222
Certilytics, Inc. has the right to change this Statement at any time. Certilytics, Inc. also has the right to make the revised or changed Statement effective for medical information Certilytics, Inc. already has about you as well as any information received in the future. Certilytics, Inc. will post a copy of the current Statement on the company’s website. All Statements will contain the revision date on the first page.