HIPAA Privacy Policy


Notice of Privacy Practices

Protecting your personal health information is important. Each year, we are required to send you specific information about your rights, your benefits and more. This can use up a lot of trees, so we have combined a couple of these required annual notices. Please take a few minutes to read about:

  • State notice of privacy practices
  • HIPAA notice of privacy practices

Want to save more trees? Fax us at 651-768-1309 to request a copy of this notice. Please include your email address in the fax request.

State notice of privacy practices

When it comes to handling your health information, we follow relevant state laws, which are sometimes stricter than the federal HIPAA privacy law. This notice explains your rights and our duties under state law. It applies to health, dental, vision and life insurance benefits you may have.

Your state may give you additional rights to limit sharing your health information. Please call the Customer Service phone number on your ID card for more details.

Your personal information

Your nonpublic (private) personal information (PI) identifies you and it is often gathered in an insurance matter. You have the right to see and correct your PI. We may collect, use and share your PI as described in this notice. Our goal is to protect your PI because your information can be used to make judgments about your health, finances, character, habits, hobbies, reputation, career and credit.

We may receive your PI from others, such as doctors, hospitals or other insurance companies. We may also share PI with others outside of our company — without your approval, in some cases. But we take reasonable measures to protect your information. If an activity requires us to give you a chance to opt out, we will let you know and we will let you know how to tell us you do not want your PI used or shared for an activity you can opt out of.

THIS NOTICE DESCRIBES HOW MEDICAL AND DENTAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED, AND HOW YOU CAN GET ACCESS TO THIS INFORMATION WITH REGARD TO YOUR HEALTH BENEFITS. PLEASE READ CAREFULLY.

HIPAA notice of privacy practices

We keep the health and financial information of our current and former members private as required by law, accreditation standards and our own internal rules. We are also required by federal law to give you this notice to explain your rights and our legal duties and privacy practices.

Your Protected Health Information

There are times we may collect, use and share your Protected Health Information (PHI) as allowed or required by law, including the HIPAA Privacy rule. Here are some of those times:

For payment: We collect, use and share PHI to take care of your account and benefits, or to pay claims for healthcare you get through your plan.

For healthcare operations: We collect, use and share PHI for our healthcare operations.

For treatment activities: We do not provide treatment, but we collect, use and share information about your treatment to offer services that may help you, including sharing information with others providing you treatment.

Examples of ways we use your information:

  • We keep information about your premium and deductible payments.
  • We may give information to a doctor’s office to confirm your benefits.
  • We may share explanation of benefits (EOB) with the subscriber of your plan for payment purposes.
  • We may share PHI with your doctor or hospital so that they may treat you.
  • We may use PHI to review the quality of care and services you get.
  • We may use PHI to help you with services for conditions like asthma, diabetes or traumatic injury.
  • We may collect and use publicly and/or commercially available data about you to support you and help you get health plan benefits and services.
  • We may use your PHI to create, use or share de-identified data as allowed by HIPAA.
  • We may also use and share PHI directly or indirectly with health information exchanges for payment, healthcare operations and treatment. If you do not want your PHI to be shared in these situations, please visit www.decare.com/privacyPolicies for more information.

Sharing your PHI with you: We must give you access to your own PHI. We may also contact you about treatment options or other health-related benefits and services. When you or your dependents reach a certain age, we may tell you about other plans or programs for which you may be eligible, including individual coverage. We may also send you reminders about routine medical checkups and tests.

You may get emails that have limited PHI, such as welcome materials. We will ask your permission before we contact you.

Sharing your PHI with others: In most cases, if we use or share your PHI outside of treatment, payment, operations or research activities, we have to get your okay in writing first. We must also get your written permission before:

  • Using your PHI for certain marketing activities.
  • Selling your PHI.
  • Sharing any psychotherapy notes from your doctor or therapist.

We may also need your written permission for other situations not mentioned above. You always have the right to cancel any written permission you have given at any time. You have the right and choice to tell us to share information with your family, close friends or others involved with your current treatment or payment for your care and to share information in an emergency or disaster relief situation.

If you cannot tell us your preference, for example in an emergency or if you are unconscious, we may share your PHI if we believe it is in your best interest. We may also share your information when needed to lessen a serious and likely threat to your health or safety.

Other reasons we may use or share your information: We are allowed, and in some cases required, to share your information in other ways – usually for the good of the public, such as public health and research. We can share your information for these specific purposes:

  • Helping with public health and safety issues, such as:
  • Preventing disease
  • Helping with product recalls
  • Reporting adverse reactions to medicines
  • Reporting suspected abuse neglect, or domestic violence
  • Preventing or reducing a serious threat to anyone’s health or safety
  • Doing health research.
  • Obeying the law, if it requires sharing your information.
  • Responding to organ donation groups for research and certain reasons.
  • Addressing workers’ compensation, law enforcement and other government requests, and to alert proper authorities if we believe you may be a victim of abuse or other crimes.
  • Responding to lawsuits and legal actions.

If you are enrolled with us through an employer, we may share PHI with your group health plan. If the employer pays your premium or part of it, but does not pay your health insurance claims, your employer can only have your PHI for permitted reasons and is required by law to protect it.

Authorization: We will get your written permission before we use or share your PHI for any other purpose not stated in this notice. You may cancel your permission at any time, in writing. We will then stop using your PHI for that purpose. But, if we have already used or shared your PHI with your permission, we cannot undo any actions we took before you told us to stop.

Genetic information: We cannot use your genetic information to decide whether we will give you coverage or decide the price of that coverage.

Race, ethnicity, language, sexual orientation and gender identity: We may receive race, ethnicity, language, sexual orientation and gender identity information about you and protect this information as described in this notice. We may use this information to help you, including identifying your specific needs, developing programs and educational materials, and offering interpretation services. We do not use race, ethnicity, language, sexual orientation and gender identity information to decide whether we will give you coverage, what kind of coverage and the price of that coverage. We do not share this information with unauthorized persons.

Your rights

Under federal law, you have the right to:

  • Send us a written request to see or get a copy of your PHI, including a request for a copy of your PHI through e-mail. Remember, there is a risk your PHI could be read by a third party when it is sent unencrypted, meaning regular e-mail. So we will first confirm that you want to get your PHI by unencrypted e-mail before sending it to you. We will provide you a copy of your PHI usually within 30 days of your request. If we need more time, we will let you know.
  • Ask that we correct your PHI that you believe is missing or incomplete. If someone else, such as your doctor, gave us the PHI, we will let you know so you can ask him or her to correct it. We may say “no” to your request, but we will tell you why in writing within 60 days.
  • Send us a written request to ask us not to use your PHI for treatment, payment or healthcare operations activities. We may say “no” to your request, but we will tell you why in writing.
  • Request confidential communications. You can ask us to send your PHI or contact you using other ways that are reasonable. Also, let us know if you want us to send your mail to a different address if sending it to your home could put you in danger.
  • Send us a written request to ask us for a list of those with whom we have shared your PHI. We will provide you a list usually within 60 days of your request. If we need more time, we will let you know.
  • Ask for a restriction for services you pay for out of your own pocket: If you pay in full for any medical services out of your own pocket, you have the right to ask for a restriction. The restriction would prevent the use or sharing of that PHI for treatment, payment or operations reasons. If you or your provider submits a claim to us, we may not agree to a restriction (see “Your rights” above). If a law requires sharing your information, we do not have to agree to your restriction.
  • Call Customer Service at the phone number on your ID card to use any of these rights. Customer Service representatives can give you the address to send the request. They can also give you any forms we have that may help you with this process.

How we protect information

We are dedicated to protecting your PHI, and we have set up a number of policies and practices to help keep your PHI secure and private. If we believe your PHI has been breached, we must let you know.

We keep your oral, written and electronic PHI safe using the right procedures, and through physical and electronic ways. These safety measures follow federal and state laws. Some of the ways we keep your PHI safe include securing offices that hold PHI, password-protecting computers, and locking storage areas and filing cabinets. We require our employees to protect PHI through written policies and procedures. These policies limit access to PHI to only those employees who need the data to do their job. Employees are also required to wear ID badges to help keep unauthorized people out of areas where your PHI is kept. Also, where required by law, our business partners must protect the privacy of data we share with them as they work with us. They are not allowed to give your PHI to others without your written permission, unless the law allows it and it is stated in this notice.

Potential impact of other applicable laws

HIPAA, the federal privacy law, generally does not cancel other laws that give people greater privacy protections. As a result, if any state or federal privacy law requires us to give you more privacy protections, then we must follow that law in addition to HIPAA.

Calling or texting you

We, including our affiliates and/or vendors, may call or text you by using an automatic telephone dialing system and/or an artificial voice. But we only do this in accordance with the Telephone Consumer Protection Act (TCPA). The calls may be about treatment options or other health-related benefits and services for you. If you do not want to be contacted by phone, just let the caller know or call 1-844-203-3796 to add your phone number to our Do Not Call list. We will then no longer call or text you.

Complaints

If you think we have not protected your privacy, you can file a complaint with us at the Customer Service phone number printed on your ID Card. You may also file a complaint with the U.S. Department of Health and Human Services Office for Civil Rights by visiting www.hhs.gov/ocr/privacy/hipaa/complaints/. We will not take action against you for filing a complaint.

Contact information

You may call us at the Customer Service phone number on your ID card. Our representatives can help you apply your rights, file a complaint or talk with you about privacy issues.

Copies and changes

You have the right to get a new copy of this notice at any time. Even if you have agreed to get this notice by electronic means, you still have the right to ask for a paper copy. We reserve the right to change this notice. A revised notice will apply to PHI we already have about you, as well as any PHI we may get in the future. We are required by law to follow the privacy notice that is in effect at this time. We may tell you about any changes to our notice through a newsletter, our website or a letter.

Effective Date of this notice

The original effective date of this Notice was April 14, 2003. The most recent revision date is indicated in the footer of this Notice.

Declaración de prácticas de privacidad en español

Revision 6/2022; Reviewed 3/2022