PDA

View Full Version : HIPAA violation


busdriver50
Jan 10, 2011, 07:27 PM
The company I work for recently emailed all employees and posted a list of all employees who signed up during recent open enrollment for health insurance, life insurance and long term disability. The company is self insured and I feel that they violated our privacy rights by sharing information naming employees who signed up for insurance offered at the open enrollment.

Fr_Chuck
Jan 10, 2011, 07:29 PM
No, first you would have to work for a health provider, and if you did, they would have to listed health info. To be a violation under that law, the medical info has to be given from a medical provider to someone who is not allowed. Next it has to be more specific info.

The mere fact you signed up for insurance is not a violation.
They often have meetings of insured people at the work place to discuss changes in policy even.

Wildsporty
Jan 19, 2011, 09:36 AM
A violation would be the sharing of PHI. (Personal Health Information). This would have to be information about a specific health condition of yours.

Simply signing up for insurance is not a protected act.

Employers with fully insured group health plans are not entities under HIPAA. However, if wellness plans, FSA, HRA, or HSA plans are offered they may be entities for HIPAA under those plans.

The employer still must comply with privacy laws both federal and state even though they may not be a HIPAA covered entity.

The signing up for medical insurance would not be covered under HIPAA nor any state or federal privacy laws.

PHI (personal health information) would be covered under all 3.

Shirley