Skip to Content

Information from your health plan about COVID-19 (coronavirus disease)

Learn more

Provider Manual

Confidentiality of information

Last Updated on January 24, 2019

Family Health Center is concerned about the confidentiality of medical records and other personal information. That is why it takes confidentiality issues and laws very seriously and have safeguards in place to protect sensitive information. Family Health Center follows all federal and state privacy laws for maintaining confidentiality of records, including maintaining these records in an accurate and timely manner.

  • When Family Health Center determines it is necessary, members age 18 or older sign a release of information form. Parents or legal guardians are able to sign for minor children. 
  • Members have the right to request an accounting of certain disclosures of protected health information (PHI) and have other rights as set forth in the HIPAA Privacy Rules. 
  • Calls and correspondence from members shall be logged by Security Health Plan staff into the call tracking system in order to assure full access to member communications and full coordination of services to members. Contact information may include PHI, and its confidentiality shall be protected as provided by state and federal laws and regulations. 
  • Family Health Center only releases PHI with authorization, unless otherwise permitted by state or federal law. Members requesting claims or membership records or other information that pertains to them are provided access in a timely manner, as appropriate. Family Health Center reserves the right to decide which information is disclosed on a case-by-case basis. 
  • To the extent required by law, and as is appropriate, Family Health Center limits use of PHI when members request that such information be protected. Limitations also may be established by court order. 
  • Information is available internally on a “need-to-know” basis. Employees shall use and disclose the minimum amount of information necessary to complete duties. Internal computer passwords prohibit access to PHI by employees whose jobs do not require access. In addition, Family Health Center uses electronic “firewalls” to further restrict external access to computer systems. 
  • All employees shall protect the security of access to PHI in any form and maintain the confidentiality of the information. 
  • Family Health Center employees are subject to disciplinary action, up to and including immediate termination of employment for gaining unauthorized access to confidential information or sharing confidential information with another employee whose function does not require that information. 
  • All internal paper documents, when disposed of, that include PHI are certified as destroyed by a contracted waste disposal company. 
  • Family Health Center does not provide direct care and does not maintain copies of complete medical records. On occasion, Family Health Center obtains portions of medical records for claims payment, utilization management and other purposes. (Family Health Center routinely verifies that providers have policies and procedures in place to ensure that the confidentiality of medical records is maintained appropriately.) 
  • Family Health Center does not sell PHI to outside organizations and enters into confidentiality agreements with any outside entities that use PHI on Family Health Center’s behalf. These entities are bound by contract, laws and regulations to maintain the same high level of privacy protection offered by Family Health Center. 
  • Employer groups may receive certain information from Family Health Center; any member identifiable information shall be released in accordance with the requirements of the HIPAA Privacy Rule. 
  • Family Health Center does use aggregate health care data from claims for quality improvement programs. 
  • When Family Health Center participates in medical and scientific research projects, the projects are reviewed to ensure that appropriate authorizations are obtained when necessary. 
  • Family Health Center does not use PHI for marketing purposes, as defined in the HIPAA privacy regulations, without appropriate authorization. At times PHI may be used to: 
    • offer alternative coverage 
    • provide products to aid in disease management 
    • provide general health information as found in member newsletters 
  • Family Health Center shall provide a summary of its privacy policy (Privacy Statement) to members and providers through the General Information and Member Handbook. 
  • Nonpublic information is not shared with any affiliated or nonaffiliated third parties except as necessary to process transactions and provide services to Family Health Center members or as required by law. Some of the shared information may include a member’s name, address, or other identifying information. Any third party with whom Family Health Center shares information is legally bound not to disclose or reuse it in any way except as necessary to meet contractual duties. While the Federal Gramm-Leach-Bliley Act of 1999 and state regulations provide for an optout right for certain circumstances, Family Health Center does not sell or share any of its member information with any third party that triggers this opt out right. Family Health Center provides a privacy notice to its members to comply with that Act and state regulations.