HIPAA Privacy Statement
THIS NOTICE DESCRIBES HOW HEALTH INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.
Benecard Services, Inc. ("BENECARD") is required by law to maintain the privacy of Protected Health Information ("PHI") and to provide individuals with notice of our legal duties and privacy practices with respect to PHI. PHI is information that may identify you and that relates to your past, present or future physical or mental health or condition and related health care services.
BENECARD is committed to maintaining the privacy of your health care information. This notice explains how we may use and disclose information about you when providing you with mail order pharmacy services, and it explains your rights with respect to PHI we maintain about you.
How BENECARD Uses and Discloses PHI
BENECARD is permitted by the Privacy provisions of HIPAA to use and disclose your PHI without your authorization, for the following purposes:
- Payment: We are permitted to use and disclose PHI to receive payment for our services. For example, we may bill you or your insurance company for the cost of the medications dispensed to you. Also, we may contact your insurer or pharmacy benefit administrator to determine whether it will pay for the particular prescription or whether there are applicable co-payments under your prescription plan.
- Treatment: We are permitted to use and disclose your health information for treatment. For example, we may use PHI in order to fill and dispense your prescription medication, refill your prescriptions, or notify you of particular safety issues or product storage information concerning your medication. We may also contact your health care provider to resolve questions about your prescriptions, or provide prescription information to your doctors to supplement their records.
- Healthcare Operations: We are permitted to use and disclose PHI for our mail order pharmacy operations, including conducting audits and compliance programs to monitor the performance of the pharmacists providing service to you. Addition healthcare operations which may require our use or disclosure of PHI include detection and investigation of fraud, data and information systems management, customer service and other general administrative activities.
BENECARD may also use and disclose PHI as follows:
- To You, provide health related communications, refill reminders or other health related services that may be of interest to you.
- To a Family Member, friend or other personal representative-provided that person is involved with your health care or payment for your health care. For example, a family member or caregiver can contact us to confirm that a prescription has been filled or to pick up a prescription for you, provided that person can identify certain information about you or your prescription order.
- To Business Associates-persons or entities who provide services to us so that we may carry out our responsibilities to you. To protect PHI, we require business associates to appropriately safeguard PHI in their control.
- For Public Health and Safety Purposes-including to the Food and Drug Administration or other public health or legal authorities charged with preventing or controlling disease or injury.
- For Law Enforcement Purposes-to law enforcement officials, or in response to a valid subpoena, discovery request or other legal process.
- As Required By Law-to governmental entities such as the Drug Enforcement Administration as required when dispensing certain medications, and as necessary to comply with laws relating to worker's compensation or similar programs established by law.
- For Research-provided we receive prior approval from an institutional review board.
- To the Department of Health and Human Services-at its request, to investigate complaints and review our compliance with the HIPAA Privacy Standards. For other uses and disclosures than those listed above, BENECARD will obtain your written authorization prior to releasing your Protected Health Information. You may revoke your authorization, in writing, at any time.
Your Legal Rights
Under the HIPAA privacy law, you have the right to make certain requests with respect to your protected health information as follows:
- To request a copy of your heath information be sent to a third party, please complete and submit the form found here.
- Obtain a copy of your health information as contained in a "designated record set", consisting of your prescription records maintained by us. To inspect or copy your PHI, you must send a written request to us, and we may charge a reasonable copying and mailing fee.
- Request Amendments to PHI, if you believe the PHI we maintain is incorrect or incomplete. You must request such an amendment in writing and include the reasons for your request. In certain cases, we may deny your request for an amendment. If we deny the request, you may file a statement of disagreement.
- Obtain an Accounting of disclosures of your PHI that we have made to various third parties other than for payment, treatment or health care operations. You must request this accounting in writing and you will be entitled to receive one accounting per year free of charge.
- Request Restrictions on certain uses and disclosures of PHI. We will consider, but may not agree, to such requests. You also have the right to request that we limit disclosure of your PHI to family members or others involved in your care.
- Request Confidential Communications of PHI be sent to alternative places or by alternative means. For example, you may request, in writing, that we contact you about prescription matters only in writing or at your office address instead of your home address. We will try to accommodate all reasonable requests.
- Revoke your authorization to use or disclose health information except to the extent action has already been taken.
- Receive a Paper Copy of This Notice at any time by making a request in writing.
To exercise any of the privacy rights outlined above, please put your request in writing and submit it via mail, facsimile, or electronic mail to BENECARD's Privacy Officer at:
Fax: (609) 219-0161
You have the right to file a complaint if you think your privacy rights have been violated by contacting our Privacy Officer or by writing to the Secretary of the U.S. Department of Health and Human Services. You will not be penalized for filing a complaint.
The Federal Privacy Standards require us to maintain the privacy and security of your protected health information. We protect your PHI with administrative, technical and physical safeguards as required by HIPAA. We are required to provide you with a copy of our Notice of Privacy Practices and to abide by the terms of the Notice. We reserve the right to change the terms of the Notice and our privacy practices at any time and to make the new Notice effective for all the PHI we maintain.
If you have any questions or would like additional information regarding BENECARD's privacy practices, you may contact our Privacy Officer at:
Fax: (609) 219-0161
This notice became effective on January 15, 2009.