The information shown below is a summary of MedCost's* privacy practices. To view our full Notice of Privacy Practices, please click here.
The privacy of your personal health information is very important to us. To effectively administer your health benefits, we must collect and share non-public personal health information ("PHI"). We are required by law to maintain the privacy of your personal health information and to provide you a copy of this Notice of our legal duties and privacy practices. Consequently, we have policies and procedures in place to make sure that we only share the minimum amount of information necessary and only with those parties who have a legitimate business need for the information. This notice provides you with important information about our privacy policies including what types of information we collect, what types of information we may disclose and to whom we may disclose information.
Like all health care organizations, we must collect certain information about you and your family in order to provide services to you. This information may come to us in writing, in person, by telephone or electronically. This information may include:
As a third party service provider for your health plan, we restrict access to PHI to those employees who need it to provide health plan services to you and your family. We maintain the highest physical and electronic security safeguards to protect your information against unauthorized access. We take privacy very seriously. We have a corporate Privacy Officer whose responsibility is to develop procedures to support this endeavor, to educate our staff and to test and enforce these mechanisms to protect privacy.
We never disclose PHI except as permitted by law. We will disclose information during normal health plan operations to help ensure that you receive the care that you need, or as required to secure payments for the services or benefits you receive. When we are required to disclose information, we follow specific policies and practices to ensure that the party we release information to, first, is who they say they are and, second, that they have a legitimate need for that information. In such cases, we release only the minimum amount of information required. Any party with whom we share your information is required to keep this information confidential as required by law.
Examples of the reasons we may disclose PHI and the data that we may share with a third party include:
The administration of your health benefits and the authorization of payments for health care may require that we release information to providers, provider network organizations, care coordinators, utilization review organizations, grievance review boards or an excess loss insurance company. This exchange usually includes benefit information and/or PHI history that we have on file. We will always work to ensure that the information we release is limited to what is needed for the current inquiry, that it facilitates your care or your benefits and that it is not used for any other purpose.
PHI may be released to a utilization review or disease management ("DM") organization for the development of prevention, early detection and DM programs in which educational materials and screening reminders are sent to eligible persons. They may also perform risk assessments and identify and contact those who may benefit from DM programs.
Enrollment information such as your name, address, plan name and coverage dates may be released to your pharmacy benefits carrier or other organizations responsible for delivering or administering a portion of your health care.
We may also share information to facilitate the changeover or acquisition of your health plan to another insurer or Third Party Administrator (TPA).
Information that is publicly available or that is reported in aggregate (a summary across a population that does not identify individuals) is not considered PHI.
Every effort is made to protect your PHI and the trust you have placed in us. You should be aware, however, that in the course of administering your health benefits, PHI must be disclosed. Disclosure is permitted only when required or allowed by law. We consider the activities described in the section above to be key for the administration of your health plan. You may also want to specifically request the disclosure of PHI from us to a third party for reasons not discussed here. For this, please call the toll-free customer service number on your ID card and ask for a release form.
Our policies for the protection of PHI remain in effect even after you terminate from the health plan. We will retain your records and administer your benefits retroactively for as long as required by law.
Your privacy is important to us. We have systems and policies in place to prevent the unlawful or accidental disclosure of your information. If you believe that this policy has been violated or if you believe there has been an inappropriate or unauthorized disclosure of your PHI, please let us know. You should follow the procedure for grievances as listed in your plan documents or call the toll-free customer service number on your ID card for assistance.
This notice reflects our current privacy policies and practices. Any material change in the information we collect or disclose will result in a revised notice.
If you have any questions about this privacy notice, please call the toll-free customer service number on the back of your ID card.
*MedCost refers to MedCost LLC and its subsidiaries, including MedCost Benefit Services LLC.