Skip to main content

Confidentiality 

Network Health ensures that everyone who handles protected health information within the organization maintains confidentiality at all times. Protected health information includes medical records, claims, benefits and other administrative data that are personally identifiable. Each Network Health employee and committee member must sign a Business Associate Agreement or a Confidentiality Agreement statement. Network Health routinely reminds employees of the confidential nature of the information held by Network Health.

A member must authorize, in writing, the release or refusal to release any protected health information, unless required or exempt by law.

Consents must specify:

  • The type of information to be disclosed;
  • How the information is to be used;
  • By whom the information will be used;
  • The purpose for which the information will be used;
  • The type of health care provider making the disclosure; and
  • The time period for which the consent applies.

The application form signed by the subscriber at the time of enrollment covers future, known or routine needs for the use of protected health information. It does not provide for release of information beyond the uses specified on the application.

Network Health allows its members the right to consent to specific requests for protected health information in the following instances:

  • Treatment pertaining to mental illness, developmental disability, alcoholism, drug abuse or HIV testing and disclosure of test results (except as required by law);
  • Treatment received from non-contracted practitioners/providers;
  • Workers compensation or auto insurance claims;
  • Marketing purposes;
  • Research purposes;
  • Minors; and/or
  • Personal representative.

If Network Health is required to obtain informed consent for treatment or special consent for the use of protected health information and a member is unable to give consent, the following people can be authorized by the member.

  • Guardian or legal custodian of a minor member.
  • Guardian of a member declared incompetent.
  • Personal representative or spouse of a deceased member.
  • Any person authorized in writing by the member.

Network Health will not share protected health information with employers, if implicitly or explicitly identifiable, unless released specifically by consent of the member as mandated by state law. Explicit information is clearly identifiable with member names. Implicit information does not include specific member names but includes information that may be used to identify members. Network Health does not consider use of aggregated data, such as Healthcare Effectiveness Data and Information Set (HEDIS), in which an individual’s personal information is not identifiable, to be subject to privacy restrictions.

Network Health minimizes the use of identifiable data used for quality measurement and protects the information from inappropriate disclosure. Quality initiatives that include collection of measurement data are planned and approved by the Quality Management Committee (QMC) annually. Ad hoc requests for additional quality measurements that are not significantly addressed in the approved quality work plan require separate approval by the QMC. All Network Health employees reviewing protected health information off site will sign a confidentiality agreement and protect the information from being viewed by unauthorized personnel.