Network Health ensures that everyone who handles protected health information within the organization maintains confidentiality at all times. Protected health information includes medical records, claims, benefits and other administrative data that are personally identifiable. Each Network Health employee and committee member must sign a Business Associate Agreement or a Confidentiality Agreement statement. Network Health routinely reminds employees of the confidential nature of the information held by Network Health.
A member must authorize, in writing, the release or refusal to release any protected health information, unless required or exempt by law.
Consents must specify:
The application form signed by the subscriber at the time of enrollment covers future, known or routine needs for the use of protected health information. It does not provide for release of information beyond the uses specified on the application.
Network Health allows its members the right to consent to specific requests for protected health information in the following instances:
If Network Health is required to obtain informed consent for treatment or special consent for the use of protected health information and a member is unable to give consent, the following people can be authorized by the member.
Network Health will not share protected health information with employers, if implicitly or explicitly identifiable, unless released specifically by consent of the member as mandated by state law. Explicit information is clearly identifiable with member names. Implicit information does not include specific member names but includes information that may be used to identify members. Network Health does not consider use of aggregated data, such as Healthcare Effectiveness Data and Information Set (HEDIS), in which an individual’s personal information is not identifiable, to be subject to privacy restrictions.
Network Health minimizes the use of identifiable data used for quality measurement and protects the information from inappropriate disclosure. Quality initiatives that include collection of measurement data are planned and approved by the Quality Management Committee (QMC) annually. Ad hoc requests for additional quality measurements that are not significantly addressed in the approved quality work plan require separate approval by the QMC. All Network Health employees reviewing protected health information off site will sign a confidentiality agreement and protect the information from being viewed by unauthorized personnel.