NOTICE OF PRIVACY PRACTICES
Date of This Notice: April 27, 2021
THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.
This Notice describes the privacy practices of Delta Dental Plan of Michigan, Inc., Delta Dental Plan of Ohio, Inc., Delta Dental Plan of Indiana, Inc., Delta Dental Plan of Arkansas, Inc., Delta Dental of Kentucky, Inc., Delta Dental Plan of New Mexico, Inc., Delta Dental of North Carolina, Delta Dental of Tennessee, Renaissance Life & Health Insurance Company of America, Renaissance Life & Health Insurance Company of New York (collectively, “we” or ”us” or the “Plan”). These entities have designated themselves as a single affiliated covered entity for purposes of the privacy rules under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), and each has agreed to abide by the terms of this Notice and may share protected health information with each other as necessary for treatment, payment or to carry out health care operations, or as otherwise permitted by law.
The HIPAA Privacy Rule protects only certain medical information known as “protected health information” (“PHI”). Generally, PHI is individually identifiable health information, including demographic information, collected from you or received by a health care provider, a health care clearinghouse, a health plan or your employer on behalf of a group health plan that relates to:
(1) your past, present or future physical or mental health or condition;
(2) the provision of health care to you; or
(3) the past, present or future payment for the provision of health care to you.
We are required by law to maintain the privacy of your health information and to provide you with this notice of our legal duties and privacy practices with respect to your health information. We are committed to protecting your health information.
We comply with the provisions of the Health Information Technology for Economic and Clinical Health (HITECH) Act. We maintain a breach reporting policy and have in place appropriate safeguards to track required disclosures and meet appropriate reporting obligations. We will notify you promptly in the event a breach occurs that may have compromised the security or privacy of your PHI. In addition, we comply with the “Minimum Necessary” requirements of HIPAA and the HITECH amendments. We also comply with all applicable laws relating to retention and destruction of your PHI.
For more information concerning this Notice please see: www.hhs.gov/ocr/privacy/hipaa/understanding/consumers/noticepp.html
HOW WE MAY USE AND DISCLOSE HEALTH INFORMATION ABOUT YOU
The following categories describe different ways that we may use or disclose your PHI.
For Treatment We may use or disclose your PHI to facilitate medical treatment or services by providers. We may disclose PHI about you to providers, including dentists, doctors, nurses, or technicians, who are involved in taking care of you. For example, we might disclose information about your prior dental X-ray to a dentist to determine if the prior X-ray affects your current treatment.
For Payment We may use or disclose PHI about you to obtain payment for your treatment and to conduct other payment related activities, such as determining eligibility for Plan benefits, obtaining customer payment for benefits, processing your claims, making coverage decisions, administering Plan benefits, and coordinating benefits.
For Health Care Operations We may use and disclose PHI about you for other Plan operations, including setting rates, conducting quality assessment and improvement activities, reviewing your treatment, obtaining legal and audit services, detecting fraud and abuse, business planning and other general administration activities. In accordance with the Genetic Information and Nondiscrimination Act of 2008, we are prohibited from using your genetic information for underwriting purposes.
To Business Associates We may contract with individuals or entities known as Business Associates to perform various functions or to provide certain types of services on the Plan’s behalf. In order to perform these functions or provide these services, Business Associates may receive, create, maintain, use and/or disclose your PHI, but only if they agree in writing with the Plan to implement appropriate safeguards regarding your PHI. For example, the Plan may disclose your PHI to a Business Associate to administer claims or provide support services, such as utilization management, quality assessment, billing and collection or audit services, but only after the Business Associate enters into a Business Associate Agreement with the Plan.
Health-Related Benefits and Services We may use or disclose health information about you to communicate to you about health-related benefits and services. For example, we may communicate to you about health-related benefits and services that add value to, but are not part of, your health plan.
To Avert a Serious Threat to Health or Safety We may use and disclose PHI about you to prevent or lessen a serious and imminent threat to the health or safety of a person or the general public.
Military and Veterans If you are a member of the armed forces, we may release PHI about you if required by military command authorities.
Worker's Compensation We may release PHI about you as necessary to comply with worker's compensation or similar programs.
Public Health Risks We may release PHI about you for public health activities, such as to prevent or control disease, injury or disability, or to report child abuse, domestic violence, or disease or infection exposure.
Health Oversight Activities We may release PHI to help health agencies during audits, investigations or inspections.
Lawsuits and Disputes If you are involved in a lawsuit or a dispute, we may disclose PHI about you in response to a court or administrative order. We also may disclose PHI about you in response to a subpoena, discovery request, or other lawful process by someone else involved in the dispute, but only if efforts have been made to tell you about the request or to obtain an order protecting the information requested.
Law Enforcement We may release PHI if asked to do so by a law enforcement official:
- In response to a court order, subpoena, warrant, summons or similar process;
- To identify or locate a suspect, fugitive, material witness, or missing person;
- About the victim of a crime if, under certain limited circumstances, we are unable to obtain the person’s agreement;
- About a death we believe may be the result of criminal conduct; and
- In emergency circumstances to report a crime; the location of the crime or victims; or the identity, description or location of the person who committed the crime.
Coroners, Medical Examiners and Funeral Directors We may release PHI to a coroner or medical examiner. This may be necessary, for example, to identify a deceased person or determine the cause of death.
National Security and Intelligence Activities We may release PHI about you to authorized federal officials for intelligence, counterintelligence, and other national security activities authorized by law.
To Plan Sponsor We may disclose your PHI to certain employees of the Plan Sponsor (i.e., the Company) for the purpose of administering the Plan. These employees will only use or disclose your PHI as necessary to perform Plan administrative functions or as otherwise required by HIPAA.
Disclosure to Others We may use or disclose your PHI to your family members and friends who are involved in your care or the payment for your care. We may also disclose PHI to an individual who has legal authority to make health care decisions on your behalf
The following is a description of disclosures of your PHI the Plan is required to make:
As Required By Law We will disclose PHI about you when required to do so by federal, state or local law. For example, we may disclose PHI when required by a court order in a litigation proceeding, such as a malpractice action.
Government Audits The Plan is required to disclose your PHI to the Secretary of the United States Department of Health and Human Services when the Secretary is investigating or determining the Plan’s compliance with HIPAA.
Disclosures to You Upon your request, the Plan is required to disclose to you the portion of your PHI that contains medical records, billing records, and any other records used to make decisions regarding your health care benefits.
We will use or disclose your PHI only as described in this Notice. It is not necessary for you to do anything to allow us to disclose your PHI as described here. If you want us to use or disclose your PHI for another purpose, you must authorize us in writing to do so. For example, we may use your PHI for research purposes if you provide us with written authorization to do so. You may revoke your authorization in writing at any time. When we receive your revocation, it will be effective only for future uses and disclosures. It will not be effective for any PHI that we may have used or disclosed in reliance upon your written authorization. We will never sell your PHI or use it for marketing purposes without your express written authorization. We cannot condition treatment, payment, enrollment in a Health Plan, or eligibility for benefits on your agreement to sign an authorization.
ADDITIONAL INFORMATION REGARDING USES OR DISCLOSURES OF YOUR PHI
For additional information regarding the ways in which we are allowed or required to use of disclosure your PHI, please see: www.hhs.gov/ocr/privacy/hipaa/understanding/consumers/index.html
YOUR RIGHTS REGARDING PHI THAT WE MAINTAIN
You have the following rights regarding PHI we maintain about you:
Your Right to Inspect and Copy Your PHI You have the right to inspect and copy your PHI. You must submit your request in writing and if you request a copy of the information, we may charge you a reasonable fee to cover expenses associated with your request. A copy will be provided within 30 days of your request.
The Plan may deny your request to inspect and copy PHI in certain limited circumstances. If you are denied access to PHI, you may request that the denial be reviewed by submitting a written request to the Contact Person listed below.
Your Right to Amend Incorrect or Incomplete Information If you believe that the PHI the Plan has about you is incorrect or incomplete, you may request that we change your PHI by submitting a written request. You also must provide a reason for your request. We are not required to amend your PHI but if we deny your request, we will provide you with information about our denial and how you can disagree with the denial within 60 days of your request.
Your Right to Request Restrictions on Disclosures to Health Plans. Where applicable, you may request that restrictions be placed on disclosures of your PHI.
Your Right to an Accounting of Disclosures We Have Made You may request an accounting of disclosures of your PHI that we have made, except for disclosures we made to you or pursuant to your written authorization, or that were made for treatment, payment or health care operations. You must submit your request in writing. Your request may specify a time period of up to six years prior to the date of your request. We will provide one list of disclosures to you per 12-month period free of charge; we may charge you for additional lists.
Your Right to Request Restrictions on Uses and Disclosures You have the right to request restrictions or limitations on the way that we use or disclose PHI. You must submit a request for such restrictions in writing, including the information you wish to limit, the scope of the limitation and the persons to whom the limits apply. We may deny your request.
Your Right to Request Confidential Communications Through a Reasonable Alternative Means or at an Alternative Location You may request that we direct confidential communications to you in an alternative manner (i.e., by facsimile or e-mail). You must submit your request in writing. We are not required to agree to your request, however we will accommodate your request if doing otherwise would place you in any danger.
Your Right to a Paper Copy of This Notice
To obtain a paper copy of this Notice or a more detailed explanation of these rights, send us a written request at the address listed below. You may also obtain a copy of this Notice at one of our websites:
Your Right to Appoint a Personal Representative
Upon receipt of appropriate documentation appointing an individual as your personal representative, medical power of attorney or legal guardian, that individual will be permitted to act on your behalf and make decisions regarding your healthcare.
CHANGES TO THIS NOTICE
We may amend this Notice of Privacy Practices at any time in the future and make the new Notice provisions effective for all PHI that we maintain. We will advise you of any significant changes to the Notice. We are required by law to comply with the current version of this Notice.
If you believe your privacy rights or rights to notification in the event of a breach of your PHI have been violated, you may file a complaint with us or with the Office of Civil Rights. Complaints about this Notice or about how we handle your PHI should be submitted in writing to the Contact Person listed below.
A complaint to the Office of Civil Rights should be sent to Office of Civil Rights, U.S. Department of Health & Human Services, 200 Independence Ave, S.W., Washington, D.C. 20201, 1-877-696-6775. You also may visit OCR’s website at http://www.hhs.gov/ocr/privacy/hipaa/complaints/index.html for more information.
You will not be penalized, or in any other way retaliated against for filing a complaint with us or the Office of Civil Rights.
SEND ALL WRITTEN REQUESTS REGARDING THIS PRIVACY NOTICE TO:
Melissa Huschke, Chief Privacy Officer
Delta Dental of Tennessee
240 Venture Circle
Nashville, TN 37228
Phone: (615) 255-3175
Toll-Free: (888) 281-9396