Notice of Privacy Practices and Policies Your Information. Your Rights. Our Responsibilities
This provides notice of the privacy practices and policies of Tawas Bay Insurance Agency, LLC. These protections have been adopted to ensure that the information that we obtain and maintain for our customers, which may also include information about the employees, dependents, former employees and dependents, and other eligible participants on a group health plan for which we were provided services (“Protected Parties”). The Notice outlines our practices, policies, and legal duties to maintain and protect against prohibited disclosure of personally-identifiable information and protected health information of those Protected Parties (under the privacy regulations mandated by the Health Insurance Portability and Accountability Act (“HIPAA Privacy”) and further expanded by the Health Information Technology for Economic and Clinical Health Act (“HITECH”).
THIS NOTICE DESCRIBES HOW NONPUBLIC PERSONAL INFORMATION ABOUT A PROTECTED PARTY MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.
Statement of our Duties
Tawas Bay Insurance Agency, LLC is required by law to maintain the privacy of non-public personal information (“NPPI”) and protected health information (“PHI”) (collectively referred herein as “Protected Information”) of the Protected Parties and to provide our customers with this notice of our privacy practices and legal duties. We are required to abide by the terms of this notice. We reserve the right to change the terms of this notice and to adopt any new provisions regarding the Protected Information that we maintain about the Protected Parties. If we revise this notice, the new notice will be available upon request, in our office and on our website.
THE PROTECTION OF THE PRIVACY OF THE INFORMATION WE MAINTAIN IS IMPORTANT TO US.
Tawas Bay Insurance Agency, LLC is committed to keeping Protected Information about you secure and confidential. This notice is intended to help you understand how we fulfill this commitment.
As a matter of policy, we do not disclose your Protected Information, except as permitted by applicable law or regulation or as disclosed below. For example, we may share the information described above with others in order to process your transactions or service your accounts. We may also be obligated to disclose Protected Information if requested by any federal or state regulatory agencies. We may also provide the information described above to companies that perform marketing or administrative services on our behalf, such as printing and mailing, or to other financial institutions with whom we have joint marketing agreements. We will require these companies to protect the confidentiality of this information and to use it only to perform the services for which we hired them. We do not supply your Protected Information to third parties for their marketing purposes.
With respect to our internal security procedures, we maintain physical, electronic and procedural safeguards that comply with federal standards to help protect your Protected Information, and we restrict access to Protected Information about you to those employees who need to know that information to provide products or services to you.
If you decide at some point either to close your account(s) or become an inactive customer, we will continue to adhere to the privacy policies and practices discussed above with respect to your Protected Information.
Your Rights Related to your Protected Information
When it comes to your Protected Information, you have certain rights. This section explains your rights and some of our responsibilities to help you.
Get an electronic or paper copy of your Protected Information
- You can ask to see or get an electronic or paper copy of your Protected Information and/or health information we have about you. Ask us how to do this.
- We will provide a copy or a summary of your Protected Information, usually within 30 days of your request. We may charge a reasonable, cost-based fee
Ask us to correct your Protected Information
- You can ask us to correct Protected Information about you that you think is incorrect or incomplete. Ask us how to do this
- We may say “no” to your request, but we’ll tell you why in writing within 60 days.
Request confidential communications
- You can ask us to contact you in a specific way (for example, home or office phone) or to send mail to a different address
- We will say “yes” to all reasonable requests.
Ask us to limit what we use or share
- You can ask us not to use or share certain Protected Information for treatment, payment, or our operations. We are not required to agree to your request, and we may say “no” if it would affect your care.
- If you pay for a service or health care item out-of-pocket in full, you can ask us not to share that information for the purpose of payment or our operations with your health insurer. We will say “yes” unless a law requires us to share that information.
Get a list of those with whom we’ve shared information
- You can ask for a list (accounting) of the times we’ve shared your Protected Information for six years prior to the date you ask, who we shared it with, and why.
- We will include all the disclosures except for those about treatment, payment, and health care operations, and certain other disclosures (such as any you asked us to make). We’ll provide an accounting a year for free but will charge a reasonable, cost-based fee if you ask for another one within 12 months.
Get a copy of this privacy notice
- You can ask for a paper copy of this notice at any time, even if you have agreed to receive the notice electronically. We will provide you with a paper copy promptly or click here.
Choose someone to act for you
- If you have given someone medical power of attorney or if someone is your legal guardian, that person can exercise your rights and make choices about your Protected Information.
- We will make sure the person has this authority and can act for you before we take any action.
File a complaint if you feel your rights are violated
- You can complain if you feel we have violated your rights by contacting us using the information on page 1
- You can file a complaint with the U.S. Department of Health and Human Services Office for Civil Rights by sending a letter to 200 Independence Avenue, S.W., Washington, D.C. 20201, calling 1-877-696-6775 or visiting www.hhs.gov/ocr/privacy/hipaa/complaints/.
- We will not retaliate against you for filing a complaint.
Your Choices Related to Your Protected Information
For certain Protected Information, you can tell us your choices about what we share. If you have a clear preference for how we share your information in the situations described below, talk to us. Tell us what you want us to do, and we will follow your instructions.
In these cases, you have both the right and choice to tell us to:
- Share information with your family, close friends or others involved in your care
- Share information in a disaster relief situation
- Include your information in a company directory
In these cases, we never share your information unless you give us written permission:
- Marketing purposes
- Sale of your information
- Most sharing of psychotherapy notes
In the case of uses and disclosures not described in the notice:
- Other uses and disclosures not described in this notice will be made only with your written authorization, which you may revoke.
In the case of fundraising:
- We may contact you for fundraising efforts, but you can tell us not to contact you again.
Information We Collect About You
To provide our products or services, from time to time, we may collect a variety of Protected Information about you, including:
- Information we receive from you on applications and forms, via the telephone, through our website, www.tawasbayagency.com, correspondence, e-mail or other communications (including face-to-face meetings, such as your social security number, income, occupation and birthdate.
- Information about your transactions with us, our affiliates, or others, such as your purchases, sales or account balances
- Information we receive from consumer reporting agencies, such as your credit worthiness and credit history.
Primary Uses and Disclosures of Protected Information
We do not sell your personal information to anyone. We use and disclose Protected Information about Protected Parties for payment and operations. HIPAA Privacy does not generally “Preempt” (or take precedence over) state privacy or other applicable laws that provide individuals greater privacy protections. As a result, to the extent state law applies, the privacy laws of a particular state, or other federal laws, rather than the HIPAA Privacy, might impose a privacy standard under which we will be required to operate.
In additional to these state law requirements, we also may use or disclose Protected Information in the following situations:
- Payment: We might use and disclose your Protected Information for all activities that are included within the definition of “payment” within the HIPAA Privacy regulations. For example, we might use and disclose a Protected Party’s Protected Information to assist with the payment of claims for services provided to that Protected Party by doctors, hospitals, pharmacies and others for services that are covered by a group health plan. We might also use your information to determine your eligibility for benefits, to coordinate benefits, to examine medical necessity, to obtain premiums and to issue explanations of benefits to the person who subscribes to the health plan in which you participate.
- Operations: We might use and disclose a Protected Party’s Protected Information for all activities that are included within the definition of “operations” within the HIPAA Privacy regulations. For example, we might use and disclose the Protected Information of a Protected Party to an insurer to determine the premiums for your health plan, to conduct quality assessment and improvement activities, to engage in care coordination or case management, and to manage our business.
- Business Associates: In connection with our payment and operations activities, we contract with individuals and entities (called “Business Associates”) to perform various functions on our behalf or to provide certain types of services. To perform these functions or to provide the services, our business associates will receive, have access to, create, maintain, use, or disclose Protected Information, but only after we require the business associates to agree in writing to contract terms designed to appropriately safeguard your information.
- Other Covered Entities: In addition, we might use or disclose your Protected Information to assist health care providers in connection with their treatment or payment activities, or to assist other covered entities in connection with certain of their health care operations. For example, we might disclose a Protected Party’s Protected Information to a health care provider when needed by the provider to render treatment to that party, and we might disclose Protected Information to another covered entity to conduct health care operations related to billing, claims payment or enrollment.
For all other uses and disclosures, we first must obtain your permission.
Permissible Uses and Disclosures of Protected Information
We disclose the information we receive regarding current or prospective plan participants only in accordance with the terms and conditions of the various Business Associate contracts we have entered to with Covered Entities under HIPAA Privacy Regulations and as permitted under state and federal laws concerning the privacy of your insurance and financial information. Those include:
- Situations Permitted or Required by Law. We also may use or disclose your Protected Information without your written permission for other purposes permitted or required by law, including, but not limited to the following:
- 1. As authorized by and to the extent necessary to comply with workers’ compensation or other no-fault laws.
- 2. To an oversight or insurance regulatory agency for activities including audits or civil, criminal or administrative actions;
- 3. To a public health authority for purposes of public health activities (such as to the Federal Food and Drug Administration to report consumer product defects);
- 4. To a law enforcement official for law enforcement purposes or in response to a court order or in the course of any judicial or administrative proceeding;
- 5. To organ procurement organizations or other entities for approved research; or
- 6. To a governmental authority, including a social service or protective services agency, authorized to receive reports of abuse, neglect or domestic violence,
- For any Purposes to Which you have not Objected. In certain limited circumstances, we may use or disclose your Protected Information after we have given you an opportunity to object and you have not objected. For example, if you do not object, we may use limited information about you to maintain an office directory, to notify family members or any other person identified by you regarding issues directly related to such person’s involvement with your care or payment for that care, or in emergency circumstances.
- For Purposes for Which We Have Obtained Your Written Permission. All other uses or disclosures of your Protected Information will be made only with your written permission, and you may revoke any permission that you give us at any time.
- We are required by law to maintain the privacy and security of your Protected Information. We maintain physical, electronic and procedural safeguards that comply with state and federal regulations to guard your Protected Information.
- We will let you know promptly if a breach occurs that may have compromised the privacy or security of your Protectedd Information. We shall fully comply with the breach notification requirements, including any and all regulations which have been or may be promulgated, which will include notification to you of any impact that breach may have had on you, your employees, dependents or other participants in any plan in which we are providing services.
- We must follow the duties and privacy practices described in this notice and give you a copy of it.
- We will not use or share your Protected Information other than as described here unless you tell us we can in writing. If you tell us we can, you may change your mind at any time. Let us know in writing if you change your mind.
Our Policy Regarding Dispute Resolution
Effective Date of this Notice
November 15, 2013
Contact Person for Filing Complaint or Obtaining Other Information
LuAnn O’Connor, Privacy Official
Tawas Bay Insurance Agency, LLC
108 W State Street, PO Box 432
East Tawas, MI 48730