Menu

HIPAA Privacy Policy for ChoicePath as a Business Associate

This policy outlines ChoicePath’s obligations as a Business Associate under the Health Insurance Portability and Accountability Act (HIPAA) when working with the Department of Health and Human Services (HHS) as a covered entity and individuals with developmental disabilities.

Understanding HIPAA

HIPAA safeguards the privacy of individually identifiable health information (PHI) of individuals. A covered entity, such as HHS, must comply with HIPAA regulations and obtain satisfactory assurances from its business associates, like ChoicePath, to protect PHI appropriately.

ChoicePath’s Commitment to HIPAA

ChoicePath takes protecting the privacy of individuals with developmental disabilities very seriously. We are committed to complying with HIPAA regulations and ensuring the confidentiality of their PHI.

What PHI Does ChoicePath Receive?

The specific PHI ChoicePath receives from HHS will depend on the nature of the agreement. It may include information such as:

  • Names
  • Dates of birth
  • Diagnoses
  • Treatment plans
  • Medication details

How ChoicePath Uses PHI

ChoicePath will only use or disclose PHI for the limited purposes of fulfilling its contractual obligations with HHS to serve individuals with developmental disabilities. This may include tasks like:

  • Care coordination
  • Program management
  • Reporting

Safeguarding PHI

ChoicePath has implemented administrative, physical, and technical safeguards to protect PHI. These safeguards include:

  • Limiting access to PHI to authorized personnel only.
  • Using secure data encryption methods.
  • Regular employee training on HIPAA compliance.

Individual Rights

Under HIPAA, individuals with developmental disabilities have certain rights regarding their PHI. These rights include:

  • Accessing their PHI
  • Requesting amendments to their PHI
  • Obtaining an accounting of disclosures of their PHI
  • Requesting restrictions on how their PHI is used or disclosed
  • Filing a complaint if they believe their privacy rights have been violated

ChoicePath will respect these rights and work with HHS to ensure individuals can exercise them.

Breach Notification

If a breach of PHI occurs, ChoicePath will notify HHS and affected individuals as required by HIPAA.

This policy is intended to provide a general overview and may not address every aspect of HIPAA compliance. For further details, please refer to the official HIPAA regulations https://www.hhs.gov/hipaa/for-professionals/index.html.

Additional Considerations for Developmental Disabilities

  • ChoicePath understands the unique needs of individuals with developmental disabilities and will strive to ensure their PHI is communicated in a way they can comprehend.
  • ChoicePath will work with HHS to ensure appropriate parental or guardian involvement, as applicable, following HIPAA guidelines.

This policy demonstrates ChoicePath’s commitment to protecting the privacy of individuals with developmental disabilities and complying with HIPAA regulations.