Use this section to find information for agents and brokers and how HIPAA-AS impacts agents and brokers.
Important Concepts to Remember
Protected Health Information
Protected health information (PHI) is individually identifiable health information such as name, address, services provided, or premiums paid, which is transmitted electronically and maintained in any form or medium (for example) stored in paper or in an electronic database.
PHI is a key element of the Privacy Rule
A covered entity is individuals or entities who are required to be compliant with the federal HIPAA-AS laws:
A business associate is a person or an entity who performs or assists in performing a function or activity that involves the use or disclosure of individual identifiable health information on behalf of Wellmark, or on behalf of a health plan in which Wellmark participates.
Access to Personal Health Information (PHI)
The HIPAA-AS Privacy Rule affects the role an agent or broker may have with a client.
Access to protected health information (PHI) is extended by the insurer, group health plan, employee group or group member you serve.
To determine what role an agent or broker has, the individual should consider these questions:
Agents and brokers should confer with their own legal counsel and their accounts to clarify roles and responsibilities.
It is essential that agents and brokers understand the role they are taking when working with each of their customers and how their responsibilities are affected by the HIPAA-AS Privacy Rule for PHI.
Agents and brokers may have access to PHI through contact with:
A member may provide formal written authorization stating that you may have access to some or all of his or her PHI. In that case, your access to the PHI is limited to the information specifically authorized in the document.
A member may grant informal permission for you to access his or her PHI in the member's presence. The insurer or health plan must obtain approval in advance to disclose the member's PHI.