46 W. Dayton Street, Pasadena, CA 91105 P: (866) 808-GSGA
Banner_right
HIPAA Policy

Purpose

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) granted certain rights to patient/client/employees regarding their protected health information (PHI). This policy has been drafted to assist GSG Associates, Inc. (GSG) staff in assisting injured workers and clients to exercise their rights.

Definitions

The terms used in this policy have the same meaning as those terms in the HIPAA of 1996, Public Law 104-191 and the regulations at 45 CFR Parts 160, 162, and 164. Minimum Necessary is not defined in the Privacy Rule, but is a term used to describe the amount of PHI needed to perform a particular task or function.

http://www.hhs.gov

“The HIPAA Privacy Rule does not apply to entities that are either workers’ compensation insurers, workers’ compensation administrative agencies, or employers, except to the extent they may otherwise be covered entities. However, these entities need access to the health information of individuals who are injured on the job or who have a work-related illness to process or adjudicate claims, or to coordinate care under workers’ compensation systems. Generally, this health information is obtained from health care providers who treat these individuals and who may be covered by the Privacy Rule. The Privacy Rule recognizes the legitimate need of insurers and other entities involved in the workers’ compensation systems to have access to individuals’ health information as authorized by State or other law. Due to the significant variability among such laws, the Privacy Rule permits disclosures of health information for workers’ compensation purposes in a number of different ways.”

Responsibilities

All officers, directors, employees and contractors of GSG are expected to preserve the confidentiality of PHI. Acknowledgement of responsibility is obtained through the Confidentiality and Information Security Agreement.

Policy

Although Workers’ Compensation is exempt from HIPAA regulations, GSG as a company recognizes the importance of maintaining the confidentially of PHI. GSG shall take reasonable steps to limit the uses, disclosures of, and requests for PHI to the minimum necessary to accomplish the intended purpose.

GSG shall maintain this policy that identifies persons within GSG and its business associates who need access to PHI to carry out their job duties, the categories or types of PHI needed, and conditions appropriate for such access.

When access to an entire medical record is necessary, GSG policy shall state so explicitly and include written justification for such access.

The minimum necessary provisions contained in this policy do not apply to the following:

  • Disclosures to or requests by a health care provider for treatment purposes
  • Uses and disclosures to the injured worker/client who is the subject of the information
  • Uses or disclosures made pursuant to an authorization provided by a consumer/client
  • Uses or disclosures required for compliance with the standardized HIPAA transitions
  • Disclosures to the Department of Health and Human Services (HHS) when disclosure of information is required under the rule for enforcement purposes
  • Uses or disclosures that are required by other law.

Process

Use of PHI: Persons and Classes of Persons in the GSG Workforce Who Need Access to PHI

GSG recognizes that a number of persons and groups of people need access to some level of PHI to carry out their job duties. The following are a list of the classifications of personnel approved to have routine access to PHI in the performance of their duties.

  • Nurse Consultants: Employees in this unit of GSG may have access to PHI to the extent necessary to fulfill their responsibilities. For example, the nurse consultants routinely review injured workers’ medical records. These records contain personally identifying information such as name, identifying numbers, address, telephone number, dates of service, general statement of service rendered. All nurse consultants may have access to those records.

  • Support Staff: Employees in this unit of GSG may have access to PHI to the extent necessary to fulfill their responsibilities. For example, the support staff has limited access to the injured workers’ medical records. They may assist the nurse consultants by entering PHI into the software program, organizing files, preparing letters, etc. These records contain personally identifying information such as name, identifying numbers, address, telephone number, dates of service, general statement of service rendered. All support staff may have access to those records on limited bases.

  • Information Technology: Employees in this unit of GSG may have access to PHI to the extent necessary to fulfill their responsibilities. For example, IT may need to provide technical support to the software product. In completing this task IT may have limited access to PHI. Additionally, IT is responsible for maintaining PHI confidentiality in the electronic files through firewalls.

  • Human Resources: The HR Director may have access to the PHI of injured workers and does have access to GSG employees’ PHI. For example, a disabled employee’s or one on FMLA’s PHI, if a GSG employee is accused or suspected of violating HIPAA and GSG policies regarding PHI, HR would be involved in conducting an investigation and, if necessary, disciplining the employee. In the case of GSG employees, HR maintains locked files which contain PHI.

  • Business Associates/Contractors: Business Associates may have access to PHI as described in the Confidentiality and Information Security Agreement.

Use, Disclosures and Requests for entire medical record

GSG will not use, disclose or request an entire medical record, except as allowed by 1.0 above, except when the entire medical record is specifically justified as the amount that is reasonably necessary to accomplish the purpose of the use, disclosure, or request. In general, few members of GSG’s workforce will have access to an entire clinical record. Only nurse consultants and business associates will be authorized to review an entire clinical record. Access to an injured worker’s clinical record has been determined to be critical to continuity of care as well as essential to treatment decisions, and the health and safety of the injured worker.

Routine Disclosures of and Request for PHI

GSG recognizes that the need for information varies according to the duties performed by the employee obtaining the information. Routine disclosures/requests are those that do not require individual review/analysis of the purpose and amount of information necessary before a disclosure/request may be made.

banner_right
GSG Associates, Inc. - workers compensation, work comp management, work comp management california, work comp management pasadena california, workers disability management pasadena, california sbe certified, California SBE Certified, Women Owned Business, Women Owned Business CaliforniaPrivacy Policy GSG Associates, Inc. - workers compensation, workers disability management Los Angeles, workers compensation management Los Angeles, workers disability management pasadena, workers compensation management Pasadena, California workers compensation Terms of Use GSG Associates, Inc. - workers compensation, work comp management, work comp management california, work comp management pasadena california, workers disability management pasadena, california sbe certified, California SBE Certified, Women Owned Business, Women Owned Business California Spam Policy GSG Associates, Inc. - workers compensation, work comp management, work comp management california, work comp management pasadena california, workers disability management pasadena, california sbe certified, California SBE Certified, Women Owned Business, Women Owned Business California Site Map
GSG Associates, Inc. - workers compensation, work comp management, work comp management california, work comp management pasadena california, workers disability management pasadena, california sbe certified, California SBE Certified, Women Owned Business, Women Owned Business California cost management, GSG Associates, Inc. - workers compensation, work comp management, work comp management california, work comp management pasadena california, workers disability management pasadena, california sbe certified, California SBE Certified, Women Owned Business, Women Owned Business Californiaconsulting medical disability management, GSG Associates, Inc. - workers compensation, work comp management, work comp management california, work comp management pasadena california, workers disability management pasadena, california sbe certified, California SBE Certified, Women Owned Business, Women Owned Business Californiaabsence management, GSG Associates, Inc. - workers compensation, work comp management, work comp management california, work comp management pasadena california, workers disability management pasadena, california sbe certified, California SBE Certified, Women Owned Business, Women Owned Business Californiaworkers compensation
GSG Associates, Inc. - workers compensation, work comp management, work comp management california, work comp management pasadena california, workers disability management pasadena, california sbe certified, California SBE Certified, Women Owned Business, Women Owned Business Californialegal nurses, nurse consultant, nurse case management, nurse liason GSG Associates, Inc. - workers compensation, work comp management, work comp management california, work comp management pasadena california, workers disability management pasadena, california sbe certified, California SBE Certified, Women Owned Business, Women Owned Business California Los Angeles, Pasadena, California, United States GSG Associates, Inc. - workers compensation, work comp management, work comp management california, work comp management pasadena california, workers disability management pasadena, california sbe certified, California SBE Certified, Women Owned Business, Women Owned Business California www.gsga.net