How will HIPAA impact how I resolve member claim issues?
When seeking to resolve individual member claims issues, will I need the member's written authorization before ConnectiCare can disclose member protected health information (PHI)?

ConnectiCare requires individual member authorization before disclosing member PHI to employers or producers for individual claims advocacy/resolution purposes. Click here to view and print a copy of the authorization form. ConnectiCare will also accept authorization forms developed by others provided that the forms contain all the elements required under the HIPAA Privacy Rule and are consistent with applicable state law.
[ back to top ]

 Do I have to change how I do business with ConnectiCare? Will processes change?
Currently, ConnectiCare may provide you eligibility and enrollment information to help you service the employer group. We don’t expect that to change. To the extent you seek PHI in order to help employees and their dependents resolve claims disputes or seek benefits coverage, ConnectiCare will continue to require an authorization from the member prior to disclosing any PHI. Click here to view and print a copy of the authorization form.
[ back to top ]

 Who are "business associates"
A “business associate" is a person or entity that performs certain functions or activities on behalf of a covered entity that involves the use or disclosure of PHI. For example, a third party administrator or “TPA” that uses PHI in order to assist a health plan with claims processing is a “business associate” of the health plan. Likewise, a pharmacy benefits manager that manages a health plan’s pharmacy benefit plan and pharmacist network is the “business associate” of the health plan. Employees of a health plan are not the health plan’s “business associate.”
[ back to top ]

 Does ConnectiCare consider its Producers "business associates" and will you be requiring your producers to enter into "business agreements"?
While we value our relationships with our Producers, ConnectiCare has determined, at this time, that its Producers are not "business associates" as that term is defined under the HIPAA Privacy Rule. "Business Associates" under HIPAA include persons or entities that perform certain functions or activities that involve the use or disclosure of protected health information ("PHI") on behalf of or to provide services to, a covered entity like ConnectiCare. Our contractual relationships with Producers do not require that they use or disclose PHI in order to perform a service on behalf of ConnectiCare. Typically, the services performed by our Producers (claims advocacy, eligibility, enrollment) are services performed on behalf of the employer groups or our members. HIPAA has different rules with respect to your relationships with employer groups and with members. Therefore, we will not, at this time, be requiring our Producers to sign business associate agreements with ConnectiCare.
[ back to top ]

 When requesting quote information for a client (employer group), do I need to do anything differently?
When acting on behalf of an employer group, producers may continue to receive summary health information and eligibility and enrollment/disenrollment information related to that employer group.
[ back to top ]

 Are the HIPAA Privacy Rule Requirements applied in the same manner for self-funded employer groups as they are for fully insured employer groups?
Fully insured employer groups who do not create, maintain, or receive PHI (except for summary health information or enrollment/disenrollment information) are not required to meet the HIPAA Privacy Rule's notice requirements or the administrative requirements (e.g., designate Privacy Officer, develop P&Ps, train employees, etc.) because these requirements are satisfied by the health insurance issuer/HMO that is providing benefits under the group health plan. However, fully insured employer groups who create, maintain, or receive PHI, and self-funded groups have an independent obligation to meet the HIPAA Privacy Rule's requirements.
[ back to top ]

 When will Plan Sponsor Certification forms be required?
If a plan sponsor receives PHI, other than summary health information and/or enrollment/disenrollment information in order to perform a plan administration function, the plan sponsor must complete the required Information Request/HIPAA Certification form before ConnectiCare can disclose PHI for plan administration purposes. ConnectiCare has developed a certification form for use by its employer groups. ConnectiCare will also accept a certification developed by the plan sponsor provided that it includes all the provisions required under the HIPAA Privacy Rule.
[ back to top ]