Girard City School District
Administrative Guidelines
 

4419.01 - PRIVACY PROTECTIONS OF SELF-FUNDED GROUP HEALTH PLANS

The Privacy Protection Officer shall abide by the following procedures which are established to comply with the requirements of Federal law:

 A.Training: The Health Insurance Privacy and Portability Act (HIPAA) Privacy Rule requires the group health plan to train all members of the plan’s workforce on the policies and procedures with respect to Protected Health Information. The Privacy Protection Officer shall ensure that the members of the plan’s workforce receive adequate and appropriate training regarding the Privacy Rule.
 B.Business Associate Agreements: The Privacy Rule requires a group health plan to enter into business associate agreements with its third party vendors. The Privacy Protection Officer shall retain counsel to draft and negotiate these business associate agreements. The Privacy Protection Officer shall subsequently execute these agreements with existing business associates prior to April 14, 2004. In the event that the plan contracts with new business associates, the Privacy Protection Officer shall ensure that business associate agreements are entered into by these new vendors.
 C.Notice of Privacy Practices: The Privacy Rule requires the group health plan to distribute a Notice of Privacy Practices to participants in the plan. The notice shall be distributed to:
  1.each new participant in the health plan upon enrollment; and
  2.every participant in the plan within sixty (60) days of a material revision to the notice.
 

The Privacy Protection Officer shall notify all participants in the Plan of the availability of the notice and how to obtain the notice annually.
 D.Safeguards: The Privacy Rule requires the group health plan to implement appropriate administrative, technical and physical safeguards to protect the privacy of Protected Health Information. The Privacy Protection Officer shall implement these safeguards in a reasonable and appropriate manner.
 E.Amendment of Plan Documents: The Privacy Rule provides that plan documents be made to permit information sharing between the plan and the plan sponsor. The Privacy Protection Officer shall assist other school personnel in determining whether and how plan documents should be amended.
 F.Participant Rights: The Privacy Rule grants health plan participants extensive rights with respect to their Protected Health Information. The Privacy Protection Officer shall timely respond to participant requests to exercise rights afforded by the Privacy Rule.
Revised 10/06