Confidentiality of Protected Health Information (PHI)
All employees, participating care providers, and delegates of Preferred Care are required to maintain the confidentiality of PHI. All information used for UM activities is kept as confidential in accordance with federal and state laws and regulations. We limit PHI access to the minimum necessary.
You must report all privacy issues immediately to Risk Management at 952-406-4806.
Examples of privacy incidents that must be reported include:
- Reports and correspondence containing PHI or Personally Identifiable Information (PII) sent to the wrong recipient
- Member or care provider correspondence that includes incorrect member information
- Complaint received indicating that PHI or PII may have been misused
- Concern about compliance with a privacy or security policy
- PHI or PII sent unencrypted outside of your office
- Lost or theft of laptops, PDAs, CDs, DVDs, flash or USB drives and other electronic devices
- Caller mentions they are a regulator (i.e. person is calling from the Office for Civil Rights, Office of E-Health Standards & Services, State Insurance Departments, Attorney General’s Office, Department of Justice), or threatens legal action or contacting the media in relation to a privacy issue
- Caller advises your office of a privacy risk
Physician Extender Responsibilities
Physician extenders are state-licensed health care professionals who may be employed or contracted by physicians to examine and treat Medicare members. Physician extenders are advanced registered nurse practitioners (ARNP) and physician assistants (PA). When physician extenders provide care, they must:
- Be supervised by a physician. The physician must be on the premises at all times when the physician extender is seeing patients.
- Help ensure the member knows of their credentials. The member should be aware they might not see a medical doctor.
- Get the sponsoring physician’s signature on all progress notes.
- Provide services as defined and approved by the sponsoring physician.