Confidentiality of Protected Health Information (PHI)
All employees, contracting care providers and delegates of Medica HealthCare are required to maintain the confidentiality of all PHI. We keep all Utilization Management information confidential, following federal and state laws and regulations. We limit PHI access to the minimum necessary.
You must report all privacy issues immediately to Risk Management at 877-504-1179.
Examples of privacy incidents include:
- Reports and correspondence containing PHI or Personally Identifiable Information (PII) sent to the wrong recipient
- Member or provider correspondence that includes an incorrect member’s information
- Complaint received indicating PHI or PII may have been misused
- Concern about compliance with a privacy or security policy
- PHI or PII sent unencrypted outside of your office
- Lost or theft of laptops, PDAs, CDs, DVDs, flash/USB drives and other electronic devices
- Caller mentions they are a regulator (i.e., person is calling from the Office for Civil Rights, Office of E-Health Standards & Services, State Insurance Departments, Attorney General’s Office, Department of Justice), or threatens legal action or contacting the media in relation to a privacy issue
- Caller advises your office of a privacy risk
Physician Extender Responsibilities
Physician extenders are state licensed health care professionals who are employed or contracted by physicians to examine and treat Medicare members. These are Advanced Registered Nurse Practitioners (ARNP) and Physician Assistants (PA). When a physician extender provides care, they must:
- Be supervised by a physician. The physician must be on the premises at all times when the physician extender is seeing patients.
- Ensure the member is made aware of their credentials. The member should be aware they might not see a medical doctor.
- Get the sponsoring physician’s signature on all progress notes.
- Provide services as defined and approved by the sponsoring physician.