Privacy Policy
Home / Privacy Policy

PRIVACY NOTICE  

This provides notice of the privacy practices and policies of Hudson Planning Group, Inc.. These protections  have been adopted to ensure that the information that we obtain and maintain for our current, past and  potential clients and customers, which may also include information about the employees, dependents, former  employees and dependents, and other eligible participants on a group health plan for which we are providing  services (“Protected Parties”), is protected in accordance with relevant state and federal rules. The Notice  outlines our practices, policies, and legal duties to maintain and protect against prohibited disclosure of  personally-identifiable financial information (as required by the federal Gramm-Leach-Bliley Financial  Modernization Act (“GLB Act”), and the various state laws implementing those requirements), Protected Health  Information of those Protected Parties (under the privacy regulations mandated by the Health Insurance  Portability and Accountability Act and further expanded by the Health Information Technology for Economic  and Clinical Health Act provisions in Title XIII of the American Recovery and Reinvestment Act (“HITECH”), the  HIPAA Omnibus ruling of 2013, and the regulations related to these laws and mandates), and the protection of  personally-identifiable information under 45 CFR § 155.260 (collectively referred herein as “Privacy Rules”).

Statement of Our Duties  

We are required by law to maintain the privacy of non-public personal information (“NPPI”), protected health  information (“PHI”), and personally-identifiable information (“PII”) (collectively referred herein as “Protected  Information”) of the Protected Parties and to provide our clients with this notice of our privacy practices and legal duties. We are required to abide by the terms of this notice. We reserve the right to change the terms of  this notice and to adopt any new provisions regarding the Protected Information that we maintain about the  Protected Parties. If we revise this notice, we will provide each client or customer with whom there is a  current and direct business relationship with a revised notice by mail, electronic mail or any other electronic  means, telefacsimile or fax, or hand-delivery.

Statement of the Clients Rights Under Privacy Rules  

As our client or customer, you have a right to know how we may use or disclose the Protected Information we  maintain on those Protected Parties with whom there is a direct relationship. In the event that our customer  or client is an employer sponsoring a group health plan, we do not have a direct duty to their employees, dependents, former employees or dependents or other eligible participants on the group health plan. Our obligations to not disclose the Protected Information we maintain about those individuals may arise due to  our contractual obligations as a Business Associate of the client or customer, as well as to any other third  party who is a Covered Entity under the Privacy Rules but does not create a special legal duty to provide notice to those individuals of their rights through a Privacy Notice.  

  1. Primary Uses and Disclosures of Protected Information: We use and disclose Protected Information  about Protected Parties for payment and health care operations. Privacy Rule does not generally “preempt” (or take precedence over) state privacy or other applicable laws that provide individuals  greater privacy protections. As a result, to the extent state law applies, the privacy laws of a particular  state, or other federal laws, rather than the Privacy Rules, might impose a privacy standard under  which we will be required to operate. For example, where such laws have been enacted, we will follow  more stringent state privacy laws that relate to uses and disclosures of the Protected Information concerning HIV or AIDS, mental health, substance abuse/chemical dependency, or genetic testing. 

In addition to these law requirements, we also may use or disclose Protected Information in the following  situations:  

  1. Payment: We might use and disclose your Protected Information for all activities that are included  within the definition of “payment” within the Privacy Rules. For example, we might use and disclose a  Protected Party’s Protected Information to assist with the payment of claims for services provided to  that Protected Party by doctors, hospitals, pharmacies and others for services that are covered by a  group health plan. We might also use your information to determine your eligibility for benefits, to  coordinate benefits, to examine medical necessity, to obtain premiums, and to issue explanations of  benefits to the person who subscribes to the health plan in which you participate.  
  2. Health Care Operations: We might use and disclose a Protected Party’s Protected Information for all  activities that are included within the definition of “health care operations” within the Privacy Rules.  For example, we might use and disclose the Protected Information of a Protected Party to an insurer  to determine the premiums for your health plan, to conduct quality assessment and improvement  activities, to engage in care coordination or case management, and to manage our business.  
  3. Business Associate Subcontractors: In connection with our payment and health care operations  activities, we contract with individuals and entities (called “subcontractors”) to perform various  functions on our behalf or to provide certain types of services. To perform these functions or to  provide the services, our subcontractors will receive, have access to, create, maintain, use, or disclose  Protected Information, but only after we require the subcontractor to agree in writing to contract  terms designed to appropriately safeguard your information.  
  4. Other Covered Entities: In addition, we might use or disclose your Protected Information to assist  health care providers in connection with their treatment or payment activities, or to assist other  covered entities in connection with certain of their health care operations. For example, we might  disclose a Protected Party’s Protected Information to a health care provider when needed by the  provider to render treatment to that party, and we might disclose Protected Information to another  covered entity or subcontractor to conduct health care operations related to billing, claims payment  or enrollment.  

For all other uses and disclosures, we first must obtain your permission.  

In addition, you have the following rights:  

  1. The right to request that we place additional restrictions on our uses and disclosures of the Protected  Information of Protected Parties. However, we are not obligated to agree to impose any such additional  restrictions.  
  2. The right to access, inspect, and copy the protected information pertaining to Protected Parties that  we maintain in our files, and the right to have us correct or amend any information that we create in  error. Requests to access or amend your health information should be sent to the contact person and  address provided below.  
  3. The right to receive an accounting of the disclosures of the Protected Information we maintain on  Protected Parties that we make for purposes other than activities related to payment functions or  other health care operations.  
  4. The right to request that communications containing a protected party’s Protected Information are  sent in a confidential manner.  
  5. If you received this notice electronically, you also have the right to obtain a paper copy of this notice  from us on request.

Information We Collect About You

We collect the following categories of information for group and/or individual policies from the following  sources:  

  1. Information that we obtain directly from you, in conversations or on applications or other forms that  you or a Protected Party completes.
  2. Information regarding current or prospective plan participants we obtain about them on applications  or other forms.  
  3. Information about the plan’s transactions with our affiliates, others or us.  
  4. Information that we obtain as a result of our transactions with you. 

Permissible Uses and Disclosures of Protected Information  

We disclose the information we receive regarding current or prospective plan participants only in accordance  with the terms and conditions of the various Business Associate contracts we have entered to with Covered  Entities under Privacy Rules and as permitted under state and federal laws concerning the privacy of your  insurance and financial information. Those include:  

  1. Situations Permitted or Required by Law. We also may use or disclose your Protected Information  without your written permission for other purposes permitted or required by law, including, but not  limited to the following:  
    1. As authorized by and to the extent necessary to comply with workers’ compensation or other  no-fault laws;  
    2. To an oversight or insurance regulatory agency for activities including audits or civil, criminal  or administrative actions;  
    3. To a public health authority for purposes of public health activities (such as to the Federal  Food and Drug Administration to report consumer product defects);  
    4. To a law enforcement official for law enforcement purposes or in response to a court order or  in the course of any judicial or administrative proceeding;  
    5. To organ procurement organizations or other entities for approved research; or  f. To a governmental authority, including a social service or protective services agency,  authorized to receive reports of abuse, neglect or domestic violence.  
  2. Any Purposes to Which You Have Not Objected. In certain limited circumstances, we may use or  disclose your Protected Information after we have given you an opportunity to object and you have  not objected. For example, if you do not object, we may use limited information about you to maintain  an office directory, to notify family members or any other person identified by you regarding issues  directly related to such person’s involvement with your care or payment for that care, or in emergency  circumstances. 
  3. For Purposes for Which We Have Obtained your Written Permission. All other uses or disclosures of  your Protected Information will be made only with your written permission, and you may revoke any  permission that you give us at any time.

Permissible Uses and Disclosures  

You may complain either directly to us or to the Secretary of Health and Human Services if you believe that  your rights with respect to our protection of your health information have been violated. To file a complaint  with us, you may send a written statement outlining your complaint, the facts and circumstances surrounding  your complaint, including the names, dates and as many details as possible. You will not be retaliated against  in any way for filing a complaint. 

Our Confidentiality and Security Practices  

We restrict access to Protected Information about you to those employees and its subcontractors who need to  know that information in order to provide products and services to you. We maintain physical, electronic and  procedural safeguards that comply with state & federal regulations to guard your Protected Information. 

Our Duties  

We are required by law to maintain the privacy of Protected Information and to provide individuals with  notice of its legal duties and privacy practices with respect to Protected Information. If unsecured Protected  Information is acquired, used or disclosed in a manner that is not permitted under the Privacy Rules that  compromises the security or privacy of that Protected Information, (referred to as a “Breach”), We are  required to provide appropriate Notice as defined by law without unreasonable delay and in no case later  than 60 days after the discovery of the Breach or the receipt of information of the Breach. We may delegate  this duty to a subcontractor. We are required to abide by the terms of the Notice that is currently in effect. We  will provide a paper copy of this Notice to you upon your request.  

Our Policy Regarding Dispute Resolution  

Any controversy or claim arising out of or relating to our privacy policy, or the breach thereof, shall be settled  by arbitration in accordance with the rules of the American Arbitration Association, and judgment upon the  award rendered by the arbitrator(s) may be entered in any court having jurisdiction thereof. 

Revisions to this Notice  

We reserve the right to change the terms of this Notice and to make the new Notice provisions effective for all  Protected Information we maintain, regardless of whether the Protected Information was created or received  prior to issuing the revised Notice. Whenever there is a material change to our use and disclosure of  Protected Information, individual rights, our duties, or other privacy practices stated in this Notice, we will  promptly revise and distribute the new Notice.  

Contact person for filing complaint or obtaining other information:  

If you believe your privacy rights have been violated, you may file a written complaint with our Privacy Officer  at the following address:  

Todd Hudson, Privacy Officer
17 Huntsman Drive, Garnet Valley, Pennsylvania 19060
Todd@HudsonPlanningGroup.com
(302) 654-2592