Medical Information Privacy

This Medical Information Privacy policy describes how health information about employees may be used and disclosed by DWE and how employees can get access to this information. DWE is committed to maintaining and protecting the confidentiality of our employees' personal information in compliance with the Health Insurance Portability and Accountability Act (HIPAA). The Human Resources Manager is the designated Privacy Officer for all employee medical information.

This policy of privacy practices applies to the health plans of DWE that are covered by privacy regulations, for example health benefit plans and dental plans (collectively referred to as the Benefit Plans). The Benefit Plans are required by federal and state law to protect the privacy of employees' individually identifiable health information and other personal information and to provide employees with notice about their policies, safeguards, and practices. When the Benefit Plans use or disclose employees' protected health information, the Benefit Plans are bound by the terms of this policy, or a revised policy, if applicable.

The Benefit Plans will not use employees' protected health information or disclose it to others without the employees' authorization, except for the following purposes:

Treatment: The Benefit Plans may disclose employees' protected health information, or employees' covered dependents' protected health information, to a health care provider or administrator for its provision, coordination, or management of the employees' health care and related services. For example, prior to providing a health service to an employee, the employee's doctor may ask for information concerning whether and when the service was previously provided to the employee. The Benefit Plans may use and disclose employees' protected health information for treatment activities of a health care provider.

Payment: The Benefit Plans may use and disclose employees' protected health information to facilitate payment of premiums for employees' coverage, and to determine and fulfill their responsibility to provide employees' medical, dental, and EAP benefits. For example, employees' protected health information may be used to make coverage determinations, administer claims, and coordinate benefits with other coverage employees may have. The Benefit Plans may also disclose employees' protected health information to a health plan or administrator to determine employees' eligibility for coverage, or for the health care provider to obtain payment for health care services provided to the employee.

Health Care Operations: The Benefit Plans may use and disclose employees' protected health information for their health care operations, or the health care operations of a third party administrator of the Benefit Plans. For example, the Benefit Plans may use protected health information to conduct quality assessment and improvement activities. Other health care operations may include providing appointment reminders, or sending employee’s information about treatment alternatives or other health-related benefits and services. The Benefit Plans also may disclose employees' protected health information to another health plan or provider that has a relationship with an employee, so that it can conduct quality assessment and improvement activities (for example, to perform case management).

Disclosure to Employer or Operating Company: The Benefit Plans may disclose employees' protected health information to DWE, or to a company acting on the behalf of DWE, so that it can monitor, audit, and otherwise administer the employee health benefit plan in which employees participate. DWE and its operating companies are not permitted to use protected health information for any purpose other than administration of employees' health, dental, and EAP benefits. The Benefit Plans will not disclose protected health information to DWE for the purposes of employment-related actions or decisions, or in connection with any other benefit or employee benefit plan. The Benefit Plans will identify employees who are authorized to receive and use protected health information.

Disclosure to Health Care Vendors and Accreditation Organizations: The Benefit Plans may disclose employees' protected health information to companies with whom they contract, if they need it to perform requested services. For example, the Benefit Plans may provide protected health information to vendors who provide important information and guidance to plan members with chronic conditions such as diabetes and asthma. Protected health information may be disclosed to accreditation organizations such as the National Committee for Quality Assurance (NCQA) for quality measurement purposes. When the Benefit Plans enter into these arrangements, they will obtain a written agreement to protect employees' protected health information.

Public Health Activities: The Benefit Plans may disclose employees' protected health information for the following public health activities and purposes: 1) to report health information to public health authorities that are authorized by law to receive such information for the purpose of controlling disease, injury, or disability; 2) to report child abuse or neglect to a government authority that is authorized by law to receive such reports; 3) to report information about a product or activity that is regulated by the U.S. Food and Drug Administration (FDA) to a person responsible for the quality, safety, or effectiveness of the product or activity; and, 4) to alert a person who may have been exposed to a communicable disease, if the Benefit Plans are authorized by law to give this notice.

Health Oversight Activities: The Benefit Plans may disclose employees' protected health information to a government agency that is legally responsible for oversight of the health care system or for ensuring compliance with the rules of government benefit programs, such as Medicare or Medicaid, or other regulatory programs that need health information to determine compliance.

For Research: The Benefit Plans may disclose employees' protected health information for medical research purposes, subject to strict legal restrictions.

To comply with the Law: The Benefit Plans may use and disclose employees' protected health information to comply with the law.

Judicial and Administrative Proceedings: The Benefit Plans may disclose employees' protected health information in a judicial or administrative proceeding or in response to a legal order.

Law Enforcement Officials: The Benefit Plans may disclose employees' protected health information to the police or other law enforcement officials, as required by law or in compliance with a court order or other process authorized by law.

Health or Safety: The Benefit Plans may disclose employees' protected health information to prevent or lessen a serious and imminent threat to employees' health or safety or the health and safety of the general public.

Government Functions: The Benefit Plans may disclose employees' protected health information to various departments of the government such as the U.S. military or the U.S. Department of State.

Workers' Compensation: The Benefit Plans may disclose employees' protected health information when necessary to comply with workers' compensation laws.

Other: The Benefit Plans may disclose employees' protected health information when necessary to file claims with re-insurers or stop-loss carriers or to obtain coverage with re-insurers or stop-loss carriers. The Benefit Plans may also disclose employees' protected health information to subrogation vendors to recoup payments made by the Benefit Plans that were reimbursed by other insurance arrangements.

Uses and Disclosures with Employees' Written Authorization: The Benefit Plans will not use or disclose employees' protected health information for any purpose other than the purposes described in this policy without the employees' written authorization. For example, the Benefit Plans will not supply protected health information to another company for its marketing purposes or to a potential employer with whom an employee is seeking employment without the employee's signed authorization. Employees may revoke an authorization that has previously been given by sending a written request to the Human Resources Manager, but not with respect to any actions the Benefit Plans have already taken.

Disclosure to Others Involved in an Employee's Care: The Benefit Plans may disclose protected health information about employees to a relative, a friend, the subscriber of employees' benefits, or any other person employees identify, provided the information is directly relevant to that person's involvement with employees' health care or payment for that care. For example, if a family member or a caregiver calls DWE with knowledge of an employee's protected health information, DWE may confirm protected health information or answer questions. Employees have the right to stop or limit this type of disclosure by contacting the Human Resources Manager or Executive Management. If an employee is a minor, the employee also may have the right to block parental access to the employee's protected health information in certain circumstances, if permitted by state law.

Employees may request restrictions on the use and disclosure of the employee's protected health information for the treatment, payment and health care operations purposes explained in this policy. While the Benefit Plans will consider all requests for restrictions carefully, the Benefit Plans are not required to agree to a requested restriction.

Employees may ask to receive communications of their protected health information from the Benefit Plans by alternative means of communication or at alternative locations. While the Benefit Plans will consider reasonable requests carefully, they are not required to agree to all requests.

Employees may ask to inspect or to obtain a copy of their protected health information that is included in certain records the Benefit Plans maintain. Under limited circumstances, the Benefit Plans may deny employees access to a portion of their records. If employees request copies, the Benefit Plans may charge employees copying and mailing costs.

Employees have the right to ask the Benefit Plans to amend protected health information that is contained in the Benefit Plans records. If the Benefit Plans determine that the record is inaccurate, and the law permits the Benefit Plans to amend it, the Benefit Plans will correct it. If the employee's doctor or another person created the information that the employee wants to change, the employees should ask that person to amend the information.

Upon request, employees may obtain an accounting of disclosures the Benefit Plans have made of their protected health information. The accounting that the Benefit Plans provide will not include disclosures made before April 14, 2003, disclosures made for treatment, payment or health care operations, disclosures made earlier than six years before the date of the request, and certain other disclosures that are exempted by law. If employees request an accounting more than once during any 12-month period, the Benefit Plans will charge those employees a reasonable fee for each accounting statement after the first one.

Employees may contact the Human Resources Manager to obtain a paper copy of this policy, even if the employees previously agreed to receive notices electronically. Employees must also contact the Human Resources Manager if they wish to make any of the requests listed above.

If employees want more information about privacy rights, do not understand their privacy rights, are concerned that the Benefit Plans have violated their privacy rights, or disagree with a decision that the Benefit Plans made about access to protected health information, they may contact the Human Resources Manager. Employees may also file written complaints with the Secretary of the U.S. Department of Health and Human Services. DWE will not take any action against employees if they file a complaint.

DWE may change the terms of this policy at any time. If DWE changes this policy, DWE may make the new policy terms effective for all protected health information that the Benefit Plans maintain, including any information the Benefit Plans created or received before DWE issued the new policy. If DWE makes any changes to the Medical Information Privacy policy, notice of the changes will be provided to employees.

Effective Date: 4/23/2012
Revision Date: 4/23/2012