The Employee Benefit Coach is committed to ensuring the privacy and security of our clients' personal and health-related information. As part of our commitment to maintaining the confidentiality and security of sensitive data, we fully comply with the Health Insurance Portability and Accountability Act (HIPAA) regulations.

What is HIPAA?

HIPAA is a U.S. federal law that governs the privacy and security of health information. It establishes standards for protecting sensitive patient data, including any health records, communications, and health-related information that could identify an individual.

Our Commitment to HIPAA Compliance

At The Employee Benefit Coach, we understand the importance of maintaining the trust and confidentiality of our clients. We ensure that all health-related information we manage is handled in accordance with HIPAA regulations. This includes:

• Secure Data Handling: We implement strict physical, administrative, and technical safeguards to ensure that all information is securely stored and transmitted.
• Confidentiality: Any health information provided by our clients is kept confidential and used solely for the purpose of delivering employee benefit services.
• Privacy Protections: We take all necessary precautions to prevent unauthorized access to sensitive information. Our team members are trained regularly on privacy and security best practices.

Protected Health Information (PHI)

We respect the definition of Protected Health Information (PHI) as outlined by HIPAA. PHI includes any personal information about an individual’s health condition, care, or payment for healthcare services, such as:

• Medical records
• Insurance information
• Health history
• Treatment plans
• Test results

We only collect, store, or share PHI as necessary for delivering our services, and always in compliance with HIPAA’s privacy and security rules.

How We Safeguard Your Information

To meet HIPAA’s security requirements, we implement the following measures to safeguard PHI:

• Encryption: All sensitive data is encrypted both in transit and at rest to protect against unauthorized access.
• Access Control: We restrict access to PHI to authorized personnel only, ensuring that data is accessible only to those who need it to perform their job duties.
• Audit Logs: Regular audit logs are maintained to track access and activities surrounding PHI to identify any potential security breaches.
• Business Associate Agreements (BAA): We have established Business Associate Agreements with any third parties who may have access to PHI, ensuring that they also adhere to HIPAA’s privacy and security standards.

Your Rights Under HIPAA

Under HIPAA, individuals have several rights regarding their health information, including:

• The right to access and obtain copies of their health records.
• The right to request corrections to any inaccuracies in their records.
• The right to receive an accounting of disclosures made of their health information.
• The right to request restrictions on the use or sharing of their information.