Privacy practices FAQs
Why did you send me a HIPAA Privacy Notice?
The Health Insurance Portability and Accountability Act regulations require certain entities, including health insurance issuers, to give a Privacy Notice to policyholders covered by a health plan. You have received this notice because you are a policyholder of a health plan, such as a long-term care, cancer assistance policy, dental or vision, issued by one of our insuring subsidiaries.
What is the Health Insurance Portability and Accountability Act?
The Health Insurance Portability and Accountability Act (HIPAA) is a 1996 federal law, the primary purpose of which was to help consumers maintain their insurance coverage. HIPAA also includes a section aimed at improving the efficiency and effectiveness of the health care system - called "administrative simplification." In 2013, the Department of Health and Human Services revised certain regulations for health plans, health care providers and health care clearinghouses to comply with the administrative simplification requirements of HIPAA. Specifically, the regulation sets standards for uses and disclosures of protected health information of individuals. Health insurance issuers and certain insurance plans are considered "health plans" and must comply with HIPAA.
When I receive a HIPAA Privacy Notice, do I need to sign it and send it back to you?
No, you do not need to sign the notice or send it back to us. Our HIPAA Privacy Notice is for your information only.
What is "protected health information"?
"Protected health information" is personally identifiable information regarding a person's past, present or future medical condition or the payment for medical care. For example, protected health information would include information about a person's physical, mental or behavioral condition that might be found on a doctor's report used for underwriting or claims management.
With who is protected health information shared?
We only use or disclose protected health information for the purposes listed in the HIPAA Privacy Notice. For example, we may use protected health information about you, such as a particular medical condition you have provided to us, in order to underwrite your insurance policy or determine your eligibility for benefits under your policy.
May I request restrictions on your company sharing protected health information about me?
You may request restrictions on our use or disclosure of protected health information about you as described in the HIPAA Privacy Notice; however, HIPAA provides us with discretion concerning whether to agree to such requests.
What safeguards are taken to ensure that protected health information is protected?
We have physical, electronic and procedural safeguards in place. For example, only authorized employees handle protected health information in servicing policies. In addition, we use industry standard electronic methods, such as firewalls, to safeguard the confidentiality of online information.
How often will customers receive a HIPAA Privacy Notice?
All policyholders then covered by a health plan will receive a revised HIPAA Privacy Notice no later than September 23,2014. New policyholders will receive a HIPAA Privacy Notice at the time of enrollment, i.e., when their policy is issued. Every three years, all policyholders covered by a health plan will be notified of the availability of the HIPAA Privacy Notice and how to obtain it. If our privacy practices are materially changed, policyholders then covered by a health plan will receive a revised notice within 60 days.
Do customers who have group policies receive a HIPAA Privacy Notice?
We issue our group policies to employers and other entities, which are the group policyholders. We provide our HIPAA Privacy Notice to group policyholders, which means the employers and other entities receive the HIPAA Privacy Notice. The group policyholder will then distribute the notice to the employees or other individuals covered under the group policies (insured's or certificate holders).
Anyone may obtain a copy of Unum's Privacy Notice by:
- requesting a copy from his/her employer or the entity to which the group policy is issued;
- visiting Unum's HIPAA Privacy Notice; or
- writing to: Privacy Officer, Unum Group, 2211 Congress Street, B267, Portland, Maine 04122.
Does HIPAA restrict insurance companies from collecting the applicant's Social Security Number?
No. HIPAA does not prevent the collection or use of a Social Security Number by an insurance company as an applicant's identifier. It doesn't prevent applicants or their employers from providing Social Security Numbers as identifiers.
Do you share protected health information about me for marketing purposes?
No. We do not share protected health information about you to market any products or services to you.
The HIPAA Privacy Notice says I have certain rights concerning protected health information about me. How do I exercise those rights?
In order to exercise any of your rights as described in the HIPAA Privacy Notice, write to:
2211 Congress Street, B267
Portland, ME 04122