This notice describes how medical information about you may be used and disclosed and how you can get access to this information. Review it carefully.
Protecting the privacy of your personal health information
This notice describes how we protect the privacy of our members’ (and former members’) nonpublic personal information. It also explains your rights and how we obtain, use, and protect your nonpublic personal information. Dean is required by law to maintain the privacy and security of your personal health and financial information (i.e., nonpublic personal information). We will notify you right away if a breach occurs that may have compromised the privacy or security of your nonpublic personal information. Dean understands the importance of keeping your nonpublic personal information safe. Dean is required to provide you with a written notice of our legal duties and privacy practices about that information.
NOTE: This notice applies to the Medica/Dean Health Affiliated Covered Entities (ACE). The combined entities are designated as a single HIPAA covered entity as permitted by HIPAA. This designation may be amended from time to time to add new covered entities that are under common control or ownership. The current list of the participant members of the Medica/Dean Health ACE include: Medica Health Plans, Medica Insurance Company, Medica Community Health Plan, Medica Regional Insurance Company, Medica Central Health Plan, Medica Central Insurance Company, Dean Health Plan, Inc., and Dean Health Insurance, Inc.
Dean Health Insurance, Inc., along with Dean Health Plan, Medica Central Health Plan, and Medica Central Insurance Company may take part in Organized Health Care Arrangements (OHCAs), including an OHCA with SSM Health and Dean Health System. As part of an OHCA, we may from time to time share your information with other members of the OHCA in order to perform joint health care activities as permitted by HIPAA.
Types of information Dean collects about you
We collect different types of nonpublic personal information to help us manage your health insurance coverage and benefits. We collect nonpublic personal information about you from some of the following sources.
- Information we get directly or indirectly from you or your employer or benefit plan sponsor through applications, surveys or other forms. This may include information received in writing, in person, by telephone or electronically. Examples include name, address, social security number, date of birth, marital status and medical history.
- Information about your business with us, our affiliates, providers, agents, and others. This includes information from health care claims, medical history, eligibility information, payment information, service requests and appeals and grievance information.
- Information you allow us to get from others.
Choices about your health information
We will not use or release your health information without your written permission, except as described in this Notice. In some cases, you may be able to ask us to disclose your health information to the third-party application of your choosing. For the most part, you have the right and choice to tell us to:
- Share information with your family, close friends or others involved in payment for your care.
- Share information in a disaster relief situation.
If you are not able to share your preference, such as if you are unconscious, we may share your information if we believe it is in your best interest. We may also share your information when needed to lessen a serious and imminent threat to health or safety.
In the following cases we never share your information unless you give us written permission:
- Most uses and releases of psychotherapy notes.
- Marketing purposes.
- Sale of your information.
If you do give us written authorization to use or release your health information for a particular purpose, you may change your mind at any time. You must let us know in writing if you change your mind.
How Dean may use or release your health information
We will not release your nonpublic personal information unless we are allowed or required by law to do so. The following describes the ways that Dean may use and release your nonpublic personal information. For each way we might use or release your information, we will explain what we mean and give some examples. Not every use or release we might make will be listed. However, all the ways we are allowed to use or release information will fall within one of these items.
Note: Some of the uses and releases described in this notice may be limited in certain cases by laws that are stricter than Federal Privacy laws, including releases related to mental health and substance abuse, developmental disability, alcohol and other drug abuse (AODA), and HIV testing.
We are allowed to use and release information for one of the following reasons:
- Make or collect payments. We may use and release your information to make and collect payment for premiums, or treatment and services you receive. For example, we may share information with your dental plan to arrange payment for covered dental work. This could include, but is not limited to:
- Collecting premiums,
- Collecting payment for your health services,
- Determining your eligibility for plan benefits, and
- Determining your health plan’s responsibility for benefits.
- Run our organization. We may use and release your health information to run our organization and contact you when necessary. For example, we use medical information about you to develop better services for your health. However, we are not allowed to use genetic information to decide whether we will give you coverage or the price of that coverage. We also will not use cultural information, such as race, ethnicity, language, gender identity, and sexual orientation for purposes of underwriting, rate setting, or denial of coverage.
- Help manage the treatment you receive. We may share your health information with your treatment team. For example, a doctor sends us information about your diagnosis and treatment plan so we can set up additional services. We may also contact you with information on treatment choices and other information that may be of interest to you.
- Offering Health-related Benefits and Services. We may use and release your health information to give you information on health-related benefits and services that may be of interest to you. For example, we may share your health information with a care partner company to offer you additional services to help you manage your health.
- Manage your plan. If applicable, we may share your health information with the sponsor of your group health plan for purposes of managing benefits under the plan. If you have a group health plan, your employer is the plan sponsor.
- Public Safety. We can share health information about you for certain situations such as the following.
- Preventing disease
- Helping with product recalls
- Reporting adverse reactions to medications, reporting suspected abuse, neglect, or domestic violence
- Stopping or lowering a serious and immediate threat to the health or safety of a certain person or the public
- Research. Sometimes, and only after a special approval process, we may use and release your health information to help conduct research.
- Respond to organ and tissue donation requests. We can share health information about you with organ procurement organizations, a coroner, medical examiner, or a funeral director when someone dies.
- Required by law. We will share information about you if state or federal laws require it, including with the Department of Health and Human Services to see that we are following federal privacy laws.
- Workers’ compensation, law enforcement, and other government requests. We can use and share health information about you in the following situations.
- Workers’ compensation claims
- Law enforcement purposes or with a law enforcement official
- Health oversight agencies for activities we must do under the law
- Special government roles such as military, national security, and presidential protective services
- Respond to lawsuits and legal actions. We may share your health information in response to a court or administrative order, or in response to a subpoena.
How Dean protects this information
We limit the gathering of your nonpublic personal information to only what we need to run our business, provide quality service, and meet regulatory requirements. We maintain physical, electronic, and procedural safeguards that comply with federal regulations to safeguard your nonpublic personal information. We limit the internal use of oral, written, and electronic use of this information about you and ensure that only staff and business associates with the need to know have access to it. We have safeguards for your nonpublic personal information and review them regularly to protect your privacy. We protect cultural information such as race, ethnicity, language, gender identity, and sexual orientation, the same as all other nonpublic personal information.
- Request restrictions on your health records. You have the right to ask us to not use or share certain health information. We may not agree to this request, but we will follow any request we agree to.
- Request confidential communications. You have the right to ask us to contact you in a specific way (for example a home phone or office phone) or to send mail to a different address. We will consider all reasonable requests and we must agree if you tell us you would be in danger if we do not.
- Receive a copy of your health records. You have the right to see or get a copy of your health and claims information. We may charge you for the cost of copying the records.
- Ask us to correct your health records. You have a right to request that Dean correct certain health information held by Dean if you think it is incorrect or incomplete. We may not agree to your request, but we’ll tell you why in writing.
- Receive an accounting of disclosures. You have the right to receive a list (accounting) of the times we have shared your health information for the six years prior to your request. The list will not include releases made for purposes of treatment, payment, health care operations, or certain other releases (such as those you asked us to make). If you ask for more than one list per year, we may charge you for the cost of providing it.
- Receive a copy of this notice. You have a right to ask for a paper copy of this Notice at any time. We will provide you with a paper copy promptly.
- Notification of a breach. You will be notified in the event of a breach of your unsecured protected health information.
- Right to a representative. If you have chosen a medical power of attorney or have a legal guardian, that person can exercise your rights and make choices about your health information. We will make sure that the person has this authority and can act for you before we take any action.
Changes to this notice of privacy practices
Dean may change this Notice from time to time and make the new notice effective for all nonpublic personal information we maintain, including information we created or collected before the change. Dean will always follow the current version of this notice. The new notice will be available upon request and on our website.
Submit complaints about this notice or how we handle your health information, in writing, to our Privacy Officer. Dean will not hold any complaint you submit against you in any way. In addition, if you believe your privacy rights have been violated, you may file a complaint with the Secretary of the U.S. Department of Health and Human Services. To do so, write to the Office for Civil Rights, U.S. Department of Health & Human Services, 233 N. Michigan Ave., Ste 240, Chicago, IL 60601.
If you have questions, complaints, or want to exercise any of your health information rights, call the Customer Care Center at 800-279-1301 (or, if you purchased coverage on the Health Insurance Marketplace, at 877-394-9080) or contact us at the following address:
Medica – MR: CP225
401 Carlson Pkwy
Minnetonka, MN 55305
The effective date of this notice is October 15, 2023.