NOTICE OF PRIVACY PRACTICES

THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED

AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION.

PLEASE REVIEW IT CAREFULLY.

Effective: 05/01/2016

This Notice of Privacy Practices describes how Guardian and its subsidiaries may use and disclose your Protected
Health Information (PHI) in order to carry out treatment, payment and health care operations and for other purposes
permitted or required by law.

Guardian is required by law to maintain the privacy of PHI and to provide you with notice of our legal duties and privacy practices concerning PHI. We are required to abide by the terms of this Notice so long as it remains in effect. We reserve the right to change the terms of this Notice of Privacy Practices as necessary and to make the new Notice effective for all PHI maintained by us. If we make material changes to our privacy practices, copies of revised notices will be made available on request and circulated as required by law. Copies of our current Notice may be obtained by contacting Guardian (using the information supplied below), or on our Web site at www.guardianlife.com/privacy-policy.

What is Protected Health Information (PHI):

PHI is individually identifiable information (including demographic information) relating to your health, to the health care provided to you or to payment for health care. PHI refers particularly to information acquired or maintained by us as a result of your having health coverage (including medical, dental, vision and long term care coverage).

In What Ways may Guardian Use and Disclose your Protected Health Information (PHI):

Guardian has the right to use or disclose your PHI without your written authorization to assist in your treatment, to facilitate payment and for health care operations purposes. There are certain circumstances where we are required by law to use or disclose your PHI. And there are other purposes, listed below, where we are permitted to use or disclose your PHI without further authorization from you. Please note that examples are provided for illustrative purposes only and are not intended to indicate every use or disclosure that may be made for a particular purpose.

Guardian has the right to use or disclose your PHI for the following purposes:

Treatment. Guardian may use and disclose your PHI to assist your health care providers in your diagnosis and treatment. For example, we may disclose your PHI to providers to supply information about alternative treatments.

Payment. Guardian may use and disclose your PHI in order to pay for the services and resources you may receive. For example, we may disclose your PHI for payment purposes to a health care provider or a health plan. Such purposes may include: ascertaining your range of benefits; certifying that you received treatment; requesting details regarding your treatment to determine if your benefits will cover, or pay for, your treatment.

Health Care Operations. Guardian may use and disclose your PHI to perform health care operations, such as administrative or business functions. For example, we may use your PHI for underwriting and premium rating purposes. However, we will not use or disclose your genetic information for underwriting purposes and are prohibited by law from doing so.

Appointment Reminders. Guardian may use and disclose your PHI to contact you and remind you of appointments.

Health Related Benefits and Services. Guardian may use and disclose PHI to inform you of health related benefits or services that may be of interest to you.

Plan Sponsors. Guardian may use or disclose PHI to the plan sponsor of your group health plan to permit the plan sponsor to perform plan administration functions. For example, a plan may contact us regarding benefits, service or coverage issues. We may also disclose summary health information about the enrollees in your group health plan to the plan sponsor so that the sponsor can obtain premium bids for health insurance coverage, or to decide whether to modify, amend or terminate your group health plan.

Guardian is required to use or disclose your PHI:

  • To you or your personal representative (someone with the legal right to make health care decisions for you);
  • To the Secretary of the Department of Health and Human Services, when conducting a compliance investigation, review or enforcement action related to health information privacy or security; and
  • Where otherwise required by law.

Guardian is Required to Notify You of any Breaches of Your Unsecured PHI.

Although Guardian takes reasonable, industry-standard measures to protect your PHI, should a breach occur, Guardian is required by law to notify affected individuals. Under federal medical privacy law, a breach means the acquisition, access, use, or disclosure of unsecured PHI in a manner not permitted by law that compromises the security or privacy of the PHI.

Other Uses and Disclosures.

Guardian may also use and disclose your PHI for the following purposes without your authorization:

  • We may disclose your PHI to persons involved in your care or payment for care, such as a family member or close personal friend, when you are present and do not object, when you are incapacitated, under certain circumstances during an emergency or when otherwise permitted by law.
  • We may use or disclose your PHI for public health activities, such as reporting of disease, injury, birth and death, and for public health investigations.
  • We may use or disclose your PHI in an emergency, directly to or through a disaster relief entity, to find and tell those close to you of your location or condition
  • We may disclose your PHI to the proper authorities if we suspect child abuse or neglect; we may also disclose your PHI if we believe you to be a victim of abuse, neglect, or domestic violence.
  • We may disclose your PHI to a government oversight agency authorized by law to conducting audits, investigations, or civil or criminal proceedings.
  • We may use or disclose your PHI in the course of a judicial or administrative proceeding (e.g., to respond to a subpoena or discovery request).
  • We may disclose your PHI to the proper authorities for law enforcement purposes.
  • We may disclose your PHI to coroners, medical examiners, and/or funeral directors consistent with law.
  • We may use or disclose your PHI for organ or tissue donation.
  • We may use or disclose your PHI for research purposes, but only as permitted by law.
  • We may use or disclose PHI to avert a serious threat to health or safety.
  • We may use or disclose your PHI if you are a member of the military as required by armed forces services.
  • We may use or disclose your PHI to comply with workers’ compensation and other similar programs.
  • We may disclose your PHI to third party business associates that perform services for us, or on our behalf (e.g.vendors).
  • We may use and disclose your PHI to federal officials for intelligence and national security activities authorized by law. We also may disclose your PHI to authorized federal officials in order to protect the President, other officials or foreign heads of state, or to conduct investigations authorized by law.
  • We may disclose your PHI to correctional institutions or law enforcement officials if you are an inmate or under the custody of a law enforcement official (e.g., for the institution to provide you with health care services, for the safety and security of the institution, and/or to protect your health and safety or the health and safety of other individuals).
  • We may use or disclose your PHI to your employer under limited circumstances related primarily to workplace injury or illness or medical surveillance.

We generally will not sell your PHI, or use or disclose PHI about you for marketing purposes without your authorization unless otherwise permitted by law.

Your Rights with Regard to Your Protected Health Information (PHI):

Your Authorization for Other Uses and Disclosures. Other than for the purposes described above, or as otherwise permitted by law, Guardian must obtain your written authorization to use or disclosure your PHI. You have the right to revoke that authorization in writing except to the extent that: (i) we have taken action in reliance upon the authorization prior to your written revocation, or (ii) you were required to give us your authorization as a condition of obtaining coverage, and we have the right, under other law, to contest a claim under the coverage or the coverage itself.

Under federal and state law, certain kinds of PHI may require enhanced privacy protections. These forms of PHI include information pertaining to:

  • HIV/AIDS testing, diagnosis or treatment
  • Venereal and /or communicable Disease(s)
  • Genetic Testing
  • Alcohol and drug abuse prevention, treatment and referral
  • Psychotherapy notes

We will only disclose these types of delineated information when permitted or required by law or upon your prior written authorization.

Your Right to an Accounting of Disclosures. An ‘accounting of disclosures’ is a list of certain disclosures we have made, if any, of your PHI. You have the right to receive an accounting of certain disclosures of your PHI that were made by us. This right applies to disclosures for purposes other than those made to carry out treatment, payment and health care operations as described in this notice. It excludes disclosures made to you, or those made for notification purposes. We ask that you submit your request in writing by completing our form. Your request may state a requested time period not more than six years prior to the date when you make your request. Your request should indicate in what form you want the list (e.g., paper, electronically). Our form for Accounting of Disclosure requests is available at www.guardianlife.com/privacy-policy.

Your Right to Obtain a Paper Copy of This Notice. You have a right to request a paper copy of this notice even if you have previously agreed to accept this notice electronically. You may obtain a paper copy of this notice by sending a request to the contact information listed at the end of this notice.

Your Right to File a Complaint. If you believe your privacy rights have been violated, you may file a complaint with Guardian or the Secretary of U.S. Department of Health and Human Services. If you wish to file a complaint with Guardian, you may do so using the contact information below. You will not be penalized for filing a complaint.

Please submit any exercise of the Rights designated below to Guardian in writing using the contact information listed below. For some requests, Guardian may charge for reasonable costs associated with complying with your requests; in such a case, we will notify you of the cost involved and provide you the opportunity to modify your request before any costs are incurred.

Your Right to Request Restrictions. You have the right to request a restriction on the PHI we use or disclose about you for treatment, payment or health care operations as described in this notice. You also have the right to request a restriction on the medical information we disclose about you to someone who is involved in your care or the payment for your care.

Your Right to Request Confidential Communications. You have the right to request that Guardian communicate with you about your PHI be in a particular manner or at a certain location. For example, you may ask that we contact you at work rather than at home. We are required to accommodate all reasonable requests made in writing, when such requests clearly state that your life could be endangered by the disclosure of all or part of your PHI.

Your Right to Amend Your PHI If you feel that any PHI about you, which is maintained by Guardian, is inaccurate or incomplete, you have the right to request that such PHI be amended or corrected. Within your written request, you must provide a reason in support of your request. Guardian reserves the right to deny your request if: (i) the PHI was not created by Guardian, unless the person or entity that created the information is no longer available to amend it (ii) if we do not maintain the PHI at issue (iii) if you would not be permitted to inspect and copy the PHI at issue or (iv) if the PHI we maintain about you is accurate and complete. If we deny your request, you may submit a written statement of your disagreement to us, and we will record it with your health information.

Your Right to Access to Your PHI. You have the right to inspect and obtain a copy of your PHI that we maintain in designated record sets. Under certain circumstances, we may deny your request to inspect and copy your PHI. In an instance where you are denied access and have a right to have that determination reviewed, a licensed health care professional chosen by Guardian will review your request and the denial. The person conducting the review will not be the person who denied your request. Guardian promises to comply with the outcome of the review.

How to Contact Us:

If you have any questions about this Notice or need further information about matters covered in this Notice, please call the toll-free number on the back of your Guardian ID card. If you are a broker please call 800-627-4200. All others please contact us at 800-541-7846. You can also write to us with your questions, or to exercise any of your rights, at the address below:

Attention:

Guardian Corporate Privacy Officer
National Operations

Address:

The Guardian Life Insurance Company of America
Group Quality Assurance – Northeast
P.O. Box 981573
El Paso, TX 79998-1573

Change Healthcare
Status Update

The Change Healthcare security incident is being investigated and they are working to restore services in the most safe and efficient manner. Currently, we do not have any details regarding potential impacts to members, providers, or other stakeholders, nor an estimated time for resolution. We have established temporary work arounds for the most critical services affecting member care and provider’s needs, where possible. We will provide updates as we have them, and appreciate your patience while our vendor, Change Healthcare works to resolve the issue.