Mel B.

Protected Health Information

Recommended Posts

We include a listing of the new employees who are participants in the COBRA, FSA and HRA plans when we send them our invoices.  I would like to know if the names of the employees are PHI and if we should send our bill via a secure mode of communication?

 

 

Edited by Mel B.
clarification

Share this post


Link to post
Share on other sites

The invoice does not have PHI other than the names of the new employees who participate in the plan - that is all.  However, do the names of the employees who participate in the FSA plan are considered PHI or not - that is what I would like to know.

Share this post


Link to post
Share on other sites

Information about whether an employee is enrolled in a group health plan may or may not be PHI depending on whether the information is held by or on behalf of the plan (it is) or by or on behalf of the employer (it is not).  Sometimes/often making this determination is difficult so it makes sense to follow HIPAA's requirements even though it may not technically be required.  Encrypting emails disclosing this information seems to be a relatively easy step to take in this regard.

If there is some reason why encrypting this information when transmitting it is not desired or practical, you might want to ask your benefits counsel for guidance.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now