Record retention

April 29, 2003

Former client has requested all records, documents, contracts, etc. referencing their account be.shipped to them. As an agent, I find it necessary to retain e-mails correspondence, contracts and policies in the event of legal difficulties. Client didn't pay consulting fee for the internet services, binders, paper, etc. How would you handle this?

Thanks

Kova7

jeanine · April 29, 2003

If you had a contract with them, what does it say about this type of request? What is the nature of the agent/client relationship? Even if the information belongs to the client, you should make a copy and retain for your protection. If the information belongs to you, make the client a copy and charge a fee based on your state law for copying fees.

April 29, 2003

There was no contract with this client. I was their agent for 16 years. They have copies of everything I have - all of the TPA reports, booklets, policies, correspondence, etc. I doubt I have any obligation to provide them with anything.

Jbentz · April 29, 2003

The request could be due to the HIPAA regs regarding Business Assoicates. The BAAs do state that all PHI is to be returned or destroyed. Even if you did not have a contract with them, they might be using that as a guideline.

April 30, 2003

Client is not subject to HIPAA yet - they are excepted based on the $5 million in premium rule. What would you do?

GBurns · April 30, 2003

I do not remember anything in HIPAA about BAs returning or destroying anything.

You did not state whether this client was the employer or the plan.

I do not think that HIPAA gives the employer any right to PHI, whether the plan is fully insured or self-insured. The employer is not the plan.

Even if the client was subject to HIPAA, you, as an agent are required by your state insurance licensing law and most likely your contracts with the insurers, to retain copies of the documents.

Certain items might be none of their business including correspondence with employees, commission statements and most correspondence with your insurers.

Steve72 · April 30, 2003

GBurns:

Check HIPAA 164.504 (f)(2)(ii)(I).

GBurns · April 30, 2003

Note that it clearly states "if feasible" and "if such return or destruction is not feasible".

Because of state insurance laws and the agent's insurance contract destruction or return without copying is not very feasible.

Also bear in mind that the employer or plan sponsor IS NOT the Plan and most likely should not even be requesting muchless getting this PHI.

Ron Snyder · May 1, 2003

To clarify GBurns' point: if your client is the employer, under the new privacy rules you may not give them personal health information. So be careful.

Did they say why they desire the files back? If I were in this situation and gave a damn about the relationship, I would send them originals of everything they provided me and copies of everything I provided them, while retaining copies of both. I would first make sure that all documents were "scrubbed" clean of PHI.

jeanine · May 1, 2003

I'm considering weighing in on this again, but need answers from kova7 first. What is your exact relationship with this client? Who is your client the employer or the plan? Is this even health care coverage? Is this a self-funded plan or insured? If insured, what state are you, plan, and insurance company located in?

May 1, 2003

My exact relationship to this client was two fold "insurance agent" on applicability of all insurance coverages marketed, implemented and negotiated renewals. The client was the employer in the state of New York. I consulted on the self insured health plan which was administered by a TPA. Client currently has copies of everything. The client request is a control mechanism to make sure no one has any records of anythning concerning the plans.

I have reviewed the entire HIPAA reference and gone to HHS - I can charge a fee for labor to copy whatever relevant documents plus the cost of copying. Under ERISA - I have a 6 year obligation to retain all materials relevant to the client and the plans - not to mention the state insurance requirements for an agent.

Kova7

GBurns · May 1, 2003

kova7,

While you seem to have accepted that there are other regulatory issues to be aware of, you semm to have missed the point regarding whether or not ANY PHI should be given to this client.

The employer is not the plan, whether insured or self-funded. PHI is NOT to be given to ANY employer.

As jeanine asked, but you did not answer.....

Who is your client the employer or the plan?

May 1, 2003

My client is the employer since the plan is administered by the TPA. Here is where the confusion is - I receive an administrative fee from the TPA which comes out of the health plan fixed costs. Realize the HIPAA regs have not gone into effect for this client until October.

Note, I will not provide PHI to anyone 0 a point well taken and respected.

I appreciate everyone's guidance and help.

thanks,

kova7 .

GBurns · May 2, 2003

Whether your client is the employer or not or the plan is administered by the TPA or not is irrelevant to the questions asked etc.

The employer is not the Plan. That is what some of us are trying to get you to understand.

Steve72 · May 2, 2003

GBurns:

You are correct that the employer is not the plan, but it is also important to note that neither is the broker. Nothing Kova has said has led me to believe that he is in any way a covered entity. Accordingly, his only HIPAA obligations will be through a business associate agreement. Since this client is not yet subject to HIPAA, there will be no such agreement.

HIPAA will not serve as a barrier to disclose this information.

Sign In

Record retention

Recommended Posts

Guest kova7

jeanine

Guest kova7

Jbentz

Guest kova7

GBurns

Steve72

GBurns

Ron Snyder

jeanine

Guest kova7

GBurns

Guest kova7

GBurns

Steve72

Create an account or sign in to comment

Create an account

Sign in

Activity

Forums (Message Boards)

Daily Newsletters

Important Information