Legal

HIPAA Notice of Privacy Practices

Your rights under HIPAA and how we protect your health information.

Effective Date: January 1, 2025

Our Legal Duty

Your Policy LLC, in its capacity as an insurance agency involved in the placement of health-related insurance products — including group health insurance, individual health insurance, Medicare Advantage, and Medicare Supplement plans — may act as a Business Associate or insurance producer in connection with Protected Health Information ('PHI') as defined by the Health Insurance Portability and Accountability Act of 1996 ('HIPAA') and its implementing regulations.

We are required by law to maintain the privacy of your PHI, to provide you with this notice of our legal duties and privacy practices, and to notify you in the event of a breach of unsecured PHI. We are required to abide by the terms of this Notice currently in effect.

How We May Use and Disclose Health Information

The following describes how we may use and disclose PHI in connection with your insurance coverage. These uses are permitted under HIPAA without your separate written authorization:

  • Treatment: We may disclose PHI to assist in the coordination of benefits or to facilitate referrals to health care providers in connection with your coverage.
  • Payment: We may use or disclose PHI to obtain premium payments, determine eligibility and coverage, process claims, and carry out other billing and payment activities.
  • Health Care Operations: We may use or disclose PHI to conduct quality assessment, evaluate agent and carrier performance, and carry out other insurance operations.
  • As Required by Law: We will disclose PHI when required by federal, state, or local law.
  • Business Associates: We may share PHI with vendors and partners who provide services on our behalf, subject to written agreements requiring them to protect your information.
  • Public Health Activities: We may disclose PHI to public health authorities as required by law.
  • Law Enforcement: We may disclose PHI in response to a court order, warrant, subpoena, or other lawful process.

Uses Requiring Your Authorization

Other uses and disclosures of your PHI not covered by this Notice — including uses for marketing purposes or the sale of PHI — will be made only with your written authorization. You may revoke that authorization at any time in writing, and we will honor that revocation going forward, except to the extent we have already acted in reliance on it.

Your Rights Regarding Your Health Information

You have the following rights with respect to PHI we hold about you:

  • Right to Access: You have the right to inspect and obtain a copy of PHI maintained in your designated record set.
  • Right to Amend: If you believe information in your record is incorrect or incomplete, you may request an amendment.
  • Right to an Accounting of Disclosures: You may request a list of disclosures we have made of your PHI, other than for treatment, payment, or health care operations.
  • Right to Request Restrictions: You may request restrictions on certain uses and disclosures of your PHI. We are not required to agree to all requested restrictions.
  • Right to Confidential Communications: You may request that we communicate with you about health matters in a specific way or at a specific location.
  • Right to a Paper Copy of This Notice: You have the right to a paper copy of this Notice at any time.

Breach Notification

In the event of a breach of unsecured PHI, we will notify affected individuals as required by the HIPAA Breach Notification Rule. Notification will be provided without unreasonable delay and in no case later than 60 days following discovery of a breach, and will include a description of the breach, the types of information involved, and steps you can take to protect yourself.

Changes to This Notice

We reserve the right to change this Notice at any time and to apply the changed Notice to PHI we already maintain, as well as PHI we receive in the future. We will post the current Notice on our website and make paper copies available upon request. The effective date of the current Notice appears at the top of this document.

Complaints

If you believe your privacy rights have been violated, you may file a complaint with us or with the U.S. Department of Health and Human Services, Office for Civil Rights. To file a complaint with HHS, visit hhs.gov/hipaa or call 1-800-368-1019.

We will not retaliate against you for filing a complaint.

Contact Our Privacy Officer

To exercise your rights or report a concern, contact our Privacy Officer:

  • Email: privacy@your-policy.com
  • Mailing Address: Privacy Officer, Your Policy LLC, 3301 Northland Drive, Suite 400, Austin, TX 78731
  • Phone: (512) 265-1744