TML Intergovernmental Employee Benefits Pool
 About TML IEBP :: Contact Us 


Service is the Difference!  
TML IEBP Info

About TML IEBP Products & Services Webcasts/Newsletters Provider Search

Careers
Contact Us

Privacy Notice

Website Privacy

Legal Statement







Print Print This Page

Notice of Privacy Practices

Last Revised on January 23, 2007

THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.

TML Intergovernmental Employee Benefits Pool (TML IEBP) is required by law to keep your health information private. This notice tells you about TML IEBP's legal duties connected to your health information. It also tells you how TML IEBP protects the privacy your health information. As your group health plan, TML IEBP must use and share your health information to pay benefits to you and your healthcare providers. TML IEBP has physical, electronic and procedural safeguards that protect your health information from inappropriate or unnecessary use or sharing.

Is all my health information protected?
Your individually identifiable health information that TML IEBP transmits or maintains in writing, electronically, orally or by any other means is protected. This includes information that TML IEBP creates or receives and that identifies you and relates to your participation in the health plan, your physical or mental health, your receipt of healthcare services and payment for your healthcare services.

What steps does TML IEBP take to protect my information?
Because we believe that protecting your information is of the highest priority, TML IEBP takes the following steps to ensure that it remains confidential.

Business Associate Agreements - TML IEBP follows the requirements of HIPAA and ensures that any external party has completed a Business Associate Agreement.

Encryption of PHI data - To protect health information in transit, all Protected Health Information is encrypted to prevent unauthorized access. This is done so that only authorized individuals can view and access the information. The list of individuals that have access to the information is reviewed on a regular basis.

Independent Review - TML IEBP annually employs an external, independent security company to review and test our security controls to make sure it meets HIPAA requirements. The independent company provides certified security professionals to conduct the assessment.

Use of PHI - Any use of member's PHI is reviewed by the TML IEBP Privacy and Security Officer to verify that it conforms with both HIPAA and TML IEBP privacy policies.

How does TML IEBP use and share my health information?
TML IEBP's most common use of health information is for its own treatment, payment and healthcare operations. TML IEBP also may share your health information with healthcare providers, other health plans and healthcare clearinghouses for their treatment, payment and healthcare operations. (Healthcare clearinghouses are organizations that help with electronic claims.) TML IEBP also may share your health information with a TML IEBP business associate if the business associate needs the information to perform treatment, payment or healthcare operations on TML IEBP's behalf. For example, if your health plan includes a retail and mail order pharmacy network, TML IEBP must share information with the pharmacy network about your eligibility for benefits. Healthcare providers, other health plans, healthcare clearinghouses and TML IEBP business associates are all required to maintain the privacy of any health information they receive from TML IEBP. TML IEBP uses and shares the smallest amount of your health information that it needs to administer your health plan.

What are treatment, payment and healthcare operations?
Treatment is the provision, coordination or management of healthcare and related services. For example, your health information is shared for treatment when your family doctor refers you to a specialist.

Payment includes TML IEBP activities such as billing, claims management, subrogation, plan reimbursement, reviews for medical necessity and appropriateness of care, utilization review and precertification of healthcare services. For example, TML IEBP may tell a doctor if you are covered under a TML IEBP health plan and what part of the doctor's bill TML IEBP will pay.

Healthcare operations include quality assessment and improvement, reviewing competence or qualifications of healthcare professionals, underwriting and other activities necessary to create or renew health plans. It also includes disease management, case management, conducting or arranging for medical review, legal services, auditing functions including fraud and abuse compliance programs, business planning and development, business management and general administrative activities. For example, TML IEBP may use information from your claims to contact you about treatment alternatives or other health-related benefits and services that may be of interest to you.

How else does TML IEBP share my health information?
TML IEBP may share your health information, when allowed or required by law, as follows:

  • Directly with you or your personal representative. A personal representative is a person who has legal authority to make healthcare decisions for you. In the case of a child under 18 years of age, the child's personal representative may be a parent, guardian or conservator. In the case of an adult who cannot make his own medical decisions, a personal representative may be a person who has a medical power of attorney.
  • With the Secretary of the U.S. Department of Health and Human Services to investigate or determine TML IEBP's compliance with federal regulations on protecting the privacy and security of health information.
  • With your family member, other relative, close personal friend or other person identified by you who is involved directly in your care. TML IEBP will limit the information shared to what is relevant to the person's involvement in your care and, except in the case of an emergency or your incapacity, you will be given an opportunity to agree or to object to the release of your health information.
  • For public health activities.
  • To report suspected abuse, neglect or domestic violence to public authorities.
  • To a public oversight agency.
  • When required for judicial or administrative proceedings.
  • When required for law enforcement purposes.
  • With organ procurement organizations or other organizations to facilitate organ, eye or tissue donation or transplantation.
  • With a coroner or medical examiner for the purpose of identifying a deceased person, determining a cause of death or other duties required by law.
  • With a funeral director when permitted by law and when necessary for the funeral director to carry out his duties with respect to the deceased person.
  • To avert a serious threat to health or safety.
  • For specialized government functions, as required by law.
  • When otherwise required by law.
  • Information that has been de-identified. This means that TML IEBP has removed all your identifying information and it is reasonable to believe that the organization receiving the information will not be able to identify you from the information it receives.

Can I keep TML IEBP from using or sharing my health information for any of these purposes?
You have the right to make a written request that TML IEBP not use or share your health information, unless the use or release of information is required by law. However, since TML IEBP uses and shares your health information only as necessary to administer your health plan, TML IEBP does not have to agree to your request.

Are there any other times when TML IEBP may use or share my health information?
TML IEBP may not use or share your health information for any purpose not included in this notice, unless TML IEBP first receives your written authorization. To be valid, your authorization must include: the name of the person or organization releasing your health information; the name of the person or organization receiving your health information; a description of your health information that may be shared; the reason for sharing your health information; and an end date or end event when the authorization will expire. You may revoke or take back any authorization that you make. Your request to revoke your authorization must be in writing and will not apply to any information shared before TML IEBP receives your request.

Will TML IEBP share my health information with my employer?
TML IEBP shares summary health information with the employer who sponsors your group health plan. Employers need this information to get bids from other health plans or to make decisions to modify, amend or terminate the TML IEBP group health plan. Summary health information summarizes the claims history, claims expenses or type of claims experienced by the entire group of people covered under a health plan. Summary health information does not include any information that identifies you, such as your name, social security number or date of birth.

Also, TML IEBP shares with the employer who sponsors your group health plan information on whether you are enrolled in TML IEBP's group health plan or if you recently added, changed or dropped coverage.

Can I find out if my health information has been shared with anyone?
You may make a written request to TML IEBP's Privacy and Security Officer for a list of any disclosures of your health information made by TML IEBP during the last six years. The list will not include any disclosures made for treatment, payment or healthcare operations; any disclosures made directly to you; any disclosures made based upon your written authorization; any disclosures reported on a previous list; or any disclosures made before April 14, 2003.

Generally, TML IEBP will send the list within 60 days of the date TML IEBP receives your written request. However, TML IEBP is allowed an additional 30 days if TML IEBP notifies you, in writing, of the reason for the delay and notifies you of the date by which you can expect the list. If you request more than one list within a 12-month period, TML IEBP may charge you a reasonable, cost-based fee for each additional list.

Can I view my health information maintained by TML IEBP?
You may make a written request to inspect, at TML IEBP's offices, your enrollment, payment, billing, claims and case or medical management records that TML IEBP maintains. You also may request paper copies of your records. If you request paper copies, TML IEBP may charge you a reasonable, cost-based fee for the copies. Requests to view your health information should be made in writing to:

TML IEBP
ATTN: Privacy and Security Officer
1821 Rutherford Lane, Suite 300
Austin, Texas 78754-5151

If I review my health information and find errors, how do I get my records corrected?
You may request that TML IEBP correct any of your health information that it creates and maintains. All requests for correction must be made to TML IEBP's Privacy and Security Officer, must be in writing and must include a reason for the correction. Please be aware that TML IEBP can correct only the information that it creates. If your request is to correct information that TML IEBP did not create, TML IEBP will need a statement from the individual or organization that created the information explaining an error was made. For example, if you request a claim be corrected because the diagnosis is incorrect, TML IEBP will correct the claim if TML IEBP made an error in the data entry of the diagnosis. However, if your healthcare provider submitted the wrong diagnosis to TML IEBP, TML IEBP cannot correct the claim without a statement from your healthcare provider that the diagnosis is incorrect. TML IEBP has 60 days after it receives your request to respond. If TML IEBP is not able to respond, it is allowed one 30-day extension. If TML IEBP denies your request, either in part or in whole, TML IEBP will send you a written explanation of its denial. You may then submit a written statement disagreeing with TML IEBP's denial and have that statement included in any future disclosures of the disputed information.

I'm covered as a dependent and do not want any of my health information mailed to the covered employee's address. Will you do that?
If mailing communications to the covered employee's address would place you in danger, TML IEBP will accommodate your request to receive communications of health information by alternative means or at alternative locations. Your request must be reasonable, must be in writing, must specify an alternative address or other method of contact, and must include a statement that sending communications to the covered employee's address would place you in danger.

If I believe my privacy rights have been violated, how do I make a complaint?
If you believe your privacy rights have been violated, you may make a complaint to TML IEBP.

In writing: TML IEBP
ATTN: Privacy and Security Officer
1821 Rutherford Lane, Suite 300
Austin, Texas 78754-5151

Or call: (800) 282-5385

Also, you may file a complaint with the U.S. Department of Health and Human Services. TML IEBP will not retaliate against you for filing a complaint.

When are the privacy practices described in this notice effective?
This privacy notice has an effective date of April 14, 2003.

Can TML IEBP change its privacy practices?
TML IEBP is required by law to follow the terms of its privacy notice currently in effect. TML IEBP reserves the right to change its privacy practices and to apply the changes to any health information TML IEBP received or maintained before the effective date of the change. TML IEBP will provide the employer who sponsors your group health plan with copies of any revised notice of privacy practices. The employer will distribute the notice to covered employees before the effective date of any changes. Also, TML IEBP will maintain its current privacy notice on its website at: www.tmliebp.org.

What happens to my health information when I leave the plan?
TML IEBP is required to maintain your records for at least six years after you leave TML IEBP's group health plan. However, TML IEBP will continue to maintain the privacy of your health information even after you leave the plan.

How can I get a paper copy of this notice?
To request that TML IEBP mail you a paper copy of this notice, call (800) 282-5385.

Who can I contact for more information on my privacy rights?

Write to: TML IEBP
ATTN: Privacy and Security Officer
1821 Rutherford Lane, Suite 300
Austin, Texas 78754-5151

Or call: (800) 282-5385

HOME :: Plan Members :: Employers :: Healthcare Providers :: Provider Search :: BeWell @ TML IEBP :: Newsroom :: Careers
Webcasts & Newsletters :: About TML IEBP :: Contact Us :: Privacy Notice :: Website Privacy :: Legal Statement :: Board Members Only