HIPAA Compliance Information
This page offers information regarding the Health Insurance Portability and Accountability Act (HIPAA) of 1996
The Division is committed to upholding the standards of HIPAA through the everyday monitoring of communication with our participants, parents/guardians, and providers.
The Division utilizes the Secure Mail function to communicate between all stakeholders.
Q: How do I use Secure Email and when should I use it?
A: To send a secure E-mail to the Division, you can contact a Division staff and request that they send you a secure E-mail link, so that you may reply in a secure fashion and submit a message or attachments in accordance with the HIPPA privacy standards. You must reply in the secure portal and attach any files to send the secure E-mail to the Division. Replying to a secure message in your own E-mail browser, such as Yahoo, will NOT send a secure E-mail. It is important to remember that in order for a secure E-mail to function properly, the [SECURE] text that goes before the subject must be in ALL CAPS. To clarify, the Division’s secure E-mail function shall be used when protected health information is shared in electronic files and attachments. This information includes any Participant’s:
• Full name
• E-mail address
• Birth date (except year)
• Social Security number
• Health plan beneficiary number (including Medicaid ID number).
• Claim number
• Admission date
• Discharge date
• Telephone numbers
• Fax numbers
• Medical record numbers
The following items must be sent secure to and from the Division:
• Preapproval forms or plan of care documentation, if sent electronically
• E-mail with participant’s full name included or social security number, initials or birth date.
In order to address these concerns the Division is implementing the following changes:
• Providers sending an E-mail to the Division that includes protected health information will be notified immediately by the recipient of the E-mail that the E-mail includes protected health information and the provider must immediately stop sending E-mails with protected health information. If the provider believes the E-mail is secure, the Division will work with the provider and the Department of Health IT unit to verify the E-mails are secure.
Instructions on the secure E-mail function is available on request from the Division.