Member Services: 1-866-255-4795 | TTY:711

Call to Enroll: 1-833-698-1049 | TTY:711

Google Translate Button

Privacy Practices for Protected Health Information (PHI)

woman smiling in a kitchen

Notice of Privacy Practices

THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED BY BRAND NEW DAY (BND) AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.

During the time that you are a member of BND, it will be necessary for us to collect, maintain and disclose different kinds of information about you and your health. Examples include, but are not limited to, your name, gender, date of birth, home address, telephone number, marital status, Medicare or Medi-Cal number, the language(s) you speak, occupation and employer (if applicable), and past medical history. We gather much of this information from you when you become a member. In certain instances, we may gather information from a parent (in the case of a minor), guardian, conservator, or legal representative. We may also collect information about you from other health plans, insurance companies, or medical groups, as well as doctors, hospitals, pharmacies or other providers where you have received health care services.

Generally, any information related to your past, present, or future physical or mental health that can or may be identified with you individually, is considered Protected Health Information(“PHI”). We are required by law to maintain the privacy and security of your PHI, and we are prohibited from disclosing your PHI except as the law permits. We are also required to provide you with this Notice of Privacy Practices explaining our legal duties and our privacy practices with respect to the PHI we collect and maintain about you. Finally, we are required by law to notify you following a breach of unsecured PHI if we determine that your PHI has been compromised.

We have the right to change our privacy practices, as long as the changes comply with the law. In the event we make any changes to our privacy practices, you will receive a new written Notice of Privacy Practices explaining the changes. A current copy of our Notice of Privacy Practices is available on our website at https://www.bndhmo.com/Members/Privacy-Practicesfor-Protected-Health-I.

PLEASE NOTE: This Notice describes only the privacy practices of BND. Your doctor or medical group, and any specialty care provider, hospital, pharmacy or other provider that you may receive treatment or services from, may have their own notice describing how they maintain the privacy of your PHI.

Collection, Use and Disclosure of Your PHI

We may collect, use and disclose your PHI:

  • To Provide or Arrange for Care: We may use or disclose your PHI in order to provide or arrange for your health care. For example, when you select a primary care provider, we will send that provider your name, membership information, and any relevant information concerning your health status. We may also share your PHI with your doctor or medical group for purposes such as authorizing a particular type of treatment.
  • To Make or Arrange Payment for Care: We may use or disclose your PHI in order to make or arrange payment for your health care. For example, we may receive a bill containing PHI from a doctor who provided care for you. If the bill is our responsibility, we will make payment. If the bill is the responsibility of your medical group, we will forward the bill, with your health information, to the medical group so they can make payment.
  • For Health Care Operations: We may use or disclose your PHI in the process of our health care operations. For example, we may review your PHI to evaluate treatment and services you received and to evaluate the performance of our doctors and other providers. We may also use your PHI to manage and coordinate care for serious or chronic health conditions.
  • To Provide Information to You: We may use or disclose your PHI to you in order to provide you with information about your benefits and available services. For example, we may contact you to inform you about possible treatment options or alternatives, or to provide education about managing a chronic condition.
  • To Provide Information to a Family Member or Friend: We may disclose your PHI to a family member, friend, or other person who is involved with your health care or responsible for payment, but ONLY IF:
    a. You are present, and you ask for or agree to the disclosure;
    OR
    b. You are either not present, or you are physically or mentally unable to respond, and we believe the disclosure is in your best interest.
  • As Otherwise Required or Permitted by Law: We may disclose your PHI, as allowed by law, for many types of activities. PHI can be shared for health oversight activities. It can also be shared for judicial or administrative proceedings, with public health authorities, for law enforcement reasons, and to coroners, funeral directors or medical examiners (about decedents). PHI can also be shared for certain reasons with organ donation groups, for research, and to avoid a serious threat to health or safety. It can be shared for special government functions, for workers’ compensation, to respond to requests from the U.S. Department of Health and Human Services and to alert proper authorities if we reasonably believe that you may be a victim of abuse, neglect, domestic violence or other crimes. PHI can also be shared as required by law. Although HIPAA permits us, we will not use or disclose your PHI for activities related to fundraising.

When Written Authorization Is Required

We must have your written authorization in order to use or disclose your PHI for certain activities listed below. After you provide us with such written authorization, you have the right to revoke it at any time. However, once we use or share your PHI, we cannot undo any actions we took before you revoked it. For more information regarding written authorizations, please contact our Member Services Department at 1-866-255-4795 (TTY: 711). Activities that require your prior written authorization include:

  • Psychotherapy Notes: We will need your authorization to use your psychotherapy notes to carry out payment, treatment, or health care operations. For example, we will require your authorization before we can look at any chart notes from your mental health professional to evaluate your treatment.
  • Marketing: We will need your authorization to use your PHI for any marketing purposes except when we make a face-to-face communication with you or for the purposes of receiving a promotional gift. For example, we will not require your written authorization to use your PHI to reward you for filling out your Member Passport, but we would require your written authorization to use your PHI if BND wanted to market a plan that was more suitable to your healthcare needs.
  • Sale of Protected Health Information: We will need your authorization to disclose your PHI for remuneration. Authorizations for this use must state that the disclosure will result in payment to BND. For example, you would need to provide written authorization for BND to receive remuneration for delivering your PHI to organizations that research and develop new treatments relevant to you.

Maintaining Confidentiality of Your Information

We are dedicated to protecting your PHI. We set up a number of policies and practices to help make sure your PHI is kept secure. We keep your oral, written and electronic PHI safe using physical, electronic and procedural means. These safeguards follow federal and state laws. Some of the ways we keep your PHI safe include offices that are kept secure, computers that need passwords and locked storage areas and filing cabinets. We require our employees to protect PHI through written policies and procedures. These policies limit access to PHI to only those employees who need it to do their job. Also, where required by law, our contractors and business partners must protect the privacy of data we share in the normal course of business. They are not allowed to give PHI to others without your written authorization, except as allowed by law.

Your Rights

The law ensures that you have certain rights with regard to the privacy of your protected health information. These include:

  • The right to look at and make copies of your protected health information. You may have to pay a reasonable cost-based fee for copying and mailing in advance. BND will make reasonable efforts, as required by law, to honor your requests for accessing or amending PHI. However, please be aware that BND does not have complete copies of your medical records. If you want to look at, get a copy of, or change your medical records, please contact your doctor or clinic. You may still ask to look at, make copies, and change the PHI that we do keep.
  • The right to ask us to not disclose parts of your protected health information. If we do not agree to make the changes you want, we will send you a letter telling you why. You may ask that we review our decision if you disagree with it.
  • The right to ask us to contact you only in certain ways. For example, you may ask us to call you only at work.
  • The right to request us to change parts of your protected health information. If we do not agree to make the changes you want, we will send you a letter telling you why. You may ask that we review our decision if you disagree with it.
  • The right to request to be told when, to whom, for what reasons and what protected health information about you we have disclosed.
  • The right to a paper or electronic copy of our Notice of Privacy Practices.

If You Have a Question or Complaint, or Believe your Privacy Rights Have Been Violated

If you have a question or complaint regarding our privacy practices, please call our Member Services Department at 1-866-255-4795 (TTY: 711).

If you believe your privacy rights have been violated, you may call or write to us as follows:

Annie Hsu Shieh, Senior Compliance Counsel
Compliance Department
Brand New Day
PO Box 93122
Long Beach, CA 90809-9871

You may also file a complaint with the Office for Civil Rights (“OCR”). Your complaint must be in writing. You may send your complaint by U.S. mail or fax to:

Office for Civil Rights
U.S. Department of Health & Human Services
90 7th Street, Suite 4-100
San Francisco, CA 94103

Fax: 1-415-437-8329

Phone: 1-415-437-8310 (TDD: 1-415-437-8311)

Additional information on filing a privacy complaint with the OCR is available:

PLEASE NOTE: If you choose to file a complaint regarding BND’s privacy practices or handling of your protected health information, either directly with us or with the OCR, the law prohibits BND from retaliating against you by taking negative action against you in any way because of your complaint.


Privacy that members can report:

Visit: https://secure.ethicspoint.com/domain/media/en/gui/75190/

Explore our comprehensive and affordable plans today.

Find Plans