Health Insurance Portability and Accountability Act (HIPAA)
Passport’s Commitment to Patient Privacy
Protecting the privacy of Members’ personal health information is a core responsibility that Passport takes very seriously. Passport is committed to complying with all Federal and State Laws regarding the privacy and security of Members’ protected health information (PHI).
Provider Responsibilities
Passport expects that its contracted Providers will respect the privacy of Passport Members (including Passport Members who are not patients of the Provider) and comply with all applicable Laws and regulations regarding the privacy of patient and Member PHI. Passport provides its Members with a privacy notice upon their enrollment in our health plan. The privacy notice explains how Passport uses and discloses their PHI and includes a summary of how Passport safeguards their PHI.
Telehealth transmissions are subject to HIPAA-related requirements outlined under State and Federal Law, including:
- 42 C.F.R. Part 2 regulations
- Health Information Technology for Economic and Clinical Health Act, (“HITECH Act”)
Applicable Laws
Providers must understand all State and Federal health care privacy Laws applicable to their practice and organization. Currently, there is no comprehensive regulatory framework that 94 Passport by Molina Healthcare Medicaid Provider Manual Any reference to Passport Members means Passport Medicaid Members. protects all health information in the United States; instead, there is a patchwork of Laws that Providers must comply with. In general, most health care Providers are subject to various Laws and regulations pertaining to privacy of health information, including, without limitation, the following:
- Federal Laws and Regulations
- State Medical Privacy Laws and Regulations
a. HIPAA
b. The Health Information Technology for Economic and Clinical Health Act (HITECH)
c. 42 C.F.R. Part 2
d. Medicare and Medicaid Laws
e. The Affordable Care Act
Providers should be aware that HIPAA provides a floor for patient privacy, but that State Laws should be followed in certain situations, especially if the State Law is more stringent than HIPAA. Providers should consult with their own legal counsel to address their specific situation.