		Meritain Health Home

July 2009 Feature: President Obama's Healthcare Reform Initiative

July 2009 Question of the Quarter

Michelle's Law – Regulations Needed

The Paul Wellstone and Pete Domenici Mental Health Parity

2010 Indexed HSA Contribution Limits

Update: Medicare, Medicaid and SCHIP Extension Act of 2007

Reminder on HIPAA Privacy Notices

Children's Health Insurance Program Reauthorization Act of 2009

IRS Bulletin 2007-02

State Spotlight: New York

Home > Resources > Compliance Resources > Compliance Quarterly > July 2009 Compliance Quarterly > Reminder on HIPAA Privacy Notices

Reminder on HIPAA Privacy Notices

Updated as of August 21, 2009

Reminder of when a HIPAA Privacy Notice is required

HIPAA requires that privacy notices be issued:

To all employees when they first become covered by the plan.
To any employee upon request.
To all employees each time the privacy policy is revised.

In addition, at least once every three years (beginning three years after the notice is first provided), employees must be informed in writing that the notice is available. In addition, the procedure for requesting a copy of the notice must be explained to employees. Alternatively, a group health plan may distribute a new notice every three years.

For your convenience, a sample copy of a model notice is included in this summary.

Compliance Quarterly is being provided as an informational tool. It is recommended that plans consult with their own experts or counsel to review all applicable federal and state legal requirements that may apply to their group health plan. By providing this publication and any attachments, Meritain Health is not exercising discretionary authority over the plan and is not assuming a plan fiduciary role, nor is Meritain Health providing legal advice.