top of page
young-business-people-meeting-office-teamwork-grou-2023-11-27-05-30-34-utc_edited.jpg

COMPLIANCE CORNER

Welcome to Apta Health's Compliance Corner, where transparency meets expertise in your new benefit program. We understand the evolving nature of compliance and how it can quickly become complex. At Apta Health, our commitment to transparency ensures that you receive accurate and actionable information. Our webpage serves as a reliable resource for groups and advisors, offering insights, updates, and solutions tailored to navigate new compliance laws effortlessly.

Health Plans Must Update HIPAA Policies for New Reproductive Health Care Rights

October 2024

Beginning Dec. 23, 2024, covered entities and their business associates must comply with stricter HIPAA privacy protections for reproductive health care. These new protections prohibit regulated entities from using or disclosing protected health information (PHI) related to lawful reproductive health care:

  • For a criminal, civil or administrative investigation into (or proceeding against) a person in connection with reproductive health care; or

  • To identify an individual, health care provider or other person for purposes related to such an investigation or proceeding.

In addition, regulated entities must obtain a valid attestation when a request is made to use or disclose PHI potentially related to reproductive health care for certain purposes to ensure that the use or disclosure is permissible.

Action Steps

Employers with self-insured health plans and employers with fully insured health plans that have access to PHI (other than certain limited types) should update their HIPAA policies and train affected members of their workforce on the new restrictions for PHI related to reproductive health care. Although the new privacy protections do not specifically require updates to business associate agreements, employers should review the terms of their agreements to determine if updates should be made.

In addition, the U.S. Department of Health and Human Services has provided a model attestation form that employer-sponsored health plans may use to ensure a requested use or disclosure of PHI complies with the new privacy protections. Health plans must also update their HIPAA privacy notices for the new privacy protections, although they have until Feb. 16, 2026, to make these updates. As soon as the new model notice becomes available, we will update applicable documents and communicate the change.  

Affected Health Plans

The new privacy protections impact:

  • Employers with self-insured health plans; and

  • Employers with fully insured health plans that have access to PHI (other than enrollment information, summary health information and information released pursuant to a HIPAA authorization) from their issuers.

The new privacy protections do not impact employers with fully insured health plans that do not have access to PHI (other than the limited types listed above).

Important Dates

Dec. 23, 2024

Regulated entities must comply with the new privacy restrictions for reproductive health care and begin using the model attestation form when applicable.

 

Feb. 16, 2026

Covered entities must update their HIPAA notice of privacy practices for the new requirements. 

apta health

Apta Health is an award-winning, independently validated, guided healthcare program designed especially for mid-market employers. As the first program of its kind, Apta Health offers guidance, empathy, and cost savings to members & employers.

LinkedIn

Youtube

11755 E Peakview Ave

Suite 250

Englewood, CO 80111

info@apta-health.com

+1 (800) 839-7124

Accreditation

Privacy Policy

Careers

© Copyright 2022 Apta Health. All rights reserved.

BAN Conference

bottom of page