Horizon is committed to protecting the confidential, proprietary and private information that our members, and employees share with us. Various federal and state laws and regulations including the Health Insurance Portability and Accountability Act (HIPAA) govern Horizon’s use and disclosure of members’ private information. Horizon is not allowed to access, use or disclose private Information unless it is for a legitimate business need and to perform an appropriate business function. Horizon is committed to an effective compliance program and maintains privacy policies and procedures and training programs relative to the use and disclosure of its members’ private information.
Horizon has in place appropriate administrative, technical and physical safeguards to protect the privacy of its members’ private Information and to reasonably attempt to prevent any intentional or unintentional use or disclosure of Private Information in violation of Horizon’s privacy policies and procedures or other applicable state or federal law. Safeguards may include but are not limited to:
- Shredding documents containing private Information prior to disposal.
- Securing all electronic and paper files against unauthorized use and disclosure.
- Securing cabinets, drawers and rooms that house Private Information.
- Ensuring when emailing private Information to confirm the correct recipient.
- Using Secure Blue button to encrypt emails when sending private Information outside the Company.
- Ensuring all proper agreements are in place when sharing private Information with a third party.
- Never taking photographs in the workplace.
- Never sharing passwords with colleagues.
- Never using or disclosing more than the minimum necessary information.
- All users who gain access to information assets shall be uniquely identified and properly authenticated.
- Placing laptops in areas not accessible to the general public or in high-traffic areas; shielding computer screens so that information is not viewable by others nearby.
- Making certain that laptops are secured after-hours either in a locked cabinet or with the employee.
- Using secured methods of electronically transmitting private Information such as data encryption.
In addition, all new and existing employees will be trained on Horizon’s HIPAA privacy policies and procedures and applicable state and federal privacy law.
All privacy policies and procedures are maintained and reviewed at least annually by Horizon’s Privacy Officer and are available to all employees through On-Line Information (OLI).
NJAC 11:24-7.1, NJAC 11:24A-3.8.
45 CFR Part 92: Nondiscrimination in Health Programs and Activities; Final Rule
NCQA – Current Standards and Guidelines for the Accreditation of Health Plans