Peter: If an agent certifies that he or she is "compliant" then it would suggest they understand that they know they cannot use/disclose PHI in the manner you suggest. We would also add language to their agreement with us, and use other means, such as documentation and/or training, to reinforce this requirement.
If the agent were to misuse PHI despite all of that, I feel safe in saying they will not be happy when we find out what they have done. Also, assume for the moment that the agent is our business associate and he/she does get an authorization. If the agent then uses/discloses PHI inappropriately, it is still a problem. Having an authorization is no greater protection than not having one in that situation. They are still our business associate and they have still acted inappropriately. We still have a responsibility for taking action if we learn of their misdeed. Ken Fody Independence Blue Cross -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Wednesday, March 27, 2002 3:36 PM To: Fody, Kenneth W.; [EMAIL PROTECTED] Subject: RE: Agent's Rights to PHI Ken, Granted that sometimes the agent is your employee and sometimes he is a business associate, how would you prevent him from using PHI for marketing purposes when he is not serving as an "extension of your member service department?" �In light of the proposed changes to Section 164.508, would you prohibit the agent from serving as a customer service agent without an authorization in place? Peter ************************************************ Peter B. Goldstein Cap Gemini Ernst & Young, US LLC 4610 South Ulster Street, Suite 600 Denver, Colorado �80237-4323 (303) 796-4148 (Direct) (413) 740-0512 (Facsimile) cap comm: 657 4653 [EMAIL PROTECTED] ************************************************ CONFIDENTIALITY NOTICE: This E-Mail is intended only for the use of the individual or entity to which it is addressed and may contain information that is privileged, confidential and exempt from disclosure under applicable law. If you have received this communication in error, please do not distribute and delete the original message. Please notify the sender by E-Mail at the address shown. Thank you for your compliance. ********************************************************************** To be removed from this list, go to: http://snip.wedi.org/unsubscribe.cfm?list=privacy and enter your email address.
