HIPAA Notice of Privacy Practices


Summary

Group health plans can use this template to satisfy the Health Insurance Portability and Accountability Act (HIPAA) requirement for covered entities to provide individuals with a Notice of Privacy Practices (NPP) that complies with HIPAA Privacy Rule regulations. This template contains practical guidance, drafting notes, and an optional clause. HIPAA generally provides that an individual has a right to adequate notice of the uses and disclosures that a HIPAA covered entity may make of the individual's protected health information (PHI) and of the individual's rights and the covered entity's legal duties regarding PHI. For covered entities that are group health plans, the responsibility for providing the notice is borne by: • Self-funded or fully insured group health plans where the plan creates or receives PHI –and/or– • Insurers issuing the coverage for an insured plan See 45 C.F.R. § 164.520(a)(2)(ii). The insurer is solely responsible if a fully insured plan does not create or ...