Coral is privileged to be the platform of choice for so many direct contract episodes of care. We value the trust placed in us and we are committed to maintaining your trust and confidence in our products and services. This notice describes the privacy practices of Coral LLC and our commitment to protecting the privacy and security of your personal and protected health information.
For care navigators, providers and Coral support staff to deliver the best possible care, for a fair price, it is necessary for Coral LLC, to receive and/or disclose personal and protected health information. Coral LLC, may disclose such information to employers, plan sponsors, health care providers, other health plans, insurers, service providers and/or business associates as may be necessary to ensure quality of care, outcomes, treatment, payment and all associated health care operations.
The information Coral LLC, may receive and/or disclose may include but may not be limited to your name, Social Security Number, address, email address, date of birth, telephone number, marital status, gender, dependent information, account balances, payment history, medical records, claim information and employment information.
Coral LLC, may also collect information when you access our website. We may collect information on the number of pages visited, the date of the visit, the sections of the website visited, forms filled out, the name of the domain used to access the website, among other things. This information will be used to improve the experience of the website and provide better customer service. This information will not be available to anyone other than Coral LLC, and its internet service provider.
If you’re a patient, using a form on Coral.io, this information will be sent to our partner care navigators. They will use this to find a provider, communicate your needs, and get your appointment scheduled, as well as issue a voucher, and work towards getting the provider paid. Partners of Coral, are not permitted to use your data for anything except the treatment of care, and reporting to your employer the key data points to demonstrate efficacy of their healthcare program.
Health Insurance Portability and Accountability Act of 1996
The Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), in part, establishes standards for healthcare privacy and security. Although Coral LLC, is not subject to HIPAA privacy and security requirements as a Covered Entity, we do receive protected health information from, and on behalf of, our clients that are Covered Entities. Coral LLC, is committed to protecting the privacy and security of personal and protected health information in a manner that is consistent with our clients’ legal obligations. Coral LLC, has developed a privacy and security compliance program for our personnel that takes into account HIPAA privacy and security standards and reasonable industry practices.
Coral LLC, understands that storing and transmitting data in a secure manner is essential. Coral LLC, stores your personal and protected health information using industry standard physical, technical and administrative safeguards to secure data against foreseeable risks, such as unauthorized use, access, disclosure, destruction and modification.
The Coral LLC, Commitment
Coral LLC, will safeguard, according to strict standards of security and confidentiality, any information shared with us. We will limit the collection and use of information to the minimal amount necessary. We will permit only authorized employees, who are trained in the proper handling of personal information, to have access to that information. We use physical, electronic, procedural and computer access controls. We will not share personal and protected health information for any purpose other than the administration and legal requirements of a health plan, contracted care navigation company, or provider including but not limited to the sharing of information necessary to effectuate treatment, payment and health care operations as permitted under HIPAA.
Disclosure of Your Information In certain circumstances Coral LLC, may be required by law to obtain a written authorization from you in order to disclose personal and protected health information. However, in order to effectively process claims and provide other services on behalf of our clients, it is necessary and appropriate for Coral LLC, to disclose your personal and protected health information without a written authorization. Coral LLC, may make such disclosures for purposes of treatment, payment, and health care operations which may include but may not necessarily be limited to the following disclosures:
We may disclose personal and protected health information to a medical care institution and/or medical professional.
We may disclose personal and protected health information to service providers.
We may disclose personal and protected health information to business associates of your health plan or subcontracted business associates of Coral LLC,
We may disclose personal and protected health information reasonably necessary to assist in detecting or preventing criminal activity, fraud, misrepresentation or nondisclosure as it relates to a health plan.
We may disclose personal and protected health information to another person or entity in order to ensure the administration of your health care, by your health plan or for purposes of allowing the other person or entity to administer a health benefit plan including, but not limited to coordinating benefits.
We may disclose personal and protected health information to an insurance regulatory authority, to an insurance commissioner, law enforcement or other governmental authority as required or permitted by law.
We may disclose personal and protected and health information to comply with any law or legal process to which we are subject, including an administrative or judicial order, search warrant, subpoena or lawful discovery request.
We may disclose personal and protected health information to a professional peer review organization for the purpose of reviewing the service or conduct of a medical care institution or a medical care professional.
We may disclose personal and protected health information for the purpose of conducting an audit.
We may disclose personal and protected health information to a person or entity engaged to provide services to enable Coral LLC, to perform a service or claim administration function.