Terms of Use
 First Script Network Services

Protecting the Privacy of Patients’ Health Information

First Script Network Services and Coventry Workers’ Comp Services

First Script Network Services is a wholly owned subsidiary of Coventry Health Care Workers Compensation, Inc. ("Coventry Workers’ Comp Services"), the comprehensive outsourcing solution for containing healthcare and disability costs.  Serving the occupational healthcare market, Coventry Workers’ Comp Services provides employers, insurers and payers with a variety of integrated healthcare services.  These services include occupational healthcare, in-network and out-of-network medical claims review and re-pricing, access to specialized preferred provider organizations, case management and other cost containment services.

1. INFORMATION REQUIRED TO BE PROTECTED.

The privacy of all medical records and other individually identifiable health information must be protected at all times.  Information relating to a patient's health care history, diagnosis, condition, treatment, or evaluation shall be considered individually identifiable health information.  Confidentiality of this health information must be maintained at all times, and may only be disclosed with the express written consent of the patient.

Non-individually identifiable health information, (e.g. health information that cannot be linked to a specific patient) is not included within the definition of protected health information.

2. BOUNDARIES ON HEALTH INFORMATION USE AND RELEASE.

An individual's health information can be used for health purposes only.

  1. Protect individually identifiable health information.  Coventry Workers’ Comp Services shall not publish or otherwise make generally available any information or data that identifies a patient for purposes other than treatment, payment or other health care operations, without his or her express written consent.  This does not restrict the internal use of such information or data that is required in the performance of the scope of work that Coventry Workers’ Comp Services has been engaged to perform for a client.  Coventry Workers’ Comp Services also maintains physical, electronic, and procedural safeguards to protect individually identifiable health information.  Coventry Workers’ Comp Services assesses those safeguards and expects to make ongoing improvements to maintain and enhance our level of security for individually identifiable health information.
  2. Ensure that health information is not used for non-health purposes.  Patient information can be used or disclosed only for purposes of health care treatment, payment, and operations.  Health information cannot be used for purposes not related to health care without explicit authorization from the patient.  For example, Coventry Workers’ Comp Services may not access the personal health information obtained by a Coventry Workers’ Comp Services affiliate for any purpose other than to perform the services for which we were engaged, unless Coventry Workers’ Comp Services first obtains the explicit authorization of the patient.
  3. Maintain health information in a manner to protect confidentiality.  All individually identifiable health information shall be maintained by Coventry Workers’ Comp Services in a confidential manner that prevents unauthorized or inadvertent disclosure to third parties.  For example, Coventry Workers’ Comp Services may share confidential information with a third party under contract or affiliated with Coventry Workers’ Comp Services for the same purpose of performing the services for which we were engaged, provided that the information shall remain confidential at all times and shall be shared with only those persons that have authority to receive such information.

Penalties For Misuse Of Personal Health Information

There are serious penalties for violation of the confidentiality of health information.  Please be advised of the following:

  1. State Penalties.  Various state laws impose criminal and civil penalties on individuals who misuse or disclose individually identifiable health information without explicit consent by the patient.
  2. Federal Penalties.  HIPAA (Health Insurance Portability and Accountability Act) is a piece of federal legislation that directly addresses the protection of confidential health information.  This law is being phased in over a two-year period.  Once effective, HIPAA will provide for civil money penalties up to $25,000 per person, per year for violations of patient confidentiality.  HIPAA also provides for federal criminal penalties.
  3. Coventry Workers’ Comp Services Penalties.  Any employee who violates the privacy and confidentiality of patient health information, through disclosure or otherwise, may be subject to disciplinary action, including termination of his or her employment with Coventry Workers’ Comp Services.

If you have questions about this information, please contact Coventry Workers’ Comp Services Privacy and Security Compliance Office at 615-778-4290.