Skip to content

400.63 HIPAA – Breach of Privacy Policy

The Privacy Officer is responsible for investigating all reported incidents of alleged violation of health information privacy, regardless of source or severity. The Privacy Officer will maintain a Privacy Incident File and produce a monthly report summarizing the status of every open file regarding alleged violation of protected health information (PHI) privacy regardless of discovering source.

Documentation of all reported incidents will be maintained.

In the event of a reported violation of PHI privacy, the order of escalation will be:

  1. The Privacy Officer
  2. The fiduciary or senior officer of the health plan or sponsoring organization.

All employees will report a breach of information privacy to the Privacy Officer should they become aware of such a breach. Full cooperation with all state, federal, or professional investigating bodies will be followed.

Violation of these policies can carry serious consequences for the health plan. Disciplinary actions for anyone violating this policy may include suspension without pay or termination.

Privacy Officer:
Jessica Dirks
Chief Officer of Human Resources & Legal Affairs
306 SW School Street
Ankeny, Iowa 50023
515-965-9600

Adopted:
June 21, 2010

Reviewed:
March 23, 2015
March 25, 2019
June 20, 2021

Revised:
March 23, 2015
March 25, 2019
July 6, 2021