Trinity University Group Health Plan
Trinity University Flexible Benefit Plan
HIPAA Policy and Procedures

The Trinity University Group Health Plan and the component health plans of the Trinity University Flexible Benefit Plan (collectively referred to herein as the “Plan”) have adopted these HIPAA Policies and Procedures in order to implement its obligation to protect the privacy of certain health information that is created, received or maintained by the Plan. Many of these HIPAA Policies and Procedures are required under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) and its associated regulations, 45 CFR Parts 160 and 164 (the “Privacy Rule,” the “Security Rule,” or collectively, the “Rule”). These HIPAA Policies and Procedures are also adopted as a sound business practice which will protect the interests of the Plan’s enrollees.

Because the Plan does not have its own employees, the Plan generally conducts its business through business associates and through members of the Trinity University’s workforce. These HIPAA Policies and Procedures are being provided to you because you are one of the Workforce Members who will help the Plan conduct its business. You are obligated to follow these HIPAA Policies and Procedures faithfully. Failure to do so can result in disciplinary action, including termination of your employment. To the extent that these HIPAA Policies and Procedures call for actions to be taken by Trinity University, Trinity University has agreed to follow and comply with these HIPAA Policies and Procedures.

If you have questions about any use or disclosure of individually identifiable health information or about your other obligations under these HIPAA Policies and Procedures, under HIPAA, the Privacy Rule, the Security Rule, or other federal or state law, please consult the Privacy Officer.