Protections from Disclosure of Medical Information
The Program is required by law to maintain the privacy and security of your personally identifiable health information. Although the Program and BBA may use aggregate information it collects to design a program based on identified health risks in the workplace, the Program (including any service providers who administer the Program on BBA’s behalf) will never disclose any of your personal information either publicly or to your employer, except as necessary to respond to a request from you for a reasonable accommodation needed to participate in the Program, or as expressly permitted by law. Medical information that personally identifies you that is provided in connection with the Program will not be provided to your supervisors or managers and may never be used to make decisions regarding your employment.
Your health information will not be sold, exchanged, transferred, or otherwise disclosed except to the extent permitted by law to carry out specific activities related to the Program, and you will not be asked or required to waive the confidentiality of your health information as a condition of participating in the Program or receiving an incentive. Anyone who receives your information for purposes of providing you services as part of the Program will abide by the same confidentiality requirements. The only individuals who will receive your personally identifiable health information is Actuarial Consulting Services, Inc. (the service provider that administers the Program) and the medical professionals that provide you with services under the Program.
All medical information obtained through the Program will be maintained separate from your personnel records, and no information you provide as part of the Program will be used in making any employment decision. In addition, all medical information, including any medical information that is stored electronically, will be protected in accordance with all applicable federal and state privacy laws, including the HIPAA privacy and security rules. Although no one can prevent all cyber-attacks, Actuarial Consulting Services, Inc. has an information security program consisting of people, process and technology, including encryption and monitoring tools designed to protect electronic information. Appropriate precautions will be taken to avoid any data breach, and in the event a data breach occurs involving information you provide in connection with the Program, you will be notified as required by law.
You may not be discriminated against in employment because of the medical information you provide as part of participating in the Program, nor may you be subjected to retaliation if you choose not to participate.
If you have questions or concerns regarding this notice, or about protections against discrimination and retaliation, please contact your local HR Representative.