Non-PHI data that LVM collects is used to provide products and services to our clients, for billing purposes, for statistical analysis, and for identifying opportunities for improved or additional product offerings.
LVM may process or transform PHI in compliance with the contractual terms defining a business relationship between LVM and a covered entity or in response to a request from a covered entity. LVM will make every effort to maintain the integrity of the data within the bounds of such contract or request.
LVM may release PHI in compliance with the contractual terms defining a business relationship between LVM and a covered entity customer or in response to a request from an individual or entity as allowed by state or federal law.
When using, or disclosing PHI internally or with third-party vendors, LVM and LVM’s team members shall make reasonable efforts to limit the sharing of PHI based on the Need to Know Principle. Uses or disclosures that involve more than the minimum necessary information may qualify as breaches.
LVM enters into business associate contract relationships with covered entity customers as required by the HIPAA Privacy and Security Rules.
Business Associate contracts with covered entity customers require that LVM make available protected health information in accordance with § 164.524; make available protected health information for amendment and incorporate any amendments to protected health information in accordance with § 164.526; and make available the information required to provide an accounting of disclosures in accordance with § 164.528.