Leland
Smith Insurance Services
Privacy Policy Notice
We do not sell your information to anyone.
Title V of the Gramm-Leach-Bliley Act (GLBA) and the laws of the State(s)
of Ohio and Indiana, generally prohibit us from sharing nonpublic personal
information about you with a third party unless we provide you with
this notice of our privacy policies and practices describing the type
of information that we collect about you and the categories of persons
or entities to whom that information may be disclosed. In compliance
with the GLBA and applicable State laws, we are providing you with
this document, which notifies you of the privacy policies and practices
of Leland Smith Insurance Services., referred to in the rest of this
document as "LSIS".
OUR PRIVACY POLICIES AND PRACTICES
1. Information we collect:
A. Categories of Information Collected and Sources from Which We Collect
It.
We collect nonpublic personal information about you from the following
sources: Information we receive from you on applications other forms.
Information about your transactions with us, our affiliates or others.
Information we receive from a consumer reporting agency. Information
we receive from medical records or medical professionals.
B. Persons From Whom Information is Collected
We may collect nonpublic personal information from individuals other
than those proposed for coverage.
C. Information From Credit Reports or Investigative Consumer Reports
We may obtain information about you from credit reports or other investigative
consumer reports prepared by third parties at our request. You have
the right to request to be interviewed in connection with the preparation
of such a report. Upon request, you are entitled to receive a copy
of the report. The information obtained from the report prepared by
the third party may be retained by the third party and disclosed to
other persons.
2. Information we may disclose to third parties:
In the course of our general business practices, we may disclose the
information that we collect (as described above) about you or others
without your permission to the following types of institutions for
the reasons described:
To a third party if the disclosure will enable that party to perform
a business, professional or insurance related function for us;
To an insurance institution, agent, or credit reporting agency in order
to detect or prevent criminal activity, fraud or misrepresentation in
connection with an insurance transaction;
To a lending institution in connection with liens against property that
you insure with us;
To an insurance institution, agent, or credit reporting agency for either
this agency or the entity to whom we disclose the information to perform
a function in connection with an insurance transaction involving you;
To a medical care institution or medical professional in order to verify
coverage or benefits, inform you of a medical problem of which you may
not be aware, facilitate the payment of a claim, or conduct an audit
that would enable us to verify treatment;
To an insurance regulatory authority, law enforcement, or other governmental
authority in order to protect our interests in preventing or prosecuting
fraud, or if we believe that you have conducted illegal activities;
To a group policyholder for the purpose of reporting claims experience
or conducting an audit of our operations or services;
In addition to those circumstances listed above, and unless you tell
us not to, we may disclose certain information about you to third parties
whose only use of the information will be for purposes of marketing a
product or service. Under no circumstances will we disclose for marketing
purposes any medical information; information relating to a claim for
benefit or, a civil or criminal proceeding involving you; or personal
information relating to your character, personal habits, mode of living
or general reputation.
3. Third parties with whom we share certain information protected by
the Fair Credit Reporting Act, unless you tell us not to:
A: Information we obtain from your insurance application, such as your
income or your marital status; Information we obtain from a consumer
report, such your credit score or credit history; Information we obtain
from a person regarding its employment, credit, or other relationship
with you, such as your employment history.
B. Third party companies who may receive this information are:
Financial service providers, such as: insurance companies, investment
brokerage companies.
C. If you prefer that we not share this information with third party
companies, you may direct us not to share this information by doing the
following:
Call us toll free at 800-934-3490 or
E-mail us at privacy@lelandsmith.com or
Complete our opt out form
4. Your right to access and amend your personal information:
You have the right to request access to the personal information that
we record about you. Your right includes the right to know the source
of the information and the identity of the persons, institutions or
types of institutions to whom we have disclosed such information within
2 years prior to your request. Your right includes the right to view
such information and copy it in person, or request that a copy of it
be sent to you by mail (for which we may charge you a reasonable fee
to cover our costs). Your right also includes the right to request
corrections, amendments or deletions of any information in our possession.
The procedures that you must follow to request access to or an amendment
of your information are as follows:
To obtain access to your information:
You should submit a request in writing to: Randy D. Myers, Leland Smith
Insurance Services, 1175 Westwood Dr, Ste 200, Van Wert, OH 45891.
The request should include your name, address, social security number,
telephone number, and the recorded information to which you would like
access. The request should state whether you would like access in person
or a copy of the information sent to you by mail. Upon receipt of your
request, we will contact you within 30 business days to arrange providing
you with access in person or the copies that you have requested.
To correct, amend, or delete any of your information:
You should submit a request in writing to: Randy D. Myers, Leland Smith
Insurance Services, 1175 Westwood Dr, Ste 200, Van Wert, OH 45891.
The request should include your name, address, social security number,
telephone number, the specific information in dispute, and the identity
of document or record that contains the disputed information. Upon
receipt of your request, we will contact you within 30 business days
to notify you either that we have made the correction, amendment or
deletion, or that we refuse to do so and the reasons for the refusal,
which you will have an opportunity to challenge.
5. Our practices regarding information confidentiality and security:
We restrict access to nonpublic personal information about you to those
employees who need to know that information in order to provide products
or services to you. We maintain physical, electronic, and procedural
safeguards that comply with federal regulations to guard your nonpublic
personal information.
6. Our policy regarding dispute resolution:
Any controversy or claim arising out of or relating to our privacy policy,
or the breach thereof, shall be settled by arbitration in accordance
with the rules of the American Arbitration Association, and judgment
upon the award rendered by the arbitrator(s) may be entered in any
court having jurisdiction thereof.
7. Reservation of the right to disclose information in unforeseen circumstances:
In connection with the potential sale or transfer of its interests, LSIS
and its affiliates reserves the right to sell or transfer your information
(including but not limited to your address, name, age, sex, zip code,
state and country of residency and other information that you provide
through other communications) to a third party entity that (1) concentrates
its business in a similar practice or service; (2) agrees to be LSIS's
successor in interest with regard to the maintenance and protection
of the information collected; and (3) agrees to the obligations of
this privacy statement.
THE REMAINDER OF THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT
YOU MAY BE USED AND DISCLOSED AND HOW TO OBTAIN ACCESS TO THIS INFORMATION.
PLEASE REVIEW IT CAREFULLY.
1. Statement of Our Duties
We are required by the Health Insurance Portability and Accountability
Act of 1996 to maintain the privacy of your personal health information
and to provide you with this notice of our privacy practices and legal
duties. We are required to abide by the terms of this notice. We reserve
the right to change the terms of this notice and to make any new provisions
effective to all of the personal health information that we maintain
about you. If we revise this notice, we will provide you with a revised
notice in the following manner via US Mail or through your employer.
2. Statement of Your Rights
You have a right to know how we may use or disclose your personal health
information. This notice informs you of those uses and disclosures.
There are certain uses and disclosures of your personal health information
that we are permitted or required to make by law without your permission.
For all other uses and disclosures, we first must obtain your permission.
In addition, you have the following rights:
(a) The right to request that we place additional restrictions on our
uses and disclosures of your personal health information (beyond what
the law requires), but we are not obligated to agree to any such additional
restrictions. (b) The right to access, inspect and copy the protected
information pertaining to you that we maintain in our files about you,
and the right to have us correct or amend any information that we create
in error. (c) The right to receive an accounting of the disclosures of
your personal health information that we make for purposes other than
activities related to your treatment, or our payment functions or other
health care operations. (d) The right to request that you receive communications
of personal health information in a confidential manner.
3. Permissible Uses and Disclosures of Protected Health Information
(a) Payment Functions. We may use or disclose your health information
without your permission to carry out activities relating to reimbursing
you for the provision of health care, obtaining premiums, determining
coverage, and providing benefits under the policy of insurance that
you are purchasing. For example, payment functions may include (but
are not limited to) reviewing health care services with respect to
medical necessity, coverage under the policy, appropriateness of care,
or justification of charges.
(b) Health Care Operations. We also may use or disclose your protected
health information without your permission to carry out certain insurance-related
activities. These activities include using your protected information
for underwriting, premium rating, or other activities relating to the
creation, renewal or replacement of another contract of health insurance,
and ceding, securing, or placing a contract for reinsurance of risk relating
to claims for health care.
(c) Uses Permitted/Required By Law. We also may use or disclose your
protected health information without your written permission for purposes
permitted or required by law.
(d) Authorized Uses. All other uses or disclosures of your protected
health information will be made only with your written permission, and
any permission that you give us may be revoked by you at any time.
4. Complaints About Misuse of Health Information
You may complain either directly to us or to the Secretary of Health
and Human Services if you believe that your rights with respect to
our protection of your health information have been violated. To file
a complaint with us, you may file a complaint with us in writing. The
request should include your name, address, social security number,
and telephone number. You must include specific information regarding
the violation including the names of the individuals and/or companies
involved as well as the date(s) of the event(s). You will not be retaliated
against in any way for filing a complaint.
5. Contact Person for Filing Complaint or Obtaining Further Information
Randy Myers, Leland Smith Insurance Services, 1175 Westwood Dr, Ste 200,
Van Wert, OH 45891.
FEDERALLY-FACILIATED INDIVIDUAL MARKETPLACE
PROTECTED HEALTH INFORMATION (PHI) PRIVACY NOTICE
OBLIGATIONS AND ACTIVITIES OF PRODUCER
Producer shall:
A. Not use or disclose PHI (PHI) other than as permitted or required by law; Except as otherwise limited, the producer may use or disclose PHI to perform functions, activities, or services for, or on behalf of the covered entity, provided that each use or disclosure would not violate the Privacy Rule. The producer must obtain reasonable assurances from any person to whom the information is disclosed that it will remain confidential and used or further disclosed only as Required By Law or for the purpose for which it was disclosed to the person, and the person notifies the producer of any instances of which it is aware in which the confidentiality of the information has been breached.
B. Use appropriate safeguards to prevent use or disclosure of PHI other than as permitted or required by law. The producer shall implement administrative, physical and technical safeguards that reasonably and appropriately protect the confidentiality, integrity, and availability of Electronic PHI (e-PHI) that it creates, receives, maintains or transmits on behalf of the consumer.
C. Report to the covered entity immediately any use or disclosure of PHI not permitted or required by law of which it becomes aware, including breaches of unsecured PHI as required at 45 CFR 164.410, and any security incident of which it becomes aware.
D. Notify the covered entity of a Breach of Unsecured PHI within 24 hours of the discovery of such Breach, followed by a report in writing, except where a law enforcement official determines that a notification would impede a criminal investigation or cause damage to national security. The producer’s written notification to the covered entity hereunder shall:
1. Be made to the covered entity within 48 hours of the initial oral report, and
2. Include the individual whose Unsecured PHI has been, or is reasonably believed to have been, the subject of a Breach.
E. In the event of an unauthorized use or disclosure of PHI or a Breach of unsecured PHI, the producer shall mitigate to the extent practicable any harmful effects of said disclosure that are known to it;
F. In accordance with 45 CFR 164.502(e)(l)(ii) and 164.308(b)(2), if applicable, ensure that any subcontractors that create, receive, maintain, or transmit PHI on behalf of the producer agree to the same restrictions, conditions, and requirements that apply to the producer with respect to such information;
G. Within 7 days of request, make available PHI in a Designated Record Set to the covered entity as necessary to satisfy the covered entity's obligations under 45 CFR 164.524;
H. Make any amendment to PHI in a Designated Record Set as directed or agreed to by the covered entity pursuant to 45 CFR 164.526, or take other measures as necessary to satisfy the covered entity's obligations under 45 CFR 164.526;
I. Maintain and make available, within 7 days after a request for such information, the information required to provide an accounting of disclosures to the covered entity as necessary to satisfy the covered entity 's obligations under 45 CFR 164.528;
J. To the extent the producer is to carry out one or more of the covered entity's obligation(s) under Subpart E of 45 CFR Part 164, comply with the requirements of Subpart E that apply to the covered entity in the performance of such obligation(s);
K. With respect to any use, disclosure or request for PHI described in 45 CFR 502(b)(l), the producer shall limit the PHI to the extent practicable to the limited data set as defined in 45 CFR 164.514(e)(2) or, if needed, to the minimum necessary to accomplish the intended purpose of such use, disclosure or request;
L. Make its internal practices, books, and records available to the covered entity for purposes of determining compliance with the HIPAA Rules; and
M. The producer shall be directly responsible for full compliance with the relevant requirements of the Privacy Rule to the same extent as the covered entity.