<<Prev Rule

Texas Administrative Code

Next Rule>>
RULE §22.57Exceptions

(a) A covered entity may disclose, without an authorization, nonpublic personal health information to the extent that the disclosure is necessary to perform the following insurance functions or legally required activity on behalf of that covered entity:

  (1) the investigation or reporting of actual or potential fraud, misrepresentation, or criminal activity;

  (2) underwriting;

  (3) the placement or issuance of an insurance product;

  (4) loss control services;

  (5) ratemaking and guaranty fund functions;

  (6) reinsurance and excess loss insurance;

  (7) risk management;

  (8) case management;

  (9) disease management;

  (10) quality assurance;

  (11) quality improvement;

  (12) performance evaluation;

  (13) health care provider credentialing verification;

  (14) utilization review;

  (15) peer review activities;

  (16) actuarial, scientific, medical, or public policy research;

  (17) grievance procedures;

  (18) the internal administration of compliance, managerial, and information systems;

  (19) policyholder services;

  (20) auditing;

  (21) reporting;

  (22) database security;

  (23) the administration of consumer disputes and inquiries;

  (24) external accreditation standards;

  (25) the replacement of a group benefit plan or workers' compensation policy or program;

  (26) activities in connection with a sale, merger, transfer, or exchange of all or part of a business or operating unit;

  (27) any activity that permits disclosure without authorization under the federal Health Insurance Portability and Accountability Act of 1996 (42 U.S.C. Section 1320d et seq.), as amended;

  (28) disclosure that is required, or is a lawful or appropriate method, to enforce the covered entity's rights or the rights of other persons engaged in carrying out a transaction or providing an insurance product or service that the consumer requests or authorizes;

  (29) claims administration, adjustment, and management;

  (30) any activity otherwise permitted by law, required pursuant to a governmental reporting authority, or required to comply with legal process; and

  (31) any other insurance functions that the commissioner approves that are:

    (A) necessary for appropriate performance of insurance functions; and

    (B) fair and reasonable to the interests of consumers.

(b) A disclosure for marketing purposes shall not be considered to be an insurance function or any other type of activity that constitutes an exception under this section.

Source Note: The provisions of this §22.57 adopted to be effective September 1, 2002, 27 TexReg 6504

Link to Texas Secretary of State Home Page | link to Texas Register home page | link to Texas Administrative Code home page | link to Open Meetings home page