The Health Insurance Portability and Accountability Act, or HIPAA, provides privacy procedures for personal health information.
Following these procedures, the Health Care Authority — including Medicaid, Public Employees Benefits Board (PEBB) Programs and the Uniform Medical Plan (UMP) — must protect health information collected about its members, applicants, and state employees and retirees, even after death. This includes written, spoken, and electronic information.
You can find more information on HIPAA at the U.S. Department of Health and Human Services' Office for Civil Rights website.
If you want the Health Care Authority (HCA) to release your information to someone (a relative, legislator, friend, etc.) you will need to sign an authorization form.
If you are a retiree receiving benefits from the Department of Retirement Systems (DRS), the PEBB Program may share your information with DRS to better serve you.
Notice of Privacy Practices
- Health Care Authority - Cambodian, Chinese, Korean, Laotian, Russian, Somali, Spanish, Vietnamese
- Health Care Authority and Healthplanfinder - Cambodian, Chinese, Korean, Laotian, Russian, Somali, Spanish, Vietnamese
- Uniform Medical Plan
Web Data Privacy Notice
Personal/protected information will not be used or disclosed to any person or entity who has no need to know it. Learn more.