Section 3.26.680. Disclosure of nonpublic personal health information.

Latest version.

	(a)  Except as provided in (b) of this section or in 3 AAC 26.695(a), a licensee may not disclose nonpublic personal health information about a consumer unless authorization that complies with 3 AAC 26.685 is obtained from the consumer whose nonpublic personal health information the licensee seeks to disclose.  
	(b)  A licensee may disclose a consumer's nonpublic personal health information without obtaining authorization from the consumer if the disclosure is  
		(1) required by federal or state law or regulation or is otherwise allowed by law;  
		(2) in response to an order issued by a governmental regulatory authority with jurisdiction over a licensee for examination, investigation, compliance, or other purposes authorized by law;  
		(3) compelled by a subpoena, search warrant, or other order issued by a court or administrative agency of competent jurisdiction;  
		(4) for detection, investigation, or reporting of fraud, misrepresentation, or another violation of law;  
		(5) for the performance of the following insurance functions by or on behalf of the licensee:  
			(A) claims administration;  
			(B) claims adjustment or management;  
			(C) underwriting;  
			(D) policy placement or issuance;  
			(E) loss control;  
			(F) rate development;  
			(G) guaranty fund functions;  
			(H) reinsurance, stop-loss insurance, or excess loss insurance;  
			(I) risk management;  
			(J) case management;  
			(K) disease management;  
			(L) quality assurance or improvement;  
			(M) performance evaluation;  
			(N) verification of provider credentials;  
			(O) utilization review;  
			(P) peer review activities;  
			(Q) actuarial, scientific, medical, or public policy research;  
			(R) grievance procedures;  
			(S) internal administration of compliance, managerial, and information systems;  
			(T) policyholder service functions;  
			(U) auditing;  
			(V) reporting;  
			(W) database security;  
			(X) administration of consumer disputes and inquiries;  
			(Y) external accreditation standards;  
			(Z) replacement of a group benefit plan or workers' compensation policy or program;  
			(AA) activities in connection with the sale, merger, transfer, or exchange of all or part of a business or operating unit;  
		(6) required to enforce the licensee's rights or the rights of other licensees engaged in carrying out an insurance transaction or providing an insurance product or service that a consumer or customer requests or authorizes; or  
		(7) allowed without requiring authorization under 45 C.F.R. Parts 160 and 164.

Authorities

21.06.090;21.36.510;01.05.031;21.36.162;44.62.125

Notes

Reference

3 AAC 26.605
3 AAC 26.685
3 AAC 26.695
3 AAC 26.700
3 AAC 26.715

Authority
 AS 21.06.090  
AS 21.36.510  
Editor's note: In 2010 the revisor of statutes, acting under AS 01.05.031, renumbered former AS 21.36.162 as AS 21.36.510. As of Register 196 (January 2011), the regulations attorney made a conforming technical revision under AS 44.62.125(b)(6), to the authority citation that follows 3 AAC 26.680, so that the citation to former AS 21.36.162 now refers to the renumbered statute, AS 21.36.510.  
History Eff. 1/1/2005, Register 172

References

3.26.680

                    
                        var val = document.getElementById('citecontent').innerHTML;
                        art.dialog.defaults.title = window.location.href;
                        art.dialog.data('cite', val);
                        art.dialog.data('homeDemoPath', '/Scripts/plus/artDialog/');
                        art.dialog.open('/Scripts/plus/artDialog/citeiframe.html');