Corporate Strategies, Inc.
Insurance & Financial Services
Privacy Policies & Procedures
These privacy policies and procedures represent our obligation as an insurance office to protect the “nonpublic personal information” that we create, receive or maintain on all clients.
1. Purpose for Policy
Corporate Strategies Insurance & Financial Services, Inc. and My Paperless HR, dba CorpStrat, dba CorpStratHR places a high value on the privacy of its clients (“Clients”) and the expectation that information regarding Clients remains confidential and is made available only to persons who have a legitimate right to know. In addition, Corporate Strategies Insurance & Financial Services, Inc. and My Paperless HR, dba CorpStrat, dba CorpStratHR is contractually obligated to comply with the privacy and security provisions of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). Corporate Strategies Insurance & Financial Services, Inc. and My Paperless HR, dba CorpStrat, dba CorpStratHR recognizes that all employees and temporary workers (“Employees”), as well as outside contractors, have an ethical and legal obligation to keep certain information about Clients confidential and to protect and safeguard this information against unauthorized use or disclosure.
The following section outlines the basic procedures necessary to comply with this policy.
Disclosure of Information
Access to Information
Security of PHI
Breach of Confidentiality
Medical records, applications, census files, or any other paper-based document containing PHI
Paper-based PHI should be placed in a sealed recycle bin for destruction or destroyed by shredding. Electronic copies stored in the Corporate Strategies Insurance & Financial Services, Inc. and My Paperless HR, dba CorpStrat, dba CorpStratHR Document Management System will be password protected using encryption procedures.
Computer hard drives, disks, e-mails and electronic files
The IT staff will remove the hard drive from each computer or laptop that is scheduled for disposal. These hard drives will be physically secured until they are destroyed or recycled. Computers that will be reused must cleared or purged to remove PHI. Disks should be destroyed or re-formatted. E-mails and electronic files should be purged from the system after use. Employees needing assistance in disposing of electronic files should contact a member of our IT staff.