Garnett-Powers & Associates Insurance Services, Inc. (GPA) has procedures in place to comply with the 2013 HIPAA Privacy and Security laws We are committed to maintaining the highest level of confidentiality with all of the information we receive from our clients, their affiliates and employees. The privacy of your nonpublic personal and health information is a top priority and has always been handled with the strictest confidence. This information is only shared if the law allows.

Personal and health information (PHI) includes both medical information and individually identifiable information, such as your name, address, telephone number and social security number. The following notice describes our policies and practices with regard to collecting and disclosing nonpublic personal information about our customers and former customers.

Since we collect certain types of information when you visit our website and at the time when our online services are used, we believe that it is important to let you know what information is collected, how the collected information is used and protected.

Confidentiality and Security of your Personal and Health Information

We maintain appropriate physical, electronic and procedural safeguards to maintain the confidentiality and security of your nonpublic personal information contained in our records. We restrict access to nonpublic personal information about you contained in our records to our employees, approved affiliates and business associates who need to know that information to provide products or services to you. Our business associates are held to the same confidentiality standards. All personal information or other confidential information must be used and disclosed in a manner consistent with applicable Federal and State laws and regulations.

When we use the term “personal information,” we mean information that identifies you as an individual, such as your name and Social Security Number, as well as financial, health and other information about you that is nonpublic, and that we obtain so we can provide you with insurance and financial services. By “health information,” we mean information that identifies you and relates to your medical history (i.e., the healthcare you receive or the amounts paid for that care).

Non-public financial information includes confidential information of a financial nature that is shared with GPA in the course of providing products and services to current, prospective or prior clients. This information is not otherwise available to the public and includes but is not limited to the following: policy information, and any other data financial in nature.

Categories of Information that We Collect

We collect nonpublic personal information about you from the following sources:

  • Information that we receive from you on applications and other forms, both online using our website and paper forms, as well as orally
  • Information about your transactions with our affiliates, others or us
  • Information that we receive when you visit us through the Internet

The information we collect is limited to the data elements on the appropriate forms. In the course of conducting our business we may share information you provide to us as required by law. In certain situations, and in no event contrary to applicable State or Federal policy, we would share information about you to: 1) our affiliates in order to provide a service to you; 2) a third party if reasonably necessary to enable them to perform services for us such as claims inquiries or the detection of fraud or material representations; 3) governmental authorities; 4) persons or organizations conducting legitimate audits.

Credit and debit card information provided online cannot be accessed or stored by GPA.

GPA does not use, disclose, sell or transfer any personal information without consent unless required or permitted by law or regulation. In cases of permitted disclosure, we will disclose information in compliance with applicable laws and regulations and will require the recipient to protect the information and use it only for the purpose provided.

Categories of Parties to Whom we may Disclose Information

We may disclose nonpublic PHI about you to our affiliates, agents and/or business associates. We may also disclose nonpublic PHI about you to nonaffiliated third parties as permitted or required by law.

Accuracy of your Non-Public Personal and Health Information

We strive to maintain the accuracy of your information. In order to help us maintain accuracy, you have the right to reasonably access your information. If you believe any of your information in our possession is inaccurate, you may request that we amend, correct or delete information you believe to be erroneous. If we concur with your conclusion, we will amend, correct or delete the information in question.

Use of Email

Email messages sent in clear text over the public Internet can be observed by an unintended third party. Non-encrypted Internet email communications may be accessed and viewed by other internet users without your knowledge and permission while in transit to us. For that reason, to protect your privacy, please do not use email to communicate information to us that you consider confidential. If you wish, you may contact us instead by telephone at the numbers provided at various locations on our websites.

Should you send us your questions, comments or information via email to any mailbox provided by our company, we will share your correspondence with our Customer Care representatives and those authorized employees, agents of our affiliates and/or business associates most capable of addressing your questions and concerns. We will retain your communications until we have done our very best to provide you with a complete and satisfactory response. Ultimately, we will either safely discard your communication, or in some cases keep it for future reference. Your email address will not be retained for secondary purposes.

Electronic Enrollment Forms

Some companies and educational institutions may require that we maintain records of their enrollment applications that will be submitted to insurance carriers. In some instances, it may be necessary to transmit either non-public personal health information or public PHI acquired from the enrollment application to our authorized agents, affiliates and/or business associates for the sole purpose of such agents providing services and products to you. When this is the case, the enrollment applications are electronically transmitted from our website to a secure site maintained and only accessible by GPA employees allowed to access and transfer such information. We will retain these records for the period of time that is deemed ‘active’ for that enrollment application, or as required by State or Federal law.

Links to Other Sites

We may provide links to other websites not owned or controlled by us that we think might be useful or of interest to you. We cannot however be responsible for the privacy practices used by other website owners or the content or accuracy of those other websites. Links to other websites do not constitute or imply endorsement by us of the websites, any products or services described on these sites or any other material contained in them. Contact those websites for their individual privacy policies.

Changes to our Notice of Privacy Policy and Insurance Information Practices

We may change this statement from time to time; when updates are made, the privacy policy version date (located at the bottom of this policy) will also be updated to reflect that a revision occurred. We encourage you to periodically reread this policy to see if there have been any changes that may affect you. This statement is not intended to and does not create any contractual or other legal rights in or on behalf of any party.

Last revision: December 11, 2013