During the course of its day-to-day operations, Beacon, through its employees, business partners, vendors and agents, receives and retains claimants’ confidential health care information. It is Beacon’s policy to maintain the security and privacy of this confidential health care information and to limit authorized access to personally identifiable confidential health care information to only those persons or entities permitted under the Rhode Island Confidentiality of Health Care Information Act, R.I.G.L. 5-37.3-1 et seq. (1994). Failure to maintain the confidentiality of claimants’ health care information may result in immediate termination of employment. The designated corporate privacy official shall be responsible for maintaining the security and confidentiality of claimants’ health care information and training Beacon employees on the policies and the procedures for maintaining confidentiality.
In addition, pursuant to R.I.G.L. 5-37.3-4, any violation of this policy may result in civil liability including actual and punitive damages, attorneys’ fees or criminal penalties of five thousand dollars ($5,000) for each violation, or imprisonment for not more than six (6) months for each violation, or both.