During the course of its day-to-day operations, Beacon, through its employees,
business partners, vendors and agents, receives and retains claimants'
confidential health care information. It is Beacon's policy to maintain the
security and privacy of this confidential health care information and to limit
authorized access to personally identifiable confidential health care
information to only those persons or entities permitted under the Rhode Island
Confidentiality of Health Care Information Act, R.I.G.L. 5-37.3-1 et seq.
(1994). Failure to maintain the confidentiality of claimants' health care
information may result in immediate termination of employment. The designated
corporate privacy official shall be responsible for maintaining the security
and confidentiality of claimants' health care information and training Beacon
employees on the policies and the procedures for maintaining confidentiality.
In addition, pursuant to RI.G.L. 5-37.3-4, any violation of this policy may
result in civil liability including actual and punitive damages, attorneys'
fees or criminal penalties of five thousand dollars ($5,000) for each
violation, or imprisonment for not more than six (6) months for each violation,