Benny's Cafe Benefit Service Center
HomeFulltime BenefitsPart time Benefits for Shift SupervisorsMy EnrollmentHR FormsQualifying Life EventsEmployee PerksIf You Leave
Benefits Information
HR Forms

NOTICE OF PRIVACY PRACTICES

This Notice describes how medical information about you may be used and disclosed and how you can get access to this information.  Please review it carefully. 

This NOTICE APPLIES TO THE Group Health Plan benefits provided under INTERNATIONAL COFFEE & TEA, LLC dba THE COFFEE BEAN & TEA LEAF® Welfare BENEFIT Plan.  These Benefits currently include medical, dental, vision, and, prescription drug.

The original effective date of this Notice is April 14, 2003.  It was revised on 1/1/2006, 10/1/2009, 07/1/2011 and 9/23/2013.

You are receiving this Notice from the Group Health Plan Benefits of The Coffee Bean & Tea Leaf® Welfare Benefit Plan, which is sponsored by International Coffee & Tea LLC The Health Insurance Portability & Accountability Act of 1996 (“HIPAA”) is a federal law that requires all medical records and other individually identifiable health information used or disclosed by us in any form, whether electronically, on paper, or orally, be kept properly confidential. HIPAA gives you significant rights to understand and control how your health information is used, and provides penalties for covered entities that misuse personal health information.  As required by regulations under HIPAA (the “HIPAA Privacy Rule”), we have prepared this explanation of how we will maintain the privacy of your health information and how we may use and disclose your health information.  This Notice pertains to you and your covered dependents.  Please share it with them.

OUR PLEDGE REGARDING YOUR MEDICAL INFORMATION

We understand that medical information about you and your health is personal.  We are committed to protecting medical information about you.  The Group Health Plan protects and holds confidential information that relates (1) to your past, present, or future physical or mental health or condition; (2) the provision of health care to you; or (3) the past, present or future payment for your health care.  For example, we create a record of the health care claims reimbursed under the Group Health Plan for Plan administration purposes.  This Notice applies to all of the medical records we create, maintain, receive, use, transmit, or disclose.  Such information is PHI during your lifetime and remains PHI for a period of 50 years after your death.  Your personal doctor or health care provider may have different policies or notices regarding the doctor’s use and disclosure of your medical information created in the doctor’s office or clinic. 

The HIPAA Privacy Rule requires that we protect the privacy of medical information that identifies a participant, or where there is a reasonable basis to believe the information can be used to identify a participant.  This information is called “protected health information” or “PHI.”  This Notice describes your rights as a Group Health Plan participant and our obligations regarding the use and disclosure of PHI.  We are required by law to:

  • maintain the privacy of your PHI;
  • provide you with certain rights with respect to your PHI;
  • provide you with a copy of this Notice of our legal duties and privacy practices with respect to your PHI; and
  • follow the terms of the Notice that is in effect.

In some situations, federal and state laws provide special protections for specific kinds of PHI and require authorization from you before we can disclose specially protected PHI. In these situations, we will contact you for the necessary authorization.

We reserve the right to make changes to this Notice and to make such changes effective for all PHI we may already have about you as well as any information we receive in the future.  If and when a significant change is made, we will provide you with the new Notice either (1) within 60 days of the change; or (2) by prominently posting the new Privacy Notice on the our website at www.bennyscafe.com, and then providing a hard copy of the new Privacy Notice in our next annual mailing to you.

HOW WE MAY USE AND DISCLOSE PROTECTED HEALTH INFORMATION ABOUT YOU

For Payment. 
We may use or disclose your PHI for payment purposes, including to determine eligibility for Group Health Plan benefits, to facilitate payment for the treatment and services you receive from health care providers, to determine benefit responsibility under the Group Health Plan, or to coordinate Group Health Plan coverage.  For example, we may tell your health care provider about your medical history to determine whether a particular treatment is experimental, investigational, or medically necessary or to determine whether the Group Health Plan will cover the treatment.  We may also share medical information with a utilization review or pre-certification service provider.  Likewise, we may share medical information with another entity to assist with the adjudication or subrogation of health claims or to another health plan to coordinate benefit payments.   

For Health Care Operations. 
We may use and disclose your PHI for other Group Health Plan operations.   These uses and disclosures are necessary to run the Group Health Plan.  For example, we may use medical information in connection with:

  • conducting quality assessment and improvement activities;
  • underwriting, premium rating, and other activities relating to Group Health Plan coverage;
  • submitting claims for stop-loss (or excess loss) coverage;
  • conducting or arranging for medical review, legal services, audit services, and fraud and abuse detection programs;
  • business planning and development such as cost management; and
  • business management and general plan administrative activities, including customer service and the resolution of internal grievances.

However, the Group Health Plan will never use or disclose your genetic information for underwriting purposes. 

To Business Associates. 
We may contract with third parties known as Business Associates to perform various functions on our behalf or to provide certain types of services.  In order to perform these functions or to provide these services, Subcontractors of these third parties also may be our Business Associates in certain cases. Business Associates will receive, create, maintain, use and/or disclose your PHI, but only after they agree in writing with us to implement appropriate safeguards regarding your PHI.  In addition, Business Associates are directly subject to many of the provisions of HIPAA which protect the privacy and security of protected health information. 

As Required by Law. 
We will disclose your PHI when required to do so by federal, state or local law.  For example, we may disclose your protected health information when required by national security laws or public health disclosure laws.

To Avert a Serious Threat to Health or Safety. 
We may use and disclose your PHI when necessary to prevent a threat to your health and safety, or the health and safety of the public or another person.  Any disclosure, however, would only be to someone able to help prevent the threat.  For example, we may disclose your protected health information in a proceeding regarding the licensure of a physician. 

Disclosure to the Plan Sponsor. 
For the purpose of administering the Plan, we may disclose your PHI to certain employees of The Coffee Bean & Tea Leaf® .  However, those employees will only use or disclose that information as necessary to perform plan administration functions or as otherwise required by HIPAA, unless you have authorized further disclosures.  Your PHI cannot be used for employment purposes without your specific Authorization. 

Organ and Tissue Donation. 
If you are an organ donor, we may use or disclose PHI to organizations that handle organ procurement or organ, eye or tissue transplantation or to an organ donation bank, as necessary to facilitate an organ, eye, or tissue donation and transplantation.

Military and Veterans.  
If you are a member of the armed forces, we may disclose PHI about you as required by military command authorities.  We may also release PHI about foreign military personnel to the appropriate foreign military authority.

Workers’ Compensation. 
We may disclose PHI about you for workers’ compensation or similar programs.  These programs provide benefits for work-related injuries or illnesses.

Public Health Risks. 
We may use and disclose PHI about you for public health activities.  These activities generally include the following:

  • to prevent or control disease, injury, or disability;
  • to report births, or deaths;
  • to report child abuse or neglect;
  • to report reactions to medications or problems with products or devices regulated by the federal Food and Drug Administration or other activities related to quality, safety, or effectiveness of FDA-regulated products or activities;
  • to locate and notify persons of recalls of products they may be using;
  • to notify a person who may have been exposed to a communicable disease in order to control whom may be at risk of contracting or spreading the disease; or
  • to notify the appropriate government authority if we believe a patient has been the victim of abuse, neglect or domestic violence.  We will only make this disclosure if you agree or when required or authorized by law.

 

Health Oversight Activities. 
We may disclose your PHI to a health oversight agency for activities authorized by law.  These oversight activities include, for example, audits, investigations, inspections, and licensure.  These activities are necessary for the government to monitor the health care system, government health care programs, and compliance with civil rights laws.

Lawsuits and Disputes. 
If you are involved in a lawsuit or a dispute, we may disclose your PHI in response to a court or administrative order.  We may also disclose PHI about you in response to a subpoena, discovery request, or other lawful process by someone else involved in the dispute, but only if efforts have been made to tell you about the request or to obtain an order protecting the information requested. 


Law Enforcement. 
We may use and disclose your PHI if asked to do so by a law enforcement official:

  • in response to a court order, subpoena, warrant, summons or similar process;
  • to identify or locate a suspect, fugitive, material witness, or missing person;
  • about the victim of a crime if, under certain limited circumstances, we are unable to obtain the victim’s agreement;
  • about a death we believe may be the result of criminal conduct;
  • about criminal conduct; and
  • in emergency circumstances to report a crime, the location of a crime or victims, or the identity, description or location of the person who committed the crime. 

Coroners, Medical Examiners and Funeral Directors. 
We may release PHI to a coroner or medical examiner.  This may be necessary, for example, to identify a deceased person or determine the cause of death.  We may also release medical information about patients to funeral directors as necessary to carry out their duties.

National Security and Intelligence Activities. 
We may release your PHI to authorized federal officials for intelligence, counterintelligence, and other national security activities authorized by law.

Inmates.  
If you are an inmate of a correctional institution or are under the custody of a law enforcement official, we may disclose your PHI to the correctional institution or law enforcement official if necessary (1) for the institution to provide you with health care; (2) to protect your health and safety or the health and safety of others; or (3) for the safety and security of the correctional institution.

Where Required by the HIPAA Privacy Rule. 
We are required to disclose PHI to the Secretary of the U.S. Department of Health and Human Services when requested by the Secretary to review our compliance with the HIPAA Privacy Rule. 

Minimum Necessary Standard.
To the extent possible, when using or disclosing your PHI or when requesting your PHI  from another organization subject to HIPAA, we will not use, disclose or request more than the minimum amount of your PHI necessary to accomplish the intended purpose of the use, disclosure or request, taking into consideration practical and technological limitations.

However, the minimum necessary standard will not apply to:

  • disclosures to or requests by a health care provider for treatment;
  • uses by you or disclosures to you of your own protected health information;
  • disclosures made to the Secretary of the Department of Health and Human Services;
  • uses or disclosures that may be required by law;
  • uses or disclosures that are required by the Plan’s compliance with legal regulations; and
  • uses and disclosures for which the Plan has obtained your authorization.

 

Personal Representatives and Family Members

Personal Representatives. 
The Group Health Plan will disclose your PHI to individuals who are your personal representatives under state law.  For example, the Group Health Plan will disclose PHI of minor children to the parents of such children.  The Group Health Plan will also disclose your PHI to other persons authorized by you in writing to receive your PHI, such as your representative under a medical power of attorney, as long as we are provided with a written notice/authorization and any supporting documents (i.e., power of attorney).  Note:  Under the HIPAA privacy rule, we do not have to disclose information to a personal representative if we have a reasonable belief that: 

  • you have been, or may be, subjected to domestic violence, abuse or neglect by such person;
  • treating such person as your personal representative could endanger you; or
  • in the exercise of professional judgment, it is not in your best interest to treat the person as your personal representative.

Family Members. 
Unless otherwise allowed by the HIPAA rules, the Group Health Plan will not orally disclose your PHI to your spouse or domestic partner, or to your parent (if you are an adult child), unless you have agreed to such disclosure.  However, with only limited exceptions, the Group Health Plan will send all mail to the employee.  This includes mail relating to the employee’s family members (spouse, domestic partner and children (including adult children)) who are covered under the Group Health Plan, and includes mail with information on the use of the Group Health Plan’s benefits by the employee’s family members and information on the denial of any of the Group Health Plan benefits to the employee’s family members.  If a person covered under the Group Health Plan has requested restrictions on uses and disclosures of PHI (see Your Right to Request Restrictions below under “Your Rights Regarding Your PHI”), and if the Group Health Plan has agreed to the request, the Group Health Plan will send mail as provided by the request. 

Upon your death, the Group Health Plan may disclose your PHI to a family member (or other relative or close friend) involved in your health care or payment for your health care prior to your death, to the extent the PHI is relevant to such person’s involvement, unless such disclosure is inconsistent with your prior expressed preference that is known to the Group Health Plan. 

YOUR RIGHTS REGARDING YOUR PHI

Under federal law, you have the following rights regarding PHI about you:

Right to Inspect and Copy.  
You have the right to inspect and copy certain PHI that may be used to make decisions about your health care benefits.  To inspect and copy your PHI, you must submit your request in writing to the individual identified in the Contact Information section below.   If you request a copy of your PHI, we may charge you a reasonable fee for the copying, mailing or other supplies associated with your request.

We may deny your request to inspect and copy your PHI in certain very limited circumstances.  If you are denied access to your medical information, you may request that the denial be reviewed by submitting a written request to the individual identified in the Contact Information section below.   

If the information you request is maintained electronically, and you request an electronic copy, the Group Health Plan will provide a copy in the electronic form and format you request, if the information can be readily produced in that form and format.  If the information cannot be readily produced in that electronic form and format, we will work with you to come to an agreement on another electronic form and format.  If we cannot agree on an electronic form and format, the Group Health Plan will provide you with a paper copy. 

Right to Amend
If you feel that the protected health information we have about you is incorrect or incomplete, you may ask us to amend the information.  You have the right to request an amendment for as long as the information is kept by or for the Group Health Plan.  To request an amendment, your request must be made in writing and submitted to the individual identified in the Contact Information section below.    In addition, you must provide a reason that supports your request. 

We may deny your request for an amendment if it is not in writing or does not include a reason to support the request.  In addition, we may deny your request if you ask us to amend information that: 

  • is not part of the medical information kept by or for the Group Health Plan;
  • was not created by us, unless the person or entity that created the information is no longer available to make the amendment;
  • is not part of the information that you would be permitted to inspect and copy; or
  • is already accurate and complete.

If we deny your request, you have the right to file a statement of disagreement with us and any future disclosures of the disputed information will include your statement.

Right to Receive an Accounting of Disclosures
You have the right to request an “accounting” of certain disclosures that we have made of your PHI.  The accounting will not include (1) disclosures for purposes of treatment, payment, or health care operations; (2) disclosures made to you; (3) disclosures made pursuant to your Authorization; (4) disclosures made to friends or family in your presence or because of an emergency; (5) disclosures for national security purposes; and (6) disclosures incidental to otherwise permissible disclosures. 

To request this list or accounting of disclosures, you must submit your request in writing to the individual identified in the Contact Information section below.  Your request must state a time period which may not be longer than six years prior to the date of the request.  Your request should indicate in what form you want the list (for example, paper or electronic).  The first list you request within a 12 month period will be free.  For additional lists, we may charge you for the costs of providing the list.  We will notify you of the cost involved and you may choose to withdraw or modify your request at that time before any costs are incurred.

Right to Request Restrictions
You have the right to request a restriction or limitation on your PHI that we may use for payment and health care operations.  You also have the right to request a limit on your PHI that we disclose to someone who is involved in your care or the payment for your care, like a family member or friend.  For example, you could ask that we not use or disclose information about a surgery that you had. 

We are not required to agree to your request except in limited circumstances.  We will agree to your request if the PHI pertains solely to a health care item or service for which the health care provider has been paid out of pocket in full.  In other instances, we are not required to agree to your request.  If we do agree to your request, we are required to comply with our agreement, except in certain cases, including where the information is needed to treat you in the case of an emergency.  To request restrictions, you must make your request in writing to the individual identified in the Contact Information section below.  In your request, you must tell us (1) what information you want to limit; (2) whether you want to limit our use, disclosure or both; and (3) to whom you want the limits to apply, for example, disclosures to your spouse. 

Right to Receive Confidential Communications.
You have the right to request that we communicate with you about medical matters in a certain way or at a certain location.  For example, you may ask that we only contact you at work or by mail. To request confidential communications, you must make your request in writing to the individual identified in the Contact Information section below.  We will not ask you the reason for your request.  Your request must specify how or where you wish to be contacted.  We will accommodate all reasonable requests if you clearly provide information that the disclosure of all or part of your PHI could endanger you.  


Breach Notification. 
If and when required by HIPAA, we will notify you of a breach of the HIPAA privacy rules which involves your PHI considered to be “unsecure” under applicable HIPAA regulations.  If HIPAA requires us to send you a notice, the notice will contain:

  • a description of the breach;
  • the type of PHI that was breached;
  • what steps you could take to protect yourself from potential harm;
  • what steps we are taking to investigate the breach, mitigate harm, and protect from further breaches; and
  • who to contact for additional information.

Right to a Paper Copy of this Notice.  You have a right to receive a paper copy of this Notice.  You may ask us to give you a copy of this Notice at any time.  Even if you have agreed to receive this Notice electronically, you are still entitled to a paper copy of this Notice.  You also may obtain a copy of this Notice at our website: www.bennyscafe.com.
To obtain a paper copy of this Notice, contact the individual identified in the Contact Information section below.

COMPLAINTS

If you believe your privacy rights have been violated, or if you disagree with a decision we made about a request, you may file a written complaint with the Group Health Plan or with the Office for Civil Rights of the  U.S. Department of Health and Human Services.  All complaints must be submitted in writing.  To file a complaint with the Group Health Plan, please direct your complaint to the individual identified in the Contact Information section below.  You will not be penalized, or in any other way retaliated against, for filing a complaint.

OTHER USES OF MEDICAL INFORMATION 

Other uses and disclosures of medical information not covered by this Notice or the laws that apply to us will be made only with your written permission.  If you provide us permission to use or disclose medical information about you, you may revoke that permission, in writing, at any time.  If you revoke your permission, we will no longer use or disclose medical information about you for the reasons covered by your written Authorization.  However, we are unable to take back any disclosures we have already made with your permission.

CONTACT INFORMATION

If you have any questions about this Notice or wish to exercise the rights described in this Notice, please contact the Privacy Official at the address and telephone number listed below.  The Privacy Official may require that any request be made in writing. 

Privacy Official
The Coffee Bean & Tea Leaf, LLC.
Vise President, Human Resources Manager – Privacy Officer
1945 South La Cienega Blvd
Los Angeles, CA 90034
310.237.2326
BennysPrivacy@cbcins.com                 

The Coffee Bean & Tea leaf - HR Login