Thursday, May 16, 2013

Buying and selling HIPAA

HIPAA privacy rules regarding PHI (Personal Health Information) are pretty stringent. As an agent, I have to be careful about disclosing PHI even to clients' own family members.


Buy-sell agreements (and other business uses of life insurance) are great risk management tools. If a partner or key employee dies, the business may suffer immediate financial losses which can be mitigated by the infusion of cash from a life insurance policy.


Life insurance policies are contracts, and are required to adhere to certain standards and rules, one of which is that the application is part of the policy, and must be attached to (or enclosed within) it. The application forms the basis for the whole transaction, and includes not just name and date of birth, but pertinent health and financial information, as well.

Now, let's tie this all together:

Fred and Barney own Bedrock Widgets, and enter into a buy-sell agreement. They call me to purchase life insurance policies on each other to fund it. I take their applications and submit them to the Prehistoric Life Insurance Company, where they're underwritten and the policies issued. We meet, and I deliver the policies: Fred's to Barney, and Barney's to Fred.

See the problem?

Barney now has all of Fred's health info, and vice versa.

This could be....uncomfortable.

But is it against HIPAA regs?

Standard industry practice says no: the application is (by law) part of the application and by law a copy must be included in the policy. So carriers have - thus far - avoided having to address this seeming contradiction.

Thus far.

[Hat Tip: FoIB Brian D]
blog comments powered by Disqus