Provider Alerts - November 2, 2018

REMINDER – DHCS Requirements Related to Preventing Privacy Incidents


Date: November 2, 2018
To: Health Plan of San Joaquin (HPSJ) Providers
From: Provider Services Department
Subject: REMINDER – DHCS Requirements Related to Preventing Privacy Incidents
Business: Medi-Cal


As part of our efforts to prevent privacy‐related incidents, Health Plan of San Joaquin (HPSJ) is mandated to send out an annual reminder to our providers pertaining to the HIPAA Minimum Necessary Rule [45CFR 164.502(b), 164.514(d)], which states –

“The minimum necessary standard requires covered entities to evaluate their practices and enhance safeguards as needed to limit unnecessary or inappropriate access to and disclosure of protected health information (PHI). The Privacy Rule generally requires covered entities to take reasonable steps to limit the use or disclosure of, and requests for, protected health information to the minimum necessary to accomplish the intended purpose. “

It is the provider’s responsibility to ensure that when sending documentation to HPSJ it is:

  • Accurate
  • For the correct member
  • Only includes documentation for the correct member

Effective September 1, 2015, HPSJ started to deny authorizations that were incorrectly submitted and failed to meet the HIPAA Minimum Necessary Rule.

All authorizations submitted on September 1, 2015 or thereafter with unnecessary information – or information not specific to that member – are immediately being denied and sent back to the provider. Timely submission of authorizations meeting the HIPAA Minimum Rule, will help to prevent a delay in the approval process.

Should you have any further questions, please contact our Customer Services Department at (209) 942‐6320,