Data Privacy and Security
Essential to the services we provide to our clients is the handling of sensitive personal information. In this regard, our pledge is simple – We are committed to preserving the confidentiality and security of sensitive personal information in our possession and have developed and implemented a comprehensive data privacy and security program.
– Jerry Andreatos, CEO and Constantine Andreatos, President
What is Business Benefits Group’s approach to privacy and security of personal information?
Given that the majority of personal information we handle can be treated as protected health information under the Health Insurance Portability and Accountability Act (“HIPAA”), we have designed our data privacy and security program (the “Program”) to ensure it is consistent with the applicable privacy and security standards under HIPAA/HITECH. However, we also have kept pace with the broader range of data privacy and security standards that recently have emerged in order to address concerns over the explosion of identity theft and data breaches. Our Program addresses these issues and we continually reevaluate and retool our policies and procedures to ensure they meet and exceed industry standards.
How does Business Benefits Group come into contact with the personal information maintained by your company?
Business Benefits Group offers its clients a range of services, such as (i) traditional brokerage services; (ii) dependent eligibility audits; (iii) outsourcing of benefits administration and (iv) claims remediation services. All of these services and others could involve the handling of personal information maintained by your company.
What precautions does Business Benefits Group take to safeguard personal information in the course of providing its services?
Our Program includes administrative, physical and technological safeguards to protect the privacy and security of the personal information we handle for our clients. Examples of these safeguards include:
Designated Privacy and Security Officer
- Business Benefits Group has a designated Privacy and Security Officer who has specific responsibilities to develop, review, update and enforce the Program.
- Access to our facilities is limited to authorized personnel.
- All facilities have an alarm system which includes a 24-hour, monitoring service.
- Visitor logs are maintained and visitors and vendors are escorted during their visit.
Emergency, Data Breach, and Contingency Planning
- Business Benefits Group has developed an internal data breach response plan to ensure that should a breach of personal information occur, the company will be able to, among other things, react quickly to contact the appropriate client and coordinate a response.
Written Policies and Procedures
- Business Benefits Group maintains written policies and procedures that outline certain of its data privacy and security safeguards all of which are designed to, among other things, prevent unauthorized use or access to personal information.
- These policies and procedures are periodically reviewed and updated as necessary and appropriate.
Employee Screening, Training, and Visibility
- Each Business Benefits Group employee must undergo a background check prior to hire including criminal background search, employment history verifications.
- Each Business Benefits Group employee is required to sign a Privacy and Confidentiality Agreement when hired.
- Each Business Benefits Group employee undergoes regular training concerning our Program.
- Employees are subject to discipline for improper use or disclosure of personal information or for failure to follow the requirements under the Program.
Staying Ahead of the Curve
- Business Benefits Group actively monitors legal developments relating to data privacy and security in order to be sure its Program meets and exceeds current industry standards, and to be better prepared to anticipate and address our client’s needs in this regard.
What if I have questions about Business Benefits Group’s privacy and security program?
Questions about the Program should be directed to Business Benefits Group’s Privacy and Security Officer, at 4069 Chain Bridge Road, Top Floor, Fairfax, VA 22030 Attention: Brandon Downs.