MedicaidAdministrativeMedium impact
25-1049m Patient Privacy Matters: Key Requirements for Providers
Health Net·CA·Prior Authorization
We identified it
Jun 20, 2026
Summary
Health Net requires providers to maintain HIPAA-compliant written privacy policies with specific procedures for protecting patient health information, especially for sensitive services like mental health and reproductive care. Providers must respond to confidential communication requests within 7 business days electronically or 14 days for mail, and must grant EMR access to the Plan without additional fees.
Action Required
Immediately: Ensure written HIPAA-compliant privacy policy is in place and stored electronically or in print. Administrative team must establish procedures to respond to confidential communication requests within 7 business days for electronic/phone requests and 14 business days for mailed requests. Update patient enrollment materials to include annual notification about confidential communication options. Grant Plan access to EMRs for case management without charging additional fees.