Texas Administrative Code
Title 28 - INSURANCE
Part 1 - TEXAS DEPARTMENT OF INSURANCE
Chapter 22 - PRIVACY
Subchapter B - INSURANCE CONSUMER HEALTH INFORMATION PRIVACY
Section 22.57 - Exceptions
Universal Citation: 28 TX Admin Code § 22.57
Current through Reg. 50, No. 13; March 28, 2025
(a) A covered entity may disclose, without an authorization, nonpublic personal health information to the extent that the disclosure is necessary to perform the following insurance functions or legally required activity on behalf of that covered entity:
(1) the investigation or reporting of actual
or potential fraud, misrepresentation, or criminal activity;
(2) underwriting;
(3) the placement or issuance of an insurance
product;
(4) loss control
services;
(5) ratemaking and
guaranty fund functions;
(6)
reinsurance and excess loss insurance;
(7) risk management;
(8) case management;
(9) disease management;
(10) quality assurance;
(11) quality improvement;
(12) performance evaluation;
(13) health care provider credentialing
verification;
(14) utilization
review;
(15) peer review
activities;
(16) actuarial,
scientific, medical, or public policy research;
(17) grievance procedures;
(18) the internal administration of
compliance, managerial, and information systems;
(19) policyholder services;
(20) auditing;
(21) reporting;
(22) database security;
(23) the administration of consumer disputes
and inquiries;
(24) external
accreditation standards;
(25) the
replacement of a group benefit plan or workers' compensation policy or
program;
(26) activities in
connection with a sale, merger, transfer, or exchange of all or part of a
business or operating unit;
(27)
any activity that permits disclosure without authorization under the federal
Health Insurance Portability and Accountability Act of 1996 (42 U.S.C. Section
1320d et seq.), as amended;
(28) disclosure that is required, or is a
lawful or appropriate method, to enforce the covered entity's rights or the
rights of other persons engaged in carrying out a transaction or providing an
insurance product or service that the consumer requests or
authorizes;
(29) claims
administration, adjustment, and management;
(30) any activity otherwise permitted by law,
required pursuant to a governmental reporting authority, or required to comply
with legal process; and
(31) any
other insurance functions that the commissioner approves that are:
(A) necessary for appropriate performance of
insurance functions; and
(B) fair
and reasonable to the interests of consumers.
(b) A disclosure for marketing purposes shall not be considered to be an insurance function or any other type of activity that constitutes an exception under this section.
Disclaimer: These regulations may not be the most recent version. Texas may have more current or accurate information. We make no warranties or guarantees about the accuracy, completeness, or adequacy of the information contained on this site or the information linked to on the state site. Please check official sources.
This site is protected by reCAPTCHA and the Google
Privacy Policy and
Terms of Service apply.
