Parental, Guardian, and Member Linking Overview

The Emergency Contact Data objective is to make the medical data and the person’s identity known to emergency and medical personnel so proper treatment can be given. Implicit in the use of Emergency Contact Data is the display of the member’s contact, identity, and medical data. (Emergency Contact Data does not request, nor have a designated data field to display Social Security and Driver’s License numbers or date-of-birth.) By the fact that the data is available for the member’s treatment, the member has given their permission to display this information. Upon sign-up the member:

1. Agrees to the display of the information.
2. Indemnifies Emergency Contact Data against inaccuracy, errors and omissions in the entry of their data.
3. Agrees to keep the data current.
4. The person enrolling themselves and others is at least 18 years old and an adult in their country and state or province of residence, having reached the “Age of License” to enter into a contract and the “Age of Majority” through age or emancipation so as to have legal control of their personal health information.

Considerations for Minors or Persons Under Guardianship

As minors reach the age of majority or if other reasons cause them to become emancipated, their parents or guardian will lose the rights to make health care decisions or to automatically serve as their personal representative. Individual state or country regulations determine the age of emancipation and age of majority. In order for parents or guardians to have authority to view, enter, modify, or deliver the personal health information of a minor or person under guardianship they must have:

1. The legal authority to enter and cause to display the personal data of a person considered a minor in their country and state or province.
2. The legal authority to enter and cause to display medical data for a person for whom they are a legal guardian in their country and state or province.
3. Attest that they have this written permission and that none of the three following exceptions are present:

1. The minor controls PHI (Personal Health Information) associated with treatment that does not first require parental consent (e.g., HIV testing, mental health services);
2. The parent does not control PHI when a court determines or other law authorizes someone other than the parent to make treatment decisions for a minor; and
3. The parent does not have rights to PHI when a parent/personal representative agrees to a confidential relationship between a health care provider and a minor.

4. Acknowledges that the right to display a minor’s PHI ceases when a minor reaches the “Age of Majority”

1. Parent or guardian must notify the party for which they were responsible of the existence of their Emergency Contact Data Membership and the existence of their medical data and:
2. Provide them with their password and member ID so that the person reaching the “Age of Majority” can:
   1. Enter their own email so as to receive communications from Emergency Contact Data
   2. Change their password, address and contact data
   3. Request a new Membership ID number and cards
   4. Disassociate themselves from the parent or guardian’s account access

5. Inform them that their account was linked to the Link Manager if the “Member Linking” resource was being used
6. Use the Emergency Contact Data Member Linking resource to disable linking when a minor reaches the “Age of Majority”

---

1. Member ID linkage can be removed from both the Link Manager and minor Member’s accounts
2. To re-link a member’s account, the Link Manager must get permission from the re-linking member to use the member’s Member ID and password to affect the re-link. See Manage Member Links in your member Profile Center.
7. A Parent or Guardian that knowingly, without the permission of the adult or exempted child, releases, Personal Health Information, may be subject to civil or criminal penalties:

   1. Civil penalties – For unintentional disclosure of PHI, civil money penalties are $100 per violation and up to $25,000 per person, per year for each requirement of prohibition violated.
   2. Criminal penalties – For knowingly violating patient privacy, criminal penalties are up to $50,000 and one year in prison for obtaining or disclosing PHI; up to $100,000 and up to five years in prison for obtaining PHI under false pretenses; and up to $250,000 and up to 10 years in prison for obtaining or disclosing PHI with the intent to sell, transfer or use for commercial advantage, personal gain, or malicious harm.