You, Your Student, and their Privacy
There may be instances when you need to call Gallagher Student on behalf of your son or daughter – whether it’s to check their enrollment dates, ask a benefit question, or inquire about a specific claim. We want to be able to assist you, however, if your son or daughter is 18 or older, we are forbidden by law to provide you with any information without their consent.
What are the laws that govern restricted access to the parents of College Students?
Family Educational Rights and Privacy Act (FERPA)
FERPA gives parents certain rights with respect to their children's education records. These rights transfer to the student when he or she reaches the age of 18 or attends a school beyond the high school level. The "rights transfer to the students" means parents will not have access to student information without written consent once the rights are transferred from the parent to the student. For this reason parents are generally not sent notifications regarding the student insurance waiver or enrollment process.
What information does the law protect?
Schools may not disclose any information about students, other than directory information, to unauthorized persons or organizations. Non-disclosable information includes;
- Social Security numbers
- Academic Standing
- Which classes a Student is enrolled
- Number of credit hours earned
- Test scores
- Student disciplinary records
- Other information considered an educational record
To view the law on the Department of Education website:
Health Insurance Portability and Accountability Act (HIPAA)
The HIPAA Privacy Rule provides federal protections for individually identifiable health information and gives patients an array of rights with respect to that information. This means parents will not be able to access health related information for their adult children without their written consent.
Who Must Follow These Laws?
We call the entities that must follow the HIPAA regulations "Covered Entities".
Covered entities include:
- Health Plans, including health insurance companies, HMOs, company health plans, and certain government programs that pay for health care, such as Medicare and Medicaid.
- Most Health Care Providers—those that conduct certain business electronically, such as electronically billing health insurance—including most doctors, clinics, hospitals, psychologists, chiropractors, nursing homes, pharmacies, and dentists.
- Health Care Clearinghouses—entities that process nonstandard health information they receive from another entity into a standard (i.e., standard electronic format or data content), or vice versa. In addition, Business Associates of Covered Entities must follow parts of the HIPAA regulations.
What Information Is Protected?
- Information your doctors, nurses, and other health care providers put in your medical record.
- Conversations your doctor has about your care or treatment with nurses and others.
- Information about you in your health insurer’s computer system.
- Billing information about you at your clinic.
- Most other health information about you held by those who must follow these laws.
To view the law on the Department of Health and Human Services website: