top of page

Privacy Policy

A legal disclaimer

Privacy Policy for Sauber Insurance

Effective Date: July 2, 2025

Sauber Insurance ("we," "us," or "our") is committed to protecting the privacy and security of your Protected Health Information (PHI) and other personal information. This Privacy Policy describes how we collect, use, disclose, and protect the information you provide to us through our website, sauberinsurance.com (the "Website"), and in connection with our services as a health and life insurance broker.

As a health and life insurance broker, Sauber Insurance may act as a Business Associate of various Covered Entities (e.g., health plans, healthcare providers) under the Health Insurance Portability and Accountability Act of 1996 ("HIPAA"). We are committed to complying with all applicable HIPAA requirements regarding the privacy and security of PHI.

1. Information We Collect

We may collect various types of information from and about users of our Website and services, including:

  • Protected Health Information (PHI): This includes individually identifiable health information that we create or receive, such as your medical history, current health conditions, prescription information, diagnoses, treatments, and other health-related data necessary for providing accurate health insurance quotes and facilitating applications. We collect this PHI to provide our brokerage services to you and on behalf of the health plans (Covered Entities) with whom we work.

  • Personal Identification Information: This includes information that can be used to identify you individually, such as your name, address, email address, phone number, date of birth, gender, Social Security Number (where legally required for insurance applications), and other identifiers necessary for insurance quotes and applications.

  • Financial Information: This may include income information, banking details (for premium payments if applicable), and other financial data necessary for assessing eligibility for certain insurance products or processing transactions.

  • Insurance Needs and Preferences: Information about your insurance coverage needs, existing policies, and preferences for types of coverage.

  • Website Usage Information: We may collect non-personal information about your interactions with our Website, such as your IP address, browser type, operating system, referring URLs, pages viewed, and the dates/times of your visits. This information helps us improve our website and services and is generally not linked to your PHI.

  • Information from Third Parties: We may receive information about you from third-party sources, such as insurance carriers, lead generation services, or public databases, where permitted by law and relevant to our services. When we receive PHI from a Covered Entity, we do so under a Business Associate Agreement (BAA) and handle that PHI in accordance with that BAA and HIPAA.

2. How We Collect Information

We collect information in several ways:

  • Directly from You: When you fill out forms on our Website (e.g., quote requests, contact forms), communicate with us via email or phone, or provide information during the application process.

  • Through Automated Technologies: As you navigate and interact with our Website, we may use cookies, web beacons, and other tracking technologies to collect certain non-PHI information automatically. This information is primarily for website functionality and analytics and is not used to identify individuals or their health status.

  • From Third-Party Sources: As described above, we may obtain information from insurance carriers (Covered Entities), data providers, or other third parties with whom we partner, often under specific agreements like Business Associate Agreements for PHI.

3. How We Use and Disclose Your Protected Health Information (PHI)

We are permitted by HIPAA to use and disclose your PHI for treatment, payment, and healthcare operations. As a health and life insurance broker, our primary uses and disclosures fall under "healthcare operations" and "payment."

  • To Provide Brokerage Services (Healthcare Operations & Payment): We use and disclose your PHI to understand your health insurance needs, provide accurate quotes for health and life insurance products, compare policies from different carriers, assist you with the application process, and facilitate enrollment in chosen insurance plans. This includes transmitting your PHI to health insurance carriers (Covered Entities) for underwriting, enrollment, and payment processing purposes.

  • To Communicate with You: To respond to your inquiries, provide updates on your applications, send important notices, and deliver communications related to your insurance options.

  • For Business Operations: We may use your PHI for our internal operations, such as quality assessment, training, and managing our relationships with insurance carriers. We will de-identify PHI whenever possible for these purposes.

  • As Required or Permitted by Law: We may use or disclose your PHI when required or permitted by law, such as for public health activities, judicial and administrative proceedings, law enforcement purposes, or to comply with a court order or subpoena.

  • To Avert a Serious Threat to Health or Safety: We may use and disclose your PHI to prevent a serious threat to your health and safety or the health and safety of others.

  • For Research: We may use and disclose your PHI for research purposes, but only after proper authorization or with an Institutional Review Board (IRB) or Privacy Board approval that waives the need for authorization.

  • To Family, Friends, or Others Involved in Your Care (with your consent): We may disclose PHI to a family member, friend, or other person you identify if they are involved in your care or payment for your care, and you give us permission.

  • For Workers' Compensation: We may disclose your PHI to the extent authorized by and to the extent necessary to comply with laws relating to workers' compensation or other similar programs.

  • Fundraising (Optional, requires opt-out): We [State if you do or do not engage in fundraising. If you do: "may use your demographic information and the dates you received services to contact you for fundraising purposes. You have the right to opt-out of receiving such communications." If you do not: "do not use your PHI for fundraising purposes."]

  • Marketing (Requires Authorization for PHI): We will not use or disclose your PHI for marketing purposes without your explicit written authorization, unless the communication is a face-to-face communication, or a promotional gift of nominal value. We may use your general contact information (non-PHI) to inform you about other products, services, and offers that may be of interest to you, in accordance with your communication preferences.

  • Sale of PHI (Requires Authorization): We will not sell your PHI without your explicit written authorization.

4. How We Use and Disclose Your Non-PHI Information

Information that is not PHI may be used and disclosed for purposes such as:

  • Improving Our Services and Website: To analyze Website usage, personalize your experience, troubleshoot technical issues, and enhance the functionality and content of our Website.

  • For Compliance and Legal Purposes: To comply with applicable laws and regulations, and to protect our rights, privacy, safety, or property, and/or that of our affiliates, you, or others.

  • Business Transfers: In the event of a merger, acquisition, reorganization, or sale of all or a portion of our assets, your non-PHI information may be transferred as part of that transaction. We will notify you via email and/or a prominent notice on our Website of any such change in ownership or control of your personal information.

  • With Your Consent: We may disclose your non-PHI information to any other third party with your explicit consent.

5. Your HIPAA Rights Regarding Your PHI

As an individual, you have the following rights regarding your PHI:

  • Right to Access (Inspect and Copy): You have the right to inspect and obtain a copy of your PHI that we maintain, subject to limited exceptions. We may charge a reasonable, cost-based fee for copies.

  • Right to Request an Amendment: If you believe that your PHI we maintain is incorrect or incomplete, you may request that we amend it. We may deny your request under certain circumstances, but we will provide you with a written explanation.

  • Right to an Accounting of Disclosures: You have the right to request an accounting of certain disclosures of your PHI made by us, excluding disclosures made for treatment, payment, or healthcare operations, disclosures made to you, or disclosures made pursuant to your authorization.

  • Right to Request Restrictions: You have the right to request a restriction on our use or disclosure of your PHI for treatment, payment, or healthcare operations. We are not required to agree to all requested restrictions, except for disclosures to a health plan for payment or healthcare operations if you have paid for a service or item in full out-of-pocket.

  • Right to Request Confidential Communications: You have the right to request that we communicate with you about medical matters in a certain way or at a certain location (e.g., sending mail to a specific address, calling only at work). We will accommodate all reasonable requests.

  • Right to a Paper Copy of This Notice: You have the right to obtain a paper copy of this Privacy Policy upon request, even if you have agreed to receive it electronically.

  • Right to Opt-Out of Fundraising Communications: If we engage in fundraising, you have the right to opt-out of receiving such communications.

  • Right to Opt-Out of Marketing Communications (when PHI is involved): We require your authorization for most marketing uses of PHI. If you provide authorization, you may revoke it at any time.

To exercise any of these rights, please contact our Privacy Officer using the contact information provided below. We may require you to complete a form to make your request.

6. Our Responsibilities Under HIPAA

We are required by HIPAA to:

  • Maintain the privacy of your PHI.

  • Provide you with this Privacy Policy explaining our legal duties and privacy practices with respect to your PHI.

  • Abide by the terms of this Privacy Policy.

  • Notify you if we are unable to agree to a requested restriction.

  • Accommodate reasonable requests you have to communicate PHI by alternative means or at alternative locations.

  • Notify you of a breach of your unsecured PHI.

7. Data Security

We implement reasonable administrative, technical, and physical safeguards designed to protect your Protected Health Information (PHI) and other personal information from unauthorized access, use, alteration, and disclosure, in accordance with the HIPAA Security Rule. This includes, but is not limited to, encryption, access controls, and regular security assessments. While we strive to protect your PHI, no method of transmission over the Internet or method of electronic storage is 100% secure. Therefore, while we use commercially acceptable means to protect your information, we cannot guarantee its absolute security.

8. Data Retention

We will retain your personal information, including PHI, for as long as necessary to fulfill the purposes outlined in this Privacy Policy, and in compliance with HIPAA retention requirements and other applicable laws. This includes retaining information to comply with our legal obligations, resolve disputes, and enforce our agreements.

9. Third-Party Websites

Our Website may contain links to third-party websites that are not operated by us. This Privacy Policy does not apply to the practices of these third parties. We encourage you to review the privacy policies of any third-party websites you visit, especially if they are healthcare providers or health plans, as their privacy practices may differ.

10. Children's Privacy

Our Website and services are not directed to individuals under the age of 18. We do not knowingly collect Protected Health Information from children under 18. If we become aware that we have collected PHI or other personal information from a child under 18 without verifiable parental consent, we will take steps to delete that information.

11. Changes to This Privacy Policy

We reserve the right to amend this Privacy Policy at any time. We will post the revised Privacy Policy on this page and update the "Effective Date" at the top. We will also provide a prominent notice on our Website regarding any material changes to this Privacy Policy. We encourage you to review this Privacy Policy periodically for any changes. Your continued use of the Website after the posting of a revised Privacy Policy constitutes your acceptance of the changes.

12. Complaints and Contact Information

If you believe your privacy rights have been violated, you may file a complaint with us or with the Secretary of the Department of Health and Human Services. We will not retaliate against you for filing a complaint.

If you have any questions or concerns about this Privacy Policy or our privacy practices, or to exercise your rights under HIPAA, please contact our Privacy Officer at:

Privacy Officer Sauber Insurance [Your Street Address - e.g., 123 Main Street] [Your City, State, Zip Code - e.g., O'Fallon, MO 63366] [Your Phone Number - e.g., (555) 123-4567] [Your Email Address - e.g., privacy@sauberinsurance.com]

Based out of St. Louis, Missouri

​Licensed in Missouri, Illinois, Michigan, and Ohio

NPN: 20371749

License #: 300199849

Sauber Insurance

 

© 2025 Sauber Insurance. All Rights Reserved. Powered and secured by Wix.
Medicare Disclaimer: We may not offer every plan available in your area. Please contact Medicare.gov, 1-800-MEDICARE, or your local State Health Insurance Program (SHIP) to get information on all of your options.

 

bottom of page