- Collection of Personally Identifiable Information - In order to access certain services and restricted areas within our Website or to respond to specific inquiries, Excellus BlueCross BlueShield requires that you provide Personally Identifiable Information. This information may include, without limitation, your legal name, address, telephone number, email address, subscriber name or "screen name," and password used to access the services. We may also collect the email addresses of visitors that communicate with us via email; information provided by the visitor in online forums, registration forms, surveys, email messages, and other digital features (including demographic and personal profile data); and visitor-specific information about the pages on the Website that our visitors access. We reserve the right to request any additional information necessary to establish and maintain your account for use of the services and access to the restricted areas.
- How We Use the Information - Personally Identifiable Information collected when you visit the Website will not be shared with or otherwise disclosed to anyone outside the Excellus BlueCross BlueShield family of companies without the consent of the person(s) authorized to permit us to do so, unless we are required to disclose the information by law, regulation or court order. Personally Identifiable Information you provide to Excellus BlueCross BlueShield via the Website will only be used for the express purpose of your disclosure to us, unless as otherwise described herein.
Non-Personally Identifiable Information collected when you use the Website may be used for internal review purposes in the aggregate, including measuring and monitoring the use of our Website, diagnosing problems with our server, and administration purposes.
We, or third party companies with whom we collaborate or hire to perform services on our behalf, may use your Non-Public Personal Information and Non-Personally Identifiable Information to provide you with information that we believe may be useful to you, such as information about health products or services provided by or through us through permissible targeted advertisements. You may opt-out of receiving permissible targeted advertisements by using the NAI Opt-out tool.
We also use Google Analytics in particular, however, there is a tool created by Google that prevents websites using Google Analytics from sending web visit data to the service for analytics purposes. You may opt out of this tracking by using Google Analytics Opt-out.
- No Absolute Security of Information Transmitted Via the Internet - Excellus BlueCross BlueShield has implemented security features to help prevent the unauthorized release of or access to personal information that has been received via the Website. Please be advised, however, that the confidentiality of any communication, information or other material transmitted to or from Excellus BlueCross BlueShield via web, mobile, or e-mail cannot be guaranteed. Accordingly, Excellus BlueCross BlueShield is not responsible for the security or confidentiality of information being transmitted via the Internet, the World Wide Web mobile applications, or other global computer networks. Excellus BlueCross BlueShield will have no liability for disclosures of Personally Identifiable Information due to errors in transmission or unauthorized acts of third parties.
- Excellus BlueCross BlueShield' Right to Contact User - Excellus BlueCross BlueShield may contact Website visitors who provide Excellus BlueCross BlueShield personally identifiable information regarding account status and changes to the subscriber agreement, privacy statement, or any other policies or agreements relevant to site visitors.
- Protecting Children Online - We are committed to protecting the privacy and security of all of our customers, including minors who are enrolled in our insurance plans. Children under the age of 13 can access our Website as guests. If they wish to use features on our Website, we require that they do so with the permission of their legal guardian. We will not knowingly collect or use any personal information regarding a user under the age of 13 without the consent of a parent or legal guardian.
- Use of Aggregated Information - We reserve the right to disclose to third parties information about usage of our Website and any related services, including information gathered during your use of the website. Any information disclosed for this purpose will be in the form of aggregated data (such as overall patterns or demographic reports) that does not describe or identify any individual user.
- Protection of Member Health Information - If you are a member of Excellus BlueCross BlueShield (and not someone visiting our Website only for informational purposes), then it is possible that you may also provide us with Personally Identifiable Information that constitutes health information protected by the Health Insurance Portability and Accountability Act of 1996 ("HIPAA"). Excellus BlueCross BlueShield is a Covered Entity under HIPAA. Accordingly, Excellus BlueCross BlueShield is covered by (and complies with) HPIPAA regulations regarding the use and disclosure of members' health information for each health plan. Our Notice of Privacy Practices explains how we may use and disclose health information to carry out payment and health care operations and for other purposes that are permitted or required by law. "Health information" that is protected under HIPAA by health plans ("Protected Health Information") generally means claims information and any other information that relates to an individual's past, present or future physical or mental health.
Last updated: June 20, 2017
- What is 'Personally Identifiable Information'?
It is any information that could be used to identify you. For example, your name, address or identification number.
We collect two types of Personally Identifiable Information about our customers:
- Nonpublic Personal Information - This is information you give us on your enrollment form, claim forms, premium payments and other ways. It includes for example: names, account numbers, e-mail address, type of health care benefits and payment amounts.
- Protected Health Information - This is information that you or your health care provider sends to us to process your claim. This includes diagnoses and type of services you receive from your health care provider.
- How Does Excellus BlueCross BlueShield Inc. use your Personally Identifiable Information?
We use this information:
- To administer health care benefits and for our health care operations. For example:
- decide claim payment by asking you and/or your health care provider(s) for necessary information about services, or treatment;
- work with other insurers to decide coverage;
- bill for premiums which may include looking at your claim history;
- answer customer and provider questions about benefits, enrollment and claims;
- monitor quality of care and service to our customers which may include case management, and
- perform utilization and cost containment review activities.
- For permissible marketing, advertising, product development and research purposes
- Who Has Access To My Personally Identifiable Information?
Authorized employees at Excellus BlueCross BlueShield may access your information to administer benefits. Each year, all of our employees must sign an agreement to follow our Code of Business Conduct that includes our confidentiality policy.
We may work with other companies to help us conduct our business. We are required by law to sign an agreement with these other companies that prohibits them from using or giving out information for any reason other than the purpose of the contract. For example we may contract with:
- How is my Personally Identifiable Information protected?
It is our policy to keep all information about you confidential. It is so important to us that we take the following steps:
- our employees sign an agreement to follow our Code of Business Conduct;
- we have a privacy oversight committee that reviews our privacy practices;
- we have a security coordinator to detect and prevent security breaches;
- all computer systems that contain personal information have security protections; and
- we check provider offices to ensure that medical records are kept in secure locations.
Excellus BlueCross BlueShield Privacy Officer
333 Butternut Drive
Syracuse, NY 13214-1803
Or follow this link to Email Our Privacy Officer