Excellus Bluecross BlueShield logo
Login | Register | Forgot Username | Forgot Password
Back to Search Results
<span style=" color: red;">Web & Mobile</span> Privacy Policy Web & Mobile Privacy Policy" name="title">
Web & Mobile Privacy Policy

Please note that we have updated our website Privacy Policy effective June 20, 2017. All updates and changes have been indicated in red so that you can easily determine what has changed.

At Excellus BlueCross BlueShield, we know how important your privacy is to you. Therefore, we are committed to protecting any personal information that you provide us our desktop and mobile websites (collectively, “Website”) according to applicable laws, regulations and accreditation standards and practices, and we continue to evaluate new administrative, technical and physical safeguards for protecting your information. We urge you to read our Privacy Policy so that you will understand both our commitment to you and your privacy, and how you can participate in that commitment.

The purpose of this Privacy Policy is to inform you of our information gathering and dissemination practices for this Website.

  1. Collection of Personally Identifiable Information - In order to access certain services and restricted areas within our Website or to respond to specific inquiries, Excellus BlueCross BlueShield requires that you provide Personally Identifiable Information. This information may include, without limitation, your legal name, address, telephone number, email address, subscriber name or "screen name," and password used to access the services. We may also collect the email addresses of visitors that communicate with us via email; information provided by the visitor in online forums, registration forms, surveys, email messages, and other digital features (including demographic and personal profile data); and visitor-specific information about the pages on the Website that our visitors access. We reserve the right to request any additional information necessary to establish and maintain your account for use of the services and access to the restricted areas.

  2. Collection of Non-Personally Identifiable Information - Excellus BlueCross BlueShield also collects information about you and your use of the Website through the use of Cookies and/or Session Variables. "Cookies" are small digital files that are transferred to your computer or smartphone's hard drive when you visit a website or click on a URL. Cookies allow us to operate and personalize the Website, to track your usage, and to deliver targeted advertisements to you. "Session Variables" are similar to Cookies except that they remain on our servers and are not transferred to your computer or smartphone. Usage of a Cookie or Session Variable is in no way linked to your Personally Identifiable Information. Once you close your Web browser, the Cookie or Session Variable simply terminates. If you reject the Cookie or Session Variable, you may still use the Website. We may also collect the home server domain names, search engine used, Web browser, date and time of the visit, and aggregate information about the pages and tools on the Website that our visitors access.

  3. How We Use the Information - Personally Identifiable Information collected when you visit the Website will not be shared with or otherwise disclosed to anyone outside the Excellus BlueCross BlueShield family of companies without the consent of the person(s) authorized to permit us to do so, unless we are required to disclose the information by law, regulation or court order. Personally Identifiable Information you provide to Excellus BlueCross BlueShield via the Website will only be used for the express purpose of your disclosure to us, unless as otherwise described herein.

    Non-Personally Identifiable Information collected when you use the Website may be used for internal review purposes in the aggregate, including measuring and monitoring the use of our Website, diagnosing problems with our server, and administration purposes.

    We, or third party companies with whom we collaborate or hire to perform services on our behalf, may use  your Non-Public Personal Information and Non-Personally Identifiable Information to provide you with information that we believe may be useful to you, such as information about health products or services provided by or through us through permissible targeted advertisements. You may opt-out of receiving permissible targeted advertisements by using the NAI Opt-out tool.
    We also use Google Analytics in particular, however, there is a tool created by Google that prevents websites using Google Analytics from sending web visit data to the service for analytics purposes. You may opt out of this tracking by using Google Analytics Opt-out.

  4. No Absolute Security of Information Transmitted Via the Internet - Excellus BlueCross BlueShield has implemented security features to help prevent the unauthorized release of or access to personal information that has been received via the Website. Please be advised, however, that the confidentiality of any communication, information or other material transmitted to or from Excellus BlueCross BlueShield via web, mobile, or e-mail cannot be guaranteed. Accordingly, Excellus BlueCross BlueShield is not responsible for the security or confidentiality of information being transmitted via the Internet, the World Wide Web mobile applications, or other global computer networks. Excellus BlueCross BlueShield will have no liability for disclosures of Personally Identifiable Information due to errors in transmission or unauthorized acts of third parties.

  5. Excellus BlueCross BlueShield' Right to Contact User - Excellus BlueCross BlueShield may contact Website visitors who provide Excellus BlueCross BlueShield personally identifiable information regarding account status and changes to the subscriber agreement, privacy statement, or any other policies or agreements relevant to site visitors.

  6. Excellus BlueCross BlueShield' Right to Change Privacy Policy - If we alter our privacy policy, we will post those changes here in a timely manner so you can be aware of changes that may affect you. Any change to this Privacy Policy shall be effective as to any visitor that has accepted the Excellus BlueCross BlueShield Website Terms and Conditions before the change was made.

  7. Protecting Children Online - We are committed to protecting the privacy and security of all of our customers, including minors who are enrolled in our insurance plans. Children under the age of 13 can access our Website as guests. If they wish to use features on our Website, we require that they do so with the permission of their legal guardian. We will not knowingly collect or use any personal information regarding a user under the age of 13 without the consent of a parent or legal guardian.

  8. Use of Aggregated Information - We reserve the right to disclose to third parties information about usage of our Website and any related services, including information gathered during your use of the website. Any information disclosed for this purpose will be in the form of aggregated data (such as overall patterns or demographic reports) that does not describe or identify any individual user.

  9. Protection of Member Health Information - If you are a member of Excellus BlueCross BlueShield (and not someone visiting our Website only for informational purposes), then it is possible that you may also provide us with Personally Identifiable Information that constitutes health information protected by the Health Insurance Portability and Accountability Act of 1996 ("HIPAA"). Excellus BlueCross BlueShield is a Covered Entity under HIPAA. Accordingly, Excellus BlueCross BlueShield is covered by (and complies with) HPIPAA regulations regarding the use and disclosure of members' health information for each health plan. Our Notice of Privacy Practices explains how we may use and disclose health information to carry out payment and health care operations and for other purposes that are permitted or required by law. "Health information" that is protected under HIPAA by health plans ("Protected Health Information") generally means claims information and any other information that relates to an individual's past, present or future physical or mental health.

  10. Questions and Additional Information - Questions about our privacy policy and the use and disclosure of members' protected health information on the Excellus BlueCross BlueShield Website may be addressed to our Privacy Officer by using our Secure Privacy Officer Email Form.

Last updated: June 20, 2017

Frequently Asked Questions about Our Privacy Policy

Here are some questions and answers to help you understand our privacy policy:

  1. What is 'Personally Identifiable Information'?
    It is any information that could be used to identify you. For example, your name, address or identification number.

    We collect two types of Personally Identifiable Information about our customers:

    1. Nonpublic Personal Information - This is information you give us on your enrollment form, claim forms, premium payments and other ways. It includes for example: names, account numbers, e-mail address, type of health care benefits and payment amounts.
    2. Protected Health Information - This is information that you or your health care provider sends to us to process your claim. This includes diagnoses and type of services you receive from your health care provider.

  2. How Does Excellus BlueCross BlueShield Inc. use your Personally Identifiable Information?
    We use this information:

    - To administer health care benefits and for our health care operations. For example:
    • decide claim payment by asking you and/or your health care provider(s) for necessary information about services, or treatment;
    • work with other insurers to decide coverage;
    • bill for premiums which may include looking at your claim history;
    • answer customer and provider questions about benefits, enrollment and claims;
    • monitor quality of care and service to our customers which may include case management, and
    • perform utilization and cost containment review activities.

    - For permissible marketing, advertising, product development and research purposes

  3. Who Has Access To My Personally Identifiable Information?
    Authorized employees at Excellus BlueCross BlueShield may access your information to administer benefits. Each year, all of our employees must sign an agreement to follow our Code of Business Conduct that includes our confidentiality policy.

    We may work with other companies to help us conduct our business. We are required by law to sign an agreement with these other companies that prohibits them from using or giving out information for any reason other than the purpose of the contract. For example we may contract with:
  4. How is my Personally Identifiable Information protected?
    It is our policy to keep all information about you confidential. It is so important to us that we take the following steps:
    • our employees sign an agreement to follow our Code of Business Conduct;
    • we have a privacy oversight committee that reviews our privacy practices;
    • we have a security coordinator to detect and prevent security breaches;
    • all computer systems that contain personal information have security protections; and
    • we check provider offices to ensure that medical records are kept in secure locations.

Questions regarding Excellus BlueCross BlueShield' privacy policy may be directed to the Excellus BlueCross BlueShield Privacy Officer via postal mail:

Excellus BlueCross BlueShield Privacy Officer
Re: Website Privacy Policy
333 Butternut Drive
Syracuse, NY 13214-1803

Or follow this link to Email Our Privacy Officer

Back to Search Results
Home     About Us    Fraud & Abuse    Accreditations   
Language Assistance and Non-Discrimination Notice

Copyright © 2019, Excellus BlueCross BlueShield, a nonprofit independent licensee of the Blue Cross Blue Shield Association. All rights reserved. View our Web Privacy Policy for information on how we protect your privacy. Use of this site indicates your acceptance of our Terms of Use. Follow this link to view our 31 county New York State service area. You will need Internet Explorer or Google Chrome to use the secure features of this site.