Our member call center is coming back online after experiencing technical difficulties, which may cause delays. Thank you for your patience.
Possible Member Services delays
Our member call center is coming back online after experiencing technical difficulties, which may cause delays. Thank you for your patience.
THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY
This notice applies to benefit plans offered by Blue Cross Blue Shield of North Dakota. This entity is referred to as "we," "us," and "our" in this notice.
WE HAVE A LEGAL DUTY TO PROTECT YOUR INFORMATION
We understand the importance of keeping your information private and make it one of our top priorities. We are required by law to protect the privacy of your information. Your information is referred to as "protected health information" (PHI). PHI is your health information and other information that identifies you such as your name, address, telephone number and benefit plan number.
This notice explains how, when, and why we collect, use and disclose your information and about your rights concerning your information. We must follow the privacy practices described in this notice. This notice will remain in effect until we modify it.
We may change our privacy practices and this notice at any time. Any changes will apply to the PHI we already have. When we make a significant change in our privacy practices, we will change this notice and send the new notice to our subscribers.
You may request additional copies of this notice from the contact number listed on the last page of this notice. This notice also may be viewed on our web site at www.BCBSND.com.
HOW WE MAY USE AND DISCLOSE YOUR PROTECTED HEALTH INFORMATION
We use and disclose PHI for many reasons. Under some circumstances, we are allowed by law to use and disclose your PHI without your authorization. Under other circumstances, we need your authorization to use and disclose your PHI. In all cases, we use and disclose only the minimum amount of information necessary to satisfy the purpose of the use or disclosure. Described below are different categories of our uses and disclosures and some examples of each category.
USES AND DISCLOSURES WITHOUT YOUR AUTHORIZATION
Treatment: We may disclose your PHI to doctors, nurses or other health care professionals who ask for it in order to treat you.
Payment: We may use and disclose your PHI to pay for services that are covered under your benefit plan. For example, we may need to give your insurance information to doctors, so they can bill us and receive payment for the treatment you received. We also may use and disclose your PHI to coordinate benefits with other insurance carriers such as your automobile insurance company or Medicare.
Health Care Operations: We may use and disclose your PHI to operate our business and make sure that you receive quality care. Several examples of how we use and disclose your PHI for health care operations include the following:
Determining if you are eligible to enroll in our benefit plan;
If we receive your PHI to determine if you are eligible to enroll in our benefit plan and you do not enroll with us, we only will use or disclose your PHI as required by law.
We will not destroy your PHI if your coverage with us is terminated. Even after your coverage terminates, your PHI may be used for many of the purposes described above. In many cases, we are required by law to retain the PHI. Our privacy policies and procedures apply to PHI regardless of whether your status as a member is active or terminated.
We may share your PHI with our accountants, consultants and other third parties who we hire for various business activities. These third parties also are required to keep your information private. For example, we may
disclose your PHI to auditors who make sure we comply with the laws that affect us. In addition, we may disclose your PHI to consultants who help us review and improve the quality of health care services that you receive.
Parental Access: Generally, parents, guardians or other people acting in a similar legal capacity may receive their minor child's PHI. However, some state laws give minors special protections, and require that we cannot disclose the minor's PHI to the parents, guardians or others without the written authorization of the minor.
Health-Related Benefits and Services: Where permitted by law, we may use or disclose your PHI to contact you about health-related benefits and services, treatment alternatives that may be of interest to you or appointment reminders. For example, your name and address may be used to send you our newsletters that contain general health information. In addition, we may contact you about health-related products that may be added to or replace your existing benefit plan.
Plan Sponsors: If you are enrolled in a health plan through your current or previous employer, you are enrolled in a group health plan. Each group health plan has a "plan sponsor," the person or group that established the group health plan. In many cases, the plan sponsor is your employer.
If your plan sponsor needs PHI to administer their group health plan, they are required by law to establish privacy procedures for receiving PHI from us, and they may use it only as the law allows. If your plan sponsor establishes these privacy procedures, we may disclose PHI to them. Please refer to your benefit plan or other plan documents for an explanation of how your plan sponsor may use or disclose PHI to administer your group health plan.
Required by Law: We may disclose your PHI when we are required to do so by law. For example, we must disclose your PHI to U.S. Department of Health and Human Services officials upon their request, so they can determine whether we are complying with federal privacy laws.
Health Oversight: We may disclose your PHI to health oversight agencies that are responsible for auditing, investigating, inspecting and licensing health care entities. These activities are necessary for the government to monitor the health care system, government programs and compliance with laws.
Public Health and Safety: We may disclose your PHI to government officials in charge of collecting information about public health. For example, we may share PHI with state departments of health about births, deaths, diseases, injuries or disabilities. We also may disclose PHI to law enforcement or other officials to prevent or reduce a serious threat to the health or safety of you, another person or the public.
Abuse or Neglect: We may disclose your PHI to the appropriate authorities to report child abuse or neglect or when there is a concern that you have been a victim of abuse, neglect or domestic violence.
Legal Proceedings: We may disclose your PHI for legal proceedings if there is a court order, administrative order, subpoena, discovery request or other lawful process.
Law Enforcement: We may disclose your PHI to law enforcement officials in certain situations. For example, we may disclose PHI for legal proceedings, to help identify or locate a suspect, witness or missing person or to provide information concerning a crime on our property.
Workers' Compensation: We may disclose your PHI as required by workers' compensation laws and other similar programs that provide benefits for work-related injuries or illnesses.
Research: We may disclose your PHI to researchers in limited situations. These researchers are required to establish measures to protect your privacy.
Coroners, Funeral Directors and Organ Donations: We may disclose PHI of deceased members to coroners or funeral directors, so they can carry out their duties. In addition, we may disclose PHI to organizations that arrange organ donations and transplants.
Military Activity and National Security: We may disclose the PHI of military personnel to military authorities under certain circumstances. In addition, we may disclose your PHI to federal officials for national security or intelligence purposes, such as protecting the President of the United States or others.
USES AND DISCLOSURES WITH YOUR AUTHORIZATION
Written Authorization: If you provide written authorization, we may disclose your PHI to the person you authorize. You may revoke this authorization in writing at any time. Revoking your authorization will not affect any action that was taken before the authorization was revoked.
To the extent (if any) that we maintain or receive psychotherapy notes about you, most disclosures of these notes require your authorization. Also, to the extent (if any) that we use or disclose your information for our fundraising practices, we will provide you with the ability to opt out of future fundraising communications. In addition, most (but not all) uses and disclosures of PHI for marketing purposes, and disclosures that constitute a sale of PHI, require your authorization.
To Family and Friends: While the law permits us in certain circumstances to disclose your PHI to family, friends and others, we will do so only with your authorization. In the event you are unable to authorize such disclosure, but emergency or similar circumstances indicate that disclosure would be in your best interest, we may disclose your PHI to family, friends or others to the extent necessary to help with your health coverage arrangements.
Other Uses and Disclosures: Your written authorization is required for other uses and disclosures of your PHI that are not described in this notice. We will not use your PHI to sell you services or supplies that do not relate to your health care coverage or your health status. We will not give any other person your PHI to allow them to contact you in any way to try to sell you anything.
YOUR RIGHTS REGARDING YOUR PROTECTED HEALTH INFORMATION
You have the following rights with respect to your PHI:
Restrictions: You have the right to ask us to restrict the way we use or disclose your PHI for treatment, payment and health care operations, as described above. We will consider your request for restrictions, but we are not required by law to agree to them. If we agree to restrictions, we will put the restrictions in writing and follow them, except in an emergency situation. You may not restrict the uses and disclosures that we are required or allowed to make by law.
Confidential Communications: If you feel that you could be in danger as a result of your PHI being sent to your main address, you have the right to ask that we send your PHI to a different address or that we communicate with you in a certain way. We will accommodate reasonable requests when possible.
Access: You have the right to obtain a copy and review PHI that we have, with some exceptions. This may include an electronic copy in certain circumstances if you make this request in writing. You may not receive a copy or review psychotherapy notes or other information prohibited by law. We may charge a reasonable fee for copies and postage. We may deny your access request in limited situations.
Amendment: You have the right to ask us to amend your PHI if you believe that it contains a mistake or mistakes in it or that an important piece of information is missing. We may deny your request in certain cases. For example, we may deny your request if we did not create the information, such as medical information received from your doctor.
Disclosure Accounting: You have the right to ask us for a list of disclosures that we made of your PHI. Your request may be for disclosures made up to six years before the date of your request. We may charge you a reasonable fee for copies. This list will not include the following:
• Disclosures for treatment, payment or health care operations;
• Disclosures to you or your legal representative;
• Disclosures that you or your legal representative authorized; and
• Certain other disclosures as allowed by law.
Electronic Notice: If you receive this notice on our web site or by e-mail, you also may ask for this notice in written form. Please contact us at the address listed at the end of this notice.
Breach Notification: In the event of breach of your unsecured PHI, we will provide you notification of such a breach as required by law or where we otherwise deem appropriate.
QUESTIONS AND COMPLAINTS
For more information about privacy rights described in this notice, or if you want another copy of the notice, please visit our web site at www.BCBSND.com or call the telephone number on the back of your Member ID card. You may also contact BCBSND Member Services at 4510 13th Ave S, Fargo, ND 58121 or at 1-844-363-8457. To provide you with the best possible customer service, Member Services may need to transfer your call to the service unit that specializes on your benefit plan.
If you believe your privacy rights have been violated, you may file a written complaint with our Privacy Officer. You also have the right to complain to the U.S. Secretary of Health and Human Services. We support your right to protect the privacy of your PHI. We will not retaliate against you for filing a complaint with us or the U.S. Department of Health and Human Services.
If you have any questions about the complaint process, wish to file a complaint with us, or need the address of the U.S. Secretary of Health and Human Services, please contact our Privacy Officer at the following address and telephone number:
4510 13th Ave S, Fargo, ND 58121
This notice is effective on July 1, 2013
This Privacy Notice Statement (“Statement”) explains how Blue Cross Blue Shield of North Dakota (“Agency”) may collect, use and disclose certain Personally Identifiable Information (“PII”) when assisting you in comparing health insurance plans, obtaining determinations of eligibility for coverage, enrolling in qualified health plans (“QHPs”)through the Federally Facilitated Marketplace (“FMM”) and/or applying for federal subsidies.
Please read this Statement carefully and contact the Agency at 800-280-2583 if you have any questions or concerns regarding this Statement, or the Agency’s collection, use and disclosure of PII in general.
Legal Authority to Collect PII
PII is information that can be used to distinguish or trace an individual’s identity, alone or when combined with other personal or identifying information that is linked or linkable to a specific individual. Examples of PII include name, address, telephone number, email, Social Security Number, date and place of birth, and driver’s license number.
The Agency participates in the sale of health insurance products on the FFM and must comply with the FFM’s privacy and security standards. Section 1312(e) of the Affordable Care Act (“ACA”), and its implementing regulations, authorize the Agency to collect PII to assist you in comparing health insurance plans, obtaining determinations of eligibility for coverage, enrolling in QHPs through the FFM, and/or applying for federal subsidies.
Purpose of the Information Collection
The purpose of the Agency’s collection of PII is to assist you in comparing health insurance plans, obtaining determinations of eligibility for coverage, enrolling in QHPs through the FFM, and/or applying for federal subsidies.
To Whom and for What Purposes PII May be Disclosed
The Agency may disclose your PII to the FFM (including its employees, agents or sub-contractors), certain federal and state agencies, a health insurance company offering the QHP that you have selected (or the company’s employees, agents or sub-contractors), or any individual who is duly and legally authorized to act on your behalf in connection with your PII. Your PII may be disclosed to the extent reasonably necessary for the Agency to assist you in comparing health insurance plans, obtaining determinations of eligibility for coverage, enrolling in QHPs through the FFM, and/or applying for federal subsidies.
Authorized Uses and Disclosures of Collected Information
The Agency may use and disclose PII to the extent reasonably necessary to assist you in comparing health insurance plans, obtaining determinations of eligibility for coverage, enrolling in QHPs through the FFM, and/or applying for federal subsidies. The Agency will obtain your informed consent, which you may revoke at any time, for any other uses or disclosures of PII.
Whether Request for Collection of PII is Voluntary or Mandatory
The Agency’s request to collect your PII is voluntary. You are under no obligation to provide PII to the Agency.
The Effects of Nondisclosure of PII
While you are under no obligation to provide PII to the Agency, the assistance the Agency provides is based only on the information you supply to the Agency. If the information is inaccurate or incomplete, the Agency may not be able to assist you in comparing health insurance plans, obtaining determinations of eligibility for coverage, enrolling in QHPs through the FFM, and/or applying for federal subsidies.
Web Server Usage
We are committed to protecting your privacy and ensuring a secure environment. Our web site and online services are secure. Our strict privacy and security standards either meet or exceed federal safeguard requirements.
We do our best. Keeping your electronic and physical information confidential is a top priority. Please report any suspicious online activity to our Systems Security Office at 701-282-1427.
Web Site Privacy and Legal
BCBSND, takes your privacy very seriously. We actively protect the privacy of everyone who uses our web site. You do not have to give us personal information to visit our site.
Our goal is to provide you with a safe and enjoyable browsing experience. When we collect information about you it is in an effort to make our products and services more efficient and customized to you. You are free to browse the BCBSND site without revealing any personal information about yourself. However, once you give us your personal information, you are not anonymous to us.
We automatically track certain information based upon your behavior on our site. We use this information to analyze our users' behavior, interests, and demographics to better understand and serve you. This information may include the URL that you came from, which URL you next go to, what browser you are using and your IP address.
What about Cookies?
Our web site and publications contain numerous links to other network sites. We cannot be responsible for the privacy practices of other organizations or the content of external web sites.