Notice of Privacy Practices

THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.

This notice applies to benefit plans offered by Blue Cross Blue Shield of North Dakota, North Dakota Vision Services, Incorporated and Dental Service Corporation of North Dakota. These entities are referred to as "we," "us," and "our" in this notice.

We have a legal duty to protect your information

We understand the importance of keeping your information private and make it one of our top priorities. We are required by law to protect the privacy of your information. Your information is referred to as "protected health information" (PHI). PHI is your health information and other information that identifies you such as your name, address, telephone number and benefit plan number.

This notice explains how, when, and why we collect, use and disclose your information and about your rights concerning your information. We must follow the privacy practices described in this notice. This notice will remain in effect until we modify it.

We may change our privacy practices and this notice at any time. Any changes will apply to the PHI we already have. When we make a significant change in our privacy practices, we will change this notice and send the new notice to our subscribers.

You may request additional copies of this notice from the contact number listed on the last page of this notice.

How we may use and disclose your protected health information

We use and disclose PHI for many reasons. Under some circumstances, we are allowed by law to use and disclose your PHI without your authorization. Under other circumstances, we need your authorization to use and disclose your PHI. In all cases, we use and disclose only the minimum amount of information necessary to satisfy the purpose of the use or disclosure. Described below are different categories of our uses and disclosures and some examples of each category.

Uses and Disclosures Without Your Authorization

Treatment: We may disclose your PHI to doctors, nurses or other health care professionals who ask for it in order to treat you.

Payment: We may use and disclose your PHI to pay for services that are covered under your benefit plan. For example, we may need to give your insurance information to doctors, so they can bill us and receive payment for the treatment you received. We also may use and disclose your PHI to coordinate benefits with other insurance carriers such as your automobile insurance company or Medicare.

Health Care Operations: We may use and disclose your PHI to operate our business and make sure that you receive quality care. Several examples of how we use and disclose your PHI for health care operations include the following:

  • Determining if you are eligible to enroll in our benefit plan;
  • Underwriting and premium rating our risk for health coverage, and obtaining stoploss and similar reinsurance for our health coverage obligations (although we are prohibited from using or disclosing any genetic information for these underwriting purposes);
  • Reviewing your doctors' treatment and services, and evaluating their performance;
  • Assisting your doctor manage your ongoing care for a disease or medical condition;
  • Reviewing for fraud and abuse;
  • Responding to your inquiries; and
  • Surveying you on how well we meet your health insurance needs.

If we receive your PHI to determine if you are eligible to enroll in our benefit plan and you do not enroll with us, we only will use or disclose your PHI as required by law.

We will not destroy your PHI if your coverage with us is terminated. Even after your coverage terminates, your PHI may be used for many of the purposes described above. In many cases, we are required by law to retain the PHI. Our privacy policies and procedures apply to PHI regardless of whether your status as a member is active or terminated.

We may share your PHI with our accountants, consultants and other third parties who we hire for various business activities. These third parties also are required to keep your information private. For example, we may disclose your PHI to auditors who make sure we comply with the laws that affect us. In addition, we may disclose your PHI to consultants who help us review and improve the quality of health care services that you receive.

Parental Access: Generally, parents, guardians or other people acting in a similar legal capacity may receive their minor child's PHI. However, some state laws give minors special protections, and require that we cannot disclose the minor's PHI to the parents, guardians or others without the written authorization of the minor.

Health-Related Benefits and Services: Where permitted by law, we may use or disclose your PHI to contact you about health-related benefits and services, treatment alternatives that may be of interest to you or appointment reminders. For example, your name and address may be used to send you our newsletters that contain general health information. In addition, we may contact you about health-related products that may be added to or replace your existing benefit plan.

Plan Sponsors: If you are enrolled in a health plan through your current or previous employer, you are enrolled in a group health plan. Each group health plan has a "plan sponsor," the person or group that established the group health plan. In many cases, the plan sponsor is your employer.

If your plan sponsor needs PHI to administer their group health plan, they are required by law to establish privacy procedures for receiving PHI from us, and they may use it only as the law allows. If your plan sponsor establishes these privacy procedures, we may disclose PHI to them. Please refer to your benefit plan or other plan documents for an explanation of how your plan sponsor may use or disclose PHI to administer your group health plan.

Required by Law: We may disclose your PHI when we are required to do so by law. For example, we must disclose your PHI to U.S. Department of Health and Human Services officials upon their request, so they can determine whether we are complying with federal privacy laws.

Health Oversight: We may disclose your PHI to health oversight agencies that are responsible for auditing, investigating, inspecting and licensing health care entities. These activities are necessary for the government to monitor the health care system, government programs and compliance with laws.

Public Health and Safety: We may disclose your PHI to government officials in charge of collecting information about public health. For example, we may share PHI with state departments of health about births, deaths, diseases, injuries or disabilities. We also may disclose PHI to law enforcement or other officials to prevent or reduce a serious threat to the health or safety of you, another person or the public.

Abuse or Neglect: We may disclose your PHI to the appropriate authorities to report child abuse or neglect or when there is a concern that you have been a victim of abuse, neglect or domestic violence.

Legal Proceedings: We may disclose your PHI for legal proceedings if there is a court order, administrative order, subpoena, discovery request or other lawful process.

Law Enforcement: We may disclose your PHI to law enforcement officials in certain situations. For example, we may disclose PHI for legal proceedings, to help identify or locate a suspect, witness or missing person or to provide information concerning a crime on our property.

Workers' Compensation: We may disclose your PHI as required by workers' compensation laws and other similar programs that provide benefits for work-related injuries or illnesses.

Research: We may disclose your PHI to researchers in limited situations. These researchers are required to establish measures to protect your privacy.

Coroners, Funeral Directors and Organ Donations: We may disclose PHI of deceased members to coroners or funeral directors, so they can carry out their duties. In addition, we may disclose PHI to organizations that arrange organ donations and transplants.

Military Activity and National Security: We may disclose the PHI of military personnel to military authorities under certain circumstances. In addition, we may disclose your PHI to federal officials for national security or intelligence purposes, such as protecting the President of the United States or others.

Uses and disclosures with your authorization

Written Authorization: If you provide written authorization, we may disclose your PHI to the person you authorize. You may revoke this authorization in writing at any time. Revoking your authorization will not affect any action that was taken before the authorization was revoked.

To the extent (if any) that we maintain or receive psychotherapy notes about you, most disclosures of these notes require your authorization. Also, to the extent (if any) that we use or disclose your information for our fundraising practices, we will provide you with the ability to opt out of future fundraising communications. In addition, most (but not all) uses and disclosures of PHI for marketing purposes, and disclosures that constitute a sale of PHI, require your authorization.

To Family and Friends: While the law permits us in certain circumstances to disclose your PHI to family, friends and others, we will do so only with your authorization. In the event you are unable to authorize such disclosure, but emergency or similar circumstances indicate that disclosure would be in your best interest, we may disclose your PHI to family, friends or others to the extent necessary to help with your health coverage arrangements.

Other Uses and Disclosures: Your written authorization is required for other uses and disclosures of your PHI that are not described in this notice. We will not use your PHI to sell you services or supplies that do not relate to your health care coverage or your health status. We will not give any other person your PHI to allow them to contact you in any way to try to sell you anything.

Your rights regarding your protected health information

Restrictions: You have the right to ask us to restrict the way we use or disclose your PHI for treatment, payment and health care operations, as described above. We will consider your request for restrictions, but we are not required by law to agree to them. If we agree to restrictions, we will put the restrictions in writing and follow them, except in an emergency situation. You may not restrict the uses and disclosures that we are required or allowed to make by law.

Confidential Communications: If you feel that you could be in danger as a result of your PHI being sent to your main address, you have the right to ask that we send your PHI to a different address or that we communicate with you in a certain way. We will accommodate reasonable requests when possible.

Access: You have the right to obtain a copy and review PHI that we have, with some exceptions. This may include an electronic copy in certain circumstances if you make this request in writing. You may not receive a copy or review psychotherapy notes or other information prohibited by law. We may charge a reasonable fee for copies and postage. We may deny your access request in limited situations.

Amendment: You have the right to ask us to amend your PHI if you believe that it contains a mistake or mistakes in it or that an important piece of information is missing. We may deny your request in certain cases. For example, we may deny your request if we did not create the information, such as medical information received from your doctor.

Disclosure Accounting: You have the right to ask us for a list of disclosures that we made of your PHI. Your request may be for disclosures made up to six years before the date of your request. We may charge you a reasonable fee for copies. This list will not include the following:

  • Disclosures for treatment, payment or health care operations;
  • Disclosures to you or your legal representative;
  • Disclosures that you or your legal representative authorized; and
  • Certain other disclosures as allowed by law.

Electronic Notice: If you receive this notice on our web site or by e-mail, you also may ask for this notice in written form. Please contact us at the address listed at the end of this notice.

Breach Notification: In the event of breach of your unsecured PHI, we will provide you notification of such a breach as required by law or where we otherwise deem appropriate.

Questions

For more information about privacy rights described in this notice, or if you want another copy of the notice, please call the telephone number on your Member ID card.

You may also contact Member Services at 4510 13th Avenue South, Fargo, North Dakota, 58121 or at 1-800-342-4718. In order to provide you with the best possible customer service, Member Services may need to transfer your call to the service unit that specializes on your benefit plan.

Complaints

If you believe that your privacy rights have been violated, you may file a written complaint with our Privacy Officer.

You also have the right to complain to the U.S. Secretary of Health and Human Services. We will not retaliate against you for filing a complaint. If you have any questions about the complaint process, including the address of the U.S. Secretary of Health and Human Services, please call our Privacy Officer at (701) 282-1484.

PDF Icon Blue Cross Blue Shield of North Dakota Notice of Privacy Practices

This notice is effective on July 1, 2013


 

Web Server Usage
We are committed to protecting your privacy and ensuring a secure environment. Our web site and online services are secure. Our strict privacy and security standards either meet or exceed federal safeguard requirements.
  • Only appropriate employees have limited access to your information. 
  • Our security software and technology is up-to-date. 
  • We maintain policies and protocols protecting your records. 
  • Facility access is secure, restricted and monitored 24/7. 
We do our best. Keeping your electronic and physical information confidential is a top priority. Please report any suspicious online activity to our Systems Security Office at 701-282-1427.
 
Web Site Privacy and Legal
BCBSND, takes your privacy very seriously. We actively protect the privacy of everyone who uses our web site. You do not have to give us personal information to visit our site. 
 
Our goal is to provide you with a safe and enjoyable browsing experience. When we collect information about you it is in an effort to make our products and services more efficient and customized to you. You are free to browse the BCBSND site without revealing any personal information about yourself. However, once you give us your personal information, you are not anonymous to us.
 
Automatic Information
We automatically track certain information based upon your behavior on our site. We use this information to analyze our users' behavior, interests, and demographics to better understand and serve you. This information may include the URL that you came from, which URL you next go to, what browser you are using and your IP address.
 
What about Cookies?
"Cookies" are small pieces of information that a web site will store on your computer's hard drive. BCBSND will use cookies to identify you during your session and make our services easier to use. Cookies are never used to store sensitive customer information such as names, addresses, credit card numbers or passwords. Acceptance of cookies is not a requirement to browse our site. Most browsers automatically accept cookies, but you can configure your browser to prevent that.
 
External Links
Our web site and publications contain numerous links to other network sites. We cannot be responsible for the privacy practices of other organizations or the content of external web sites.
 
We Value Your Opinion
We welcome your input about our Web Privacy Policy. We encourage you to submit comments or questions to webmaster@bcbsnd.com.