Privacy and Security

Highmark's Online Privacy Policy

View Notice of Privacy Practices (PDF)

View Policy Protecting Competitively Sensitive Information (PDF)

At Highmark Inc. we take the issue of privacy very seriously. We want to assure Users of our Web sites (meaning any individual, including site visitors as well as those individuals who provide personal information via this Web site, herein referred to as “User(s)”) that their information is secure and maintained in confidence, consistent with applicable state and federal laws. Please read through the following pages, which describe our online privacy policy.

Highmark has established policies and procedures to protect the privacy of our members' protected health information (PHI) from unauthorized or improper use. This includes PHI discussed verbally. For example, we have policies regarding verifying your identity before we discuss PHI over the phone. For more information about how we protect the privacy of your health information, please refer to your benefit materials.

I. Information Collected Online

A. General

How you use the Highmark Web site will determine whether or not we need to collect information from you and how much information we collect. For many features, we do not require any information on who you are or ask questions about you. For some of our features, we need to either verify your identity through a login process, or collect sufficient information from you to provide the service of that feature.

B. Email, Product Inquiry

Highmark invites Users to send secure messages to Highmark regarding Web site accounts or Highmark's products or services. Highmark retains copies of these secure messages for 1,000 days, but does not disclose secure messages to any non-affiliated third parties.

The information provided through the use of these secure messages and feedback forms will be used by Highmark representatives or other appropriate third parties who need to view this information to respond to the inquiry.

Highmark has established an online communications service for certain members to contact their physician's office regarding certain requests, such as a referral or prescription renewal. Other members also have the ability to discuss medical issues online with health coaches through the Blues On Call feature. Messages sent by or to members who choose to use these online services will be recorded in transaction logs, which may be reviewed to monitor the overall effectiveness of the services and the responsiveness of the physicians and health coaches.

Highmark also invites Users to send emails and access products and services from non-related service providers through links on the Highmark pages. Users should also review the privacy polices contained on these Web sites for information regarding how the service providers use the information.

C. Use of Cookies

A cookie is a small piece of information about an Internet session that may be created when an individual accesses a Web site.

Cookies can contain a variety of information, including the name of the Web site that issued them, where on the site the User visited, passwords, and even Users� names that have been supplied via forms. Note that most Web browsers can be modified by the User to prevent cookies from being attached to the User.

Our Web site and certain sites it provides links to use cookies to facilitate easier navigation within the sites, to provide a higher level of convenience for Users, and for internal reporting and statistical purposes. The use of cookies by the linked site is subject to the company�s own privacy policies and in some circumstances is subject to our contractual obligations with the company.

II. Use of Information Collected Online

Highmark does not sell your non-public personal information to anyone.

All information submitted by any individual to Highmark may be retained to provide a record of such communications and to comply with any applicable legal and/or regulatory requirements and may be verified for accuracy. In addition:

Highmark uses any information submitted by you on the Highmark sites as well as information submitted by you on sites of non-related service providers that are linked to Highmark to provide improved customer service, to provide relevant health care related information, to update information we have about you and/or your group, and to monitor the effectiveness of our online services. In some cases, Highmark may use such information to provide you with access to information on products and services offered by Highmark or our affiliates.

If you receive e-mail updates and special notices from Highmark, Highmark uses the name and e-mail information you supply to provide those e-mails through its own facilities or those of a contracted service supplier. You may remove yourself from these mailings at any time by following the removal instructions included in all such messages. You may also opt-out of other Highmark communications via the Secured Mail Menu by clicking New Message and selecting "Communications Opt-outs" from the Recipient Address drop-down box; then in the Message box, explain which types of communications you no longer wish to receive (e.g. newsletters, emails, etc.) and click Send when finished. Your e-mail address information will be used only for Highmark-related mailings and will not be given, sold or rented to any other party for any other use without your prior approval.

Information may also be "cleansed" by Highmark (stripped of any information which could identify you personally, such as your name or e-mail address), aggregated with other data, and used for general research, classification purposes, marketing, or other purposes without permission, but only in non-individually identifiable forms.

III. Access to Information Collected Online

A. Employees

Certain Highmark employees may be provided with information regarding Users in order to respond to the individual's needs and provide requested information regarding specific products or services. Certain employees will also be provided with information regarding Users in order to administer their or their group's benefit programs and to monitor the effectiveness of the online services. Highmark employees are required, by written confidentiality statements, corporate policies, and state or federal laws or regulations to maintain the confidentiality of personal information and to use strict standards of care in handling the information. Employees who do not conform to these confidentiality requirements are subject to disciplinary sanctions that may include dismissal.

B. Highmark Affiliates, Business Associates and Service Providers

Highmark may disclose personal information of its Users collected through its Web sites as permitted by law to affiliates including, but not limited to, Preventive Health Services, along with non-related service providers that assist Highmark in meeting the needs of its customers. Information collected by affiliates and non-related service providers may also be shared with Highmark as permitted by law. All such information will be disclosed to respond to the individual's needs and to provide information about products or services offered by or through Highmark, Highmark's affiliates and the non-related service providers. Personal information is treated with the same standards of confidentiality that Highmark applies to other confidential information. Highmark’s subsidiaries and affiliates are subject to Highmark's corporate policies regarding privacy and confidentiality and Highmark's non-related service providers and Business Associates are legally bound by contract to employ at least the same strict standards of confidentiality as employed by Highmark.

C. Third Parties

Other than as set forth above, Highmark does not transmit any personal information collected through its Web sites to any third party without the permission of the individual. Personal information may be transmitted, however, if there is a specific need to complete a transaction requested by the individual. Health plan administrators will have access to online enrollment applications, but not to other personal information collected online by Highmark.

D. Online Communication Services

Highmark has access to messages sent by or to members who choose to use any online communications services (e.g. Blues On Call). Highmark will not release the content of specific messages to any third party without the member’s consent, unless permissible or required under applicable state or federal law.

IV. Compliance Assurance

A. Security

Highmark uses commercially reasonable computer security technology selected and implemented to provide adherence to the security and privacy policies described in this online posting. Although we make reasonable efforts to protect your information from unauthorized use or alteration, you should be aware there is always some risk in sending information over the Internet.

B. Account Access

Consistent with the requirements set forth under certain state and federal laws, Highmark grants access to personal information only to those employees, affiliates and third parties as required to provide healthcare products and services, or as you permit. All such employees, affiliates and third parties are subject to privacy policies, at least as restrictive as the policy described in this online document.

C. Internal Compliance Program

Highmark maintains an internal privacy compliance program to ensure compliance with this privacy policy. This program includes oversight of the compliance program by a Chief Privacy Officer whose function is to create, maintain, and enforce privacy procedures in accordance with this policy. Highmark also has a Chief Information Security Officer who oversees our information security systems and procedures. Additionally, our compliance programs include on-going employee training, on-going maintenance and updating of security systems and practices and maintenance of customer feedback and complaint resolution process. Highmark reserves the right to amend this policy at any time.

D. Questions and Concerns

If you have questions about this online privacy policy, or concerns regarding your personal information, please send us your question by clicking Contact Us from the bottom of any of our Web pages.

close window