Physician Directory   |   About Us   |   Horizon Links   |   Site Map   |   Careers   |   Community Involvement
logomaking health care workbeach
   Home  :  Members  :  Pharmacy Services image spacer
Red Lineimage spacer
Popular Sections Search

    Horizon Medicare Prescription Drug Plans
spacer image
Lifestyle ImageLifestyle Imagespacer image
spacer image
Introduction
Frequently Asked Questions
Summary of Benefits
Formulary Search
Notification of Formulary Changes
Pharmacy Search
Enroll Online
Evidence of Coverage
Download Forms
Contact Us
 Privacy Policy
Home
LIS Premium Summary Sheet
Prior Authorization and Step Therapy
Coverage Determination Process
Disenrollment Rights and Responsibilities
Exceptions Request
Appeals and Grievances
Drug Exception Request Form
Quality Assurance Policies and MTM
Part D - Out of Network
Information for Pharmacists
Good Medicine
Best Available Evidence Policy
Red Bar

Privacy Policy

spacer image
NOTICE OF INFORMATION PRIVACY PRACTICES

THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.

To Our Customers and Potential Customers:

Horizon Blue Cross Blue Shield of New Jersey and its affiliated companies * want you to know that we recognize our obligation to keep information about you secure and confidential. Unlike many other financial and health institutions, we do not sell information about you, and we do not share your information except to conduct our business — Making Healthcare WorkSM for you.

As required by law, we publish this Notice to explain the information that we collect and how we maintain use, and disclose it in administering your benefits. We will abide by the statements made in this Notice. Except as permitted by law and as explained in this Notice, we do not disclose any information about our past, present, or future customers to anyone. When we use the terms "Customer Information," we are referring to financial or health information that is "nonpublic," including any information from which a judgment could possibly be made about you. When we use the terms "Protected Health Information" or "PHI," we are referring to individually identifiable information concerning the provision of, or payment for, health care to you. We refer to Customer Information and PHI collectively as "Private Information."

Members of self-funded plans
If you are a participant or beneficiary of a self-funded group health plan, we may use and disclose your Private Information as described in this Notice. However, our use or disclosure is dictated by an arrangement with your employer or other sponsor of your benefits plan. That plan sponsor may have additional uses and disclosures of your Private Information that are not accounted for here. With respect to your individual rights, you should ask your plan administrator how to exercise those rights, along with any other question or problem you may have regarding your plan's privacy policies and practices.

What information do we collect?
In providing your health coverage, we collect Customer Information and PHI from the following sources:

  • Information we receive from you or your policyholder on applications or other forms;
  • Information we obtain from your transactions with us, our affiliates, or others, such as health care providers;
  • Information we receive from consumer reporting agencies or others, such as state regulators and law enforcement agencies.

How do we protect Private Information?
Our employees understand the need to maintain your Private Information in the strictest confidence. They agree to be bound by that promise of confidentiality and are subject to disciplinary action if they violate that promise. We also maintain physical, electronic, and procedural safeguards to guard your Private Information. Finally, in those situations when we rely on a third party to perform business, professional, or insurance services or functions for us, that third party must agree to protect and safeguard your Private Information. That business associate must also agree to use it only as required to perform those functions it performs for us and as otherwise permitted by law. In these ways, we carry out our confidentiality commitments to you.

When must we seek your authorization before disclosing Private Information?
There may be circumstances when we will seek your authorization before making a disclosure of your Private Information. This is to ensure that we have your permission to make that disclosure. For example, you may have asked someone who is not your personal representative (and is not the policyholder or certificate holder) to contact us on your behalf to discuss the way we have paid your claim. Before we begin discussing your Private Information with that person, we would seek your authorization to do so, unless otherwise permitted or described in this Notice.

If you give us your authorization, you are permitted to revoke that authorization at any time in writing. We will honor your revocation once it is processed, except to the extent that we have taken action in reliance upon your original authorization.

Uses and disclosures of Private Information that do not require authorization
Most of our use and disclosure of your Private Information occurs in administering your coverage. In those instances, we are not required to seek your authorization. For instance, we are generally permitted to make disclosures of your Private Information without authorization for purposes of treatment, payment, and health care operations. In this Notice, we provide examples of those purposes, although not every use or disclosure that falls into those categories is listed.

Please note that we will limit the disclosure of certain information in accordance with laws governing the special nature of the information (e.g., HIV/AIDS, substance abuse, or genetic information). Also, where a state permits minors of a certain age to seek treatment without parental consent, information that would normally be provided to our customers may be limited. That is because we must protect the privacy of that minor's information in accordance with those state laws.

• Payment Activities
We use and disclose Private Information in connection with your health care coverage to determine your eligibility for coverage and benefits, and to see that the treatment and services you receive are properly billed and paid. To do this, we may share Private Information with health care providers, their billing agents, insurance companies, and others. Our payment activities can also include the use of Private Information for: risk adjustment, billing, claims management, collection activities, utilization review, medical necessity determinations, underwriting, and other rate-setting activities. For example, a claim for medical services rendered to you may be submitted from a billing service on behalf of your provider. Our claims processors will then use your Private Information to process your claim. If we need additional information to process it, we may contact your provider to obtain that information. When we do that, we disclose Private Information to your provider in order to identify and discuss your claim with him or her. Your provider then discloses the needed, additional Private Information that will enable us to properly process your claim. In this example, each of these entities involved — your provider, his or her billing service, and Horizon BCBSNJ and/or its affiliated companies — is covered by and must protect the privacy of your Private Information, either because they are "covered entities" or "business associates" of covered entities under the federal privacy regulations.

• Health Care Operations Activities
We use and disclose Private Information to conduct our health care business, including all the activities that are defined by federal regulation as "health care operations." They include, but are not limited to, case management and care coordination, utilization review, quality assessment and improvement, network provider credentialing, population-based research to improve health or reduce health care costs, and contacting providers and members with information about treatment alternatives. For example, we may use Private Information to remind you about the value of preventive care or the availability of a disease management program. Other health care operations activities include use of Private Information for compliance and auditing activities, evaluating provider performance, underwriting, formulary development, information systems management, fraud and abuse detection (by ourselves or for other plans or providers), facilitation of a sale, transfer, merger, or consolidation of all or part of Horizon BCBSNJ and/or its affiliated companies with another entity (including due diligence related to the transaction), customer service, and general business management.

• Health-Related Activities
We may use or disclose your Private Information for a number of treatment-related activities. We are permitted to tell you about possible treatment options or alternatives, inform you of health-related benefits or services, inform you of a relevant disease management program that may be of interest to you, and seek your voluntary participation in such programs to help improve your health and assist in the coordination of your overall health care. For example, our diabetes disease management business associate may, after reviewing PHI that we had provided, determine that you may suffer from diabetes. You may then receive a notice that we have enrolled you in our disease management program. If you do not want further contact about, or to participate in, the program, you only need to notify us. Our business associate may not use or disclose your information further, as it may only use that information as permitted by its contract with us.

• Treatment, Payment, and Health Care Operations of Other Covered Entities
We may disclose your PHI for another covered entity's treatment, payment, and health care operations purposes. For example, we may disclose your PHI when it would facilitate payment for services under another health plan. In addition, we are permitted to disclose PHI to other covered entities, so that they can conduct certain aspects of their health care operations. We may also disclose it to them for purposes of fraud and abuse detection or compliance. But we will only disclose PHI to another covered entity for these purposes if that covered entity has or had a relationship with you.

• Disclosures to Family Members
Unless you notify us in writing otherwise, we may disclose your Private Information to a family member, close personal friend, the subscriber of your health benefits plan, or any other person you identify who is involved in your care or payment for that care. We can only disclose your Private Information that is relevant to that person's involvement with your care or pay for that care. In the context of spouse-to-spouse and parent-to-child relationships, including both minor and adult children, we will deem the spouse or parent to be the personal representative of the other spouse or the child, as applicable. We will do this unless you notify us in writing that you do not wish that individual to serve as your personal representative for purposes of receiving your Private Information. Contact Member Services as described in this Notice to designate or undesignate a personal representative involved in your care or coverage.

• Additional Reasons for Disclosure
We may also use or disclose Private Information to:
  • The certificate holder or policyholder of your coverage, if it is information regarding the status of an insurance transaction, as permitted by law;
  • Military authorities, if you are or were previously a member of the armed forces;
  • Further public safety or, when requested by federal officials, for national security or intelligence activities or for the protection of public officials;
  • Appropriate bodies for public health activities, including the reporting of child abuse or neglect, reporting adverse events or product defects, or for Food and Drug Administration reporting;
  • A health oversight agency for activities such as audits, investigations, licensure, or for disciplinary actions or civil, administrative, or criminal proceedings. These disclosures are necessary for the government to oversee the health care system, government benefits programs for compliance with standards, and compliance with civil rights laws;
  • Contact you for fundraising purposes;
  • Appropriate bodies in response to a subpoena or court order, or in response to litigation that directly involves us or your group health plan;
  • A correctional institution or a law enforcement agency, if you are an inmate or are in the custody of law enforcement;
  • The plan sponsor employees who are designated by the plan administrator as those who are assisting in plan administration. The federal privacy regulation requires your plan administrator to secure certain representations from the plan sponsor to protect your information. The plan administrator must see that the plan sponsor complies with certain privacy requirements and agrees not to use that information for employment-related decisions;
  • Conduct permissible marketing type activities, either ourselves or through other companies on our behalf, such as health-related products or services, or to other financial and health institutions with which we have joint marketing agreements.

You should understand that, except in the circumstances described in this document, we will not disclose your Private Information without a written authorization from you. And except for disclosures of PHI made directly to you, for your treatment, or pursuant to your authorization, federal rules require us to use and disclose only the minimum PHI necessary to accomplish our purpose. For example, if we need to disclose your PHI to our utilization review care manager to help determine the medical necessity of one particular claim, we would likely not disclose your entire claim history and medical record. That is because your entire record is probably not necessary in order to make the determination for that one claim.

Appointed Representative
You may name a relative, friend, advocate, doctor, or anyone else to act for you. If you want someone to act for you, then you and that person must sign and date a statement that gives the person legal permission to be your appointed representative. If you have any further questions in regards to appointing a representative, please contact member services at 1-800-365-2223, TTY/TTD users should call 1-800-855-2881, 24 hours a day, 7 days a week. Please click here for the form.

Legal Rights Related to Private Information
• The federal privacy rules entitle you to request access, inspection, and copying of your PHI that we may maintain about you that is included in what is called a "designated record set." But we are not required to maintain it, except for certain documentation related to privacy rule compliance or as may otherwise be required by law.

 

You may have a state law right to request, in writing, to inspect and obtain a copy of Customer Information about you. This does not include information that relates to, and is collected in connection with or in anticipation of, a claim or civil or criminal proceeding involving you. It also does not include information which we are prohibited by law from releasing. You must reasonably describe the information you seek in your written request, and the information must be reasonably locatable and retrievable by us. We may charge you a fee to cover the cost of providing this Customer Information.

• The federal privacy rules create a right to request amendment of your PHI included in the designated record set. We may deny your request pursuant to those rules if we determine that our records are accurate and complete or were not created by us, the information is not contained in our designated record set, or if access is otherwise restricted by law.

  State law may entitle you to request that we amend or delete Customer Information about you that we have in our records if you believe that the information is incorrect or incomplete. We may deny this request. However, if we do so, we must advise you of the reasons for the denial and advise you of your right to file a statement of rebuttal.

• The federal privacy rules entitle you to request restrictions on our use and disclosure of PHI for treatment, payment, or health care operations purposes (described in this Notice). We will consider each request, but we are not required to agree to any restrictions.

• The federal privacy rules entitle you to request to receive confidential communications of PHI if disclosing this information by the usual means could endanger you. We will accommodate all reasonable requests, subject to the restrictions and capabilities of our information processing systems. A verbal request may be considered, but must be followed up in writing.

• The federal privacy rules entitle you to request to receive an accounting of certain disclosures of your PHI made by us, such as disclosures to health oversight agencies. These do not include disclosures made for purposes of treatment, payment, or health care operations. A similar right may exist under state law.

If you wish to exercise any of the legal rights described in this Notice, you must do so in writing. To obtain further information about these rights, or if you would like to make such a request, please contact:

Member Services
PO Box 820
Newark, NJ 07101-0820

or

Privacy Office
Three Penn Plaza East, PP-16F
Newark, NJ 07105-2200

Keeping up to date with our Privacy Practices
Horizon BCBSNJ and its affiliated companies will provide you with a Notice of Information Privacy Practices annually, as long as you maintain an ongoing customer relationship with us. Our policies may change as we periodically review and revise them, and as we complete our implementation of the federal rules on privacy of PHI. We will provide you with a new Notice if the changes are significant.

It may be necessary to use or disclose your Private Information for the purposes described in this Notice even after coverage has terminated. Thus, we do not necessarily destroy your Private Information upon the termination of your coverage. However, any information we keep must be kept secure and private, and used only for permissible purposes.

Complaints
You may file a complaint with Horizon BCBSNJ and its affiliated companies if you feel that your privacy rights have been violated. All complaints must be submitted in writing. A verbal complaint will be processed, but we will request that it be documented in writing. To file a complaint, contact:

Member Services
PO Box 820
Newark, NJ 07101-0820

or

Privacy Office
Three Penn Plaza East, PP-16F
Newark, NJ 07105-2200

You may also complain to the U.S. Secretary of Health and Human Services, who is responsible for overseeing compliance with the federal privacy law. You will not be retaliated against for filing a complaint. If you have any questions or comments about this Notice, or want to request another copy of it, you can call Member Services at 1-800-355-BLUE, or contact:

Privacy Office
Three Penn Plaza East, PP-16F
Newark, NJ 07105-2200.

*The Horizon Blue Cross Blue Shield of New Jersey affiliated companies, independent licensees of the Blue Cross Blue Shield Association, are:

Horizon Healthcare Services, Inc. d/b/a/
Horizon Blue Cross Blue Shield of New Jersey

Horizon Healthcare of New Jersey, Inc.,
including its Horizon Mercy Medicaid line of business

Horizon Healthcare Dental, Inc.

Horizon Casualty Services, Inc.**

** This affiliate is not a covered entity subject to the federal privacy rules.

 
Spacer Image
Last Updated: December 22, 2008