BlueCross BlueShield is committed to maintaining the confidentiality of patient information in all situations, such as in your doctor’s office, the hospital, with our employees and everyone we contract with to provide and manage your health care. We will only release such information in accordance with state and federal law and the guidelines established by BlueCross BlueShield. Here’s a summary of some of the guidelines we follow to keep your personal information confidential: Inclusions in routine notifications of privacy practices:
The Notice of Privacy Practices describes how medical information about you may be used and disclosed and how you can get access to this information.
- Uses and Disclosures of Protected Health Information (e.g., treatment, payment, health care operations)
- Individual Rights (e.g., member access, accounting of disclosures, confidential communications)
A copy of the Notice of Privacy Practices is now included in your initial enrollment package, or may be viewed from this web site by clicking here. You may also request a copy by calling the telephone number on the back of your identification card.
The right to approve release of information (use of authorizations):
An authorization is not required for treatment, payment or health care operations and in other instances as required by law. An authorization is required for the release of information in certain circumstances.
- When releasing information to someone other than the individual and as otherwise permitted by law
- When releasing sensitive information (e.g., HIV/AIDS, Alcohol/Substance Abuse)
Forms authorizing the release of these types of information are available here.
Access to Medical Records:
BlueCross BlueShield does not generate or modify, nor do we maintain complete copies of your medical records. We receive copies of your medical records in order to process claims and perform other routine functions in the normal course of business. If you want to obtain copies of your medical records, you should contact the practitioner or facility considered to be the source of these documents.
Protection of oral, written, and electronic information across the organization:
Corporate information assets in oral, written and electronic form are protected by establishing and enforcing corporate security and privacy policies and procedures, implementing security and privacy awareness training for all workforce members, and deploying the appropriate physical, administrative and technical security mechanisms.
Information for employers:
Protected health information is not released to employers unless you have authorized the release and/or the proper agreements are in place as permitted by law. When information is released to employers, it is released with certain restrictions so confidentiality will be maintained. However, enrollment/dis-enrollment and premium quote information is an allowable disclosure under certain law.