Online Privacy Practices
Select a topic below to learn more:
Privacy practices for Internet-based communications
Personal information the Blues collect and how it is used
Protecting online interactions
Voluntary online customer surveys
About banner ads
Links from our site
Where to direct questions about our online privacy practices
Revisions to online privacy practices
Blue Cross Blue Shield of Michigan understands the importance of keeping your health information private. We follow strict privacy policies in accordance with state and federal law. If you have questions or would like additional information regarding our privacy practices, please call 313-225-9000.
Our HIPAA Notice of Privacy Practices (PDF) details our privacy practices and your rights with respect to the handling of your personal information in accordance with the Health Insurance Portability & Accountability Act (HIPAA). If you are a member of a self-funded group health plan, your plan may have supplied you with their own Notice of Privacy Practices.
To exercise your rights under the HIPAA Privacy rule (for example, to authorize BCBSM or BCN to discuss your private health information with someone else on your behalf, to request confidential communications, to register a privacy complaint, etc.), visit our Protected Health Information and Privacy Forms page.
Learn more about our HIPAA compliance.
When you use the Internet to communicate with us, we make the following pledge:
- We consider any and all Internet communications as private and confidential unless otherwise clearly stated.
- We will monitor and audit security controls to ensure that Internet privacy protection is maximized at all times.
- We will publish our Internet security and privacy practices as new technologies evolve.
The Blues collect information from users of our site. We use personal information to customize your Internet transaction. Generally, we do not share with third parties the personal information you supply when conducting transactions on our website. And generally, unless you specifically key in personal information on our website, you browse our website anonymously, which means personal information is not collected. We may collect your personal information, such as name, address, etc., using a secure session when you initially register with us at this website or if you engage in a transaction that requires an electronic signature, for example.
In addition to personal information, we also gather information on the use of our website, including domain name, number of hits, pages visited, length of user session and so forth to evaluate the usefulness of our site.
When you use our online services, you may be asked to provide personal information that is necessary for us to process your request. To ensure your transaction remains confidential, the information is sent to us using an encrypted form in a "secure session" established with Secure Socket Layer (SSL). We also require the use of authentication, such as user ID and password, which allows us to verify your identity when you access our online services. We also use firewall technology to safeguard your information from outside access.
- Choose unique passwords. Don't use your Social Security number, birth date, middle name, names of spouse or children, or anything else that someone could easily guess as a password.
- Do not share your user ID and password with anyone else.
- After you have submitted information online, we recommend that you close your browser before leaving your computer. This practice ensures you are not leaving personally identifiable information on the computer for those who may use it after you. This is especially important if you are using a computer in a public place.
- Do not leave your computer unattended during an online session.
- Contact us immediately at 1-888-417-3479 if you suspect that someone has accessed your information online without your authorization.
We do not offer encrypted Internet email. As a result, when our website users send email inquiries to us, the return email address may be used to respond to the email inquiry. We do not use the return email address for any other purpose, nor will we share it with any third parties.
For private inquiries including those containing Protected Health Information, contact Customer Service.
We periodically conduct two types of surveys on our corporate website. General surveys on our site are randomly generated for all users. Specific surveys are offered to Blue Cross Blue Shield of Michigan members only within the secure member area.
We encourage you to participate in these surveys because they provide us with important information to improve the services we offer. Your personal information and responses remain strictly confidential. Participation in our surveys is voluntary.
All responses to our surveys are aggregated to create summarized results (such as gender, age or other demographic information). We then use the summarized results to improve the quality of our services to you.
A "cookie" is a piece of information that is sent to your browser along with a web page when you sign-on to a website. It is a unique identifier that a web server places on your computer. There are two types of cookies: (1) session cookies and (2) persistent cookies.
A session cookie is a text string (line of text) that is stored in computer memory temporarily. Session cookies are used to enable a website to track the pages you visit during a session so that information can be customized for you. Once you exit the website, the session cookie is destroyed.
Any site banner ads link you to areas of interest only within our website. We do not show banner ads for external websites.
We have links from our website to a number of different health care-related sites. We provide these links as a courtesy to help you find information. We are not responsible for the performance or content of sites linked from BCBSM.com since they are beyond our control. We recommend you read the privacy statements on the sites you visit to understand their individual privacy practices.
In compliance with the Children's Online Privacy Protection Act of 1998 (COPPA), we do not knowingly solicit data from children under 18 years of age and we do not knowingly market to children under 18 years of age.
We recognize that protecting children's identities and privacy online is important and that the responsibility to do so rests with both the online industry and with parents.
If you have any questions about our online privacy practices, call 313-225-9000.