HIPAA Compliance Statement

What is this about?

This information lets you know that we meet the federal requirements for the security and privacy of your protected health information.

Blue Cross Blue Shield of Michigan and Blue Care Network have implemented the Administrative Simplification requirements of the Health Insurance Portability and Accountability Act of 1996 as described below:

  • The Electronic Transactions and Code Set Standards were implemented by the October 16, 2003 extended compliance date.
  • The requirements of the HIPAA Privacy rule were implemented by the April 14, 2003 compliance date.
  • BCBSM and BCN successfully undertook a major and complex effort to meet HIPAA security rule requirements by April 20, 2005. 
  • Consistent with guidance provided by the Centers for Medicare and Medicaid Services (CMS) and the Office of HIPAA Standards, BCBSM and BCN are currently operating under a contingency plan for NPI compliance.

Changes to the Health Insurance Portability and Accountability Act of 1996 have been included in the Economic Stimulus Bill signed on February 17, 2009. Blue Cross Blue Shield of Michigan is aware of the new requirements and efforts are underway to implement the new HIPAA requirements as mandated.

For more information regarding our privacy practices, visit Notice of Privacy Practices.

Authorized and Personal Representatives

Members may also allow BCBSM to disclose Protected Health Information (PHI) to two sets of representatives: Authorized Representatives and Personal Representatives.

Authorized Representatives are assigned to help communicate with the member's health care company.

Authorized Representatives may:

  • Receive information as described on the Authorization form

  • Not make decisions on behalf of the member

  • Not make decisions related to the member's health care and treatment

They can only be submitted on the Member Consent for Release of Protected Health Information (PDF).

Personal Representatives can be:

  • Submitted via various documents (see below) based on the type of representative
  • A person who can get information and make changes to the contract to the degree specified

A representative must complete the Request for Release of Member's Protected Health Information (PDF) and include one of the documents listed below.

Authorized and personal representatives breakdown
Durable Power of Attorney A written document in which one person (the member) appoints another person to act as an agent on his or her behalf.
Patient Advocate A written document that appoints a person or entity to help a patient work with others who have an effect on the patient’s health, including doctors, insurance companies, employers, case managers, and lawyers.
Executor of a Deceased Individual's Will A court order indicating that per an individual’s will he/she chose an executor (or executrix) to administer that will after his/her death. The executor should be named in the will itself.
Trustee of Deceased Individual A document that designated a trustee to administer the trust and manage the trust property for the benefit of any beneficiaries.
Guardian A person who has been appointed by a judge to take care of a minor child and/or manage that person’s affairs.
Conservator A conservator is a person or entity appointed by a court to manage the property, daily affairs, and financial affairs of another person.


Privacy issues: To report a concern or if you think your protected health information has been compromised, please call 1-800-482-3787 or email privacy@bcbsm.com. Don't include any protected health information in your email. 

Other issues: For customer service, call the number on the back of your member ID card or 1-313-225-9000.