BlueCare Tennessee Privacy Policy Updated April 2017

As part of the day-to-day business operations of BlueCare Tennessee, including operation of the BlueCare Tennessee website, we receive and maintain certain information regarding our subscribers and members. Information received from the BlueCare Tennessee website depends in part on what you do when you visit or transact business on the BlueCare Tennessee website. BlueCare Tennessee respects the privacy of every individual who visits our website. Therefore, we would like to define the types of information we receive and describe how it is maintained in this privacy policy ("Privacy Policy"). This policy refers only to the information collected and maintained from this website.

USING THIS WEBSITE CONFIRMS YOUR CONSENT AND AGREEMENT TO OUR PRIVACY POLICY, INCLUDING COLLECTION, USE AND DISCLOSURE OF INFORMATION BY BLUECARE TENNESSEE AS DESCRIBED HEREIN. YOUR USAGE ALSO SIGNIFIES YOUR COMPLIANCE WITH OUR USER AGREEMENT.

Guests - Users of our website often visit solely to obtain general information about BlueCare Tennessee's operations and services. If you visit our website to read or download information, you enter our secured site as a guest. As a guest, we collect and store only the following information: the name of the domain from which you access the Internet (for example: aol.com, if you connect from an America Online account), the date and time you accessed our site, your browser type, your operating system type, some of your software versions affecting site performance and the Internet address of the website from which you linked directly to our site. We use this information to measure the number of visitors to the different sections of our site and to help us make our site more useful to visitors.

Members - Users who currently have health insurance coverage with BlueCare Tennessee can access our website to conduct transactions such as submit an application for coverage; check claim status, referrals and pre-authorizations; verify benefit information; and pay premiums. Prior to utilization of these services, BlueCare Tennessee may ask for personal information (such as date of birth, social security number, name, address with zip code, telephone number and e-mail address) to verify appropriate usage. You will be able to sign on and create a unique username and password. BlueCare Tennessee, its employee or affiliates may have access to your username. If you receive this notification by mail and did not register to access the services available on our website, please contact BlueCare Tennessee immediately via our Member Contact Page.

Members Under 13 Years of Age – BlueCare Tennessee often covers minor dependents through their parent or legal guardian's health insurance policy. Children under the age of 13 can access our site as guests. Should they wish to use a service or feature available through the BlueCare Tennessee website, we require that they do so with the permission of their legal guardian (i.e. username and password of legal guardian). BlueCare Tennessee will not knowingly collect or use any personal information regarding a user under the age of 13 without the consent of a parent or guardian. Should you have any additional questions, please contact us at webmaster@bcbst.com.

Email (Requests and Submissions) – Please do not send email to us with personal information. BlueCare Tennessee has no way to secure personal information sent via email because this information can be accessed by other users on the Internet. If you send us email to ask a question, we will only use the information you provide to answer your request. Personal information will not be provided to a non-affiliated third party without your prior consent, except as permitted by federal and state law. Because email via the Internet is not necessarily secure, you may want to request that a written response be sent to you instead of an email response, if personal or sensitive information is to be transmitted. You will need to request written correspondence be sent via the United States Postal Service. If you send email to us directly and do not use the contact form, please do not include any health or claim-related information in your email correspondence. If we are unable to determine the source of any email, we will send a return message requesting identification of the sender. Please note that we cannot accept attachments with email correspondence. If you have submitted information about yourself through our website and/or email message and would like for us to delete that information from our records, please send an email to webmaster@bcbst.com. We will make every effort to delete your personal information from our files.

Statistical Data – BlueCare Tennessee continually strives to enhance the features and services that are offered to our website users. In an effort to determine the effectiveness and functionality of our website, we monitor aggregated data regarding the use of our website. For instance, we track the number of visits to a certain page; direct links from other websites; and frequency of usage for independent services (i.e. claim status, application for coverage, etc). Questionnaires or surveys, during usage, are sometimes utilized to develop and improve the services offered. Although questionnaires and surveys assist BlueCare Tennessee in enhancing the services offered through our website, we understand that not everyone is comfortable participating. Therefore, questionnaires and surveys are not mandatory for our users and allow the user to choose not to participate. We may share statistical data with our affiliates, brokers, and providers for marketing purposes and the improvement and promotion of our website services. Although we reserve the right to share this information as indicated above, this statistical data, including questionnaires and surveys, does not contain any personal information that could disclose the user's identity.

Disclosure of Non-Public Personal Information

We restrict access to nonpublic personal information unless it is needed to complete a transaction that our member has authorized (i.e. race, ethnicity, language, claims administration, adjustment and management; detection, investigation or reporting of actual or potential fraud; misrepresentation or criminal activity; underwriting; policy placement or issuance; loss control; ratemaking and guaranty fund functions; reinsurance and excess loss insurance; risk management; case management; disease management; quality assurance and improvements; utilization review, actuarial, scientific, medical or public policy research; grievance procedures, audits, etc). Information is shared with entities (i.e. providers and vendors) that assist BlueCare Tennessee in supplying products and services to our members or that promote products and services on behalf of BlueCare Tennessee. Information is provided to nonaffiliated third parties as required or allowed by federal and state law. BlueCare Tennessee maintains physical, electronic, and procedural safeguards that comply with federal regulations to guard your nonpublic personal information.

We reserve the right to disclose personal information to entities that perform marketing services (i.e. brokers) on our behalf or to other institutions with which we have joint marketing agreements. BlueCare Tennessee requires each entity to execute a Confidentiality Agreement prior to disclosure. The following information may be shared: name, address and telephone number; social security number and date of birth; policy coverage, benefits, premiums and payment history; and limited medical information (i.e. provider name, date of service, referral and authorization information, primary care physician).

Retention of Information Collected

Any non-public personal information collected and maintained from this website will be retained for a minimum of six years from the date the information is received unless you perform a function on our website that requires the use of this information at a later date. In that case, the information will be retained for a minimum of six years from the date the information was last used in a function on the website. When required by federal or state law, there may be some instances in which your information will be retained longer than six years.

Use of Cookies

A "cookie" is a mechanism that permits a web server to send small pieces of information or text through your browser to be stored on your hard drive. This information or text allows the server to identify frequent visitors and enhance the user's experience on the website. BlueCare Tennessee may collect information through the use of cookies in order to enhance navigation of the site, to direct you to appropriate pages, and for session security and timeout purposes. In general, cookies used on this site are active only during your site session and are not persistent, i.e., they are not stored on your computer. Persistent cookies used on this site—ones that are active beyond the session and are stored on the system—are only used for gathering information about our users' computers, such as operating system, browser type, and software versions in order to enable proper performance of the site. Our cookies are not used to track your activity on any site other than BlueCare.bcbst.com nor will they be utilized to send unsolicited e-mail or provide us with the user's personally identifiable information. The information collected in these cookies is not linked to your personal health information, and we do not use clear GIFs or third party cookies, nor do we share information collected through cookies with third parties.

Your browser software can be set to disallow all cookies. Instructions on setting your browser to reject cookies are usually located in the "Help" section of the toolbar, depending on your browser type. If you choose not to accept our cookies, you should still be able to access most of the public areas of our site, although some of the features of interactive sections may be limited, and we will not be able to authenticate you for the non-public secure sections where a login is required.

Spyware

Spyware refers to types of software programs, downloaded to a consumer's personal computer either as a stand-alone application or as part of a software bundle, that collect (i) information about a consumer's internet activities or (ii) other personal information, without providing meaningful notice to the consumer or obtaining the consumer's consent. Spyware may gather personally identifiable information, such as email addresses and credit card information, and may even alter personal computer settings. Spyware is often extremely difficult to remove once installed. BlueCross BlueShield of Tennessee believes that Spyware is a threat to consumer privacy and forbids any employee, agent, partner, affiliate or contractor to deploy or use Spyware.

Direct Access to Other Sites

BlueCare Tennessee offers direct links to other separate and individual websites that offer information, which could be beneficial to our members. Since these direct links are separate websites independent of BlueCare.bcbst.com, they may not follow the same privacy guidelines set forth here. BlueCare Tennessee assumes no responsibility or control over the acts or privacy policies of the third party websites to which BlueCare Tennessee provides direct links. We suggest that you contact the appropriate controlling authorities of these sites or review their privacy policy.

Opt-Out

BlueCare Tennessee provides its members and users the opportunity to ''opt-out'' of having their information used for purposes not related to the BlueCare Tennessee website when BlueCare Tennessee requests such information. Users who wish to opt-out can do so by contacting us via our Member Contact Page. This opt-out only applies to information collected during the website registration process and does not affect information obtained by BlueCare Tennessee by any other means. BlueCare Tennessee will not use your information collected by the BlueCare Tennessee website for marketing purposes unless allowed by State and Federal Law. If you decide to opt-out, that decision will be effective until you revoke it by contacting BlueCare Tennessee via our Member Contact Page.

Correction/Updating Personal Information

If the personally identifiable information of a user of our services changes or a group's information changes, or if the user or group no longer desires to use the services on this website, BlueCare Tennessee will endeavor to provide a way to correct or update that user's personal data. Personal data that is removed from our systems cannot be removed from backup files stored prior to your request. To correct or update personal information, contact BlueCare Tennessee via our Member Contact Page.

Security

BlueCare Tennessee takes precautions to protect its users' personal non-public information. When users submit sensitive information to BlueCare Tennessee, the information is protected both online and off-line. When the registration/login form asks users to enter sensitive information, that information is encrypted and is protected with encryption software that meets or exceeds industry standards, both when sent (i.e., in transit) and when stored (i.e., at rest). While on a secure page, such as the login page, the lock icon on the bottom of web browsers such as Microsoft Internet Explorer becomes locked, as opposed to unlocked, or open, when you are just "surfing." In addition, BlueCare Tennessee supports the following browser with 128-bit encryption strength in order to access the secure parts of our site. BlueCare Tennessee is serious about protecting our members' privacy, and this level of encryption is an industry standard for the type of information we are exchanging. Accordingly, BlueCare Tennessee urges website users to utilize web browsers Internet Explorer IE11+, FireFox 38+, Chrome 43+, or Safari 8.0.7+ in order to access all features.

While BlueCare Tennessee uses SSL encryption to protect sensitive information online, BlueCare Tennessee protects user-information off-line. Only employees who need the information to perform their jobs are granted access to personally identifiable information. BlueCare Tennessee employees must use password-protected screen-savers when they leave their desk. When they return, they must re-enter their password to regain access to your information. Furthermore, all employees are kept up-to-date on BlueCare Tennessee security and privacy practices. Finally, the servers that store personally identifiable information are kept in a secure environment.

BlueCare Tennessee Reserves the Right To Modify Its Privacy Policy

BlueCare Tennessee reserves the right to change or update this Privacy Policy at any time. Any changes made to our privacy policy will be posted on this site in a manner that is easily identifiable. Please review our privacy policy on a regular basis to review any changes.

For information on The Health Insurance Portability and Accountability Act of 1996 (HIPAA), please refer to the BlueCross BlueShield of Tennessee, Inc. HIPAA information.