Notice of privacy practices (and privacy forms)
Independence Blue Cross (IBX) is committed to protecting the privacy of our members’ personal health information. This page contains privacy information and documentation related to HIPAA (Health Insurance Portability and Accountability Act of 1996) and our Independence Blue Cross Medicare website.
HIPAA privacy information and practices
Independence is committed to protecting the privacy of our members' personal health information. Part of that commitment is complying with the Privacy Rule of the Health Insurance Portability and Accountability Act of 1996 (HIPAA), which requires us to take additional measures to protect personal information and to inform our members about those measures. The Notice of Privacy Practices describes how Independence may use and disclose a member's personal health information and how a member of an Independence health plan can get access to this information. The Notice of Privacy Practices was recently updated to reflect the manner in which your health information is shared via secure electronic data sharing networks called Health Information Exchanges. You can also call to request a copy of the Notice of Privacy Practices by contacting Customer Service at the number on the back of your ID card.
Notice of privacy practices — For IBC Medicare health plan members (including: Keystone 65 HMO and Personal Choice 65SM PPO).
HIPAA compliance update
Independence Blue Cross (IBX) is committed to protecting the privacy of our members’ personal health information. Part of that commitment is to comply with the privacy rule of the HIPAA (Health Insurance Portability and Accountability Act of 1996). That rule sets standards for covered entities, such as IBX, to protected health information (PHI) and allow an individual access to his or her PHI.
IBX has completed activities required for compliance with the privacy rule and has implemented policies and procedures necessary to protect the privacy of our members’ PHI.
For more information contact the Privacy Office.
HIPAA also requires that all payers be capable of performing transactions electronically if requested by providers, groups, or insurance companies; and that transactions must use a standard “HIPAA-compliant” format with regard to file formats, codes, identification numbers, etc. Examples of transactions that fall under these regulations include enrollment records, eligibility information, premium payments, claim submissions, and claim status.
IBX completed all internal system changes and processes to accept and handle the required electronic transactions.
The HIPAA regulations also include a security rule. On April 21, 2005, the security rule set the standard to ensure the privacy of electronic protected health information. IBX has implemented the requirements of the rule and continually monitors and manages the required security controls. IBX continues to implement new technologies that improve the security of infrastructure beyond the requirements of the HIPAA security regulation.
For more information contact the Security Office.
HIPAA privacy forms
- Authorization form — to be used by members to authorize IBX to release member health information.
- Personal representative form — to be used by members who wish to appoint another person as member’s personal representative.
If you have questions or comments regarding HIPAA, please contact:
- HIPAA privacy: Submit an Email
- HIPAA security: Submit an Email
- HIPAA transactions and code sets: firstname.lastname@example.org — by clicking this link you will be leaving the Medicare-specific web pages.
Website privacy information
Our website was created to make it easier for Medicare beneficiaries to learn about the several plans for individuals and group members, including Medicare Advantage plans and Medicare supplements. Visitors and members also can get information regarding comprehensive medical coverage, wellness programs, and maintaining a healthy and active lifestyle.
If you are currently a member who has Keystone 65 HMO, Personal Choice 65SM PPO, or MedigapSecurity coverage, you may choose to register for the Members site, which will allow you to change your PCP, coverage, or address*. You can also email our Customer Service department, sign up for the automatic payment program*, or access the Evidence of Coverage manual or Update Magazine.
As with all online resources, we appreciate that visitors to our website are concerned about the privacy of personal information. Our Privacy Policies disclose our policy for collecting, using and disseminating information.
1. Collection of personal information from site visitors.
When you visit www.ibx.com, or any one of our websites, Independence Blue Cross may collect and/or track: (1) your home server domain names, your email address, your type of computer, the files downloaded, the search engine used, operating system, and type of web browser; (2) the email addresses of Visitors that communicate with Independence Blue Cross via email; (3) information knowingly provided by the Visitor in online forms, surveys, email, contest entries, and other online submissions (including demographic and personal profile data), and (4) aggregate information on pages accessed by a Visitor.
To better serve you, we use “cookies” to customize your browsing experience. Cookies are simple text files stored by your browser and they provide a method of distinguishing among Visitors to our sites. We use “cookies” to store a randomly generated tag on your computer such that when you revisit our sites, we may recognize the Visitor by the Internet cookie and customize the Visitor’s experience accordingly. The cookies created on your computer by using our sites do not contain personally identifiable information. You can refuse a cookie, or delete the cookies file from your computer at any time by using any one of a number of widely available methods. However, you should be aware that if you disable the “cookies” feature of your browser, you may not be able to use the portals within our site.
When a Visitor performs a search on our site, we may record information identifying the Visitor or linking the Visitor to the search performed. Independence Blue Cross may also record limited information for every search request and use that information only to solve technical problems with the service and to calculate overall usage statistics.
2. Use of personal data
Independence Blue Cross may use the information it collects online for a number of different reasons, including editorial and feedback purposes, marketing and promotions, performing a statistical analysis of Visitor usage, product development, content improvement, or to customize the content and layout of our site. Aggregate data that does not identify individual users may be used for internal purposes or provided to third parties.
Personally identifiable information, such as names, postal addresses, email addresses, phone numbers, and other personal information which Visitors voluntarily provide to Independence Blue Cross may be added to our databases and used for future communications regarding site updates, new products and services, the confirmation of transactions through the portals, upcoming events and for other purposes in accordance with State and Federal law.
3. Disclosure of personal data to third parties
Unless otherwise authorized by a Visitor, Independence Blue Cross will not sell, rent, license or disclose personally identifiable information to unaffiliated third parties.
Independence Blue Cross will not release personally identifiable information to any party unless required to do so by government authorities or legal process in accordance with applicable law.
4. Link disclaimer
Independence Blue Cross occasionally provides links to other entities on its sites for your convenience in locating health-related information, services and products. Please be advised that when you link to these other sites, you are leaving Independence Blue Cross’ site and that these other sites are maintained by organizations over which Independence Blue Cross has no control.
Certain products, services or treatments referred to on other sites that have a link on our site, may not be covered under certain plans offered by Independence Blue Cross. Members should refer to their benefit contract for complete details of the terms, limitations and exclusions of coverage. In addition, certain providers may not be network providers. Please refer to our provider directory or call Independence Blue Cross to make certain the professional listed is a network provider.
5. Security measures
Independence Blue Cross has implemented numerous security features to prevent the unauthorized release of or access to personal information. For example, all Independence Blue Cross employees are required to certify their understanding that personal information is considered confidential, that it is important to safeguard personal information, and that Independence Blue Cross will take appropriate action against any employee who fails to acknowledge these facts or adhere to the requisite standards of conduct.
The Independence Blue Cross portals use 128 bit encryption to help keep information secure. You will not be able to access certain pages of our site unless your computer has 128-bit encryption. You should also be aware that despite these and other security measures implemented by Independence Blue Cross, no security process is completely foolproof. We will continually assess our security procedures and modify them to protect your information and we ask that our Visitors take the appropriate measures to protect their information.
If you register for one of our portals, you will have the opportunity to receive or create a password to access or submit personal information. Visitors who register to use a portal should not divulge their password to anyone and Independence Blue Cross will never ask for your password in an unsolicited phone call or email. When you are finished with applications that are password protected, you should exit the page.
You should be aware that the confidentiality of any communication or material transmitted to/from Independence Blue Cross via this site or email cannot be guaranteed. Independence Blue Cross is not responsible for the security of information transmitted via the Internet. Visitors who prefer to communicate with Independence Blue Cross in another manner other than through our site can write to us via regular mail at: Independence Blue Cross, Electronic Communications — 38th Floor, 1901 Market Street, Philadelphia, PA 19103-1480. If you prefer email, you can write to us at IBX.eCorrespondence@ibx.com.
6. Opt-out right
Visitors may opt out of having certain personally identifiable information used by Independence Blue Cross for secondary purposes or used by Independence Blue Cross or its affiliates for marketing or other promotional communications by contacting Independence Blue Cross via regular mail or email at the addresses above. (This does not apply to collection of the type of web browser of visitors to Independence Blue Cross’ site).
7. Access to and ability to correct personal data
Upon request via regular mail or email, Independence Blue Cross will provide to Visitors a summary of any personally identifiable information retained by Independence Blue Cross regarding the Visitor. You will also be able to access personal information retained by Independence Blue Cross through the Member Portal. Members may seek to modify, correct, change or update information that Independence Blue Cross has collected by contacting us via regular mail or email at the addresses above. Some Visitors may also be able to update their information via the Member Portal.
8. Collection of personal data from children
To the extent that Independence Blue Cross is able to determine the age of Visitors by their submissions to or communications with Independence Blue Cross’ site, Independence Blue Cross will not knowingly (a) collect or post information from individuals under the age of thirteen (“children”) without their parent’s or guardian’s consent, or (b) provide any personally identifying information collected from children, regardless of its source, to any third party for any purpose whatever.
If registration is required for any services on the Independence Blue Cross Site, and a Visitor submits information to Independence Blue Cross’ website through such a registration process that indicates that such Visitor is a child, the child’s parent or guardian will be alerted to the child’s registration and will be provided instructions on how the parent or guardian can delete the child’s registration, if so desired. No information collected through Independence Blue Cross’ site from Visitors who identify themselves as children will knowingly be used for any direct marketing or promotional purposes. If there are no age restrictions on a contest which requires registration, and if a child wins, notification and prizes will be sent to the parent(s) or guardian(s) identified in the initial registration process.
9. Independence Blue Cross’ right to contact user
CMS ONC Interoperability and Patient Access API Rule (available for Keystone HMO CHIP, Keystone 65 HMO, and Personal Choice 65 PPO members only)
To learn more about the CMS ONC Interoperability and Patient Access API Rule regarding sharing personal health care data, choose a plan:
* Some features may not be available to you, depending on your plan. Refer to your Evidence of Coverage to learn more about your plan’s features.
Website last updated: 5/26/2021