17:06 PM

When it comes to privacy, Horizon members are in control



See how Horizon’s Privacy Center of Excellence is working to protect members’ most sensitive information

Imagine this scenario: To get “live” data for your telehealth visits, your general practitioner or maybe your insurance company offers to send you a smart stethoscope, thermometer or other wearable device.

You are asked for your contact information. Soon after, you receive your device along with a lengthy document that includes information on what the company does with the data. Maybe you read the document or maybe, like most people, you toss it.

Then you begin to receive a wave of unsolicited offers from unfamiliar health care companies for expensive new medical devices and treatments. You get invitations to join weight-loss programs, even though you are not overweight. Perhaps you get a call from a doctor you’ve never seen who suggests you might be suffering from some unknown ailment and suggests you enroll in a “free” program that turns out to be anything but.

Does it dawn on you that maybe your information has reached the hands of third parties that you had no intention of giving it to? Sure, the device probably expands your ability to access care and prevent future medical issues. But does it use the information it collects for far more? If so, is it even legal? Or ethical? It all depends on what you have been told and whether you truly understand your rights when it comes to your data.

Standing up for member privacy

Finding out that your data is being shared in the way this scenario imagines is something that the Privacy Center of Excellence at Horizon Blue Cross Blue Shield of New Jersey (BCBSNJ) is working to ensure never happens to its members. Unfortunately, many companies are treating health care like the wild, wild west, looking to monetize personal data to the highest bidder.

Horizon BCBSNJ isn’t one of them.

“We have a legal, ethical and moral obligation to protect our members’ most sensitive information,” said Carrie Parikh, the Chief Privacy Officer at Horizon BCBSNJ.

Horizon BCBSNJ does share information with members’ own health care providers for treatment and payment purposes and to help identify risks or find patterns that can help improve care or prevent poor health. But members have a significant amount of control over what information is and is not shared, Parikh emphasized.

“Members are trusting us with their info. It should be used predominantly for purposes they want it used for. We don’t always have to receive consent from a member to share their information, but we should be able to tell members exactly what we use their information for and who we share it with,” Parikh said. “We absolutely must ensure that we share it only within the confines of privacy laws like HIPAA. And we also have to ensure that anyone we share member data with, takes privacy and security as seriously as we do.”

Member privacy built into everything Horizon does

Today, consumers’ trust must be earned. A recent Fortune survey found that 75 percent of consumers have declining levels of trust with how companies manage their personal information, with 80 percent saying that they are concerned with how their personal information is used.

It’s no wonder. Like many industries, health care has faced a growing number of data breaches. In the first half of 2019, 11 of the top 13 breaches occurred at medical or health care organizations, exposing millions of patient records. These trends continued into 2020, with email hacks, phishing attacks and stolen laptops leading to the compromise of millions of additional patients and their medical information and Social Security numbers.

“Our goal is to be proactive, not simply reactive,” said Parikh. To help prevent these data breaches, the company has put strong safeguards in place by boosting end-to-end database security and authentication measures. And they’ve also begun to embed privacy into the design of Horizon’s programs and initiatives, making sure privacy is never an afterthought.

It also means staying out in front of current privacy regulations. In just the past two years, federal and state governments have proposed or passed a number of new privacy laws, including here in New Jersey. In this evolving landscape, Horizon’s Privacy Center of Excellence isn’t content with simply meeting the minimum standards of consumer privacy.

“We want to be one step ahead, elevating privacy by always keeping our members at the center of our decisions,” Parikh said.

How members can exercise their rights

This approach gives Horizon BCBSNJ members more control over their personal information. At the bottom of each Horizon BCBSNJ website, members can access the Privacy Center to understand their rights, including asking Horizon BCBSNJ to limit what information they share, requesting a copy of their health and claims records, or choosing someone to act on their behalf.

“Members deserve to know their rights and how to exercise them,” Parikh said.

If you ever have a question about Horizon’s privacy practices, you can email them to safeguard@horizonblue.com or directly to the Privacy Center of Excellence Privacy Office at Legal@horizonblue.com. And, members can be sure that their concerns will be seen – even by Parikh herself.

“Yes, the Chief Privacy Office answers questions. We respond to tweets, emails, phone calls and even social media inquiries. We’re not like other companies,” Parikh said. “We take a much more transparent approach to privacy.”