Privacy
Our goal is to maintain your trust and confidence when handling personal information about you.
Collection of information
When you visit our website, we collect information such as IP address, geographic location, Internet service provider, and pages visited. We use "cookie" technology to collect site statistical information and improve your customer experience. Cookies set by Blue Cross Blue Shield of Massachusetts don't capture any personally identifiable information, such as your individual email address.
We automatically collect some statistical data as you browse our websites. For example, we automatically collect your Internet protocol (IP) address used to connect your computer to the Internet, browser type and version, operating system and platform, average time spent on our site, pages viewed, information searched for, access times, clickstreamdata, and other relevant information about your online experience. The information we collect is used to help us improve the design of and access to the website and other uses not prohibited by law.
You may browse our website anonymously by choosing not to provide us with any personally identifiable information (PII), such as your name or email address, or choosing not to register during your visits to our sites. When you browse this way, we won't link your online activity with the accounts you may have with us.
Sharing / selling of information
Blue Cross Blue Shield of Massachusetts doesn't sell or share personal information outside of Blue Cross Blue Shield of Massachusetts except as permitted by law or as specifically authorized by you.
Suspected privacy violation
To report a suspected privacy violation, please call 1-866-635-3114.
For general inquiries related to privacy and our privacy practices, please call Member Service at the number on the front of your ID card.
Confidentiality and registration
We have combined state-of-the-art technology with industry best practices in order to provide security for transactions on bluecrossma.com. You can use your User Name and Password to access several online features. To further protect your privacy, some features require a one-time activation of a personal identification number (PIN) that we assign and mail to you when you register for our website. This makes it more difficult for anyone to access your account without authorization. You'll receive the PIN in the mail three to five business days after you register.
When you register with us, your information is stored in a secure server environment and is protected behind a firewall. The information that is transmitted back and forth is scrambled with the aid of encryption technology. Because of this, we require that your browser be capable of supporting 128-bit encryption. When you're accessing pages on bluecrossma.com, you can tell if you're in a secure area by looking for the padlock symbol at the bottom of your browser window.
As Blue Cross Blue Shield of Massachusetts continues to introduce new functionality to this website, including email capabilities, additional features and other safeguards will be introduced to further enhance privacy and security.
Cookies and clear GIFs
"Cookies" are small files that are stored by your web browser to help a particular system recognize you and the pages you visited in a website. This website may use cookies to make your online experience more convenient. Additionally, this website may use data from cookies for a variety of internal purposes, such as studying how users navigate this website. We don't collect any personal information from cookies. Further, no other information collected from cookies can be linked back to your personal information. Most browsers automatically accept cookies, but if you prefer, you can set yours to refuse cookies. Even without a cookie, you can still use most of the features on this website. To sign in and securely use the portal, you'll need to enable cookies on your browser.
"Clear gifs" are tiny graphics with a unique identifier, similar in function to cookies, that are used to track the online movements of website users. The main difference between the two is that clear gifs are invisible on the page and are much smaller than cookies. This website doesn't collect any personal information from clear gifs. Further, no information collected from clear gifs can be linked back to your personal information.
This website may use third-party web analytics services to track and analyze anonymous usage and volume statistical information from visitors to help the administration of this website, improve this website's performance, and to report website traffic. These web analytics services use cookies, clear gifs, and other web monitoring technologies to help track visitor behavior on behalf of this website. These services don't use these technologies to collect any personally identifiable information from this website's visitors.
Use of personal information
If you choose to provide us with personal information over the Internet, such as by registering for a personalized account or online program or signing up for emails from Blue Cross Blue Shield of Massachusetts, we collect the information that you provide to us. We use this information when you register with us over the Internet to maintain, improve, and administer our website, operate our business, provide products and services you request, administer your account, inform you about products and services that might be of interest to you, and personalize your online experience.
With the information we collect, we can:
- Recognize you when you return to our site so we can personalize your experience
- Process applications and transactions
- Respond to your requests
- Provide you relevant product and service offers on our site.
To carry out certain business functions, we sometimes hire other companies to perform services on our behalf. We may disclose this personal information, such as the email address you have supplied when registering, to these companies to enable them to perform these services, but they're required to safeguard this data and are generally not authorized to use it for any other purpose than completing their contractual requirements to Blue Cross Blue Shield of Massachusetts.
We don't share, sell, or otherwise distribute your information with entities outside of Blue Cross Blue Shield of Massachusetts who may want to market to you their own products and services. Blue Cross Blue Shield of Massachusetts uses your information to process applications, complete transactions, respond to your requests, deliver the products and services in which you enroll or for which you apply, and also to notify you of information, updates, or special offers, that we think may interest you. We also use your information to provide you with a more effective experience while on our website. To do this, we may process your information or combine it with other publicly available information. This enables us to customize your Blue Cross Blue Shield of Massachusetts experience.
A copy of Our Commitment to Confidentiality is available for your review. This Commitment to Confidentiality details the privacy policies of Blue Cross Blue Shield of Massachusetts with respect to its members. We recognize that some users of our websites may not be Blue Cross Blue Shield of Massachusetts members. Personal health information that we receive about our members is always treated in the manner described in this document.
Una copia de Nuestro Compromiso a la Confidencialidad está disponible para su revisión.
Security measures
Protect your passwords
Make your passwords as obscure or abstract as possible. Avoid obvious numbers and words, such as a maiden name, birth date, or an anniversary, which would be easy to guess. Never give your passwords to anyone, including family or friends.
Don't email personal or health data
Most email isn't secure or encrypted and shouldn't be trusted to send personal or financial information. Email you send from within MyBlue (after you have signed in) on bluecrossma.com, however, is encrypted. This is the most secure way to contact us online. Otherwise, you can call to speak to a representative.
Steps Blue Cross Blue Shield is taking to protect you
- Customer access to account information
No matter how you contact Blue Cross Blue Shield of Massachusetts—online, or by phone—we verify your identity before granting you access to your information. - Timed sign-off
bluecrossma.com automatically signs you off after an extended period of inactivity. This reduces the risk that others could access your information from your unattended computer. - Firewalls
To block unauthorized access, all our computer systems are protected by firewalls, electronic barriers that prevent unauthorized access to our networks.
Encryption
Blue Cross Blue Shield of Massachusetts employs some of the strongest methods of encryption commercially available today. All online activity involving personal or sensitive information is encrypted from the point it leaves your computer until it enters our systems. For your general online security, be sure you see the letter "s" at the end of "https" at the beginning of the URL address before entering any sensitive information, indicating the site is secure (e.g., "https://www.bluecrossma.com"). Similarly, another indication that a website is secure is a padlock icon in the lower right corner of your browser.
Phishing
Protect yourself from phishing scams
Phishing is the mass emailing of messages that falsely claim to come from a legitimate business. These messages often provide links to phony websites, where you're asked to supply personal information such as passwords, credit card numbers, Social Security numbers, or bank account numbers.
Finally, know that Blue Cross Blue Shield of Massachusetts will never email you requesting that you confirm your personal information or password.
Never enter personal information unless you're sure the website is legitimate. You should also be certain the site is encrypted. Look for the letter "s" at the end of "https" at the beginning of the URL address. An example of such a URL address is "https://www.bluecrossma.com." This ensures that the site is running in secure mode.
How to recognize phishing email
Phishing messages have evolved drastically over the last year, and they're often difficult to recognize. The creators now incorporate realistic company logos and graphics, provide links to the real company's privacy policies, and even include "legal disclaimer language" at the bottom. To help determine if email is part of a phishing scam, ask yourself the following:
- Do I have a relationship with this company?
- Would I expect this company to contact me this way?
- Would I expect this company to use this tone or make this request?
If you're at all unsure, contact the company by phone.
How to protect yourself from malware and viruses
Common types of malware are:
Spyware
Software that may be installed on a computer without the user's consent to monitor use, send pop-up ads, redirect a computer to certain websites, or record keystrokes, which could lead to identity theft.
Trojans
Software disguised to perform one legitimate action, but actually performs another often malicious one such as enabling unauthorized people to access the affected computer through a backdoor and sometimes to send spam from it.
Viruses
A program that is attached to a file or program so it can spread from one computer to another often without the user's knowledge — often through an email attachment. Some viruses are programmed to be extremely damaging, while others are programmed to have annoying effects.
Steps you can take to protect yourself from these types of dangers are:
- Create a hard-to-guess password and make it unique
- Change your password periodically
- Keep your browser and Operating System up to date
- Update your anti-virus software regularly
- Use a personal firewall
Update on the Shellshock Bash software vulnerability
We're aware of the recent vulnerability from the Shellshock Bash software bug. Our analysis shows that no data has been compromised due to this vulnerability. We'll continue to monitor all of our systems and take this threat seriously. The security and privacy of your data is of the utmost importance to us.
Unsupported applications
For security reasons to guard the safety of your data, access to this website is limited to SSL-capable browsers such as:
- Google Chrome (download: Windows | Mac | Linux)
- Firefox 2.0+ (download: Windows | Mac | Linux)
- Internet Explorer 6.0+ (download: Windows)
- Safari 3.0+ (download: Mac | Windows)
Under no circumstance should you use any software, program, application or any other device to access or sign-in to this website, or to automate the process of obtaining, downloading, transferring or transmitting any content to or from our computer systems, website or proprietary software.
Browsers and security
Any time you enter or provide personal information on this website, it's encrypted using Secure Socket Layer ("SSL") technology. SSL protects information as it crosses the Internet. To support this technology, you need an SSL- capable browser. It's recommended that you use a strong encryption, 128-bit browser such as Microsoft's Internet Explorer 9 or higher, or Firefox 4 or higher. These browsers will activate SSL automatically whenever you begin shopping for a plan on this website and when you return to this website to complete an application.
You can tell if you're visiting a secure area within a website by looking at the symbol on the bottom of your browser screen. If you're using Internet Explorer, Firefox, or Chrome, you'll see either a lock or a key. When the padlock is in the locked position, your session connection is taking place via a secure server.
If you need a strong encryption browser please download one of the following browsers:
- Google Chrome (download: Windows | Mac | Linux)
- Firefox 2.0+ (download: Windows | Mac | Linux)
- Internet Explorer 6.0+ (download: Windows)
- Safari 3.0+ (download: Mac | Windows)
The use of beta browser versions isn't recommended.
Links to other internet sites
This site also includes links to other Internet sites. These links are provided as a convenience only. Blue Cross Blue Shield of Massachusetts doesn't endorse the products or any of the views expressed in these other sites. Nor does Blue Cross Blue Shield of Massachusetts warrant the accuracy of any of the information in these other sites. The sites are owned and controlled by other parties and each will have its own privacy and security policies, which may differ from those of Blue Cross Blue Shield of Massachusetts. Your access to and use of any other Internet sites, including the information, services, products, and materials on them, is solely at your own risk.