Please be advised that HMIG does not own or control all Consumer Platforms used by our customers. This means that HMIG does not manage data collection, use, or disclosure activities which may occur on platforms owned by a Non-affiliated Third Party2; however, we may receive information from the platform owner about Users who visit our resources located on their platform. For example, HMIG maintains a LinkedIn page, but we have no control over how LinkedIn collects, uses, or discloses information obtained from Users when they visit that HMIG page.
We cannot guarantee the security or confidentiality of Personal Information transmitted across Non-affiliated Third Party platforms that we do not own or control. For example, if a User initiates a message to HMIG through our LinkedIn page, LinkedIn may be able to view that content as the platform owner.
I. Information Collected
How you use a particular HMIG Consumer Platform will determine whether or not we collect Personal Information from you, and how much we collect. For some features, we may not require any Personal Information, nor will we ask questions about you. However, for others, we need to either verify your identity through a login process, or collect sufficient Personal Information to provide a response or to administer the service associated with that feature.
B. Secure messaging and feedback/inquiry forms
HMIG invites Users to contact us using secure messaging or feedback/inquiry forms available on our corporate-owned platforms regarding account questions or concerns, or inquiries about HMIG’s products or services. We may disclose Personal Information to contracted Service Providers3 to allow them to perform a service or function for which they have been engaged. The information provided through secure messages and feedback/inquiry forms will be used by HMIG or its contracted Service Providers to review and respond to Users’ communications and/or to help deliver products or services.
A cookie is a piece of information about an internet session that may be created when an individual accesses a website. Cookies can capture information such as your IP address, your internet browser and operating system type, the date and time you visit a website, session information such as page response times, your search history, your saved preferences and password information (if you elect to have a website remember this information), information about the referring URL (uniform resource locator) and the URL clickstream to, through, and from our Consumer Platforms, and other similar details.
HMIG may use third-party advertising cookies to serve ads on other websites and digital properties. These advertising companies may use information obtained from cookies placed on your web browser in order to measure advertising effectiveness and to provide advertisements of interest to you on other platforms. If you would like to review and manage third-party cookies used for targeted advertising, you may navigate to the following links provided by the Network Advertising Initiative (http://optout.networkadvertising.org/?c=1) and the Digital Advertising Alliance (http://optout.aboutads.info/?c=2&lang=EN).
E. Note about Children’s Online Privacy Protection Act and other laws
Please be advised that HMIG’s Consumer Platforms are intended for general audience Users. Our Consumer Platforms are not directed at children under the age of 13, nor do we make attempts to collect, use, or disclose information from children under the age of 13, in accordance with the federal Children’s Online Privacy Protection Act (COPPA). HMIG also makes attempts to comply with applicable state laws governing advertising and marketing to children, including the Delaware Online Privacy Protection Act, which prohibits marketing to children under the age of 18.
II. Use of Information Collected
HMIG does not sell Personal Information of Users collected through our Consumer Platforms. In the event that HMIG were deemed to sell information under applicable law, Users may submit requests to HMIG directing us not to sell Personal Information by sending an email to the address hyperlinked at the end of this document – please provide sufficient information to allow us to verify your identity, along with details supporting your request, so that we can respond accordingly. All information submitted to us may be retained to provide a record of communications and to comply with any applicable legal and/or regulatory requirements, and may also be verified for accuracy.
In addition: HMIG uses Personal Information of Users collected through HMIG’s Consumer Platforms to i) provide relevant product and service-related information, ii) provide information regarding general health or insurance-related topics, iii) provide updates, news, event notices and announcements, iv) update information we have about Users, and v) monitor the effectiveness of our Consumer Platforms and features.
If you receive e-mail updates, news, announcements and/or event notices from HMIG, we will use the name, demographic, phone number, e-mail address, and other contact information you provide us in order to deliver that information. You may remove yourself from these communications at any time by following the removal instructions included in our communications. Your name, demographic, phone number, e-mail address and other contact information will be used only for HMIG-related communications and will not be given, sold, or rented to any external party without your prior approval.
Personal Information may also be anonymized by HMIG (i.e. stripped of individual identifiers), aggregated with other data, and used for general research, quality improvement, marketing, or other internal business purposes without permission.
III. Access to Information Collected
Certain HMIG employees may be provided with Personal Information of Users in order to respond to their needs, assist with customer service and related account issues, and provide requested information regarding specific products or services. Certain employees will also be provided with Personal Information of Users in order to monitor the effectiveness of our Consumer Platforms and features. HMIG employees are required, by written confidentiality statements, corporate policies, and state or federal laws or regulations, to maintain the confidentiality of Personal Information, and to use strict standards of care in handling information. Employees who do not conform to these confidentiality requirements are subject to disciplinary sanctions, up to and including dismissal.
B. HMIG’s parent company and its affiliates
HMIG may disclose Personal Information of Users collected through its Consumer Platforms to its parent company, Highmark Inc., and its affiliates as necessary to carry out its business operations. It may also disclose Personal Information to contracted Service Providers that are contracted by HMIG to provide certain services or perform certain functions on its behalf.
Personal Information collected through Consumer Platforms by Highmark Inc. and its affiliates may also be disclosed to HMIG as necessary to carry out their business operations. All Personal Information will be disclosed in order to respond to a User’s needs, and/or to provide information about products or services offered by or through HMIG, Highmark Inc. and its affiliates, or contracted Service Providers. Personal Information is treated with the same strict standards of confidentiality that HMIG applies to other types of confidential information. Highmark Inc. and its affiliates are subject to substantially similar corporate policies regarding privacy and confidentiality, and their contracted Service Providers and business associates are legally bound by contract to follow the same, or no less restrictive, standards of confidentiality as followed by HMIG.
C. Third parties
Other than as set forth herein, HMIG does not transmit any Personal Information collected through its Consumer Platforms to any third party without the permission of the User. However, Personal Information may be transmitted if there is a specific need to complete a transaction requested by the User or if necessary for providing a service or benefit to the User. For example, group insurance plan administrators have access to online enrollment applications and certain other Personal Information which is required for their plan administration purposes.
D. Consumer Platform communication services
HMIG has access to communications sent by or to Users who choose to utilize any Consumer Platform communication features. HMIG will not release the content of specific communications to any third party without the User’s consent, other than as set forth above, or unless permitted or required under applicable state or federal law or regulation. Please be reminded that the platform owner may be able to view the content of communications, and HMIG cannot guarantee the security or confidentiality of Personal Information transmitted across platforms which we do not own or control.
IV. Compliance Assurance
B. Account access
Consistent with the requirements set forth under certain state and federal laws, HMIG grants access to Personal Information only to those employees, corporate affiliates, and contracted Service Providers as necessary to provide appropriate products and services, or as Users authorize. All such employees, corporate affiliates, and contracted Service Providers are subject to confidentiality statements, privacy policies, and/or other contractual obligations at least, or no less restrictive, as the standards followed by HMIG.
C. Internal compliance with privacy and security programs
D. Questions and concerns
(© 2014 HMIG – last revised September 2019)
 Non-affiliated Third Party refers to an entity that offers a tool, service, product, or forum that HMIG may utilize, but there is no ownership relationship between HMIG and the entity (e.g., Facebook, LinkedIn, Google Analytics).
 Service Provider means a vendor that has been contracted by HMIG to provide a service or perform a function on behalf, or for the benefit, of HMIG, including but not limited to technical support, system or account administration, website design/maintenance, marketing, and data analytics.