Effective September 2013
1. OUR PRIVACY PRACTICES
SilverScript Insurance Company is committed to protecting the privacy and confidentiality
of your personal information in accordance with law and our own company policies.
This notice describes our privacy practices for both current and former enrollees.
It explains how we use health information about you and when we may share that health
information with others. It also informs you about your rights with respect to your
health information and how you may exercise these rights. We are required by law
to maintain the privacy of your health information and to provide to you this notice
of our legal duties and privacy practices regarding your health information so that
you are aware of how we maintain the privacy of your health information. We are
also required to notify affected individuals in the event there is a breach of their
unsecured health information.
When we refer to "health information" in this notice, we mean financial, health
and other information about you that is non-public, and that we obtain so that we
can provide you with health insurance coverage. It includes demographic information,
and other information that may identify you and that relates to your past, present
or future physical or mental health and related health care services.
Our workforce is required to comply with our policies and procedures to protect
the confidentiality of health information, and will be subject to a disciplinary
process if they violate these policies and procedures. We maintain physical, electronic
and process safeguards to protect against unauthorized access to your health information,
and authorized access is on a “need-to-know” basis only.
2. HEALTH CARE INFORMATION MAINTAINED AT SILVERSCRIPT
We obtain information from a variety of sources, not all of which apply to every
enrollee. The following reflects the general categories of information we collect:
- Information provided on enrollment forms, surveys and our Website, such as your
name, address and date of birth
- Information from pharmacies, physicians or other health care providers, Long Term Care facilities or health plans
- Information provided by your employer or other plan sponsor regarding any group
plan that you may have
- Information we obtain from your transactions with us, our affiliates, or others,
such as health care providers
- Information we receive from consumer or medical reporting agencies or others, such
as state regulators and law enforcement agencies.
3. HOW WE MAY USE OR DISCLOSE YOUR HEALTH INFORMATION
The following categories describe how we may use and disclose your health information.
We may use and disclose your health information to your pharmacy, doctors or other
health care providers to help them provide medical care to you. For example, we
may provide information about other medications you are taking to a pharmacist filling
your prescription so as to avoid harmful drug interactions. We may also share your
health information with health care providers to help coordinate and manage your
health care. For example, we may talk to your doctor to suggest a medication therapy
management program that can help improve your health.
We may use and disclose your health information to determine your eligibility for
coverage and benefits, and to see that the treatment and services you receive are
properly billed and paid for. For example, we may use your health information to
pay the pharmacies that fill your prescriptions. Other payment activities include
claims management, drug utilization review and other related administrative functions.
We are prohibited from using or disclosing any genetic information about you for
For Health Care Operations
We may use and disclose certain health information to conduct our health care operations.
Examples of health care operations include: performing quality assessment and improvement
activities, evaluating provider and health plan performance; performing auditing
functions, fraud and abuse detection and compliance activities, resolving internal
grievances, and addressing problems or complaints; and making benefit determinations,
administering a benefit plan and providing customer care.
To Make Health-Related Communications to You
We may use and disclose your health information in order to inform you about health-related
products and services. For example, we may contact you:
- To remind you to refill your prescription or otherwise follow your drug therapy
- To tell you about possible treatment options or medication alternatives that may
be beneficial to you.
- To tell you about health-related program benefits and services that may be of interest
To the Plan Sponsor of a Group Health Plan
Under certain circumstances, we may share limited health information about you with
the sponsor of a group health plan through which you receive health benefits. For
example, we may share information with a plan sponsor related to your enrollment
or disenrollment in the plan, as well as summary health information to enable the
plan sponsor to obtain bids from other health plans. We may also share information
for plan administration purposes if certain protections are included in the plan
For the Treatment, Payment, and Health Care Operations of Other Health Plans or
Health Care Providers
We may disclose your health information for another health plan or health care provider’s
treatment, payment, and, if certain conditions are met, health care operations.
For example, we may disclose your health information when it would facilitate payment
for services under another health plan.
OTHER USES AND DISCLOSURES
We may also make the following types of uses and disclosure of your health information:
- To a friend or family member who is involved in your care or to someone who helps
pay for your care if you are not present or do not object, and we believe it is
in your best interests in the circumstances. This includes disclosure to an entity
assisting in a disaster relief effort so that your family or those involved in your
care can be notified about your condition, status or location.
- To entities performing any business functions for us, provided the entity agrees to
protect and safeguard your health information, and to use and disclose it only as
permitted by us.
- To conduct medical research, provided that additional measures are taken to protect
- To comply with state and federal laws that require the release of your health information
- To public health authorities or others acting under their authority for purposes
such as reporting adverse reactions to medications or problems with medical products,
or if we believe there is a serious threat to your health and safety or that of
- To health oversight agencies for activities such as audits, inspections, licensure
and peer review activities
- For legal or administrative proceedings, such as pursuant to a court order, search
warrant or subpoena
- To support law enforcement activities; for example, we may provide health information
to law enforcement agents for the purpose of identifying or locating a fugitive,
material witness or missing person
- To correctional institutions or law enforcement officials if you are an inmate or
under the custody of a law enforcement official
- To report information to a government authority regarding child abuse, neglect or
- To share information with a coroner or medical examiner as authorized by law, or
with funeral directors, as necessary to carry out their duties
- To use or share information for procurement, banking or transplantation of organs,
eyes or tissues
- To report information regarding job-related injuries as required by your state worker
- To share information related to specialized government functions, such as military
and veteran activities, national security and intelligence activities and protective
services for the President and others
4. USES AND DISCLOSURES REQUIRING WRITTEN AUTHORIZATION
Your written authorization is required for the following types of uses and disclosures
of your health information:
- Most uses and disclosures of psychotherapy notes (if applicable)
- Uses and disclosures for marketing purposes, except for face-to-face communications
and the provision of promotional gifts of nominal value. If we will receive payment
for making such a marketing communication, the authorization is required to state
- Uses and disclosures that qualify as a sale of health information. If we will receive
direct or indirect payment in exchange for your health information, the authorization
is required to state this.
In addition to the above, any other uses and disclosures of your health information
not described elsewhere in this Notice will be made only with your prior written
authorization. If you provide a written authorization and you change your mind,
you may revoke your authorization in writing at any time. Once an authorization
has been revoked, we will no longer use or disclose the health information as outlined
in the authorization; however, you should be aware that we will not be able to retract
a use or disclosure that was previously made based on a valid authorization.
5. YOUR HEALTH INFORMATION RIGHTS
You have certain rights regarding health information we maintain about you as described
below. To exercise any of these rights, you must send a request in writing, with
any additional information required, to: SilverScript Insurance Company c/o CVS
Caremark, Attn: Privacy Officer -- MC 016, P.O. Box 52072, Phoenix, AZ 85072-2072.
Please include your card identification number on your written correspondence.
- Right to Inspect and Copy. You have the right to inspect and copy health information
that we maintain about you. You may also ask us to provide a copy of your health
information to another person. In that case, your written request must be signed
by you, must clearly identify the person to whom the copy of your health information
is to be sent, and must state where the copy is to be sent. If you request a copy
of the information, we may charge a fee for the costs of copying, mailing or, if
you agree to receive a summary or explanation of the information, the cost of preparing
the summary or explanation. We may deny your request in certain circumstances. If
your request is denied, you may ask that we review the denial.
- Right to Amend. If you believe that health information we maintain about you is
inaccurate or incomplete, you may ask us to amend it. In your request, you must
include a reason that supports the amendment you request. If we did not create the
information, you must explain why you believe the person who created it is no longer
available to amend it. We may deny your request in certain circumstances. If so,
you may submit a statement disagreeing with the denial, which will be appended or
linked to the information in question.
- Right to an Accounting of Disclosures. You have the right to receive a list of certain
non-routine disclosures we make of health information about you. In your request
for an accounting, you must specify the time period for which you want the accounting.
The first list you request in any 12 month period will be free of charge; thereafter
we may charge a fee to cover the costs of providing this information to you.
- Right to Request Restrictions. You have the right to request a restriction on how
we use or disclose health information about you for treatment, payment or health
care operations. You also have the right to request a restriction on disclosures
to someone involved in your care or the payment of your care, like a family member.
If you request a restriction, you must specify what information you want restricted
and in what way. We are not required to agree to a requested restriction.
- Right to Request Confidential Communications. You have the right to request that
we send communications involving health information about you by a certain method
of communication or to a certain address if you believe that disclosure of some
or all of your health information could endanger you. If you request a confidential
communication, your request must include a statement that the disclosure of your
health information could endanger you, and must specify how or where you wish to
be contacted. We will accommodate all reasonable requests.
- Right to Paper Copy of this Notice. You have the right to obtain a paper copy of
this notice at any time by writing to the address provided below, even if you have
previously agreed to receive it electronically. You may also view a copy of this
notice on our Website at www.SilverScript.com.
6. STATE LAW
In some situations, state privacy or other applicable laws may provide greater privacy
protections than those stated in this notice. For example, depending on the state
in which you reside, there may be additional laws related to the use and disclosure
of health information related to HIV status, communicable diseases, reproductive
health, genetic test results, substance abuse, mental health and mental retardation.
When appropriate, we will follow those state or other applicable laws.
7. CHANGES TO THIS NOTICE
We reserve the right to change this notice, and to make the changes effective for
health information about you that we already have, as well as for any health information
we obtain or create in the future.
We will retain health information about you even after your insurance coverage with
us terminates, since it may be necessary to use and disclose it for the reasons
described above. However, we will have in place policies and procedures to continue
to protect the information. We will post a copy of our most current notice on our
website at www.SilverScript.com. The effective date of the notice will be on the
first page. In addition, paper copies of the most current notice may be obtained
by sending a written request to SilverScript Insurance Company, c/o CVS Caremark,
Attn: Privacy Officer -- MC 016, P.O. Box 52072, Phoenix, AZ 85072-2072.
If you believe your privacy rights have been violated, you may file a complaint
with us or with the Secretary of the Department of Health and Human Services. To
file a complaint with us, you must send it in writing to SilverScript Insurance
Company c/o CVS Caremark, Attn: Privacy Officer -- MC 016, P.O. Box 52072, Phoenix,
AZ 85072-2072. We will not retaliate against you in any way for filing a complaint
and the service you receive from us will be unaffected.
9. CONTACT INFORMATION
If you have any questions about this notice, please contact us at:
SilverScript Insurance Company c/o CVS Caremark
Attn: Privacy Officer -- MC 016, P.O. Box 52072
Phoenix, AZ 85072-2072