Effective Date: October 14, 2019
- we, us, and our means Alberta Blue Cross®;
- personal information means any information that on its own or when put together with other information can identify a person but does not include business contact information or anonymous or de-identified data that is not associated with a particular individual.
2. Scope and Application
- apply for, purchase, or receive our products or services;
- sign up to be a part of any of our programs, promotions, contests or events; or
- visit our premises, website, or mobile applications.
3. How we limit the collection of personal information
We limit collection of personal information to what is reasonably required to fulfill the purposes for which it was collected.
The type of personal information collected depends on the type of product or service involved:
- We may collect your name, date of birth, and contact information to identify you, set you up in our system or communicate with you;
- If you apply for individual or group benefits, we may collect health or lifestyle-related information, such as your occupation, travel history and plans, and employment information such as place of employment and annual income.
- We may record or monitor incoming and outgoing calls for quality assurance and training purposes, or to create a record of the information you provided and your instructions;
4. How we collect your personal information
We use different methods to collect your personal information including directly from you, from third parties, through technology, and when you are interacting with us online or through our mobile applications.
A. Directly from you:
We may receive personal information from you, when you provide it to us.
You may provide personal information to us through a form, in person, by telephone, by email, by our website or other method.
B. From third parties
We may receive personal information about you from other sources that may include:
- Your employer or third-party administrator, if you apply for group benefits;
- Third parties we work with to issue and manage our products and services, whether now or in the future;
- Third parties you allow to disclose information to us, or third-party accounts you allow us to access;
- Public sources such as government agencies and websites; and
- With your consent, we may gather personal information from your doctor(s) and health care provider(s), and from other insurance companies to confirm or obtain additional information about you.
In these cases, we take steps to ensure the individual providing the personal information understands their obligations regarding the collection, use, and disclosure of that personal information. We receive your personal information from these other sources with your consent, or if the law requires or permits us to do so.
When you have a sponsored plan, we may obtain personal information from Alberta Health, your employer, or another representative. They may provide your personal information to us through application forms, a member site, a phone call, or other methods.
C. Through Technologies
We may collect personal information through various technologies used at our offices or branches. These include point of sale systems, video surveillance, and other similar types of technologies which we may use from time to time.
We use video surveillance in areas surrounding our offices for security purposes, to protect against theft, to prevent damage to our properties, and to prevent fraud.
D. Through our Website and Mobile Applications
5. How your consent is obtained
A. Directly from you:
When we collect personal information directly from you, we may obtain your consent in writing, verbally, or electronically depending on the method you used to communicate with us.
B. Implied Consent
Your actions may imply your consent.
- By presenting your benefits card, you give your consent for health service provider(s) to disclose your personal information to us; and
- When you apply for coverage under a benefit plan and include your spouse or your dependants, their consent is implied to enroll and cover them under the plan.
6. How you can withdraw your consent
Where you have provided your consent to the collection, use, and disclosure of personal information, you may choose to withdraw your consent under certain circumstances. If you withdraw your consent, we may not be able to provide you with the product or service requested. We will explain the impact of withdrawing your consent to help you with your decision.
You may withdraw your consent to receive electronic or printed documents from us by contacting our office or controlling your preferences on the member site.
If you do not want your calls recorded, you have other options for conducting business with us; for example, by visiting one of our branches, or by writing to us or using the member site.
7. How we use your personal information
We use your personal information:
- to provide you with programs, products, and services;
- to manage our business operations;
- to communicate information we think may be of interest to you; and
- as permitted or required by law.
If we want to use your personal information for a purpose other than those stated at the time of collection, that new purpose will be documented and if required, we will obtain your consent.
Generally, we may use your personal information for the following reasons:
A. Providing Products or Services
- To confirm your identity;
- To identify the browser you use to ensure the best performance of our site;
- To provide you with information about products and services you request from us;
- To determine your eligibility for a product or service;
- To determine and offer other products or services you may be interested in;
- To fulfill the purposes for which you provided the information to us when it was collected;
- To initiate a payment of a claim or premium; or
- To manage the terms and conditions of your benefit plan.
B. Communicating with you
- To provide you with notices about your account, including expiration and renewal notices and payment details;
- To provide you with information and updates about products and services you enrolled in;
- To respond to your questions (for example, to contact you about a question you submitted to our customer service team); or
- To better manage our relationship with you.
C. Managing our business needs
- To improve our products and services to better meet your needs;
- For quality assurance or training;
- To protect you and us from errors, fraud, or other misrepresentations; or
- To maintain the security of our employees, customers, and property (for example, through the use of video surveillance).
D. As permitted or required by law
- To comply with any court order, law, or legal process, including responding to any government or regulatory requests;
- To carry out our obligations and enforce our rights arising from any contracts with you, including for billing and collection; or
- To comply with legal requirements.
8. When we disclose your personal information
A. Service Providers
- When you give us your consent to discuss your personal information with a specific person or organization;
- To third-party service providers to manage your benefits with us;
- For example: our 24/7 travel assistance provider or life insurance provider
- To other insurers to determine eligibility for benefits, or to coordinate benefits;
- To financial institutions to set-up payments for your claims or your plan; or
- To third-party auditors, consultants, or administrators to fulfill the terms of your benefit plan.
We attempt to limit the number of service providers we use outside of Canada. However, some providers may be located outside of Canada.
- We may transfer personal information to these service providers for specific services.
- Personal information outside of Canada is subject to the laws in the foreign country that may allow law enforcement, courts, and regulatory agencies to access the personal information.
- If you would like more information on our use of service providers outside of Canada, please contact our Privacy Office.
B. Sale or Transfer of Business
We may disclose your personal information in the event of a merger, sale, or partial sale of our business or assets to a buyer or other successor.
C. Other Permitted Purposes
- We may disclose your personal information to enforce our agreements with you or your employer, or to investigate and defend ourselves against any third-party claims or allegations;
- We may disclose your personal information when required by law, subpoena, or other legal reason;
- We may disclose your personal information when it is reasonably necessary to investigate, prevent, or act against suspected or actual illegal activities, or to assist government agencies; and
- We may disclose your personal information if we believe the disclosure is necessary or appropriate to protect the rights, property, or safety of Alberta Blue Cross®, its customers, or others. This includes exchanging information with other companies or organizations for the purposes of fraud protection.
If we need to disclose your personal information for additional purposes, we will obtain your consent where required by law.
9. How you can access your personal information
You have the right to access the personal information we have about you subject to certain legal restrictions. Upon request, we will provide you with access to your personal information within a reasonable timeframe in compliance with applicable law.
Depending on the information you are requesting, you may be able to receive a copy via telephone inquiry, the member site, or in person. If we are not able to provide the information through our normal channels, we will tell you how to obtain access through a written request.
We may not be able to provide you with all your personal information, as access may be limited or prohibited by privacy legislation.
- If the release of the information would reveal personal information about another individual;
- If the release of the information would reveal the identity of an individual who has provided a confidential opinion about another individual;
- If the information is protected by any legal privilege;
- If the information was collected for an investigation or legal proceeding; or
- If the information has been destroyed, erased, or made anonymous in accordance with our record retention obligations and practices.
If we cannot provide you with all or part of your personal information, we will inform you of the reason why and provide you with a contact to answer your questions. We will also provide you information on how you can request a review of our decision.
Your personal health and medical information should be obtained through your physician or health provider in accordance with Alberta’s Health Information Act.
10. How you can correct your personal information with us
We rely on you to keep your personal information up to date and accurate. If you notice any errors in your personal information or if you need to update it, please contact us. You may challenge the accuracy and completeness of your personal information and request it be amended.
You can contact us via telephone, the member site, or in person to update your personal information.
If you have a group plan, ensure your employer or third-party administrator has your updated personal information as well.
If we are unable to update your personal information, we will explain why, and we will make note of your requested correction(s). We will also provide you with a contact to answer your questions, and information on how you can request a review of our decision.
11. How we secure your personal information
We use a variety of administrative, physical, and electronic safeguards designed to provide reasonable protection of your personal information from accidental loss including unauthorized access, disclosure, copying, use, and modification.
Where appropriate, we use various safeguards including:
- Physical Safeguards: such as our building security measures;
- Organizational Safeguards: through our policies, practices, and access levels, including:
- Limiting access to personal information to those employees, contractors, and third parties who use the information for one of the identified purposes;
- Making reasonable efforts to ensure third-party service providers have appropriate security to protect your personal information.
- Electronic Safeguards: by using various technological methods including:
- Passwords: If you use a password to access our web services, you are responsible for keeping the password confidential to prevent unauthorized access, disclosure, copying, use, and modification through the web service;
- Multi-Factor Authentication, which is a method of confirming your identity by using more than one way to authenticate you; for example, asking for your password and a code that is sent to your email address or phone number;
- Anonymization, which is the process of altering your personal information so that it can no longer be used to identify you (See ‘Combined Data’);
- Masking, which is the process of modifying your personal information so that the structure remains the same, but the content is no longer identifiable;
- Encryption, which is the process of obscuring your information to make it unreadable without the use of a code or a key; and
- Logging and monitoring, which is the process of tracking, recording, and monitoring activity related to the access and/or use of your accounts or personal information.
12. How long we keep your personal information
We keep your personal information for a reasonable period of time after it is no longer needed to fulfill the purposes identified, or for purposes required by law.
Once your personal information is no longer needed, it will be securely destroyed or anonymized so that it no longer identifies you, in accordance with our record retention obligations and practices.
We reserve the right to use anonymous information for legitimate business purposes without further notice to you and without your consent.
We may securely destroy or anonymize your personal information after we:
- Manage the products and services we provide to you;
- Fulfill reporting or accounting requirements; and
- Comply with legal and regulatory requirements.
13. Combined Data
Under some circumstances we may make your personal information anonymous. The data will no longer be associated with you. We may use this anonymous information for valid business reasons without further notice to you and without your consent.
We may combine anonymous information to create a collection of data that may be used or disclosed in the following ways:
- To understand overall user needs to design new products and services;
- To perform research and studies aimed at improving our products, services, and technologies;
- For clinical research, market research, education, and other related projects; and
- Where you are part of a group health benefits program, for your employer to gauge the health of their organization and identify areas for wellness interventions.
Our website assigns each computer with a different cookie for select purposes, for example:
- To collect anonymous statistical information to help us understand the website use. For example: traffic patterns, pages visited, number of clicks, average time spent on a page;
- To honour your preferences and settings to speed-up load time of our pages;
- To enhance the security features of some of our web sites;
- To improve the websites to provide better service;
- To help develop interest-based advertising; and
- To show us how many people opened a link in an email.
For your use of the member site, your browser must be set to accept cookies due to the enhanced security features for these sites.
You can control cookies by setting your preferences on your browser. We suggest using the help button on your computer or web browser to find out more on how to set the browser to notify you about cookies.
16. Contacting Our Privacy Officer
Alberta Blue Cross® Privacy Officer:
Note: Email is not a 100% secure medium. Please consider the type of personal information you are sending to us when contacting us via email.
10009 – 108 ST NW
To report a privacy concern anonymously, use our Alberta Blue Cross® Fraud, Privacy and Ethics Reporting service.