Go to content

HIPAA Privacy

The privacy rule is established to protect written, spoken, and electronic individually identifiable information. This rule empowers health care recipients to have more control over their health information by establishing boundaries and safeguards that must be adhered to by the health care industry. The ruling also limits information exchange to what is necessary for health care services and billing purposes, while enabling patients to discover who has access to their information and to access, copy and request amendments to their own information.

All covered entities were to be in compliance with the HIPAA law for privacy by April 13, 2003. State and federal laws governing access to protected health information preempt the HIPAA law if the state law is stricter than the HIPAA rule.

The Corporate Privacy Program established at BCBSKS conducted an extensive evaluation of current business practices to identify the many uses of protected health information (PHI) used within the health care operations. Appropriate safeguards were put in place for the protection of PHI throughout the organization.

Calling Customer Service

BCBSKS representatives will ask callers additional questions to assure that the person on the other end of the telephone is who they say they are. This authentication process will allow Blue Cross and Blue Shield of Kansas to fully comply with the privacy guidelines set forth by the Health Insurance Portability and Accountability Act (HIPAA).

Providers calling customer service must be able to verify their identity by providing the following:

  • Provider number or Tax ID number
  • Provider name
  • Member's BCBSKS ID number or Social Security number
  • Inquirer's name
  • Inquirer's telephone number

The authentication process also applies when a provider office receives a return call from a BCBSKS representative. The provider will be asked to answer the same questions; in addition, the BCBSKS representative will ask the provider, “What information are you waiting for?” The provider must be able to answer that question before the representative can release any information.

More about HIPAA

For the latest information about HIPAA Privacy, check out the U.S. Department of Health and Human Services website.