Privacy Policy
MercyCare Insurance Co. Notice of Privacy Practices
To view the MercyCare Privacy Notice, click here.

Navitus Privacy Policy
The information on this Web site is provided as a service to our members. Navitus Health Solutions strives to assure our Web site is accurate and timely, but we cannot guarantee accuracy of the contents. You assume full responsibility for using the information at this site, and you understand and agree that NAVITUS HEALTH SOLUTIONS IS NEITHER RESPONSIBLE FOR NOR LIABLE FOR ANY CLAIM, LOSS, OR DAMAGE RESULTING FROM ITS USE.

Navitus provides links to outside sources as a courtesy; however, Navitus is not responsible for information on other Web sites.

What Types of Nonpublic Personal Information Does Navitus Collect About You?

We collect a variety of nonpublic personal information needed to administer pharmacy benefits. We collect nonpublic personal information about you from some of the following sources:
  • Information we receive directly or indirectly from you, your employer, or benefits plan sponsor through applications, surveys or other forms, in writing, in person, by telephone or electronically (e.g., name, address, social security number, date of birth, marital status, dependent information, employment information, and medical history).
  • Information about your transactions with us, our affiliates, our providers, our agents, and others (e.g., health care claims, medical history, eligibility information, payment information, service request, and appeal and grievance information).

How Does Navitus Protect This Information?

We limit the collection of nonpublic personal information to that which is necessary to administer our business, provide quality service, and meet regulatory requirements.
We maintain physical, electronic, and procedural safeguards that comply with federal regulations to safeguard your nonpublic personal information. We limit the internal use of nonpublic personal information about you and ensure that only authorized staff with the need to know have access to it. Safeguards are maintained for your nonpublic personal information and are reviewed regularly to ensure that your privacy is protected. We have policies to direct, and procedures to limit, the access of a member's information only to those who have a need and legal right to see that information.

How may Navitus Use or Share Your Information?

We will not disclose your nonpublic personal information unless we are allowed or required by law to make the disclosure.

Opting Out of Information Sharing or Gathering

From time to time, you may have received notices from other entities that provide you an opportunity to "opt out" of certain disclosures. The most common type of disclosure that applies to "opt outs" is the disclosure of personal information to a non-affiliated company so that company can market its products or services to you. Navitus will not sell or disclose your personal information to other companies or organizations. Because we do not make disclosures that apply to "opt outs", it is not necessary for you to complete an "opt out" form or take any action to restrict such disclosures.

Stored Information:

From the information we learn about you from your visit to this site, we store only the following: the IP address from which you access the Internet, the date and time, the Internet address of the Web site from which you linked directly to our site and the browser used to access our site. This information is used to measure the number of visitors to the various sections of our site and identify system performance or problem areas. The information that is gathered is anonymous and does not identify any individual. This site uses cookies. "Cookies" are small pieces of information that are stored by your browser on your computer's hard drive. Cookies are used for the sole purpose of retaining your preferences while visiting our website and discarded once you sign out or close your browser.

Privacy Policy:

Navitus recognizes the need to maintain confidentiality of your protected health information and is committed to protecting your privacy. We have established policies and procedures to help us keep that commitment to you. The following information describes how we access and use non-public protected health information:
  • Navitus has access to your protected health information through claims and pharmaceutical records. Navitus may disclose this information to or receive this information from hospitals, physicians, pharmacists or other health care practitioners and providers, any health insurance company, any third party administrator, or final payer of claims to facilitate and/or ensure the delivery of contracted services.
  • Navitus restricts access to your personal health care information to personnel who need to know that information to process claims and coordinate services for you. Navitus maintains physical, electronic, and procedural safeguards that comply with applicable regulatory standards to guard your protected health information. All Navitus employees are trained in Navitus’ confidentiality policies and the appropriate use of personal health information. In addition, Navitus requires all affiliated parties who maintain your health records to enforce confidentiality policies and procedures within their facilities.
  • Navitus relies upon contact information provided by you in order to accurately administer this portal. Navitus shall assume that all information entered by you related to name, address, telephone number and fax number is complete, current and accurate. All associated mailings, by Navitus, will rely upon this information, provided by you, in order to securely administer this application. Navitus accepts no liability for mailings sent based upon incorrect or outdated mailing information, supplied by you.
A Navitus employee or affiliated party who violates any of the confidentiality policies is considered to have committed a serious offense. Failure of an employee or affiliated party to protect personal protected health information from accidental or unauthorized access is not tolerated.

Security Statement:

Protecting member confidential health information is a top priority at Navitus. In addition to applying stringent confidentiality policies that govern access and use of information by Navitus, we have implemented several security features and methods to protect data in our information systems, including, but not limited to the following:
  • Firewalls: personal health information is stored in a secure electronic record, protected from the Internet by a firewall at each level of access.
  • Secure Password Assignment following proper verification protocols established by the Health Insurance Portability and Accountability Act (HIPAA).
  • Layered Access with access rights controlled by security clearance.
  • Session Timeout: after a period of inactivity, the logon session will end.
  • Monitoring: the Web server is regularly reviewed. The latest security updates are incorporated as they become available.
Beginning to End Security:

Navitus provides a private and secure environment. We protect our clients by using security measures that are among the best in the industry.

Validation:

The Navitus Member Portal enrollment process will ask for ‘key’ identifiable pieces of information, so we can ensure proper authorization to access personal health information.

Security Question:

The member must select three security questions and provide answers to those questions. One of those questions will be selected randomly as additional security measures during logon. The questions and answers will then be used as another factor of member validation.

Password:

Passwords expire after 180 days. Passwords must comply with industry standard complexity.

Encryption:

All client information communicated over the Internet is encrypted using Secured Sockets Layer (SSL) technology supported with digital certificates. Secure Sockets Layer is a technology adopted by all vendors producing web-related software. It negotiates and employs the essential functions of mutual authentication, data encryption, and data integrity for secure transactions.

Authentication:

Digital certificates are authenticated, issued, and managed by a trusted third-party, called a Certification Authority (CA). The CA must provide a combination of technology, such as security protocols and standards, secure messaging, and cryptography; infrastructure, including secure facilities, client support, and redundant systems; and practices, a defined model of trust and a legally binding framework for subscriber activities and disputes. In short, a CA must be a trusted online service operating 24 hours a day, 7 days a week, on a global basis.

Firewall Security:

Navitus uses leading firewall and network security technology to protect our internal computer systems from unauthorized access.

Questions?

If you have any questions about our privacy policies, please contact Customer Care toll-free at the number listed on your pharmacy benefit member ID card.

Copyright Statement

©2013 Navitus Health Solutions, LLC. All rights reserved. Materials copyrighted by Navitus Health Solutions may be reprinted for personal use only. Permission to reprint or electronically reproduce any document in part or in its entirety for any other reason is expressly prohibited, unless prior written consent is obtained from Navitus Health Solutions, LLC. Navitus logos are marks of Navitus Health Solutions.