Privacy Notice, Policies and Accessibility
|Fraud Protection||Social Policy|
|Public Information Act Policy||Nondiscrimination and Accessibility Requirements Notice|
|Terms and Conditions for Text Alerts|
The privacy notice has been amended to include “the choices, if any, individuals may have regarding how the organization uses PII and the consequences of exercising or not exercising those choices.” Additionally, the notice has been amended to include consumers’ “ability to consent to specific uses or sharing of PII and how to exercise any such consent.”
THIS NOTICE DESCRIBES HOW MARYLAND HEALTH CONNECTION MAY GATHER, USE OR DISCLOSE INFORMATION ABOUT YOU AND HOW YOU CAN GET ACCESS TO THE INFORMATION MARYLAND HEALTH CONNECTION GATHERS. PLEASE REVIEW THE NOTICE CAREFULLY.
Thank you for visiting Maryland Health Connection, where you can shop for quality health coverage for you and your family. Here you can compare health insurance plans and select a plan that meets your needs and fits your budget. Maryland Health Connection is also the only place to receive financial help to lower your health insurance costs. If you have questions about this information or need enrollment support, please call our Consumer Support Center toll-free at 1-855-642-8572 or deaf and hard of hearing use Relay service.
Information Collected and Stored Automatically
When you browse this website, read pages, or download information, we gather and store certain information about your visit for statistical purposes. The following information, which does not identify you personally, is gathered:
- The internet domains (example: aol.com) and IP addresses of user
- The type of browser and operating system used to access the site
- The date and time of visits
- The pages visited by users
- The address from which users link to the website
- Browser language
- Device type
- Screen resolution
- Approximate geographic location based on the IP address of the user’s local system
- Geographic location
- Scroll Depth-the measure of how much of a web page was viewed
- User events (e.g. clicking a button)
- Time spent on page
We use this statistical information to make this website more useful to visitors, to learn about the number of visitors to our site and the types of social media our visitors use. It allows us to provide more relevant experiences and advertisements to our visitors. We do not track or record personally identifiable information about individuals or their visits.
If you send us an e-mail, we use the information you send us to respond to your inquiry. E-mail correspondence may become a public record. As a public record, your correspondence could be disclosed to other parties upon their request in accordance with Maryland’s Public Information Act. It is our policy to protect the privacy of personal records and to protect confidential or privileged information, included in e-mails. Such information within an e-mail will be disclosed only as required by law or as necessary or permissible to carry out official duties.
Terms and Conditions for Text Alerts
These texting terms and conditions apply when you provide consent to receive text messages from Maryland Health Connection. You do not have to receive text messages to apply for health coverage. Maryland Health Connection offers text messaging as a way to communicate with you. To receive text messages from Maryland Health Connection, you must consent by providing a mobile phone number and opting in.
To stop delivery of text messages related to the status of your application and deadlines and health care benefits and general health information, reply STOP from your mobile phone.
If you want to specify the type of text messages you will receive, you can go to Manage Account Settings to manage your text subscriptions.
Text messaging from Maryland Health Connection also may include one-time texts for Multi-factor Authentication (MFA). For security reasons, if you would like to stop MFA, you must opt out in your Enable or Disable Additional Security from your account home page.
If you have any questions about text messages, you can contact us at 1-855-642-8572. Deaf and hard of hearing use Relay service.
Should you decide to apply for health coverage through Maryland Health Connection, the information you supply in your application will be used to determine whether you are eligible for health and dental coverage offered through Maryland Health Connection and for insurance affordability programs. It also may be used to assist you in making a payment for the insurance plan you select, and for related automated reminders or other activities permitted by law. We will preserve the privacy of personal records and protect confidential or privileged information in accordance with federal and State law. We will not sell your information to others. Any information that you provide to us in your application will be used only to carry out the functions of Maryland Health Connection or as required by law. Any person who knowingly and willfully uses or discloses information in violation of section 1411(g) of the Affordable Care Act is subject to a civil penalty of up to $25,000 per person or entity, per use or disclosure, in addition to other penalties that may be prescribed by law.
You may log in to your account at Maryland Health Connection, MarylandHealthConnection.gov, at any time to access and obtain your information. You may update your information at any time. If you need assistance updating your information or have a concern about your information, you may contact the Consumer Support Center for assistance at our toll free numbers: 1-855-642-8572; deaf and hard of hearing use Relay service.
If you have any questions about this privacy statement, please e-mail them to info@MarylandHBE.com.
If you believe your privacy rights have been violated, need more information about how MHBE uses your information, wish to rescind your consent to use your personally identifiable information, or have any questions about this Privacy Notice or MHC’s privacy policies, you may contact the Maryland Health Connection Privacy Officer at 410-547-6862. Maryland Health Connection will not take any retaliatory action against you if you make a complaint in good faith.
During the process of registering with Maryland Health Connection, you will be given additional information in accordance with the provisions of 45 C.F.R. § 155.260 of the Affordable Care Act about how the data you provide to Maryland Health Connection will be used and shared.
Data sharing and matching arrangements that facilitate the sharing of personally identifiable information between the Exchange and agencies administering Medicaid or CHIP for the exchange of eligibility information must:
• Meet any applicable requirements described in this section;
• Meet any applicable requirements described in section 1413(c)(1) and (c)(2) of the Affordable Care Act;
• Be equal to or more stringent than the requirements for Medicaid programs under section 1942 of the Act; and
• For those matching agreements that meet the definition of “matching program” under 5 U.S.C. 552a(a)(8), comply with 5 U.S.C. 552a(o).
In addition to applying through the website or the Enroll MHC mobile application, you may apply in-person, over the phone, or through the mail. If you apply for coverage using one of these alternative means, you may be required to provide paper copies of documents to verify your application information.
Please call the Consumer Support Center at our toll free numbers: 1-855-642-8572 or (Deaf and hard of hearing use Relay service.) for the hearing impaired for a complete explanation of the ways you can sign up. The Consumer Support Center representative is also able to work with you to help you sign up for coverage through Maryland Health Connection.
You may view the Nondiscrimination and Accessibility Notice at https://www.marylandhealthconnection.gov/policies-accessibility/nondiscrimination-accessibility-requirements-notice/. It declares that Maryland Health Connection complies with applicable Federal civil rights laws; does not discriminate on the basis of race, color, national origin, age, disability, or sex; and does not exclude people or treat them differently, because of race, color, national origin, age, disability or sex. The Notice is also available in Spanish.
If you require assistance or wish to report an issue related to the accessibility of any content on this website, please email info@MarylandHBE.com. If applicable, please include the web address or Uniform Resource Locator (URL) and the specific problems you have encountered..
Privacy Notice Changes
On Aug. 12, 2019, Maryland Health Connection's application, HBX, will move from its current data center to the cloud as part of the State of Maryland’s Total Human-services Integrated Network (MD THINK).
Changes to our website and the IT system may necessitate changes to our privacy notice. Notification will be posted on this website in the Privacy Notice, Policies and Accessibility section. The information contained in this privacy statement applies only to MarylandHealthConnection.gov and MarylandHBE.com and not to any linked sites. Effective Date: August 2017.
When You Apply for Health Insurance Coverage
To establish an account on Maryland Health Connection, we collect information such as your first name and last name, your e-mail address and your responses to three questions used for password recovery. We use this information to establish and maintain your account login and utilize MarylandHealthConnection.gov. Then, when you begin the application process, we collect information from you that is used to verify your identity. On MarylandHealthConnection.gov, we provide streamlined applications that allow you to apply for affordable health insurance coverage. When you apply using one of these forms, MHBE collects personally identifiable information about you and is authorized to maintain a record of the information related to your application.
After you complete an application, some of your application information may be disclosed to other federal agencies so that your eligibility for affordable health insurance can be determined. These organizations may include the Social Security Administration (SSA), the Internal Revenue Service (IRS), the Department of Homeland Security (DHS), the Department of Defense (DoD), the Veterans Health Administration (VHA), and state Medicaid and Children’s Health Insurance Program (CHIP) agencies.
In addition, information may be disclosed to the Maryland New Hire Registry and the National Death Registry to verify whether an applicant is eligible for or enrolled in employer-sponsored coverage and to ensure deceased individuals’ names are not fraudulently used. Your information may be shared with the employer(s) listed on your application for the limited purposes of verifying whether you are eligible for or enrolled in employer-sponsored coverage or advance premium tax credits. In accordance with the Privacy Act of 1974, a system of records has been created for the collection of personally identifiable information you submit to MarylandHealthConnection.gov.
How MHBE Uses Information Collected on MarylandHealthConnection.gov
When processing your application after you apply for health insurance coverage: We use the application information you choose to provide to determine eligibility for enrollment in a qualified health plan through the State Based Marketplace, Medicaid, CHIP, advance premium tax credits, and cost sharing reductions. We also verify the information provided on the application, communicate with you or your authorized representative, and provide the information to the health plan you select so that it can enroll you in a qualified health plan. You can find more information about how we use the information you provide on the application in the following links:
- Federal Trade Commission, https://www.ftc.gov/
- 45 CFR 155.260 and 155.280, https://www.ecfr.gov/cgi-bin/text-idx?SID=89d19a076bcece0c85f792482106c8e2&node=45:184.108.40.206.220.127.116.11&rgn=div8, https://www.ecfr.gov/cgi-bin/text-idx?tpl=/ecfrbrowse/Title45/45cfr155_main_02.tpl
- Office of the Attorney General, http://www.marylandattorneygeneral.gov/
- Consumer Protection Unit: http://www.marylandattorneygeneral.gov/Pages/CPD/default.aspx
When Sending You Marketplace Messages
Consumers may opt out of emails using an “unsubscribe” link at the bottom of every Maryland Health Connection email. MHBE is in compliance with Federal Trade Commission’s guidelines on e-mail marketing: https://www.ftc.
Maryland Health Connection uses the email address you provide us to send emails about important updates, deadlines or reminders related to the health insurance marketplace, if you have given us permission to send you these email messages. MHBE uses Granicus, a secure marketing cloud application, to communicate with you via email.
When Calling About Your Application or Account
MHBE uses the phone number you provided us to communicate important information about your application or account. Only for extenuating circumstances are pre-recorded calls used to encourage consumers to call the Exchange. There is also a call-back feature that auto-dials consumers who opt to use this feature instead of waiting on hold for assistance from the Consumer Support. If you want to stop receiving notifications in the form of prerecorded phone calls, please contact the Consumer Support Center toll free at 1-855-642-8572, (Deaf and hard of hearing use Relay service.) for the deaf or hearing impaired, or Maryland Relay at 711, and ask to be added to our do not call list. After we update your account, a Marketplace representative may still call you if there is an issue with your account or health plan, including if:
- A technical error occurred when you applied on MarylandHealthConnection.gov-you probably saw an error message when completing your application-that prevented you from enrolling in a plan or your health insurance company from receiving your enrollment information.
- The Marketplace needs more information to verify or add to information you entered on your application about your income, citizenship, immigration status, identify, or something else. We do this when some information you provided doesn’t match our records. (Note: This is sometimes called a verification check list or VCL). The Marketplace won’t end health insurance or change savings based on health insurance data verification issues without giving you advance notice. You’ll get two warning notifications, and a reminder phone call for Medicaid or MCHIP enrollees, before coverage ends or your savings change due to a verification issue.
- Your health insurance company is no longer offering your plan through the Marketplace.
When Conducting Surveys and Improving Services
MHBE also uses online surveys to collect opinions and feedback. You don’t have to answer these questions. If you do answer these questions, do not include any personally identifiable information in your answers. We analyze and use the information from these surveys to improve the site’s operation and content. The information is available only to MHBE managers, members of the MHBE communications and web teams, and other designated state staff and contractors who require this information to perform their duties.
When Using Third-Party Tools for Website Analytics
MHBE uses a variety of third-party web tools for web analytics. MHBE uses these tools to collect basic information about visits to MarylandHealthConnection.gov. This information is then used to maintain the website including: monitoring site stability, measuring site traffic, optimizing site content, and helping to make the site more useful to visitors. The MHBE staff analyzes the data collected from these tools. The reports are available only to MHBE managers, teams who implement State Based Marketplaces programs represented on MarylandHealthConnection.gov, members of the MHBE marketing and information technology teams, and other designated state staff and contractors who need this information to perform their duties. Tools include Google Analytics.
When Using Third-Party Tools for Outreach through Digital Advertising
MHBE uses third-party web services to conduct outreach and education through the use of digital advertising for the Marketplace. These third-party services may collect information through the use of web beacons that are located on our pages. A web beacon is a see-through graphic image (usually 1 pixel x 1 pixel) that is placed on a web page and, in combination with a cookie, allows us to collect information regarding the use of the web page that contains the web beacon. We use web beacons to tell when a user is redirected to MarylandHealthConnection.gov after clicking on or otherwise interacting with a Marketplace advertisement that we ran on another website (known as “click tracking” or “conversion tracking”), and to better target Marketplace advertisements (known as “retargeting”) to inform citizens about Marketplace deadlines and the benefits available through MarylandHealthConnection.gov.
MHBE uses third-party tools to help deliver advertising. Vendors that operate the third-party tools may also gather information about your visits to third-party sites outside of MarylandHealthConnection.gov. However, while MHBE does not track your individual-level activity on the Internet outside of MarylandHealthConnection.gov, our vendors may collect information automatically collected by MarylandHealthConnection.gov (not information you provide), and combine it with data they collect elsewhere for targeted advertising purposes. The outreach and education analytics tools provide reports which aggregate data such as the number of clicks on advertisements. The reports are available only to MHBE managers, teams who implement the insurance affordability programs represented on MarylandHealthConnection.gov, members of the MarylandHealthConnection.gov communications and web teams, and other designated state staff and contractors who need this information to perform their duties.
How MHBE Uses Third-Party Websites and Applications with MarylandHealthConnection.gov
MarylandHealthConnection.gov site leverages a variety of technologies and social media services to communicate and interact with the public. These third-party websites and applications include popular social networking and media sites, open source software communities, and more.
Your activity on the third-party websites that MarylandHealthConnection.gov links to (such as Facebook or Twitter) is governed by the security and privacy policies of those sites. You should review the privacy policies of all websites before using them so that you understand how your information may be used. You should also adjust privacy settings on your account on any third-party website to match your preferences.
How MHBE Protects Your Personal Information
The MHBE is committed to protecting consumer information entrusted with us at MarylandHealthConnection.gov. If you visit MarylandHealthConnection.gov and choose to provide us with personally identifiable information through a request for information, paper or electronic form, application, questionnaire, survey, etc., we store your personally identifiable information in a record system designed to retrieve information about you by personal identifier (name, personal email address, home mailing address, personal or mobile phone number, etc.) We will safeguard the information you provide in accordance with the requirements of the Affordable Care Act and the Privacy Act of 1974, as amended (5 U.S.C. Section 552a), and Computer Matching Agreement with the Centers for Medicaid and Medicare Services.
How Long MHBE Keeps Data and How It Is Accessed
MHBE will keep data collected long enough to achieve the specified objective for which they were collected. Once the specified objective is achieved, the data will be retired or destroyed in accordance with MHBE records schedules which, at a minimum, reflect the Affordable Care Act data retention requirements. MHBE does not store information from cookies on MHBE systems. The persistent cookies used with third-party tools on MarylandHealthConnection.gov can be stored on a user’s local system and are set to expire at varying time periods depending upon the cookie.
Children and Privacy on MarylandHealthConnection.gov
We believe in the importance of protecting the privacy of children online. The Children’s Online Privacy Protection Act (COPPA) governs information gathered online from or about children under the age of 13. The MarylandHealthConnection.gov site is not intended to solicit information of any kind from children under age 13. If you believe that we have received information from a child under age 13, please contact us at 1-800-318-2596 (Deaf and hard of hearing use Relay service).
Links to Other Sites
MarylandHealthConnection.gov may link to other HHS sites, other government sites, and/or private organizations (e.g. healthcare providers). We link to other websites solely for your convenience and education. When you follow a link to an external site, you are leaving MarylandHealthConnection.gov and are subject to the external site’s privacy and security policies. Non-federal websites do not necessarily operate under the same laws, regulations, and policies as federal websites. Aside from third-party websites highlighted in this privacy notice, MHBE is not responsible for the contents of external web pages and a link to a page does not constitute an endorsement.
Your Privacy on Social Media Sites and Other Sites that Require Registration
MHBE uses Social Media Sites in order to increase government transparency, enhance information sharing, promote public participation, and encourage collaboration with the agency. Please note that social media sites are not government websites or applications; they are controlled or operated by the social media site. MHBE does not own, manage, or control social media sites. In addition, MHBE does not collect, maintain or disseminate information posted by visitors to those Social Media Sites. If you choose to provide information to a Social Media Site through registration or other interaction with the site the use of any information you provide is controlled by your relationship with the Social Media Page Administrators in whole or part, based on a user’s privacy settings on the Social Media Site. For example, any information that you provide to register on Facebook is voluntarily contributed and is not maintained by MHBE. This information may be available to MHBE Social Media Page Administrators in whole or part, based on a user’s privacy settings on the Social Media Site or other site that requires registration, for targeted advertising or retargeting.
Permission for Information Submitted
By submitting this application, you acknowledge that you have permission from all of the people whose information is on the application to both submit their information to the Marketplace, and receive any communications about their eligibility and enrollment.
Privacy Act Statement-effective 10/1/2013
We are authorized to collect the information on this form and any supporting documentation, including social security numbers, under the Patient Protection and Affordable Care Act (Public Law No. 111-148), as amended by the Health Care and Education Reconciliation Act of 2010 (Public Law No. 111-152), and the Social Security Act.
We need the information provided about you and the other individuals listed on this form to determine eligibility for:
- enrollment in a qualified health plan through the State Based Marketplace;
- insurance affordability programs (such as Medicaid, CHIP, advance payment of the premium tax credits, and cost sharing reductions); and,
- certifications of exemption from the individual responsibility requirement.
As part of that process, we will verify the information provided on the form, communicate with you or your authorized representative, and eventually provide the information provided as part of the ongoing operation of the Marketplace, including activities such as verifying continued eligibility for all programs, processing appeals, reporting on and managing the insurance affordability programs for eligible individuals, performing oversight and quality control activities, combatting fraud, and responding to any concerns about the security or confidentiality of the information.
While providing the requested information (including social security numbers), is voluntary, failing to provide it may delay or prevent your ability to obtain health coverage through the marketplace, advance payment of the premium tax credits, cost sharing reductions, or an exemption from the shared responsibility payment and you do not maintain qualifying health coverage for three months or longer during the year, you may be subject to a penalty. If you do not provide correct information on this form or knowingly and willfully provide false or fraudulent information, you may be subject to a penalty and other law enforcement action.
In order to verify and process applications, determine eligibility, and operate the Marketplace, we will need to share selected information that we receive outside of MHBE, including to:
- Other state and federal agencies (such as, but not limited to, Internal Revenue Service (IRS), Social Security Administration (SSA), Department of Homeland Security (DHS), Medicaid or Children’s Health Insurance Program (CHIP), or local government agencies). We may use the information you provide in computer matching programs with any of these groups to make eligibility determinations, to verify continued eligibility for enrollment in a qualified health plan or Federal benefit programs, or to process appeals of eligibility determinations. Information provided by applicants will not be used for immigration enforcement purposes;
- Other verification sources including consumer reporting agencies;
- Employers identified on applications for eligibility determinations;
- Applicants/enrollees, and authorized representatives of applicants/enrollees;
- Agents, Brokers, and issuers of Qualified Health Plans, as applicable, who are certified by MHBE who assist applicants/enrollees; and
- MHBE contractors engaged to perform a function for the Marketplace.
The Exchange permits an applicant or enrollee in the individual or small group market, to designate an individual person or organization to act on his or her behalf in applying for an eligibility determination or redetermination, in carrying out other ongoing communications with the Exchange.
A written document signed by the applicant or enrollee, or through another legally binding format subject to applicable authentication and data security standards is required in designation of an authorized representative. MHBE accepts representation via the application on the internet, by telephone through the call center, by mail and in person, with reasonable accommodations for those with disabilities, as defined by the Americans with Disabilities Act.
If submitted, legal documentation of authority to act on behalf of an applicant or enrollee under State law, such as a court order establishing legal guardianship or a power of attorney, shall serve in the place of the applicant's or enrollee's signature.
The authorized representative must agree to maintain, or be legally bound to maintain, the confidentiality of any information regarding the applicant or enrollee provided by the Exchange. The authorized representative is responsible for fulfilling all responsibilities encompassed within the scope of the authorized representation, as described below, to the same extent as the applicant or enrollee he or she represents.
The designation will remain in effect until the applicant or enrollee informs MHBE that representative is no longer authorized to act on his or her behalf using one of the methods available for the submission of an application; the authorized representative informs MHBE and the applicant or enrollee that he or she is no longer acting such capacity or has the legal authority to act on behalf of the applicant or enrollee.
An applicant or enrollee may authorize his or her representative to:
- Sign an application on the applicant or enrollee's behalf;
- Submit an update or respond to a redetermination for the applicant or enrollee in accordance with §155.330 or §155.335;
- Designate his or her authorized representative to receive copies of the applicant's or enrollee's notices and other communications from the Exchange; and
- Permit the authorized representative to act on behalf of the applicant or enrollee in all other matters with the Exchange.
The Exchange permits an applicant or enrollee to authorize a representative to perform fewer than all of the activities described in signed application of the applicant or enrollee. The Exchange provides information and notifications both to the applicant or enrollee, and to the authorized representative, regarding the powers and duties of authorized representatives, and tracks the specific permissions for each authorized representative.
Failure to Reconcile
Compliance with filing requirement. The Exchange may not:
- determine a tax filer eligible for advance payments of the premium tax credit if HHS notifies the Exchange as part of the process described in §155.320(c)(3) that (a) advance payments of the premium tax credit were made on behalf of the tax filer or either spouse if the tax filer is a married couple for a year for which tax data would be utilized for verification of household income and family size in accordance with §155.320(c)(1)(i), and (b) the tax filer or his or her spouse did not comply with the requirement to file an income tax return for that year as required by 26 U.S.C. 6011, 6012:
- implement regulations; and,
- reconcile the advance payments of the premium tax credit for that period.
MHBE Audit Compliance Status Update May 2017
CMS Privacy Notice for Healthcare.gov. http://www.Healthcare.gov.
MHC Consumer Website Privacy Notice
Healthcare.gov Privacy Act Statement. https://www.healthcare.gov/how-we-use-your-data.
45 CFR 155.260 Privacy and Security of Personally Identifiable Information. https://www.ecfr.gov/cgi-bin/text-idx?SID=89d19a076bcece0c85f792482106c8e2&node=45:18.104.22.168.22.214.171.124&rgn=div84
45 CFR 155.280 Oversight and Monitoring of Privacy and Security. https://www.ecfr.gov/cgi-bin/text-idx?tpl=/ecfrbrowse/Title45/45cfr155_main_02.tpl
Federal Trade Commission CAN SPAM ACT: A Compliance Guide for Business. https://www.ftc.gov/tips-advice/business-center/guidance/can-spam-act-compliance-guide-business
Minimum Acceptable Risk Standards for Exchanges (MARS-E) 2.0 (2015). https://www.medicaid.gov/federal-policy-guidance/downloads/cib-09-23-2015.pdf
Authorized Representatives. 45 CFR §155.227(a). 45 CFR §155.227(c)
Failure to Reconcile. 45 CFR §155.305(f)
Your Right to Representation. CMS.gov. https://www.hhs.gov/about/agencies/omha/filing-an-appeal/your-right-to-representation/index.html
Computer Matching Agreement. CMS. https://www.cms.gov/Research-Statistics-Data-and-Systems/Computer-Data-and-Systems/Privacy/ComputerMatchingAgreements.html