Digital Privacy Policy

Effective: 06.20.2023

This privacy statement applies to the Capital Blue Cross website owned and operated by Capital Blue Cross (“We”, “Us”, “Our”). Capital Blue Cross respects your right to privacy. When you visit this site, we may collect information on two different levels about your visit:

  • Anonymous statistics collected as you browse the site
  • Personally identifiable information you knowingly give us

We want you to be aware of how we digitally collect and handle your information, as well as the choices available to you regarding our use of your personally identifiable information and how you can access and update this information.

What information of mine does this website collect?

Capital Blue Cross collects personally identifiable information such as name, address, email address, and ID number when you knowingly provide it to us.

Specifically, during registration, members may be asked to provide, date of birth, email address, telephone number, mobile number, member ID, last four numbers of Social Security number, and group ID. Name, date of birth, member ID, last four numbers of Social Security number, and group ID are used to verify your member status. We also collect demographic information such as gender and zip code. We use gender information to help find health plans and services that best match your situation and health care needs. Gender does not impact health plan premium rates. Email address and telephone number (mobile and home) are used to contact you about Capital’s products and services. Mobile numbers specifically are used to send you text message alerts; you may opt out from receiving them at any time by replying “STOP” to the text message or contacting us by calling the phone number on the back of your ID card (TTY: 711).

We collect information about your interaction with us, including the resources that you access, pages viewed, which browser you use, how much time you spent on a page, and how you reached our website. We also log the details of your visits to our website and information generated in the course of using our website, such as mouse movements, clicks, page visits, text entered, how long you spent on a page, and other details of your actions on our website via third-party software which includes but may not be limited to Google Analytics and FullStory. We use these statistics to monitor our site's performance and identify areas for improvements to make it easier for you to use.

What happens when I provide personally identifiable information on this website?

Any personally identifiable information you give us on this site will be used in support of administering our products and services. This is only collected to benefit you, the customer. We do not sell your data to third parties.

Do you sell or give my information to non-Capital Blue Cross companies?

Your personally identifiable information – including your email address and phone number – gathered on this site will not be sold, rented, licensed, or otherwise shared with third parties. The only exceptions are the following:

  • Capital Blue Cross shares information with other member plans of the Blue Cross and Blue Shield Association (BCBSA) to provide services to its members. Other Blue Plans are not allowed to use personally identifiable information except for the purpose of providing these services. This information includes name, date of birth, member ID, and group ID. Email address is not shared with other member plans of the BCBSA.
  • You specifically authorize Capital Blue Cross to share your information with another entity.
  • We reserve the right to disclose your personally identifiable information as required by law and when we believe that disclosure is necessary to protect our rights and/or comply with a judicial proceeding, court order, or legal process served on our website.
  • Disclosure is necessary to protect the safety of customers, employees, or property.
  • Personally identifiable information may be exchanged with companies that directly assist or provide services for Capital Blue Cross that are related to your health care program(s).
  • If Capital Blue Cross is involved in a merger, acquisition, or sale of all or a portion of its assets, you will be notified via email and/or a prominent notice on our website of any change in ownership or uses of your personally identifiable information, as well as any choices you may have regarding your personally identifiable information.

If you are a member of a group health plan, upon request from your employer, we may provide confirmation that you and/or those on your health care plan completed activities which are in support of your company’s incentive program. This includes things such as registering for a member web account or enrolling in Capital’s mobile messaging program. Capital will provide your employer with the minimal information necessary to verify your participation.

Capital Blue Cross occasionally uses outside shipping companies to ship health kits or other promotional materials. These companies do not retain, store, or use personally identifiable information for any secondary purposes. If you provide individually identifiable information at an event Capital Blue Cross sponsors with another company, or if you register on a co-sponsored website, you may be providing the individually identifiable information to the co-sponsor. Review the privacy statement at the event or on the co-sponsored site to learn how the partner uses this information. Be assured that Capital Blue Cross uses this information in accordance with this privacy statement.

Do you have links to other sites?

Yes, our site contains links to other websites whose privacy practices may differ from those of Capital Blue Cross. If you submit personally identifiable information to any of those websites, your information is governed by their privacy statements. We are not responsible for the content or the privacy practices employed by other sites. We encourage you to carefully read the privacy statement of any website you visit.

What does Capital Blue Cross do with non-personally identifiable information collected automatically?

Capital Blue Cross uses cookies and tags to collect information in order to enhance your online experience. Cookies are text files with small pieces of data that are used to identify your computer as you use a computer network. Specific cookies known as HTTP cookies are used to identify specific users and improve your web browsing experience.

Data stored in a cookie is created by the server upon your connection. This data is labeled with an ID unique to you and your computer.

When the cookie is exchanged between your computer and the network server, the server reads the ID and knows what information to specifically serve to you.

We use session cookies to make it easier for you to navigate our website. A persistent cookie remains on your hard drive for an extended period of time. We set a persistent cookie to help improve our site by understanding the areas that are of interest to you via site usage analytics (Google Analytics). You can remove persistent cookies manually in your internet browser. You may also choose to change your browser settings to disable cookies. Please be aware that cookies may be required to complete certain functions on this website. No personally identifiable information is contained in cookies used by the website.

Analytics / Log files

As is true of most websites, we gather certain information automatically and store it in log files. This information includes internet protocol (IP) addresses, browser type (such as Google Chrome), internet service provider (ISP, such as Comcast), referring/exit pages, operating system, date/time stamp, and clickstream data. We use this information, which does not identify individual users, to analyze trends, to improve your website experience and to gather demographic information about our user base as a whole. We do not link this automatically collected data to personally identifiable information.

Third-party tracking

The use of cookies by third parties is not covered by our privacy statement. We do not have access or control over these cookies. These third parties use session ID cookies and persistent cookies to make it easier for you to navigate our site.

Behavioral targeting / re-targeting

We partner with a third party ad network to either display advertising on our website or to manage our advertising on other sites. Our ad network partner uses cookies and Web beacons to collect non-personally identifiable information about your activities on this and other websites to provide you targeted advertising based upon your interests.

How can I update or correct information I’ve provided?

If you would like to update, correct, or delete any information you have sent us via this website, please update your member communication preferences or contact us. Please indicate the changes you would like to make using the comments area of the Ask us form. Member Services will contact you to confirm that the appropriate changes have been made within a reasonable timeframe.

Digital communications

At times, we may utilize mobile push notifications, email, and/or texting to:

  • Respond to an email you’ve sent us.
  • Respond to general inquiries and feedback you’ve provided us.
  • To send information that you have requested.
  • To send members information related to their health care program(s).
    • The opt-in and opt-out options that are applicable to your account can be accessed in My Preferences.
    • Mobile push settings are controlled by your phone settings.

We will retain your information for as long as your account is active or as needed to provide you services. If you are no longer a member with us, we still retain your information only for use if you return as a member in the future. Guest account information is also retained solely for prospecting purposes. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

Information security practices

Capital Blue Cross takes precautions to protect its users' personal, nonpublic information. When users submit sensitive information to us, the information is protected both online and offline.

Online connections to our website are encrypted. This is validated through the display of a lock icon on a web browser.

Capital Blue Cross has implemented a comprehensive information security program to protect the confidentiality, integrity, and availability of personally identifiable information. This program consists of policies, processes, and technology. Only employees who need the information to perform a specific job are granted access to personally identifiable information. Employees receive security training annually. The systems that store personally identifiable information are kept in a secure environment.

The information security program is subject to monitoring and oversight annually. Updates are made as needed so that the security program remains aligned with the mission of Capital Blue Cross.

No information security program is 100% secure. Therefore, we cannot guarantee absolute security. If you have any questions about security on our website, please contact us.

Changes to this privacy statement

We may update this privacy statement to reflect changes to our information practices. If a material change is made to this privacy statement and/or the way we use our customers' personally identifiable information, we will post prominent notice of the nature of such change on our website prior to the change becoming effective. We encourage you to periodically review this page for the latest information on our privacy practices.

Contact us

If you have questions or concerns about this privacy statement, please contact us through the information below:

Our mailing address is:

Capital Blue Cross
2500 Elmerton Avenue
Harrisburg, PA 17177-9519

Our phone number is: 800.962.2242

Our fax number is: 717.541.6915

Contact us via email