PERSONALLY IDENTIFIABLE INFORMATION (PII) PRIVACY NOTICE

As a condition of operating in the Get Covered New Jersey Individual Marketplace, agents and brokers must execute the Get Covered New Jersey Marketplace Agreement, which includes privacy and security standards. These privacy and security standards include the requirement that agents and brokers provide individuals with a Privacy Notice Statement regarding use and disclosure of PII. This Privacy Notice Statement must be presented to individuals prior to assisting them with application and enrollment in coverage through the Get Covered New Jersey Individual Marketplace.

The purpose of collecting PII is to assist you with applying for and completing enrollment in a Qualified Health Plan (QHP) through the Get Covered New Jersey Individual Marketplace, and/or applying for Advanced Premium Tax Credits (APTCs) and/or Cost-Sharing Reductions (CSRs).

PII can be disclosed to the Get Covered New Jersey Individual Marketplace, the insurance carrier, and/or the general agency.

Disclosure of PII is voluntary, but without the disclosure of certain PII, we will be unable to assist you with applying for and completing enrollment in a Qualified Health Plan (QHP) through the Get Covered New Jersey Individual Marketplace, and/or applying for Advanced Premium Tax Credits (APTCs) and/or Cost-Sharing Reductions (CSRs).

The following privacy notice describes how producers may use and disclose your PII for purposes of health care operations, and for other purposes that are permitted or required by law. PII is information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context.

OBLIGATIONS AND ACTIVITIES OF PRODUCER
Producer shall:
  1. Not use or disclose PII other than as permitted or required by law; Except as otherwise limited, the producer may use or disclose PII to perform functions, activities, or services for, or on behalf of the covered entity, provided that each use or disclosure would not violate the Privacy Rule. The producer must obtain reasonable assurances from any person to whom the information is disclosed that it will remain confidential and used or further disclosed only as Required By Law or for the purpose for which it was disclosed to the person, and the person notifies the producer of any instances of which it is aware in which the confidentiality of the information has been breached.
  2. Use appropriate safeguards to prevent use or disclosure of PII other than as permitted or required by law. The producer shall implement administrative, physical and technical safeguards that reasonably and appropriately protect the confidentiality, integrity, and availability of Electronic PII (e-PII) that it creates, receives, maintains or transmits on behalf of the consumer.
  3. Report to the covered entity immediately any use or disclosure of PII not permitted or required by law of which it becomes aware, including breaches of unsecured PII, and any security incident of which it becomes aware.
  4. Notify the covered entity of a Breach of Unsecured PII within 24 hours of the discovery of such Breach, followed by a report in writing, except where a law enforcement official determines that a notification would impede a criminal investigation or cause damage to national security. The producer’s written notification to the covered entity hereunder shall:
    1. Be made to the covered entity within 48 hours of the initial oral report, and
    2. Include the individual whose Unsecured PII has been, or is reasonably believed to have been, the subject of a Breach.
  5. In the event of an unauthorized use or disclosure of PII or a Breach of unsecured PII, the producer shall mitigate to the extent practicable any harmful effects of said disclosure that are known to it;
  6. If applicable, ensure that any subcontractors that create, receive, maintain, or transmit PII on behalf of the producer agree to the same restrictions, conditions, and requirements that apply to the producer with respect to such information;
  7. Within 7 days of request, make available PII in a Designated Record Set to the covered entity as necessary to satisfy the covered entity's obligations;
  8. Make any amendment to PII in a Designated Record Set as directed or agreed to by the covered entity pursuant to 45 CFR 164.526, or take other measures as necessary to satisfy the covered entity's obligations under 45 CFR 164.526;
  9. Maintain and make available, within 7 days after a request for such information, the information required to provide an accounting of disclosures to the covered entity as necessary;
  10. With respect to any use, disclosure or request for PII, the producer shall limit the PII to the extent practicable to the limited data set as defined in 45 CFR 164.514(e)(2) or, if needed, to the minimum necessary to accomplish the intended purpose of such use, disclosure or request;
  11. Make its internal practices, books, and records available to the covered entity for purposes of determining compliance with the HIPAA Rules; and
  12. The producer shall be directly responsible for full compliance with the relevant requirements of the Privacy Rule to the same extent as the covered entity.

The Get Covered NJ Individual Marketplace Privacy Policy can be found here

If after reviewing this Privacy Notice, you have any questions, complaints or privacy concerns, or would like to make any requests in relation to your personal information, or obtain further information on safeguards, please send an email to [email protected], or send a letter to:
Privacy Concerns
Northeastern Benefit Services
259 Prospect Plains Rd
Bldg F, Suite 130
Cranbury, NJ 08512