Web Security Information for Online Member Services
Keeping your information secure is our number one concern. Our Online Services system was designed to make managing your account information as secure as it is convenient. Described below are just some of the measures Highmark Blue Shield of Northeastern New York (BSNENY) has taken to protect your health care and personal information. These measures allow us, among other benefits, to properly authenticate your identity when you access these services and protect your information as it traverses the Internet between your PC and BSNENY. For added precaution, we also provide several steps you can take to further protect your information.
For more information about our legal duties and your rights as they relate to access to your protected health information, please click here for legal duties information.
Protecting Your Account Information
BSNENY uses several different methods to protect the data exchanged between your computer and our network:
- Unique User Identification. BSNENY's Online Services requires two separate pieces of identification to confirm your identity prior to allowing you online access to your account. These are your unique user ID and password. Your user ID and password must be correctly entered and verified before you can view your secure account information.
- Encryption and Secure Browsers. To use BSNENY's Online Services, we require that you use a secure browser with 128-bit SSL encryption to communicate with BSNENY. 128-bit SSL browsers have the highest level of encryption and are over a trillion times more secure than the next best form of encryption. The U.S. government reports that 128-bit security will provide effective protection for the next two decades. Encryption is the process of translating meaningful communication into undecipherable code and then back into meaningful communication. It protects against that communication between you and BSNENY being translated by anyone without the correct encryption keys. Most browsers have this level of encryption.
- Firewall. Regardless of whether you use BSNENY's Online Services or not, your information will remain secure behind our Firewall. A firewall protects information between the Internet and BSNENY by acting like a "traffic cop" of network security. All messages in and out must pass through the Firewall. The Firewall interrogates each message and only allows legitimate messages to pass through to BSNENY. Any other requests are refused before they can ever reach our systems. Therefore, "hackers" trying to get into our systems should be stopped at the Firewall because their messages are not legitimate.
- Constant Monitoring: BSNENY constantly monitors activity logs for any anomalies or discrepancies. If any potential problems arise that could compromise security or privacy, we investigate them thoroughly. In addition, our staff works directly with other applicable institutions and security experts to get new information as soon as it becomes available.
- Security Upgrades: We constantly evaluate the latest security technologies, and upgrade our systems whenever relevant improvements become available.
Additional measures you can take
In addition to all the security measures we have implemented, we recommend that you take the following actions to further protect your information:
- Eliminate cached pages before leaving a shared or public computer.
- Don't leave your computer while it is in the middle of a Web Session. Always "log off" when you complete a session or leave your computer. When finished using a secure site, it is a good idea to refresh your browser.
- Select a password that is difficult to guess, but easy for you to remember. We suggest that you avoid using family member names, local sports names, birth dates, anniversaries, addresses, or phone numbers. Your password must be at least 7 characters long and contain both letters and numbers. It is also a good idea to mix upper and lower case letters.
- Change your password periodically and certainly any time you think someone may have guessed it.
- Do not share your password with anyone. Note: BSNENY employees will never ask you for your password.
If you feel your password or user ID has been compromised, let us know immediately by phone at 1-716-887-6900. Do not send us this information via e-mail.