NC Medicaid Managed privacy statement
Last updated: November 29, 2022
Maximus commitment to privacy
Thank you for visiting the NC Medicaid Managed Care website (“Site”) and/or Application for mobile devices. Maximus operates this Site and Application for the North Carolina Department of Health and Human Services (“DHHS”). This Site is found at www.ncmedicaidplans.gov . The Site and Application are designed to make it easier for you to find information and interact with NC Medicaid Managed Care. This privacy statement governs your use of the Site/Application. Please read it before you access and use the Site/Application.
Privacy is a top priority at Maximus. We are committed to keeping your information secure and confidential. Maximus respects your privacy. This privacy statement shows our commitment to you.
This privacy notice applies to:
- Information we collect about you
- How we use the information we collect
- Choices you have about how we collect and use your information
This privacy notice does not apply to:
- Privacy practices for activities done outside your use of this Site/Application
- Websites other than this Site
- Applications other than this Application
- Products and services not available or enabled through the Site/Application
Contents
- Information we collect
- How we use and share the information we collect
- Website time out
- Information we keep
- Website privacy statement
- Device and carrier information
- Cookies, “Do Not Track” signals, and Adobe Analytics
- Opt-out of cookies and Adobe Analytics
- Do Not Track
- Security
- Children
- Reviewing and correcting your information
- Information disclaimer
- Changes to this privacy statement
- How to contact us
Information we collect
To use some features of this Site/Application, you may be asked to give or verify personal information. Maximus does not collect any personal information about you through this Site/Application unless you agree to give it.
When you enroll in a health plan using this Site/Application, you are agreeing to give your personal information. We identify the data we need to give you the services or information you ask for. These are some things Maximus may ask you to give or verify (this is not a complete list):
- First and last name
- Birth date
- Mailing address, including ZIP or Postal Code
- Medicaid ID number
- Last four digits of your Social Security number
When you visit the Site/Application, you may do things like complete an enrollment application. Maximus uses the data you voluntarily give, including personal information, to operate the NC Medicaid Managed Care program. We also use it to provide goods, services, and information.
Maximus has policies to protect the confidentiality of personal information we get as we do business. Our privacy policies have standards to guard confidentiality, prohibit unlawful disclosure, and limit access to personal information such as Social Security numbers and Medicaid ID numbers. We use physical, technical, and administrative safeguards to protect personal information.
How we use and share the information we collect
The Health Insurance Portability and Accountability Act (HIPAA) (Public Law 104-191) governs how we collect and disclose information we collect through the Site. Learn more about Health Information Privacy at HHS.gov.
When you give Maximus personal information, whether we ask for it or not, you consent to let Maximus collect and share the information with DHHS for the reasons you gave the information.
Except as stated below or as otherwise authorized by law, Maximus will only collect or disclose personal information through this Site/Application if you agree to let us collect or disclose that personal information. Maximus may collect or disclose personal information without your agreement when we need to:
- Perform our statutory duties as authorized by law or by state or federal statute or regulation
- Comply with valid legal processes such as a search warrant, subpoena, or court order
Maximus may also disclose personal information to federal or state law enforcement authorities to enforce our rights against unauthorized access or attempted unauthorized access to Maximus information technology assets.
Maximus may disclose personal information to our agents, affiliates, and subcontractors so they can perform certain functions relating to your enrollment.
Maximus does not share your personal information with unaffiliated third parties. We may use your information to improve the content, navigation, and efficiency of the Site/Application.
To make our Site/Application better for you, we may use and share with others aggregated or anonymous (not personally identifiable) information that we collect from usage data, surveys, or statistical information we gather about our users.
Website time out
For security, your URL online session is set up to end after 30 minutes of user inactivity. You will get a session timeout warning after 29 minutes of inactivity. This lets you continue your session or log out. If you do not select either, your session will end after 30 minutes of inactivity.
Information we keep
Maximus keeps the information we collect through this Site/Application, including personal information you send, as required by our contract with DHHS. To learn more about the rules for keeping your information, mail your questions to the contact address below.
Website privacy statement
When you visit the Site, our web server automatically collects and logs web usage data on behalf of DHHS to tell us how visitors use and navigate the Site. The data includes:
- Your Internet Protocol (IP) address
- Referring websites
- Pages viewed
- Browser type
- Operating system
- CPU speed
- Referring or exit web pages
- Length of visit
Device and carrier information
When you use the mobile Application, we may collect information about your device such as the device model, brand, operating system, or IP address. Maximus will only keep this information as long as needed and use it as described in this statement.
Cookies, “Do Not Track” signals, and Adobe Analytics
Like most websites, we use "cookies," "web beacons," and similar devices. They help you use the Site more efficiently. They also track your activities.
- A cookie is a small bit of data a web server sends to your browser. Only the server that gave it to you can read it. It is your ID card for the Site. It lets Maximus record your activities and preferences. It cannot be used as code or send viruses.
- A web beacon is a small transparent gif image. It is embedded in an HTML page or email. It tracks when the page or email was viewed.
Maximus uses cookies and similar devices to track your use of the Site, products and services you view, and information you download. We count the number of visitors per day. Our web servers log your computer’s IP/Internet address. Maximus does not allow the use of persistent (saved) cookies.
The Site uses Adobe Analytics. Adobe Analytics does not identify individual users. It does not link your IP address with any other data Adobe Analytics holds. Adobe Analytics reports help us understand Site traffic and webpage usage. To learn more, read the Adobe Privacy Policy.
Opt-out of cookies and Adobe Analytics
If you do not want your browser to accept cookies, you can change the cookie option in your browser settings. Some Site features or services may not work or be accessible without cookies. To learn more about Adobe Analytics tracking cookies, read the Adobe Cookies Policy. To learn about opting out, read Adobe Privacy Choices.
“Do Not Track”
"Do Not Track" is a preference you can set in your web browser. It tells websites you visit that you do not want them to collect information about you. The Site does not respond to "Do Not Track" or such signals.
Security
Maximus is strongly committed to protecting personal information collected through this Site/Application. We protect against unauthorized access, use, or disclosure. Maximus limits employee access to personal information collected through this Site/Application. Only those employees who need to access the Site/Application to perform their official duties can access it. All employees follow rules for disclosing personal information.
Maximus uses technical security measures and procedures to protect the personal information we collect through the Site/Application. We protect it from getting lost, misused, changed, or destroyed. We have Information Security and Privacy policies to protect data. We give our employees regular training on information security and privacy. Because the Internet is open and unsecured, Maximus cannot be responsible for the security of personal information sent over the Internet. We have a formal incident response plan in case of a data breach.
To protect your communications through the Site/Application, we authenticate, monitor, audit, and encrypt activity. You can tell if a site is secure by looking at the location (URL) field. The content comes from a secure server if the URL starts with https:// instead of http://. This means unauthorized persons cannot read or decipher your personally identifiable information. This is part of our commitment to protect your information. Despite our efforts, no security measures are completely secure.
Children
Maximus is committed to complying fully with the Children's Online Privacy Protection Act. We do not direct this Site/Application to children. We do not knowingly collect personal information from children. We work with parents and guardians to delete from our records any personal information a child may have disclosed improperly on the Site/Application. Maximus appreciates your cooperation with this federally mandated requirement.
Reviewing and correcting your information
We try to keep your information correct and up to date. To change or update any personal information in our program, write to Maximus at the address below. Give us as much detail as you can. To correct personal information you gave for the federal, state, or local governments we work with, contact that program’s customer service department. Read the section below on How to contact us
Information disclaimer
Information on this Site/Application is meant to give the public immediate access to public information. While we try to give accurate, current, and reliable information, Maximus understands that human and mechanical errors happen. Maximus and our employees, officers, and agents do not represent that information on this Site/Application is accurate, complete, up to date, or suitable.
Changes to this privacy statement
We update this privacy statement. When we do, we change the "Last updated" date at the top of the privacy statement. Check the Site/Application for our latest privacy statement. When you use the Site/Application after we change the “Last updated” date, it means you accept the changes.
How to contact us
If you have questions or concerns about your information, or to review and correct it, contact us by:
Toll-free phone number
1-833-870-5500 (TTY: 711 or RelayNC.com)
Mail
Maximus
5001 Hospitality Court, Suite 100
Morrisville, NC 27560
If you have questions or concerns about this privacy statement, contact us by:
Email
PrivacyOfficial@maximus.com
Mail
Maximus Privacy Official Office
1600 Tysons Boulevard, Suite 1400
McLean, VA 22102