Privacy Policy

Title Line

Print

Close

Privacy Act Statement/ Systems of Record/ Disclosure Policy

The U.S. Department of Health and Human Services (HHS) at (http://www.hhs.gov/), of which the CMS COB Secure Web site is a part, has a clear privacy policy. When you access the COB Secure Web site, we collect the minimum amount of information about you necessary to manage your account. The authority for CMS to collect this information is Section 1862(b)(2) of the Social Security Act. The CMS will utilize the information collected to 1) make a determination concerning whether a submitter's WCMSA proposal adequately protects Medicare's interests and 2) update our internal systems of record to ensure that Medicare makes no payment in connection with health services resulting from a work-related illness, inquiry, or disease until WCMSA funds have been appropriately exhausted.

Information originally collected in traditional paper systems can be submitted electronically, i.e., electronic commerce transactions and information updates about eligibility benefits. Electronically submitted information is maintained and destroyed pursuant to the Federal Records Act and in some cases may be subject to the Privacy Act. The information collected through the WCMSAP will be stored within the following CMS Privacy Act systems of records , as appropriate: Workers' Compensations Set-Aside File (09-70-0537) and the Common Working File (09-70-0526). [These systems of records may be referenced by accessing the following:

https://www.cms.gov/Research-Statistics-Data-and-Systems/Computer-Data-and-Systems/Privacy/Downloads/0526-CWF.pdf    and

https://www.cms.gov/Research-Statistics-Data-and-Systems/Computer-Data-and-Systems/Privacy/Downloads/0537-WCSAF.pdf

The basic insurance data created internally to ensure that Medicare only makes primary claim payment when appropriate may be disclosed only as permitted by the routine use disclosure provisions outlined for each of the above systems of record. The HHS and CMS do not disclose, give, sell, or transfer any personal information about its visitors, unless required for law enforcement or statute.

Information Automatically Collected and Stored

The Government may monitor, record, and audit your system usage, including usage of personal devices and email systems for official duties or to conduct HHS business. Therefore, you have no reasonable expectation of privacy regarding any communication or data transiting or stored on this system. At any time, and for any lawful Government purpose, the government may monitor, intercept, and search and seize any communication or data transiting or stored on this system. At any time, and for any lawful Government purpose, the government may monitor, intercept, and search and seize any communication or data transiting or stored on this system.

Any communication or data transiting or stored on this system may be disclosed or used for any lawful Government purpose.

When you browse through any Web site, certain personal information about you can be collected. We automatically collect and temporarily store the following information about your visit:

  • the name of the domain you use to access the Internet (for example, stanford.edu, if you are connecting from Stanford University's domain);
  • the date and time of your visit;
  • the pages you visited; and
  • the address of the Web site you came from when you came to visit.

This information is used for statistical purposes only and to help us make this site more useful to visitors. Unless it is specifically stated otherwise, no additional information will be collected about you.

Information Collected for Workers' Compensation Medicare Set-Aside Arrangements and Account Management through the COB Secure Web site

When Users of the COB Secure Web Site apply to use the Workers' Compensation Medicare Set-Aside Web Portal (WCMSAP), we will collect personal information necessary to validate Users, and to process and manage the application. The authority to collect this information is granted by 42 U.S.C. 1395y(b). This may include your name, mailing address, telephone and fax numbers, E-mail address, date of birth, job title, and Federal Employer Identification Number (FEIN). Provision of this information is necessary in order to grant access to this government web site. The WCMSAP program may also collect a password and password hint for each User accessing the secure web site. We use this information to verify Users' identities in order to prevent unauthorized access to secure COB accounts. COB staff have role-based access to this information, and use only the information minimally necessary to accomplish their jobs. The personal information you provide is encrypted and sent to us using a secure method, in order to assure that your personal information is securely and safely transmitted. However, no one can give an absolute assurance that information intended to be maintained as private, whether transmitted via the Internet or otherwise, cannot be accessed inappropriately or unlawfully by third parties. We have taken and will continue to take reasonable steps to ensure the secure and safe transmission of your personal information.

Personally Provided Information

If you are not responsible for the submission of WCMSAs using the COB Secure Web Site, you do not have to give us personal information. If you choose to provide us with additional information about yourself through E-mail, forms, surveys, etc., we will maintain the information as long as needed to respond to your question or to fulfill the stated purpose of the communication.

Intrusion Detection

This Web site is maintained by the U.S. Government. It is protected by various provisions of Title 18, U.S. Code. Violations of Title 18 are subject to criminal prosecution in federal court.

For site security purposes and to ensure that this service remains available to all Users, we employ software programs to monitor traffic to identify unauthorized attempts to upload or change information, or otherwise cause damage. In the event of authorized law enforcement investigations, and pursuant to any required legal process, information from these sources may be used to help identify an individual.

Systems of Records

Information originally collected in traditional paper systems can be submitted electronically, i.e., electronic commerce transactions and information updates about eligibility benefits. Electronically submitted information is maintained and destroyed pursuant to the Federal Records Act and in some cases may be subject to the Privacy Act. If information that you submit is to be used in a Privacy Act system of records, there will be a Privacy Act Notice provided.

Links

References from this Web site to any non-governmental entity, product, service or information do not imply endorsement or recommendation by CMS, HHS or any other HHS agency or employees.

We are not responsible for the contents of any "off-site" Web pages referenced from this server. We do not endorse ANY specific products or services provided by public or private organizations. In addition, we do not endorse the views expressed by such sites, nor do we warrant the validity of any site's information or its fitness for any particular purpose.

Pop-up Advertisements

When visiting our Web site, your web browser may produce pop-up advertisements. These advertisements were most likely produced by other web sites you visited or by third party software installed on your computer. The CMS does not endorse or recommend products or services for which you may view a pop-up advertisement on your computer screen while visiting our Web site.

Accessibility

This page provides information for those visitors who use assistive or other devices to access the content on this Web site. Please see our Contact section at http://www.cms.gov/ContactCMS/ if you have general questions and comments or have difficulty finding something on this Web site.

Synopsis of Section 508 Accessibility Requirements

Section 508 requires that individuals with disabilities seeking information or services from this Web site have access to and use of information and data that is comparable to that provided to individuals not with disabilities, unless an undue burden would be imposed on us. Section 508 also requires that we ensure that Federal employees with disabilities have access to and use of information and data that is comparable to the access to and use of information and data by Federal employees who are not individuals with disabilities, unless an undue burden would be imposed on us. To learn more about the regulations governing the accessibility of Federal electronic information, you can reference the Synopsis of Section 508 Accessibility Requirements at http://section508.gov.

The CMS MSPRP Web site is a service of the U.S. Department of Health and Human Services at http://www.hhs.gov/. Any Freedom of Information Act (FOIA) requests concerning this Web site should be submitted in accordance with the Department's FOIA guidelines, which are online at http://www.hhs.gov/foia. Information on making FOIA requests is available at the Freedom of Information Group page. You also may wish to review our Privacy Policy above.

SAFEGUARDING & LIMITING ACCESS TO DATA

The user agrees to establish and implement proper safeguards against unauthorized use and disclosure of the data for the purposes of MSP Recovery case handling. Proper safeguards shall include the adoption of policies and procedures to ensure that the data obtained shall be used solely in accordance with Section 1106 of the Social Security Act [42 U.S.C. 1306], Section 1874(b) of the Social Security Act [42 U.S.C. 1395k(b)], Section 1862(b) of the Social Security Act [42 U.S.C. 1395y(b)], and the Privacy Act of 1974, as amended [5 U.S.C. 552a]. Users shall establish appropriate administrative, technical, procedural, and physical safeguards to protect the confidentiality of the data and to prevent unauthorized access to the data provided by the CMS. You agree that the authorized representatives of the CMS shall be granted access to premises where the Medicare data is kept for the purpose of inspecting security arrangements and confirming whether the user is in compliance with the security requirements specified above. Access to any information exchanged during the MSP Recovery process shall be restricted to CMS, Medicare personnel, and other authorized users who require access to (1) perform their official duties in accordance with the approved uses of the information; (2) respond to authorized law enforcement investigations; or (3) respond to any required legal process. Such personnel shall be advised of (1) the confidential nature of the information; (2) safeguards required to protect the information; and (3) the administrative, civil and criminal penalties for noncompliance contained in applicable Federal laws.

PENALTIES FOR UNAPPROVED USE OR DISCLOSURE OF DATA

The user acknowledges that criminal penalties under section 1106(a) of the Social Security Act [42 U.S.C. 1306 (a)], including possible imprisonment, may apply with respect to any disclosure of data received from the CMS that is inconsistent with the purposes and terms of the Agreement. The user further acknowledges that criminal penalties under the Privacy Act [5 U.S.C. 552a(i)(3)] may apply if it is determined that the user, or any individual employed or affiliated therewith, knowingly and willfully obtained the data under false pretenses.