The privacy of our customers is of primary importance to Novitas Solutions Inc. (Novitas). When you visit one of Novitas’ provider websites, Novitas does not collect any personally identifiable information (PII) about you unless you choose to explicitly provide it. However, Novitas does collect some data about your site visit to better understand public use of the site and to make it more useful to visitors. Below is a description of the type of information that is automatically collected and stored during your site visit.
When you browse through any website, certain information about your visit may be collected. Novitas uses a web analytics program to collect information automatically and continuously. Novitas uses this information to measure the number of visitors to its sites and their respective sections and to distinguish between new and returning visitors to help make the Novitas sites more useful to visitors. However, no PII is collected.
The Novitas web team conducts analyses and reports on the aggregated data from the analytics tool. The reports are only available to the Novitas provider website manager, members of the website staff, and other designated staff who require this information to perform their duties.
Novitas also uses online surveys from a random sample of visitors to obtain feedback and data on visitors’ satisfaction with the Novitas websites. This survey does not collect PII, unless you enter it as part of your feedback. Participation in the survey is voluntary. If you decline to participate, you will still have access to the identical information and resources on Novitas’ provider websites as those who do decide to take the survey. Answers to the survey help Novitas improve its provider websites to make them easier to use and more responsive to the needs of site visitors.
The Novitas web team conducts analyses and reports on the aggregated data from the survey. The reports are available only to the Novitas website manager, members of the Novitas website staff and other designated staff who require this information to perform their duties.
Some web-based tools may securely collect PII for authentication and to research specific information in relation to your inquiry. Please note features requesting this information include, but are not limited to the following applications:
Novitas collects PII from you to establish your account and to properly authenticate you for access to the provider web portal.
Novitas collects PII from you to identity the provider associated with the application.
Novitas collects PII from you to validate the beneficiary and provider associated with the claim for reopening.
Novitas collects PII from you to register you for educational events and to authenticate you for continuing education unit (CEU) certificates.
PII collected for the provider portal, reopenings gateway, provider enrollment gateway, learning center registration, and MyCEUCertificate gateway is only available to authorized Novitas administrative users.
From the Novitas provider websites:
Web analytics - for performance and generic new/returning
User usage metrics
Surveys - user satisfaction feedback for site enhancements
From the Novitas web portal signup and usage:
National Provider Identifier (NPI)
Provider Transaction Access N
umber (PTAN)
Submitter data (First name, last name, date of birth, Social Security Number, valid email address)
Legal business name
Tax Identification Number (TIN)
Any pertinent claim data
Transaction specific data, for processing and reporting purposes
Web analytics -- for performance and generic new/returning User usage metrics
Surveys -- user satisfaction feedback for site enhancements
Opt Out Options
Portal sign-up and usage have required data fields that must be completed for you to be properly authenticated for access. Without this information, Novitas cannot establish your user account for the provider portal.
For provider enrollment gateway usage
National Provider Identifier (NPI)
Social Security Number (SSN)
Date of birth
Legal business name
Tax Identification Number (TIN)
Email address
Provider enrollment gateway usage has required data fields that must be completed for you to upload or check the status of an enrollment application. Without this information, Novitas cannot process your provider enrollment request or status inquiry.
For reopenings gateway usage
Health Insurance Claim Number (HIC) – for reopenings gateway
Medicare Beneficiary Identifier (MBI) – for reopenings
Internal Control Number (ICN) – for reopenings
Correspondence Control Number (CCN) – for reopenings
Date of service
Provider Transaction Access Number (PTAN)
Tax Identification Number (TIN)
National Provider Identifier (NPI)
Reopenings gateway usage has required data fields that must be completed for you to process or check the status of a claim reopening. Without this information, Novitas cannot process your reopenings request or status inquiry.
For Learning Center registration
Name
Email address
State/Territory where you reside
National Provider Identifier (NPI)
Learning Center registration usage has required data fields that must be completed for you to register and attend educational events. Without this information, First Coast cannot register you for educational events.
For the MyCEUCertificate gateway
Name
Email address
MyCEUCertificate Gateway usage has required data fields that must be completed by you to authenticate, search completed training events and generate training certificates. Without this information, Novitas cannot authenticate you and generate CEU certificates.
The Office of Management and Budget Memo M-10-22, Guidance for Online Use of Web Measurement and Customization Technologies allows Federal agencies to use session and persistent cookies.
When you visit any website, its server(s) may generate a piece of text known as a "cookie" to place on your computer. The cookie allows the server(s) to "remember" specific information about your visit while you are connected. The cookie makes it easier for you to use the dynamic features of web pages. Requests to send cookies from Novitas’ web pages are designed to collect information about your browser session only; they do not collect personal information about you.
There are two types of cookies: “Temporary session cookies” (single session) and “persistent cookies” (multi-session). Temporary session cookies will last only if your web browser is open. Once you close your browser, the temporary session cookie will disappear. Persistent cookies are stored on your computer for longer periods.
Novitas uses temporary session cookies for technical purposes such as improving navigation through its site and in the Novitas portal. These cookies let Novitas’s server(s) know that you are continuing your visit. The temporary cookie is not permanently stored on your computer. The cookie and the information about your visit are automatically deleted shortly after you close your browser to end the session.
Novitas’s use of session cookies is defined as “Usage Tier 1 -- Single Session.” The policy says, “This tier encompasses any use of single session web measurement and customization technologies.”
The Office of Management and Budget Memo M-10-22, Guidance for Online Use of Web Measurement and Customization Technologies allows Federal agencies to use persistent cookies in addition to temporary session cookies.
Novitas uses persistent cookies to help it recognize new and returning visitors to its provider websites and portal. Persistent cookies remain on your computer between visits to the Novitas provider websites until they expire. Novitas does not use this technology to identify you or any other individual site visitor.
Novitas’ feedback survey tool uses persistent cookies to block repeated invitations to take the Results survey. Novitas also uses persistent cookies to enable its web analytics program to measure how new and returning visitors use its provider websites over time.
Novitas’ use of session cookies is defined as “Usage Tier 2 -- Multi-session without Personally Identifiable Information (PII).” The policy says, “This tier encompasses any use of multi-session web measurement and customization technologies when no PII is collected.”
If you do not wish to have temporary or persistent cookies placed on your computer, you may disable them using your web browser. If you decide to “opt out” of cookies, you will still have access to all information and resources the Novitas websites and web portal. However, by disabling the cookies, it could impact your experience using the Novitas portal.
You can easily remove any cookies that have been created in the cookie folder of the most popular Internet browsers. Simply click the “Help” function on your browser and enter “cookies” to search for information on how to remove all or individual cookies.
Personal information is required for access to the provider web portal, provider enrollment gateway and reopenings gateway. Novitas will safeguard the personal information you provide as required by CMS and in accordance with the Privacy Act of 1974, as amended (5 U.S.C. Section 552a).
You do not have to give Novitas personal information to visit other parts of the Novitas provider websites.
If you choose to provide Novitas with additional information about yourself through an email message, form, survey, et al., Novitas maintains the information only if needed to respond to your question or to fulfill the stated purpose of the communication.
Novitas retains the data from the web analytics tool and feedback survey results only if required by law or needed to support the mission of the Novitas provider websites.
Personal information entered for the provider web portal will be maintained on the “My Profile” page after access has been granted in the Identity Management (IDM) system. Personal information may be corrected by you on this page after you have signed in to IDM. If a Social Security number is incorrect, you must recreate a new profile.
Novitas retains the data in the provider web portal and does not dispose of the data unless required by law.
Personal information entered for the provider enrollment and reopenings gateways is used to verify personal information already maintained by Novitas. Personal information cannot be corrected in the provider enrollment and reopenings gateways; however, you can update personal information by submitting an updated enrollment application or claim.
Novitas will endeavor to protect the personal information you share within its systems. Novitas does not routinely disclose, give, sell, or transfer any personal information about its visitors, unless required by law enforcement or by statute. However, aggregate information may be shared as follows:
Statistics will be furnished to CMS and used internally by Medicare staff to monitor performance requirements. These statistics do not include any personal information.
Novitas will make every attempt to protect any personal information you furnish through an email message, form, survey, et. al. You should be aware that email is not secured against interception. Personal claims or medical information should never be sent to Novitas through email.
The use and disclosure of your personal information for the provider web portal, provider enrollment gateway and reopenings gateway is authorized by Sections 1842, 1862 (b) and 1874 of Title XVIII of the Social Security Act (The Act) (42 United States Code (U.S.C.) 1395u, 1395y (b), and 1395kk).
For site security purposes and to ensure that this service remains available to all users, Novitas and EIDM use software programs to monitor traffic to identify unauthorized attempts to upload or change information or otherwise cause damage. In the event of authorized law enforcement investigations, and pursuant to any required legal process, information from these sources may be used to help identify an individual.
The point of contact for any questions, concerns or to report a known or suspected violation is:
Jon West
Privacy Officer
GuideWell Source
Parent company of Novitas Service Options Inc. and Novitas Solutions, Inc.
532 Riverside Ave. Jacksonville, FL 32202
Phone: 904-791-0130
Email: Privacy.Officer@guidewellsource.com