Overview

Medical Mutual of Ohio developed ClaimsLink and other Internet services to provide its policyholders, providers, and other external customers with an easy, convenient way to obtain information related to eligibility and claim payments. However, we also recognize our obligation to protect the privacy of this information. Security has always been of paramount importance to everyone on the development team. This document will describe both the configuration requirements for using ClaimsLink, and the techniques being used to keep policyholder data confidential.

The fundumental requirement is to establish secure sessions with authorized site visitors. In other words, we must be able to send and receive data in a way that prevents unauthorized access to the information exchanged with authorized site visitors. These private communication sessions must not be penetrated by external parties, and sensitive information must be protected from unauthorized access. Each indivdual authorized to use ClaimsLink is issued their own ID and unique password to ensure protectin and to provide accountability.

Back to contents

Configuring your PC and browser

• Microsoft © Windows 98 or newer
• Microsoft © Internet Explorer 5.0 with 128 bit encryption strength  or newer  version of Microsoft © Internet Explorer  

MMO's ClaimsLink Security Policy

Firewall

As with most organizations that supply information over the Internet, MMO uses a firewall, which forms a barrier between the Internet and MMO's internal systems. All incoming information is routed to the firewall, which verifies the source and destination of each piece of information. This way, all internal information is protected; keeping the structure of MMO's network a secret. Our firewall records all activity, including sign-ons, sign-offs, and access violations. This allows for quick identification of any suspicious activity.

Encryption

When confidential information must be sent over the Internet, the MMO Web server ensures that it is encrypted. Encryption scrambles information so it can transfer privately from your browser to MMO's network and back. Our customers must use a browser that supports Secured Socket Layers (SSL) and 128-bit encryption for maximum protection.

Internal Controls

Strict internal procedures are in place at MMO to perform system monitoring and real-time alerting of any suspicious activity.

Back to contents

Frequently Asked Questions

What can I do to increase security?

In accordance with the proposed Health Insurance Portability and Accountability Act of 1996 (HIPAA), it is required that PC's which display patient information be protected with a password enabled screen saver. This can be turned on using Control Panel from Windows 95/98/NT.Each customer is issued their own unique ID and associated password, do not share these with anyone. Keep your MMO Internet Password secret. Make sure that no one is watching you as you enter your Password. Insure that any printed identifiable health information is disposed of properly. Adhear to the requirements identified in the Confidentiality Statement you signed. Take all possible precautions to keep your computer free from viruses that could be used to capture password keystrokes or affect your hard drive. 

How do I know the encryption level my browser is using?

The encryption level you are using is determined by your browser type and version. MMO requires you to use a browser which supports North American 128-bit encryption.

How do I upgrade my browser to 128-bit encryption?

If you are not using a browser which supports 128-bit encryption, and would like to, select one of the icons below to upgrade your browser. The latest version Internet Explorer supports 128-bit encryption, which MMO requires for maximum security of online transactions. If you have questions or problems performing your upgrade, please contact the browser vendor for technical assistance.

Select this icon to route to Microsoft's 128-bit download site. The time needed for this process will vary. If you already have IE and are simply upgrading, the download will be quicker than downloading IE for the first time.

What are Cookies?

Cookies are small data structures delivered by a Website to your hard drive. In certain cases (determined by the data in the cookie itself), the Website will require the cookie to be returned. Cookies allow a Website to store and reference a variety of information while the user is visiting their site. Cookies cannot gather data from your hard drive, get your E-mail address, or steal sensitive information.

Why does MMO use Cookies?

As most secured Web sites do, MMO will deliver temporary cookies to your PC. MMO uses cookies to help ensure security. By asking for cookies to be returned, the service can verify that the user requesting an action is still the same user who signed on. If your browser is configured to warn you as each cookie is delivered, make sure you accept all cookies. If you deny cookies while using MMO services, your MMO session will be terminated for your protection. While using MMO, you can configure your browser to automatically accept all cookies.

How do I know I am visiting a secure Internet site?

Browser	Secure	Unsecure
Microsoft Internet Explorer		No Icon

Browsers typically have detailed Security information available in their Help files. Simply select the Help menu option to learn more about Internet Security.

Back to contents