Privacy and confidentiality notice

On this page:

Collection and use of personal information

Our website provides you with the opportunity to voluntarily submit forms to request additional information about Fallon Health (Fallon). In the course of these transactions, you may provide us with personal demographic information or possibly detailed medical information. We use the information you provide solely to help us respond to your request. As part of researching or fulfilling your request, your information may be shared with other Fallon employees. All employees of Fallon Health sign confidentiality agreements as part of our employment policy to ensure that any private information encountered through the course of their work is treated with the utmost respect.

At no time will Fallon Health sell, rent, loan, trade or lease any information collected on our site. However, please note that we may need to use this information within the Fallon family of affiliate companies or with a third party vendor to perform administrative, technical, or other functions that help us provide service to you. We seek to hold third party vendors to the same privacy practices as Fallon Health.

Except as noted above, Fallon will not release individualized information to another party unless required to do so by government authorities, legal processes, or otherwise required by law.

Any personally identifiable information collected through the website is not stored on the website, but will go to back office systems in the same manner that information from paper forms, submissions and phone calls to customer service are currently handled. The information is used as defined above. As a standard practice, as described below, we collect general statistical information on the content viewed, which is used to help us provide better service to you.

You have the right and ability to exit the Fallon Health site at any time and not remain in active session. If you choose to remain in session on our site, you implicitly consent to our privacy and security policies.

Fallon Health's website is designed and intended for adults; it is not directed toward children. As such, we do not knowingly collect or use personal information from children under 13.

| Back to top |

Collection of information from site visitors: Cookies

When you visit our website, we collect certain information that does not identify you personally, but provides us with aggregate "usage data." This information is used to measure the number of visitors to the different sections of our site and to help us make our site more useful to our visitors. This information is retained and periodically deleted from the site; no back-up copies are made.

Fallon Health's website does employ "cookies" to provide visitors with information that is specific to them. These cookies do not contain any personally identifiable information.

If you choose, you may disable or delete our cookies from your hard drive; however, blocking or deleting cookies may cause some of Fallon's website features and functionality to work incorrectly.

| Back to top |

Website security

Fallon Health takes precautions to protect information our members submit to us via this site. When we ask users to enter personal information, we utilize encryption to protect the transmission of data. The same procedures apply when users ask to see any of their personal information that we maintain.

Please be aware, though, that any unencrypted communication or material transmitted to or from Fallon Health through our website or unencrypted email may not be secure. Accordingly, Fallon Health is not responsible for the security of information transmitted via the internet or other global computer networks.

To protect your privacy, please do not use unencrypted email or unencrypted transmissions to communicate information to us that you consider to be confidential. For more private communication, visitors can contact Fallon Health by telephone or mail or, if you are a member, through our MyFallon member portal.

| Back to top |

Linked sites

Fallon Health's website has links to various other websites that we think might be useful or of interest to you. Fallon, however, cannot be responsible for and does not endorse the privacy practices or the content of its linked websites. Fallon Health urges you to review the privacy policies of any website you visit once you leave Fallon's website. Links to various non-Fallon websites do not constitute or imply endorsement by Fallon Health of these websites, any products or services described on these sites, or of any other material contained in them.

| Back to top |

Protecting your personal health information

As a Fallon Health member, what do I need to know about HIPAA?

Fallon adheres to the federal Health Insurance Portability and Accountability Act of 1996 (HIPAA).

You can tell us how you would like your personal health information shared by submitting forms available on HIPAA forms.

The HIPAA requirements are there to protect you, the consumer. With respect to health care, HIPAA is meant to simplify communications between health plans and providers—mostly through electronic means. However, you should be aware that HIPAA outlines strict guidelines to ensure the privacy and confidentiality of your PHI (protected health information, such as your name and medical information). These guidelines require that your PHI be used for purposes of treatment, payment and health plan operations, and not for purposes unrelated to health care.

Under HIPAA, Fallon Health must:

  • provide a Notice of Privacy Practices to all members (the Notice is issued to all new members with their new member materials and is also available here: Notice of Privacy Practices - pdf).
  • make sure that every person or company who works with us protects member information as we do.
  • carry out privacy training for all employees, whether they deal with member records or not.
  • have consequences in place if member information is used or shared improperly.

| Back to top |

As an employer, how does HIPAA impact my relationship with Fallon Health?

As part of HIPAA Administrative Simplification, Fallon Health is able to accept standard electronic transactions, such as enrollment (834 format) and premium payments (820 format). If you plan to use electronic transactions, please note that they must be in the standard formats set up under HIPAA.

With regard to the HIPAA Privacy Rule, it is Fallon's policy not to disclose member PHI (protected health information, such as member name and medical information) to employers or plan sponsors. Any medical information Fallon Health releases to you will be void of information that would disclose the identity of the member, unless that member has signed an authorization form for that disclosure.

For any exceptions, please discuss with your account executive and understand that if we send individually identifiable information to you, then you must:

  • amend enrollment and other benefit forms to include language outlining permitted uses and disclosures of member health information
  • certify that steps are being taken to secure the PHI of employees in the health plan

| Back to top |

As a broker, what is my relationship with Fallon Health under HIPAA?

Under HIPAA, Fallon Health considers you to be an associate of the employer you represent—business associate agreements with Fallon Health are not required. As an extension of the employer, you are permitted access only to enrollment information if the employer grants you permission.

Note: It is Fallon Health's policy not to disclose member PHI (protected health information, such as member name and medical information) to employers or plan sponsors. Any medical information, including discussing a specific member claim problem, Fallon Health releases to you will be void of any information that would disclose the identity of the member, unless that member has signed an authorization form for that disclosure.

| Back to top |

As a physician or provider, what do I need to know about HIPAA and Fallon Health?

A key HIPAA compliance issue for physicians and other health care providers is the use of electronic transactions.

Those providers using electronic data interchange (EDI) must use standard transactions, such as the 837 for claims. Fallon Health must accept standard transactions, and offers two methods of EDI for this: direct through Fallon Health or through our contracted clearinghouse.

If you are interested in submitting electronic health care transactions, please contact us at 1-866-275-3247, option 6, or email us to request to become a trading partner. Click here to start the enrollment process.
If you have any questions concerning testing with Fallon Health, please contact our EDI Coordinators at 1-866-275-3247, option 6.

To help you with the EDI process, we have created several Fallon-specific companion guides to the official implementation guides. They are available for download on the EDI page.

Another important note regarding HIPAA guidelines is that physicians and other health care providers may release protected health information to Fallon Health for payment and health care operations purposes.

Fallon Health currently contracts with the following clearinghouse:

  • Change Healthcare (formerly known as Emdeon and WebMD)
    Call 1-800-845-6592 or
    visit their website at

| Back to top |

Compliance hotline

1-888-203-5295 (toll-free)
Call our Compliance Hotline to report any concerns you may have regarding compliance, fraud, waste or abuse. You can call the Hotline 24 hours a day, seven days a week. All calls are anonymous and confidential.