Show:
HIPAA Validation
myCigna Security
Surprise Me
What's the Article?
100

Spouse on the plan calls in and provides their full name, date of birth and SSN. Are they HIPAA validated?

No-  The only SSN that can be accepted for HIPAA validation is the EE SSN.

100

True or false: I can use 3/5 to myCigna security verify a spouse on a plan with an HSA. False

False- neither EE or SP accounts with HSA's can use 3/5 to verify security.

100

Do I need to get an advocate's Lan ID/validate an advocate to accept a warm transfer?

No- What do I need to ask when getting a warm transfer from another Cigna advocate? 

  • If the transferring advocate is warm transferring a caller to you, you do not have to validate the internal partner. 
100

What article would I use to view guidance for validating a caller?

What is: Validating and Protecting Customer Information HIPAA Call Overview 5178

200

If a customer has a plan as an EE and a plan as a SP, do we need to validate both accounts to be able to assist with both accounts?

Yes- different information may be needed depending on the eligibility status of the caller. 

200

True or False: If the customer is HIPAA and myCigna security verified- I can release the email on file

False- the email address is considered PII. Only the domain can be released (iCSA exception)

200

When receiving a warm transfer what information do I need from the advocate?

  1. Determine the reason for the transfer/call.
  2. Ask the advocate for the caller name and if the caller has been HIPAA verified.
200

What article would I use to help security validate a caller for a myCigna password reset?

What is: Validation for myCigna.com, Well.Evernorth.com, and App.Evernorth.com 000082985

300

True or False: I can release the last 4 digits of a caller's phone number.

False- this is PII. No part of the caller's phone number can be released. 

300

What information do I need prior to sending an OTP for myCigna security validation?

1. Must be HIPAA validated

2. Must provide their verified email/phone number prior to sending an OTP


300

Subscriber Fred comes in validated for 26-year-old dependent Pebbles, who lives out of town. He wants to know if you see a future termination date for Pebbles. You do. How should you proceed?

·You cannot quote a future term date.

·You can only give the Termination definition found in Benefit Details Provisions.

·KX 93712

300

What article would I use to determine next steps for an account listed as Suspended in the CSA/SSO tool?

Website User's Password Status is Suspended or Disabled Guide 000005569 or How do I handle a call when their password status says Suspended? 000014379

400

An EE provides their name, SSN and date of birth. The date of birth provided is different than what we have on file. Before advising next steps, what information do I need to get from the customer? 


1 more piece of validation-

Customer's verified Phone Number (including area code) that is listed in Preferences in OneView

Customer's Full Address (house/apartment/unit number, street, city, state, and zip code)

AMI, or

Zip Code

400

True or False- If a caller answers the security question with more than one answer, I can take either answer. 

Example: What is the name of your first dog?

Customer responds: "Either Allie or Doug"

False-only 1 answer can be accepted. Respond to the caller, "For your security, I can only accept one answer. Which is your answer? 

400

Lucy is HIPAA validated. She is asking about a claim for a preventive care visit. Can you release the diagnosis codes?

·Yes, after you confirm two elements of the claim.

·KX 4959

400

What article would I use to help a customer with resetting their password?

How do I find my username or reset my password for myCigna.com, Well.Evernorth.com, or App.Evernorth.com? 000013598

500

True or False- If a date of birth or SSN on file is incorrect, I can release that incorrect information to the customer.

False. PII can never be released to a caller, even if that information is incorrect according to the customer. 

500

What information is included in the 3/5 for myCigna security validation?

  • Date of Birth (DOB)
  • Policyholder's Social Security Number
    Note: It cannot be a spouse/partner/dependent's SSN.
  • Customer Identification (AMI)
  • Verified email address in SSO Tool
  • Verified mobile phone number in SSO Tool
500

Bam has given his first and last name and DOB. He doesn’t know his AMI and the account uses a pseudo social. If he gives you the verified email from Preferences, is he HIPAA-validated?


·No, the verified email is not among the two additional items required after getting the first and last name.

·KX 5178

500

What article would help determine if I can release information to a validated caller?

Example: Can I release a date of birth or is that considered PHI/PII?


General Cigna Information versus Protected Health Information (PHI) 000004975