This policy applies to brokers, navigators and certified application counselors (CACs).
In carrying out their duties, assisters will handle one or more types of personally identifiable information (PII) concerning individuals. Federal and state law govern the use and disclosure of this data. Assisters are responsible for ensuring proper handling and safeguarding PII collected, created, used, maintained or disclosed on behalf of MNsure.
As part of the annual required privacy and security training, MNsure-certified assisters agree to use encryption, access restrictions or other data protection measures when storing, transmitting, remotely accessing or disseminating sensitive information in the performance of duties.
To meet their legal obligation to protect consumer privacy and personally identifiable information, assisters are required use a secure email when transmitting PII to the Assister Resource Center (ARC) or Broker Service Line.
As defined, above, PII includes, but is not limited to, a person’s name, birthdate, Social Security number, phone, address, tax credit information, household income, eligibility information, enrollment information, tax filing status, income, family size and health information.
Assisters must request a secure email for any inquiry that contains protected information. The ARC and Broker Service Line will not respond to emails that contain PII that has not been sent securely.
Assisters that have their own encrypted email service may request permission to use that service instead. The request should be submitted to the ARC (navigators and certified application counselors) or the Broker Service Line (agents and brokers) so that the service can be reviewed for compliance with MNsure’s encryption standards. Generally, MNsure currently accepts emails encrypted using Microsoft or ZixCorp, but MNsure may request additional information about the encryption service.