Interoperability API Developer Portal

BCBSKS Interoperability API Developer Portal
 

Terms and Conditions (API Data)

Data Commitments

  • You are responsible for obtaining and maintaining member consent for access to Blue Cross and Blue Shield of Kansas (BCBSKS) data.
  • You will cease to call the API if member consent is revoked and you will notify BCBSKS.
  • You will keep the developer credentials confidential and only use the developer credentials for the purpose of connecting to the API for the individual’s access.
  • You will only use data in compliance with:

    • Applicable law, and
    • App privacy policy, terms of use, terms and conditions, or any other similar items.

    The app privacy policy and TOU must be made publicly available for individuals to access and understand.

  • You must notify members of breach or misuse of data (i.e., use in breach of the app’s own privacy policy), consistent with state and federal law which includes the FTC breach notification rule located at https://www.ftc.gov/enforcement/rules/rulemaking-regulatory-reform-proceedings/health-breach-notification-rule.
  • If your privacy policy, responses to any BCBSKS security questions, or responses to any privacy attestation(s) materially change, you must seek renewed member consent and must renew your application information.
  • You will notify BCBSKS of any change of control, or any delegation or assignment to a new entity, and will renew your application information.
  • You will notify BCBSKS of any breach of the agreement.
  • You will immediately, no later than 24 hours following the event, notify BCBSKS in the case of a security incident that may impact the security of BCBSKS’s system or data.

BCBSKS Rights

  • BCBSKS may limit access, calls, etc. as necessary to protect BCBSKS’s system, prevent abuse, ensure equitable access, etc. BCBSKS will set such limits and adjust them at BCBSKS’s discretion.
  • BCBSKS will make any updates to its terms by updating this page. You have a duty to periodically check these terms.
  • BCBSKS will conduct a security review in accordance with BCBSKS’s obligations under HIPAA. This includes but is not limited to:
    • Validating member consent through BCBSKS’s own secure process.
    • Conducting a security review of the app.
    • Imposing security requirements on the app to mitigate any risks identified in the security review, prioritizing security of BCBSKS’s own systems.
  • BCBSKS may revoke access if your app engages in any inappropriate use, as determined by BCBSKS, including but not limited to the following:
    • Member revokes consent.
    • You violate law, privacy policy, terms of member consent.
    • You suffer a data breach that may impact the security of BCBSKS’s system or data.
    • You threaten security or integrity of BCBSKS systems in any manner.
    • Any statement made by you in the application process proves to be false or materially misleading.
    • You undergo a change of control or assign/delegate the duties related to member data.
    • Per normal BCBSKS process for periodic confirmation of member consent.

Liability

  • Access and data are provided without any warranty whatsoever.
  • No commitment regarding accuracy of data or uninterrupted use.
  • BCBSKS liability capped at $50 United States Dollars with no exceptions.
  • You indemnify BCBSKS for any and all claims and expenses that  you access, use, or disclosure of data violating member consent, or applicable law.

General

  • You may not use BCBSKS name/logo for any purpose.
  • You waive the right to participate in class action lawsuits.
  • Assignment not permitted, including on change of control.
  • You agree to negotiate in good faith to resolve any disputes.
  • Mandatory binding arbitration required.
  • Kansas law and jurisdiction applies.