Privacy Policy

How we protect and use your information

Last Updated: This privacy policy is effective as of January 1, 2025.
We may update this policy from time to time. Material changes will be communicated to members.

Introduction

The DSRA Benefit Trust ("we," "us," or "Trust") is committed to protecting your privacy and safeguarding your personal information. This Privacy Policy explains how we collect, use, disclose, and protect your information in compliance with the Health Insurance Portability and Accountability Act (HIPAA) and other applicable privacy laws.

HIPAA Privacy Protection

As a group health plan, the DSRA VEBA Trust is a "covered entity" under HIPAA. We are required to:

  • Maintain the privacy of your protected health information (PHI)
  • Provide you with notice of our legal duties and privacy practices
  • Follow the terms of the notice currently in effect
  • Notify you if we are unable to accommodate a requested restriction
Notice of Privacy Practices: You have the right to receive a detailed Notice of Privacy Practices (NPP) that explains how your PHI may be used and disclosed. Download NPP

Information We Collect

We collect and maintain several types of information:

Personal Information
  • Name, address, phone number, email address
  • Date of birth and Social Security Number
  • Employment history with Delphi
  • Dependent and beneficiary information
Health Information (PHI)
  • Enrollment and eligibility information
  • Medical claims and benefit utilization
  • Health plan elections and coverage details
  • Prescription drug information
Financial Information
  • Premium payment information
  • Bank account information for EFT (encrypted)
  • Payment history

How We Use Your Information

We use your information for the following purposes:

Plan Administration

Enrolling you in coverage, processing claims, determining eligibility

Payment Processing

Collecting premiums, processing EFT, maintaining payment records

Communications

Sending plan updates, enrollment materials, important notices

Legal Compliance

Meeting legal obligations under ERISA, HIPAA, and other laws

When We Share Your Information

We do not sell your information. We may share your information only in these circumstances:

  • Insurance Carriers and Plan Administrators: To provide your health benefits (e.g., BlueCross BlueShield, MetLife)
  • Business Associates: Service providers who help administer the plan (e.g., Benistar, claims processors) under HIPAA-compliant agreements
  • Healthcare Providers: To facilitate your care and payment for services
  • Legal Requirements: When required by law, court order, or government investigation
  • Plan Oversight: To auditors, attorneys, and consultants performing plan oversight functions

Your Privacy Rights

Under HIPAA and other privacy laws, you have the following rights:

  • Right to Access: You may request and receive a copy of your health information
  • Right to Amend: You may request corrections to inaccurate health information
  • Right to Restrict: You may request limitations on how we use or disclose your information
  • Right to Confidential Communications: You may request to receive communications in a specific manner or location
  • Right to an Accounting: You may request a list of certain disclosures we have made
  • Right to Complain: You may file a complaint if you believe your privacy rights have been violated

How We Protect Your Information

We implement appropriate technical, physical, and administrative safeguards to protect your information:

Encryption

Sensitive data is encrypted during transmission and storage

Access Controls

Only authorized personnel can access your information

Secure Storage

Physical and electronic records are securely stored

Regular Audits

We conduct regular security assessments and audits

Website Privacy

Our website may use common internet technologies such as:

  • Session Cookies: Temporary cookies to maintain your session (automatically deleted when you close your browser)
  • Usage Analytics: We may collect anonymous usage data to improve website functionality

We do not use tracking cookies or sell website visitor data to third parties.

Questions About Privacy?

If you have questions about this Privacy Policy, wish to exercise your privacy rights, or want to file a complaint:

Contact Us:

1-888-588-6682
Benistar Call Center

File a Complaint:

U.S. Department of Health & Human Services
Office for Civil Rights
www.hhs.gov/ocr/privacy

No Retaliation: You will not be retaliated against for filing a privacy complaint.
Back to About Us
An unhandled error has occurred. Reload 🗙

Rejoining the server...

Rejoin failed... trying again in seconds.

Failed to rejoin.
Please retry or reload the page.

The session has been paused by the server.

Failed to resume the session.
Please reload the page.