JUST Capital’s America's Most JUST Companies list is out, and The Cigna Group earned the No. 1 spot among the entire healthcare industry for its corporate citizenship. The Cigna Group was also ranked No. 1 in healthcare for its approach to safeguarding customer data and privacy.
When developing the rankings for customer privacy, JUST Capital and CNBC evaluated several key criteria, such as transparent corporate privacy policies, disclosures, secure storage of customers’ personal information, and user notifications, among others.
“The growth of digital engagement in healthcare has created new needs in health information security and consumer privacy and consent,” said James Beeson, chief information security officer at The Cigna Group. “Adoption of these new health engagement channels at scale is dependent on consumer trust and confidence, so it is imperative for us to design for privacy and consent and to be committed to transparency when it comes to data.”
We have a number of measures in place to ensure that we are being transparent and that protecting people’s personal information is at the core of how we do business.
Oversight and governance
We have teams internally who are committed to ensuring that The Cigna Group has the right oversight and guidance set up to enable just privacy practices. While our Board of Directors has ultimate oversight of our data protection practices, The Cigna Group has a Cyber and Privacy Council that works to develop our organization’s privacy strategy and roadmap.
Additionally, our Cigna Information Protection team, which we call CIP, is responsible for securing member, client, provider, and company data while enabling speed, scale, and trust. Our Enterprise Risk Management (ERM) program, which includes the Board, management, the senior vice president, general auditor and chief risk officer, and the internal audit function, also supports our data protection strategy and initiatives. The enterprise-wide program helps identify, assess, manage, and control risks that have an impact on our ability to achieve strategic goals.
Privacy and data protection programs
Protecting the privacy of our customers, patients, clients, employees, and partners is a top priority for our organization. We provide specific data protection training and emphasize the responsibility of every employee to ensure the privacy of our stakeholders by adhering to our company’s data protection policies and practices.
For our customers, we provide online resources about our privacy and information protection practices, including our Online and Mobile Privacy Statement [PDF], Notice of Privacy Practices, and Privacy Forms. We proactively notify customers on how their personal information may be used and disclosed by The Cigna Group, as well as their rights.
In addition to notifying customers and clients of any changes to our privacy practices, we also tell customers how they can take additional steps to protect their personal information. In 2021, The Cigna Group’s Privacy Office undertook a project to further consolidate and integrate privacy notices across the organization, resulting in greater consistency, transparency and efficiency moving forward.
“Protecting personal information and our customers’ privacy is core to our operations,” said Katie Timm, senior vice president and chief compliance officer at The Cigna Group. “Every employee plays a part in ensuring the privacy of our stakeholders.”
Healthy Growth: Corporate Responsibility Report
To learn more about how The Cigna Group protects the privacy of our customers, patients, clients and employees, check out our most recent corporate responsibility report.