Well Connection privacy policy
Effective Date: April 1, 2018
Blue Cross Blue Shield of Massachusetts (“BCBSMA,” “we,” “us,” or “our”) recognizes the importance of protecting the privacy of your personal information, and we have prepared this Privacy Policy to provide you with important information about the privacy practices applicable to the BCBSMA Platform and any website or service that links to or refers to this Privacy Policy (collectively, the “Services”).
Individually identifiable information that you provide to us for purposes of arranging medical care (such information is also referred to as “Protected Health Information” or “PHI”) through the Services will be subject to BCBSMA’s “Commitment to Confidentiality,” which is available here. PHI you provide for the consultation with the provider will be subject to the provider’s HIPAA Notice of Privacy Practices (“HIPAA Notice”), which will be made available to you during the provider’s intake process. To the extent that there is a conflict between this Privacy Policy and either BCBSMA’s Commitment to Confidentiality or the provider’s HIPAA Notice, the Commitment to Confidentiality or the HIPAA Notice will prevail.
I. COLLECTION OF INFORMATION
We may collect the following kinds of information when you use the Services:
Information you provide directly to us. For certain activities, such as when you register, use our telemedicine services, subscribe to our alerts, or contact us directly, we may collect some or all of the following types of information:
- Contact information, such as your full name, email address, mobile phone number, and address;
- Username and password;
- Payment information, such as your credit card number, expiration date, and credit card security code;
- For health care providers, information about your employment, such as your job title, practice area, primary specialty, and medical license status, gender, date of birth, languages spoken, educational background, address, photograph, social security number, Tax ID, NPI number, professional license information, and bank account information;
- Personal health information, including information about your diagnosis, previous treatments, general health, and health insurance;
- Any other information you provide to us.
We may combine such information with information we already have about you.
Information we collect automatically. We may collect certain information automatically when you use our Services, such as your Internet protocol (IP) address, device and advertising identifiers, browser type, operating system, Internet service provider, pages that you visit before and after using the Services, the date and time of your visit, information about the links you click and pages you view within the Services, and other standard server log information. We may also collect certain location information when you use our Services, such as your computer’s IP address, your mobile device’s GPS signal, or information about nearby WiFi access points and cell towers.
We may use cookies, pixel tags, Local Shared Objects, and similar technologies to automatically collect this information. Cookies are small bits of information that are stored by your computer’s web browser. Pixel tags are very small images or small pieces of data embedded in images, also known as “web beacons” or “clear GIFs,” that can recognize cookies, the time and date a page is viewed, a description of the page where the pixel tag is placed, and similar information from your computer or device. Local Shared Objects (sometimes referred to as “Flash Cookies”) are similar to standard cookies except that they can be larger and are downloaded to a computer or mobile device by the Adobe Flash media player. By using the Services, you consent to our use of cookies and similar technologies.
We may also collect technical data to address and fix technical problems and improve our Services, including the memory state of your device when a system or app crash occurs while using our Services. Your device or browser settings may permit you to control the collection of this technical data. This data may include parts of a document you were using when a problem occurred, or the contents of your communications. By using the Services, you're consenting to the collection of this technical data.
Information we obtain from your health care providers and other sources. In connection with your treatment, we may collect medical records from your past, current, and future health care providers. This may include information about your diagnosis, previous treatments, general health, laboratory and pathology test results and reports, social histories, any family history of illness, and records about phone calls and emails related to your illness.
We may also receive information about you from other sources, including through third-party services and organizations. For example, if you access third-party services, such as Facebook, Google, or Twitter, through the Services to sign in to the Services or to share information about your experience on the Services with others, we may collect information from these third-party services.
II. USE OF INFORMATION
We generally use the information we collect online to:
- Provide and improve the Services;
- Contact you;
- Fulfill your requests for products, services, and information;
- Analyze the use of the Services and user data to understand and improve the Services;
- Customize the content you see when you use the Services;
- Prevent potentially prohibited or illegal activities and otherwise in accordance with our Terms of Use (which can be found at https://wellconnection.com/landing.html)
III. SHARING OF INFORMATION
We're committed to maintaining your trust, and we want you to understand when and with whom we may share the information we collect.
Health care providers, insurance companies, and other health care-related entities. We may share your information in accordance with the BCBSMA Commitment to Confidentiality.
Authorized third-party vendors and service providers. We may share your information with third-party vendors and service-providers that help us with specialized services, including billing, payment processing, customer service, email deployment, business analytics, advertising products and services offered by Well Connection or Blue Cross Blue Shield of Massachusetts, performance monitoring, hosting, and data processing. These third-party vendors and service providers may not use your information for purposes other than those related to the services they're providing to us.
Legal purposes. We may disclose information to respond to subpoenas, court orders, legal process, law enforcement requests, legal claims or government inquiries, and as otherwise permitted by BCBSMA’s Commitment to Confidentiality.
With your authorization. We must obtain your authorization to share information for any other purposes.
If you access third-party services, such as Facebook, Google, or Twitter, through the Services to sign in to the Services or to share information about your experience on the Services with others, these third-party services may be able to collect information about you, including information about your activity on the Site, and they may notify your connections on the third-party services about your use of the Site, in accordance with their own privacy policies.
If you choose to engage in public activities on the Site or third-party sites that we link to, you should be aware that any information you share there can be read, collected, or used by other users of these areas. You should use caution in disclosing personal information while participating in these areas. We're not responsible for the information you choose to submit in these public areas
IV. SECURITY
We use reasonable measures to help protect information from loss, theft, misuse and unauthorized access, disclosure, alteration, and destruction. You should understand that no data storage system or transmission of data over the Internet or any other public network can be guaranteed to be 100 percent secure. Please note that information collected by third parties may not have the same security protections as information you submit to us, and we're not responsible for protecting the security of such information.
V. YOUR CHOICES
You may be able to refuse or disable cookies by adjusting your web browser settings. Because each web browser is different, please consult the instructions provided by your web browser (typically in the “help” section). Please note that you may need to take additional steps to refuse or disable Local Shared Objects and similar technologies. For example, Local Shared Objects can be controlled through the instructions on Adobe’s Setting Manager page. If you choose to refuse, disable, or delete these technologies, some of the functionality of the Services may no longer be available to you.
We don't share personal information with third parties for their own direct marketing purposes. We are, however, required to inform you that California residents are entitled once a year, free of charge, to request and obtain certain information regarding our disclosure, if any, of certain categories of personal information to third parties for their direct marketing purposes in the preceding calendar year.
VI. THIRD-PARTY ADVERTISING, LINKS, AND CONTENT
Some of the Services may contain links to content maintained by third parties that we don't control. These third parties may use this information to display advertisements on our Services and elsewhere online tailored to your interests, preferences, and characteristics. We're not responsible for the privacy practices of these third parties, and the information practices of these third parties aren't covered by this Privacy Policy.
To opt out of interest-based advertising across browsers and devices from companies that participate in the Digital Advertising Alliance or Network Advertising Initiative opt-out programs, please visit their respective websites. You may also be able to opt out of interest-based advertising through the settings within the mobile app or your mobile device, but your opt-out choice may apply only to the browser or device you're using when you opt out, so you should opt out on each of your browsers and devices if you want to disable all cross-device linking for interest-based advertising. If you opt out, you'll still receive ads but they may not be as relevant to you and your interests, and your experience on our Services may be degraded.
Do-Not-Track Signals and Similar Mechanisms. Some web browsers transmit “do-not-track” signals to websites. Because of differences in how web browsers incorporate and activate this feature, it's not always clear whether users intend for these signals to be transmitted, or whether they even are aware of them. We currently don't take action in response to these signals.
VII. FOR USE IN THE UNITED STATES ONLY
You must be located in the United States or the territories within its jurisdiction to use this app. Use outside of the United States is prohibited.
VIII. CHILDREN
We don't knowingly allow individuals under the age of 18 to create accounts that allow access to our Services.
IX. CHANGES TO THE PRIVACY POLICY
We may update this Privacy Policy from time to time. When we update the Privacy Policy, we will revise the “Effective Date” date above and post the new Privacy Policy. We recommend that you review the Privacy Policy each time you visit the Services to stay informed of our privacy practices.
X. QUESTIONS?
If you have any questions about this Privacy Policy or our practices, please email us at [email protected].