The information we collect about you includes information about your health such as your medical history, age, health conditions you have, and laboratory test results (“Protected Health Information” or “PHI”). It also includes personal information such as your name, phone number, and home address (“Personally Identifiable Information” or “PII”). Please read the complete definitions of PHI and PII in the Terms and Definitions section at the end of this document.
We may collect and use technical data (data from your device hardware or software) and related information (“Technical Information”), including but not limited to:
We may also automatically receive and record information on our server logs from your browser or mobile device, which could include your IP address, cookie information, browser information, and the pages you visit/request. InfoMC does not consider nor intend Technical Information to constitute PHI or PII. InfoMC may use Technical Information in any way it believes is proper and lawful.
InfoMC products and services exist to simplify your healthcare experience and help our business partners (health plans, direct service providers, and community partners) find qualifying participants. InfoMC’s exclusive software platform may connect to nationwide networks of community organizations and digital solutions for chronic disease prevention programs such as the Centers for Disease Controls’ National Diabetes Prevention Program, with technology that manages service referrals, reimbursements and payments; collects data; and simplifies enrollment while supporting greater participant engagement and choice.
At all times, we will only use or share your PHI and PII to the extent minimally necessary for the intended use or disclosure. InfoMC maintains a “minimum necessary” policy that PHI and PII shouldn’t be used or shared when it is not necessary to satisfy a certain purpose or carry out a function. For more information you can read the full definition of “minimum necessary” in the Terms and Definitions section at the end of this document.
When we have your consent, you accept that we may collect this PHI from you directly or from third parties that you may allow to share PHI with InfoMC. We may ask you or those third parties to give PHI about you that will allow us to enhance how we serve your needs and your use of InfoMC products and services. It is fully your choice whether you give PHI through InfoMC products and services. If you choose not to give the PHI we need, you may not be able to use some parts of InfoMC products and services.
You also give InfoMC a lasting, non-exclusive, transferable, sub-licensable, royalty-free license to use your Information and other data we collect to develop, create, and extract statistics and other information, and to use this information and de-identified data known as “blind data”.
Any blind data InfoMC collects or creates will be owned solely by InfoMC. This data may be used for any lawful business purpose without your consent if this data is not PHI or PII and doesn’t identify you as the source of such data.
We may not be able to carry out a request to change PHI and PII if we believe the change would violate any law or legal requirement or cause the information to be incorrect.
We may use your PHI and PII to contact you about our own and third-party products and services that may interest you. The technologies we use for this automatic data collection may include:
Some web browsers (including Safari, Internet Explorer, Firefox, and Chrome) include a “Do Not Track” (“DNT”) or similar feature that signals to digital services that a visitor does not want to have any online activity tracked. This can block the digital service from collecting certain Information about the browser’s user. Not all browsers offer a DNT choice, and there isn’t a standard yet for DNT signals. For these reasons, we, and many other digital service operators, don’t respond to DNT signals.
We have applied commercially reasonable administrative, technical, and physical safeguards designed to protect your Information from illegal access, use or sharing. All Information you provide to us is stored with an approved cloud services provider. These safeguards include, without limitation, encrypting all PHI and PII; however please be aware that no transmission of information via the Internet can be completely secure. Although we do our best to protect your Information, we cannot guarantee the security of your Information transmitted to our website or the InfoMC products and services. Any transmission of Information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the website or the InfoMC products and services.
The safety and security of your Information also depends upon you. Where we have given you (or where you have selected) a user name and password to access InfoMC products and services, you are responsible for keeping this information private. It is in your best interest to not share your user name or password with anyone.
Please keep in mind that whenever you willingly share Information on message boards or other public forums and features, or through email or group messaging, that Information can be collected and used by others who you may or may not have given consent. By posting Information online that is publicly accessible, you may receive unwanted messages from other parties or reveal your location. We are not responsible for the security or privacy of any Information you choose to send outside the scope of InfoMC products and services.
InfoMC neither designed nor intended its products and services to be accessed by children under the age of 13. No one under age 13 may provide any information to or through InfoMC products and services. If you are under age 13, do not give any information through InfoMC products and services. We do not intentionally collect Information directly from children under the age of 13 for InfoMC products or services.
We also do not collect any PHI from anyone under 18 unless clearly authorized under Federal and equivalent State law. No one under age 18 may give any health-related information through InfoMC products and services unless InfoMC confirms that sharing would follow applicable Federal or State laws.
If we learn we have collected or received PII or PHI from a child under age 13, we will delete that Information and take other appropriate measures.
Physicians or other health care providers, to the extent they are “Covered Entities” under HIPAA (as such term is defined in HIPAA), likely have their own privacy and security policies with respect to your PHI and PII. For more information about your rights under HIPAA, see https://www.hhs.gov/hipaa/index.html
This policy may change. We will do our best to let you know if it does.