Client Portal
This notice is applicable for employer-sponsored wellness programs.
Wellness Program Notice
Wellness programs are administered according to federal rules permitting employer-sponsored wellness programs that seek to improve employee health or prevent disease, including the Americans with Disabilities Act of 1990, the Genetic Information Nondiscrimination Act of 2008, and the Health Insurance Portability and Accountability Act, as applicable, among others. If you choose to participate in the wellness program, depending on the type of program, you may be asked to complete a voluntary health risk assessment or "HRA" that asks a series of questions about your health-related activities and behaviors and whether you have or had certain medical conditions (e.g., cancer, diabetes, or heart disease). You may also be asked to complete a biometric screening, which will include a blood test for diabetes, cholesterol levels and heart disease. You are not required to complete the HRA or to participate in the blood test or other medical examinations.
However, employees who choose to participate in the wellness program, depending on the type of program, may receive a product, gift card or cash equivalent (i.e., premium deduction, deductible buy-down) incentive for completing the actions stated above. Although you are not required to participate in any activities of the program, only employees who do so will receive the corresponding incentive.
Additional incentives, depending on the type of program, may be available for employees who participate in certain health-related activities (i.e., health and fitness challenges, digital coaching modules and seminars) or achieve certain health outcomes. If you are unable to participate in any of the health-related activities or achieve any of the health outcomes required to earn an incentive, you may be entitled to a reasonable accommodation or an alternative standard, though physician documentation of the need for such an accommodation or alternative standard are required.
The information from your HRA and the results from your biometric screening will be used to provide you with feedback to support you in understanding your health and to reduce potential risks. In some instances, this information may also be used to offer you services through the wellness program, such as disease management programs. You also are encouraged to share a copy of your results with your own doctor so that you can work together on a good plan for improving or maintaining your health.
Protections from Disclosure of Medical Information
We maintain the privacy and security of your personally identifiable health information as required by law. Although the Licensor wellness program may provide aggregate information it collects to your health plan or employer, Licensor will never disclose any of your personal information either publicly or to your employer without your consent or as expressly permitted by law. If your employer sponsors an ERISA health program, information shared is limited to what is needed for payment or operations of the health program. Medical or personal information that personally identifies you will not be provided to your supervisors or managers and can never be used to make decisions regarding your employment.
Your health information will not be sold, exchanged, transferred, or otherwise disclosed except to the extent permitted by law to carry out specific activities related to the benefit plan or wellness program, and you will not be asked or required to waive the confidentiality of your health information as a condition of participating in the wellness program or receiving an incentive. Anyone who receives your information for purposes of providing you services as part of the wellness program has passed training and abides by the same confidentiality requirements. The only individuals who will receive your personally identifiable health information are health coaches, Healthspace Navigators and data management professionals in order to administer your program
In addition, all medical information obtained through the wellness program will be maintained separate from your personnel records, information stored electronically will be encrypted, and no information you provide as part of the wellness program will be used in making any employment decision. Appropriate precautions will be taken to avoid any data breach, and in the event a data breach occurs involving information you provide in connection with the wellness program, we will notify you immediately.
If you have questions or concerns regarding this notice, or about protections against discrimination and retaliation, please call the number listed at login or at the bottom of the page.
-
Your Use of the Member Portal Governed by this Agreement
Healthcare Interactive, Inc dba HCIactive is a provider of technology solutions and services that are being offered under a licensing reseller agreement with HCIactive, hereafter referenced to as “Licensor”. Your use of the Licensor’s Member Portal, powered by HCIactive, is governed by this agreement. In all cases in this Agreement, "HCI" means HCIactive, located at 6011 University Blvd, Suite 360, Ellicott City, MD 21043, United States, and includes its subsidiaries, affiliates, and licensors involved in providing HCIactive data or services.
-
The Member Portal does NOT offer medical advice
The Member Portal does not offer medical advice. Any content accessed through the Member Portal or HCI is for informational purposes only and is not intended to be a substitute for professional medical advice, diagnosis, or treatment or uses, directions, precautions, drug interactions, or adverse effects. This content should not be used as a substitute for medical advice from a doctor, or during a medical emergency or for the diagnosis or treatment of any medical condition. Please consult your doctor or other qualified health care provider if you have any questions or concerns about a medical condition, or before taking any drug, changing your diet or commencing or discontinuing any course of treatment. Do not ignore or delay obtaining professional medical advice because of information accessed through the Member Portal or HCI. Call 911 or your doctor for all medical emergencies.
You may only use the Member Portal if you reside in the United States
Reliance on any information provided by the Member Portal, HCI, HCI employees, or others accessed through the Member Portal is solely at your own risk.
-
Use of Member Portal Data, Products or Services
You must provide accurate information to use the Member Portal. You are responsible for the security of your passwords and for any use of your account. You must immediately notify HCI of any unauthorized use of your password or account by contacting support@healthspace.net.
Your use of the Member Portal and any content accessed through the Member Portal must comply with all applicable laws, regulations and ordinances, including any laws regarding the export of data or software. You must be at least 18 years old to use the Member Portal or HCI.
You may not access the Member Portal other than by the interfaces provided by HCI or interfere with or disrupt the proper operation of the Member Portal and or HCIactive.
-
Use of Information
If you create, transmit, or display health or other information while using or received from the Member Portal, you may provide only such information that you own or have the right to use. HCI and the Member Portal may only use health information you provide as permitted by applicable law. Neither the Member Portal nor HCI is a “covered entity” under the Health Insurance Portability and Accountability Act of 1996 and the regulations promulgated thereunder ("HIPAA"). Although HCI systems are HIPAA compliant as required by our plan sponsors and health insurance plans, HIPAA does not apply to the transmission of health information to or from the Member Portal by or to HCI or any third party.
You understand that HCI does not control or endorse the content that you and others display, transmit or provide to the Member Portal.
You understand that HCI may need and you hereby authorize HCI to use, modify, copy, distribute and display content posted on the Service to the extent necessary to provide the Service in compliance with HIPAA regulations as they may apply to the Member Portal. This includes:
- storing and retrieving the content;
- making the content available to you and to those members of the public to whom have access to the Member Portal;
- conforming to connecting networks technical requirements; and
- conforming to the limitations and terms of the service.
You understand that sharing content that violates other copyrights, other intellectual property rights or any HIPAA rights violates this agreement. You represent and warrant that you have all the rights necessary for you to grant the rights in this section and that the use and publication of any information provided does not breach any law.
-
Additional Terms
Your use of the Member Portal and any content accessed through the Member Portal is subject to the additional terms provided in connection with HCI’s agreement in effect at that time with the Licensor.
-
Content and Services Accessed through the Member Portal and Third-Party Services
The use of the Content and Services is at your own risk. Some health-related content may be sexually explicit and may include content that you find offensive.
When using the Member Portal, information is transmitted over an electronic medium that is beyond the control and jurisdiction of HCI and its and its subsidiaries, affiliates or licensors. As such, HCI assumes no liability for or relating to the delay, failure, interruption, or corruption of any data or other information transmitted in connection with HCI products or services. How safe this information remains depends on how well you protect your computer from spyware and other programs that attempt to hack into your system. Keep your operating system up-to-date and use anti-virus software and personal firewalls to protect your computer from unwanted intrusions.
The content, services and data are provided on an "as is" basis, and HCI assumes no liability to or for the accuracy of your data or any other data accessed through our products or services.
HCI may make third-party services or internet sites available through the Member Portal for the convenience of World Wide Web users. If you access a third party’s website or data or information through the Member Portal, you are solely responsible for authorization to allow the third-party service provider to retrieve, provide, and/or modify health and other information in your account or if you otherwise share your information with the service provider. Once you enable a specific third-party service provider to access your account, the service provider may continue to access your account until you affirmatively disable access. Third-party service providers include both health care providers and other entities. It is your sole responsibility to review and approve each such third-party service before sharing your information through or otherwise accessing it.
The Member Portal may screen, modify, refuse, or remove certain content or third-party services, but is not responsible for and does NOT endorse any third-party content or services. HCI further does not endorse any third-party service providers, other health care providers, products, services, doctors, opinions, or web sites accessed through the Member Portal. It is your responsibility to examine the copyright and licensing restrictions of linked pages and to secure all necessary permission. You cannot assume that the external sites will abide by the same provisions as HCI.
USE OF THESE SERVICES AND RELIANCE ON THIS CONTENT IS SOLELY AT YOUR OWN RISK. HCI MAY NOT BE HELD LIABLE FOR ANY DAMAGES ARISING OUT OF OR RELATED TO YOUR USE OF ANY THIRD-PARTY SERVICE OR CONTENT.
6.1 Dwolla as a Payment Provider
In order to use the payment functionality of our application, you must open a "Dwolla Platform" account provided by Dwolla, Inc. and you must accept the Dwolla Terms of Service and Privacy Policy. Any funds held in the Dwolla account are held by Dwolla's financial institution partners as set out in the Dwolla Terms of Service. You authorize us to collect and share with Dwolla your personal information including full name, date of birth, social security number, physical address, email address and financial information, and you are responsible for the accuracy and completeness of that data. You understand that you will access and manage your Dwolla account through our application, and Dwolla account notifications will be sent by us, not Dwolla. We will provide customer support for your Dwolla account activity, and can be reached at https://hciactive.com/contact-us, support@healthspace.net and/or 888-236-8581.For Brokers: You expressly authorize our service provider, Dwolla, Inc. to originate credit transfers to your financial institution account. You authorize us to collect and share with Dwolla your personal information including full name, email address and financial information, and you are responsible for the accuracy and completeness of that data. Dwolla’s Privacy Policy is available here -
HCI Proprietary Rights
HCI owns all proprietary rights to the Member Portal. HCI gives you a personal, limited, revocable, non-assignable, and non-exclusive license to use the Member Portal. All HCI proprietary source code, products, services and intellectual property remain the sole property of HCI at all times, and limitations of liability do not apply to breaches by you of intellectual property rights or provisions, or indemnification obligations. You will not disassemble, decompile, or reverse engineer any HCI system.
Should you decide to transmit to HCI, by any means or any media, any materials or other information (including, without limitation, ideas, concepts or techniques for new or improved services and products), whether as information, feedback, data, questions, comments, suggestions or the like, you agree that such submissions are unrestricted and shall be deemed non-confidential and you automatically grant to HCI and its assigns an exclusive, royalty-free, worldwide, perpetual, irrevocable license, with the right to sublicense, to use, copy, transmit, distribute, create derivative works of, display and perform the same.
-
Modification and Termination of the Member Portal
HCI may modify, suspend or terminate the Member Portal at its sole discretion, and may suspend or terminate your use of the Member Portal if you fail to comply with this agreement. This suspension or termination may delete your information, files, and other previously available content. If HCI or the Licensor terminates the Member Portal or your use of the Member Portal, this agreement will also terminate, but all terms & conditions related to the privacy of data and limits on liability will continue to be effective after termination.
-
Changes to this Agreement
HCI may change this Service Agreement unilaterally by posting new applicable terms & conditions. If we make such changes, you must either agree to the changes or stop using the Service.
-
Indemnification
You will hold harmless, indemnify, defend or settle any third-party claim against HCI and its subsidiaries, affiliates, and licensors, and their respective officers, directors, employees, agents, licensors, and suppliers from and against any claims, actions or demands, liabilities and settlements including without limitation, reasonable legal and accounting fees, resulting from, or alleged to result from, your violation of this Agreement, unauthorized use of a third party’s intellectual property or protected health information, or arising out of or related to your use of any HCI products, services or data.
-
Exclusion of Warranties
HCI, and its subsidiaries, affiliates, and licensors provide the service “as-is,” “with all faults” and “as available.” We do not guarantee the accuracy, completeness, usefulness, or timeliness of information available from the service, nor the advice or information provided by HCI and its subsidiaries, affiliates, licensors, or any third party. Neither HCI nor any of HCI’s licensors make any express warranties, and each of them disclaims to the fullest extent of the law all implied warranties, including implied warranties of accuracy, merchantability, fitness for a particular purpose, and non-infringement. Neither HCI nor any of HCI’s licensors make any warranty that the content in the Member Portal satisfies government regulations requiring disclosure of information on prescription drug products. Content of HCI is developed for use in the United States, and neither HCI nor any of HCI’s subsidiaries, affiliates, and licensors make any representation concerning the content when used in any other country.
-
Limitation of Liability
Neither HCI nor any of its subsidiaries, affiliates, and licensors may be held liable under this agreement for any damages other than direct damages, limited to $100, even if the party knows or should know that other damages are possible or that direct damages are not a satisfactory remedy. You cannot recover any other damages, including consequential, lost profits, special, indirect, incidental or punitive damages, unless you reside in a state that does not allow the exclusion or limitation of incidental or consequential damages. As such, the limitations in this section apply to you only to the extent they are lawful in your jurisdiction. HCI assumes no liability for damage to your computer or other electronic devices which may occur as a result of using the software or website.
-
Applicable Law And Venue
This Agreement shall be governed, enforced, performed and construed in accordance with the laws of the State of Maryland, without reference to the principles of conflicts of law. If any dispute or controversy arises among the parties to this Agreement, that dispute or controversy, the parties consent to the exclusive jurisdiction of, and the matter shall be submitted to, the Courts of Howard County, Maryland. The party which does not prevail in such proceedings shall pay the reasonable attorney’s fees and other costs and expenses, including expert witness fees, incurred by the prevailing party.
Healthcare Interactive, Inc dba HCIactive is a provider of technology solutions and services that are being offered under a reseller licensing agreement with HCIactive, hereafter referenced to as “Licensor”. HCIactive values you as a customer, and protection of your privacy is very important to us. In conducting business with Licensor, we will create and maintain records that may contain personal information and/or protected health information.
This notice describes how personal, medical, and/or financial information about you may be used and disclosed by HCIactive as part of our services agreement with Licensor and how you can get access to this information. The Licensor may have additional Privacy Practices, outside of the scope of the technical services provided by HCIactive, so please be sure to be aware of the practices specific to the Licensor’s business operations.
Please note that the following terms and service statements only apply based on the programs and services selected and enabled by your specific Licensor, plan sponsor, affiliated organization, or employer group.
“Personal Information” or “PI” is information about you, including demographic information such as your name, address and social security number, that can reasonably used to identify you.
“Protected Health Information” or “PHI” is information about you, including demographic information such as your name, address and social security number, that can reasonably used to identify you and that relates to your past, present or future physical or mental health condition, the provision of health care to you, or the payment for that care.
“Health information means any information, whether oral or recorded in any form or medium, that
- is created or received by a health care provider, health plan, public health authority, employer, life insurer, school or university, or health care clearinghouse; and
- relates to the past, present, or future physical or mental health or condition of any individual, the provision of health care to an individual, or the past, present, or future payment for the provision of health care to an individual.”
“Individually identifiable health information is information that is a subset of health information, including demographic information collected from an individual, and:
- Is created or received by a health care provider, health plan, employer, or health care clearinghouse; and
-
Relates to the past, present, or future physical or mental health or condition of an individual; the provision of health care to an individual; or the past, present, or future payment for the provision of health care to an individual; and
- That identifies the individual; or
- With respect to which there is a reasonable basis to believe the information can be used to identify the individual.”
Security procedures are in place to protect the confidentiality of your data. We protect your privacy by:
- Limiting who may see your PHI;
- Limiting how we may use or disclose your PHI;
- Informing you of our legal duties with respect to your PHI;
- Explaining our privacy policies;
- Adhering to the policies currently in effect;
- Encrypting your data.
This Notice describes our privacy practices, which include how we may use, disclose, collect, handle and protect our members’ protected health information. We are required by certain federal and state laws to maintain the privacy of your protected health information. We also are required by the federal Health Insurance Portability and Accountability Act (or “HIPAA”) Privacy Rule to give you this Notice about our privacy practices, or legal duties, and your rights concerning your protected health information
This Notice takes effect on April 14, 2003, and will remain in effect until we replace or modify it.
Copies of this Notice
You may request a copy of our Notice at any time. If you want more information about our privacy practices, or have questions or concerns, please contact HCIactive by calling 888-236-8581, or emailing support@healthspace.net, or writing to us using the contact information at the end of this notice.
Changes to this Notice
The terms of this Notice apply to all records that are created or retained by us which contain your PHI. We reserve the right to revise or amend the terms of this Notice. A revised or amended Notice will be effective for all of the PHI that we already have about you, as well as for any PHI we may create or receive in the future. We are required by law to comply with whatever Privacy Notice is currently in effect. You will be notified of any material change to our Privacy Notice before the change becomes effective. When necessary, a revised Notice will be mailed to the address that we have on record for the contract holder of your member contract.
Potential Impact of State Law
The HIPAA Privacy Rule generally does not “preempt” (or take precedence over) state privacy or other applicable laws that provide individuals greater privacy protections. As a result, to the extent state law applies, the privacy laws of a particular state, or other federal laws, rather than the HIPAA Privacy Rule, might impose a privacy standard under which we will be required to operate. For example, where such laws have been enacted, we will follow more stringent state privacy laws that relate to uses and disclosures of the protected health information concerning HIV or AIDS, mental health, substance abuse/chemical dependency, genetic testing, reproductive rights, etc.
How We May Use and Disclose Your Protected Health Information (PHI)
In order to administer our health benefit programs effectively, we will collect, use and disclose PHI for certain of our activities, including payment of covered services, wellness services and health care operations.
The following categories describe the different ways in which we may use and disclose your PHI. Please note that every permitted use or disclosure of your PHI is not listed below. However, the different ways we may use or disclose your PHI do fall within one of the permitted categories described below.
Payment: We may use and disclose your PHI for all payment activities including, but not limited to, collecting premiums or to determine or fulfill our responsibility to provide prescription drug coverage under your health plans. This may include coordinating benefits with other health care programs or insurance carriers. For example, we may use and disclose your PHI to pay claims for services provided to you under your prescription drug plan(s), or to determine if requested services are covered under your prescription drug plan. Treatment: We may use or disclose your PHI to facilitate medical treatment by providers. For example, your PHI may be provided for a physician to whom you have been referred to ensure that the physician has the necessary information to treat you. We may request the services of a business associate to assist us in these activities. Any business associate we may employ will be covered under a Business Associate Agreement.
Health Care Operations: We may use and disclose your PHI to provide health care services to you, or to coordinate and consult with other health care providers in treating you or providing health care and related services to you. For example, to assist you with a problem you may be having with a pharmacy, we may need to discuss information about your health with the pharmacist to ensure that the prescribed drug is being processed correctly.
We may use and disclose your PHI to bill and collect payment from you, your health plan or a third party, for the treatment or services you receive. For example, we may need to provide information about the prescription drugs filled for you, to your health plan, so that they will pay us or reimburse you for these drugs.
We may also use and disclose your PHI to conduct quality assessment and improvement activities, to conduct business planning activities, to conduct fraud detection programs, to conduct or arrange for medical review, or to engage in coordination of health care services.
Use of Third-Party Service Providers: As part of our healthcare operations and commitment to providing secure and reliable services, we utilize third-party service providers to support various technical and operational functions.
- Microsoft Azure: We use Microsoft Azure to host and manage our infrastructure. While Azure does not directly access or control the personal information (PI) or protected health information (PHI) we collect and store, they play a critical role in ensuring the security, availability, and confidentiality of our systems. Azure adheres to industry-recognized privacy and security standards, including SOC 2 and HIPAA, to safeguard the infrastructure supporting our services. We maintain control over all data stored in Azure environments, and access is restricted and managed in accordance with our security policies and applicable regulations.
- Twilio: We utilize Twilio's Interactive Voice Response (IVR) system to support automated telephony services. Twilio processes limited data necessary to enable these IVR services. Twilio does not access or store personal information (PI) or protected health information (PHI) beyond what is required to provide these services. Twilio adheres to SOC 2 and other security standards to protect the confidentiality of any data processed in connection with the IVR system.
We may also use and disclose your PHI to certain contractors we ask to help us provide services to you or to operate our business. For example, we may ask a contractor to send out refill reminders on our behalf, or an accounting firm to audit our books and records. We will require these contractors to agree in writing to protect the privacy of any health information they receive in order to perform their services.
We may also use and disclose your PHI to offer you one of our value added programs such as discounted health-related services, or to provide you with information about one of our disease management programs or other available HCIactive products or services.
We may also use and disclose your PHI to provide you with reminders to obtain preventive health services, and to inform you of treatment alternatives and/or health related benefits and services that may be of interest to you.
Release of Information to Plan Sponsors: Plan sponsors are employers or other organizations that sponsor a group health plan. We may disclose PHI to the plan sponsor of your group health plan as follows:
- We may disclose “summary health information” to your plan sponsor to use to obtain premium bids for providing prescription drug coverage or to modify, amend or terminate its group health plan. “Summary Health Information” is information that summarizes claims history, claims expenses, or types of claims experience for the individuals who participate in the plan sponsor’s group health plans;
- In compliance with Affordable Care Act (ACA) rules, we may disclose to your plan sponsor certain PHI in accordance with the coordination of premiums and incentives, as well as enrollment and disenrollment, as it pertains to the wellness program.
- We may disclose your PHI to the third-party administrator of your group health plan so that the third part administrator can administer the group health plan;
- If you are enrolled in a group health plan, your plan sponsor may have met certain requirements of the HIPAA Privacy Rule that will permit us to disclose PHI to the plan sponsor. Sometimes the plan sponsor of a group health plan is the employer. An employer may have a “Privacy Officer” designated and the “Privacy Officer” is allowed, by law, to have access to PHI. You should talk to your employer to find out how this information will be used.
Required by Law: We may disclose your PHI when required to do so by applicable law. For example, the law requires us to disclose your PHI:
When required by the Secretary of the U.S. Department of Health and Human Services to investigate our compliance efforts; and
To health oversight agencies, to allow them to conduct audits and investigations of the health care system, to determine eligibility for government programs, to determine compliance with government program standards, and for certain civil rights enforcement actions.
Public Health Activities: We may disclose your PHI to public health agencies for public health activities that are permitted or required by law, such as to:
- Prevent or control disease, injury or disability;
- Maintain vital records, such as births and deaths;
- Report child abuse and neglect;
- Notify a person about potential exposure to a communicable disease;
- Notify a person about a potential risk for spreading or contracting a disease or condition;
- Report reactions to drugs or problems with products or devices;
- Notify individuals if a product or device they may be using has been recalled; and
- Notify appropriate government agency(ies) and authority(ies) about the potential abuse and neglect of an adult patient, including domestic violence.
Health Oversight Activities: We may disclose your PHI to a health oversight agency for activities authorized by law, such as: audits, investigations; inspections; licensure of disciplinary actions; or civil; administrative, or criminal proceedings or actions. Health oversight agencies seeking this information include government agencies that oversee: (i) the health care system; (ii) government benefit programs; (iii) other government regulatory programs; and (iv) compliance with civil rights laws.
Lawsuits and Other Legal Disputes: We may disclose your PHI in response to a court or administrative order, subpoena, discovery request, or other lawful process once we have met all administrative requirements of the HIPAA Privacy Rule.
Law Enforcement: We may disclose your PHI to law enforcement officials under certain conditions. For example, we may disclose your PHI:
- To permit identification and location of witnesses, victims and fugitives;
- In response to a search warrant or court order;
- As necessary to report a crime on our premises;
- To report a death that we believe may be the result of criminal conduct;
- In an emergency, to report a crime.
Coroners, Medical Examiners or Funeral Directors: We may release PHI to a coroner or medical examiner. This may be necessary, for example, to identify a deceased person or to determine the cause of death. We also may disclose, as authorized by law, information to funeral directors so that they may carry out their duties.
To Prevent a Serious Threat to Health or Safety: As permitted by law, we may disclose your PHI if we believe that the disclosure is necessary to prevent or lessen a serious and imminent threat to the safety of a person or the public.
Military and National Security: We may disclose to military authorities the PHI of Armed Forces personnel under certain circumstances. We may disclose to authorized federal officials PHI required for lawful intelligence, counter-intelligence, and other national security activities.
Workers Compensation: As part of your workers’ compensation claim, we may have to disclose your PHI to a workers’ compensation carrier.
Business Associates: Certain aspects and components of our business are performed through contracts with outside persons or organizations. Examples of these outside persons and organizations include duly appointed insurance agents, third party administrators, licensed auditors, actuarial and underwriting services, reinsurers, legal services, enrollment and billing services, claim payment and medical management services and collection agencies. At times it may be necessary for us to provide your PHI to one or more of these outside persons or organizations who assist us with our payment of health care operations. In all cases, we require these business associates to appropriately safeguard the privacy of your information.
To You: When you ask us to, we will disclose to you your PHI. Generally, this will include medical, enrollment, claims and billing records we may have about you, as well as other records that we use to make decisions about your health care benefits. You can request your PHI as described in the section called “Your Privacy Rights Concerning Your Protected Health Information.”
To Your Personal Representative: If you tell us to, we will disclose your PHI to someone who is qualified to act as your personal representative according to any relevant state laws. In order for us to disclose your PHI to your personal representative, you must complete a HCIactive Personal Representative Designation Form. The HCIactive Personal Representative Designation Form is available electronically within the Member Portal application.
To Family and Friends: Unless you object, we may disclose your PHI to a friend or family member who has been identified as being involved in your health care. We also may disclose your PHI to an entity assisting in a disaster relief effort so that your family can be notified about your condition, status, and location. If you are not present or able to agree to these disclosures of your PHI, then we may, using our professional judgment, determine whether the disclosure is in your best interest.
Parents as Personal Representatives of Minors: In most cases, we may disclose your minor child’s PHI to you. However, we may be required to deny a parent’s access to a minor’s PHI according to applicable state law.
Right to Provide an Authorization for Other Uses and Disclosures
Other uses and disclosures of your PHI that are not described above will be made only with your written authorization. You may give us written authorization permitting us to use your PHI or disclose it to anyone for any purpose. We will obtain your written authorization for uses and disclosures of your PHI that are not identified by this Notice or are not otherwise permitted by applicable law.
Any authorization that you provide to us regarding the use and disclosure of your PHI may be revoked by you in writing at any time. After you revoke your authorization, we will no longer use or disclose your PHI for the reasons described in the authorization. Of course, we are unable to take back any disclosures that we have already made with your authorization. We may also be required to disclose your PHI for purposes of payment for services received by you prior to the date when you revoke your authorization.
Your authorization must be in writing, or in some cases may be authorized electronically, and contain certain elements to be considered a valid authorization.
Your Privacy Rights Concerning Your Protected Health Information (PHI)
You have the following rights regarding the PHI that we maintain about you. Requests to exercise your rights as listed below must be in writing. Please contact a Navigator at the telephone number listed at the bottom of this form, or write to us at the address listed at the end of this Notice.
Right to Access Your PHI: You have the right to inspect or get copies of your PHI. Generally, this will include medical, enrollment, claims and billing records we may have about you, as well as other records that we use to make decisions about your health care benefits.
You may request that we provide copies of your PHI in a format other than photocopies. We will use the format you request unless we cannot practicably do so. We may charge a reasonable fee for copies of PHI (based on our costs), for postage, and for custom summary or explanation of PHI. You will receive notification of any fee(s) to be charged before we release your PHI, and you will have the opportunity to modify your request in order to avoid and/or reduce the fee. In certain situations, we may deny your request for access to your PHI. If we do, we will tell you our reasons in writing, and explain your right to have the denial reviewed.
Right to Amend Your PHI: You have the right to request that we amend your PHI if you believe there is a mistake in your PHI, or that important information is missing. Approved amendments made to your PHI will also be sent to those who need to know, including (where appropriate) HCI’s vendors (known as “Business Associates”). We may also deny your request if, for instance, we did not create the information that you want amended. If we deny your request to amend your PHI, we will tell you our reasons in writing, and explain your right to file a written statement of disagreement.
Right to Accounting of Certain Disclosures: You may request, in writing, that we tell you when we or our Business Associates have disclosed your PHI (an “Accounting”). Any accounting of disclosures will not include those we made:
- For payment, or health care operations;
- To you or individuals involved in your care;
- With your authorization;
- For national security purposes; or before September 15, 2014.
The first accounting in any 12-month period is without charge. We may charge you a reasonable fee (based on our cost) for each subsequent accounting request within a 12-month period. If a subsequent request is received, we will notify you of any fee to be charged, and we will give you an opportunity to withdraw or modify your request in order to avoid or reduce the fee.
Right to Request Restrictions: You have the right to request, in writing, that we place additional restrictions on our use or disclosure of your PHI. We are not required to agree to your request. However, if we do agree, we will be bound by our agreement except when required by law, in emergencies, or when information is necessary to treat you. An approved restriction continues until you revoke it in writing, or until we tell you that we are terminating our agreement to a restriction.
Right to Request Confidential Communications: You have the right to request, in writing, that we use alternate means or an alternate location to communicate with you in confidence about your PHI. For instance, you may ask that we contact you by mail, rather than by telephone, or at work, rather than at home. Your written request must clearly state that the disclosure of all or part of your PHI at your current address or method of contact we have on record could be an endangerment to you. We will require that you provide a reasonable alternate address or other method of contact for the confidential communications. In assessing reasonableness, we will consider our ability to continue to receive payment and conduct health care operations effectively, and the subscriber’s right to payment information. We may exclude certain communications that are commonly provided to all members from confidential communications. Examples of such communications include booklets and newsletters.
Right to a Paper Copy of This Notice: You have the right to receive a paper copy of our Notice of Privacy Practices. You can request a copy at any time. To request a paper copy of this Notice, please contact a Navigator at the telephone number at the bottom of this document.
Your Right to File a Privacy Complaint
If you believe your privacy rights have been violated, or if you are dissatisfied with HCIactive’s privacy practices or procedures, you may file a complaint with HCIactive’s Privacy Officer and with the Secretary of the U.S. Department of Health and Human Services. You will not be penalized for filing a complaint.
To file a privacy complaint with us, you may contact HCIactive’s Privacy Officer as follows:
HCIactive – Privacy Officer
6011 University Blvd, Suite 360,
Ellicott City, MD 21043
Phone: 888-236-8581
Email: support@healthspace.net
HCIactive is committed to providing you the best service while protecting your information and respecting your right to privacy. This site uses cookies and other technologies to improve your experience and to assist us enhance and manage the services we provide to you. This policy provides detailed information about how and when we use cookies and applies to any service provided by HCIactive and its related entities.
How we use Cookies
- Authentication: Cookies help us identify you after you log into one of our services and allows us to personalize the features and information available to you.
- Security: We use cookies to help us detect malicious activity. We may collect information including your device’s IP address and geographic region based on your IP address or GPS location if location services are enabled.
- Performance and Analytics: We use cookies to monitor the performance of our products which helps us improve our offerings. HCIactive uses Google Analytics to monitor our services. More information about their cookie policy is available at https://policies.google.com/privacy.
Controlling Cookies
Most browsers and devices allow you to control cookies through their settings or preferences. We will only store cookies on your devices if your settings allow. If cookies are disabled, we cannot personalize the services or features we offer, and it may prevent you from saving customized settings like login information.
Contact Information
If you have any questions about our privacy policies, please contact us. We support your right to protect the privacy of your protected health and financial information. Our privacy policy is available online. To request a copy of our policies or to report a concern, you may contact HCIactive’s Security Officer as follows:
HCIactive Security Officer
6011 University Blvd
Suite 360
Ellicott City, MD 21043
Email: support@healthspace.net
We will retain your personal information for the length of time needed to fulfill the purposes outlined in this privacy policy unless a longer retention period is required or permitted by law. When the data retention period expires for a given type of data and in accordance with our backup retention policy, we will delete or destroy it.
You have the right to request, in writing, the deletion of your account information. We are not required to agree to your request if data is necessary for the following types of exceptions governed by federal and state laws: transactional purposes requested by you, security, error correction, and other legal obligations under this jurisdiction.
Contact Information
If you have any questions about our data retention policies, please contact us. We support your right to protect the privacy of your protected health and financial information. Our privacy policy is available online. To request a copy of our policies or to report a concern, you may contact HCIactive’s Security Officer as follows:
HCIactive Security Officer
6011 University Blvd
Suite 360
Ellicott City, MD 21043
Email: support@healthspace.net