Mobile Application Privacy Policy

 

Introduction

This mobile application is hosted and operated by OptumRx, your pharmacy benefit manager and mail service provider. As such, some information collected through the mobile application may be considered “protected health information,” as that term is defined in the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) and its implementing regulations.

We recognize that the privacy of your information is important to you. The purpose of this Mobile Application Privacy Policy is to let you know how we handle the information we receive through the use of this mobile application.

This policy does not apply to information collected through other means such as by telephone or in person, although that information may be protected by other privacy policies. As used in this policy, terms such as “we” or “our” and “Company” refer to OptumRx and its current and future affiliate entities, including our parent company UnitedHealth Group.

This mobile application is intended for a United States audience. Any information you provide, including any personal information, may be transferred to and processed by a computer server located within the United States.

This Mobile Application Privacy Policy is in addition to OptumRx’s HIPAA Notice of Privacy Practices , which describes in detail how OptumRx uses and discloses your protected health information.

Your health plan has a contract with us to provide certain services and health tools to you through this mobile application. As your health plan’s business associate, we have agreed that our collection, use, and disclosure of your protected health information on behalf of your health plan will be done in accordance with your health plan’s HIPAA Notice of Privacy Practices.

 

Information Collection

This mobile application may access or collect personal information and non-personal information. This information is accessed and collected in a variety of ways, including through the operating system of your mobile device and through information you submit through the mobile application. The table below describes the information that we may access or collect in connection with your use of this mobile application.

This mobile application may include features that give you the opportunity to provide us with information about yourself. You do not have to provide us with this information if you do not want to; however, that may limit your ability to use certain functions of this mobile application or to request certain services or information. To take advantage of all of the mobile application’s functionality, you will need to register for an OptumID account and log in.

This mobile application collects the following information:

 

Information that Identifies You

  • Information you provide which may include account info, name, email address, user credentials, age, address, or phone number
  • Health, medical, or therapy information
  • Information provided by your health plan
  • Location data such as GPS, WiFi, or carrier network location
  • Financial information including your credit card number
  • User files stored on your device, e.g., calendar, pictures, and video

                                                    

What You Do on Your Device

  • Camera use
  • Local storage
  • External storage
  • Phone dialer
  • Browser, phone, or text log
  • Use of screen, e.g., what points are touched, frequency, etc.
  • Patterns of app usage
  • System state, e.g. what other apps are running

 

Device or System Data

  • Mobile Device Identifier, e.g., UDID, Android ID
  • Technical information about your device and system and application software, e.g., type of phone, operating System (OS), and IP address
  • Network state, e.g., WiFi or quality of connection

 

LOCATION DATA PRACTICES

We obtain location data from your device to provide location-related services, e.g., driving directions or distance calculation, via the mobile application. We do not store information about your location after the service is performed or share your location data with third parties. You can withdraw consent to use precise, real-time or network location data at any time by turning off the location-based feature on your mobile device or by not using any location-based features. If you withdraw consent, functionality associated with precise, real-time or network location, e.g., navigation, will no longer work.

 

GEO-TAGGING LANGUAGE

Your photos may contain geo-tags and related metadata that can reveal location data when the photos were taken. You can disable geo-tagging by turning location services off on your device prior to using the camera. We do not use your photos to determine your location.

 

Information Uses

We may use information unless restricted by this policy or by law. We may use information for a number of purposes such as processing your requests or personalizing products and services for you. The table below outlines some examples of how we may use information.

 

How We May Use Information

  • To provide the services and functionality offered by the mobile application.
  • To respond to requests from you.
  • To customize your experience on the mobile application, including managing and recording your preferences.
  • To process an application as requested by you.
  • To combine personal and non-personal information we collect through the mobile application with information about your medical condition or other health information maintained by OptumRx that allows us to tailor the mobile application to your specific needs and provide content and services designed for you.
  • To  administer surveys and promotions.
  • To provide you with information that we believe may be useful to you, such as information about health products or services provided by us or other businesses to the extent allowable under HIPAA.
  • To perform analytics and to improve our products and mobile applications.
  • To develop reports regarding usage, activity, and statistics.
  • To comply with applicable laws, regulations, and legal process.
  • To protect someone's health, safety, or welfare.
  • To protect our rights, the rights of affiliates or related third parties, or take appropriate legal action, such as to enforce our Terms of Use.
  • To keep a record of our transactions and communications.
  • To facilitate the provision of software updates and product support.
  • To improve products and other services related to the mobile application or to provide services or technologies to you.
  • To connect non-personal information we collect through the mobile application with personal information you provide to us.
  • To contact you through information you provide through this mobile application, including any email address, telephone number, cell phone number, text message number, or fax number. Please see the section below titled “Our online communications practices.”

 

Information Sharing

We will only share your personal information with third parties as outlined in this policy and as permitted by law.

 

How We May Share Information

  • To third parties at your direction and as described in this policy and OptumRx’s HIPAA Notice of Privacy Practices. We will obtain your authorization before sharing any of your protected health information in accordance with HIPAA.
  • If all or part of the Company is sold, merged, dissolved, acquired, or in a similar transaction.
  • As required by law or to comply with a judicial proceeding, court order, or other legal process.
  • To cooperate with law enforcement authorities in investigating and prosecuting activities that are illegal, violate our rules, or may be harmful.
  • With other companies that perform services on our behalf or that we collaborate with. For example, we may hire a company to help us send and manage email, and we might provide the company with your email address and certain other information in order for them to send you an email message on our behalf. Similarly, we may hire companies to operate some of our mobile applications and related computers and software applications. Each subcontractor that will receive any protected health information to perform a service on our behalf has signed an agreement that binds them to the same restrictions on use and disclosure of your protected health information with which we comply.
  • Within the Company. We may also combine personal information that you provide us through this mobile application with other information we have received from you, whether online or offline, or from other sources such as from our vendors. For example, if you have purchased a product or service from us, we may combine personal information you provide through this mobile application with information regarding your receipt of the product or service.
  • With your health plan.
  • Your health plan will use and disclose this information in accordance with its HIPAA Notice of Privacy Practices.

 

Analytics and Tracking

We may use various technologies to gather information from our users, such as which mobile application features are used and the frequency of use. We may also allow third party service providers to use technologies to collect such information. We do not control these third party technologies and their use is governed by the privacy policies of third parties using such technologies. Note that we do not currently respond to web browser “Do Not Track” signals that provide a method to opt out of the collection of information about online activities over time and across third party websites or online services as we await the development of industry-accepted standards for how such signals should be interpreted.

 

Reviewing Your Information

This mobile application may permit you to view your user profile and related information and to request changes to such information. If this function is available, we will include a page or heading such as “My Profile” or similar words. Navigating to that portion of the mobile application will take you a page through which you may review such information.

 

Information Security

We maintain reasonable administrative, technical, and physical safeguards designed to help us protect the information that you provide via this mobile application. However, no security systems are impenetrable, and we cannot guarantee the security of our mobile application, nor can we guarantee that the information you supply will not be intercepted while being transmitted to us over the Internet and we are not liable for the illegal acts of third parties such as criminal hackers. If you wish to keep your communications to us private, you should not communicate to us using email.

It is our policy to protect the confidentiality of Social Security numbers ("SSNs”) that we receive or collect in the course of business. We secure the confidentiality of SSNs through various means, including physical, electronic, and administrative safeguards that are designed to protect against unauthorized access. It is our policy to limit access to SSNs to that which is lawful, and to prohibit unlawful disclosure of SSNs.

 

Our Online Communication Practices

We send communications in accordance with this policy and applicable laws. We may use cookies or other technologies to monitor whether you open and/or click on URLs in email communications such as newsletters. We offer you appropriate consent mechanisms for communications, such as an opt-in or an opt-out. Please be aware that consent mechanisms may not apply to certain types of communications, such as account status, site updates, and other communications.

 

Your Choices

As described in this policy, you may turn off mobile application features and provide consent for appropriate communications. Please note, choosing to disable certain functionality of the mobile application may impact the functionality of other areas of the mobile application. The mobile application may also seek your opt-in permission for certain data collections or uses which will be clearly presented to you. 

 

Your Individual Rights

Because information collected through your use of the mobile application is collected OptumRx, the individual rights you have to access, correct or modify your protected health information that are set forth in OptumRx’s HIPAA Notice of Privacy Practices may apply to some or all of the information collected through this mobile application. Please consult that notice for a description of those rights and how to exercise them.

 

Information for Children Under 13

We will not knowingly collect any personal information from children under the age of 13 through this mobile application. If you think that we have collected personal information from a child under the age of 13 through this mobile application, please contact us.

 

Contact Us

To contact us regarding this policy and our related privacy practices, contact us at hipaaofficeoptumrx@optum.com or OptumRx Privacy Office, 17900 Von Karman, MS: CA016-0101, Irvine, CA 92614. If you believe we or any company associated with us has misused any of your information please contact us immediately and report such misuse.

 

Effective date

The effective date of this policy is November 20, 2014.

 

Changes to this Mobile Application Privacy Policy

We may change this policy. If we do so, such change will appear on this page of our mobile application. You may always visit this policy to learn of any updates.