Some Important Definitions You’ll Need To Understand
There are key definitions you’ll meet again and again in this document, and you’ll want to understand them up front -- consumer platforms, users, you/your, personal information, and third party/third parties.
1 Highmark Health includes all wholly and majority-owned subsidiaries and affiliates making up the Highmark Health enterprise, including, among others, Highmark Inc., Allegheny Health Network, HM Health Solutions, HM Home and Community Services, and other diversified businesses such as HM Insurance Group and United Concordia Companies Inc. For purposes of this Online Privacy Policy, Premier Medical Associates is excluded. References to "us," "we," and "our" in this Online Privacy Policy mean Highmark Health.
If you have questions about whether this Online Privacy Policy or an NPP applies to collection, use, or disclosure of information, please contact us using the information provided in section 5 below.
We collect personal information from and about you in a number of ways. We leverage online forms, secure portals, third party links/icons, interactive chat, biometric login, location services, mobile device data, and cookie and tag technologies to collect personal information.
How you interact with a particular Highmark Health consumer platform will generally determine the type and amount of personal information we collect. For general website browsing, we may capture limited personal information such as your browser type, IP address, device hardware model, as well as server log information such as session time, click streams, and crash reports. For other features, we may need to verify your identity through a login process and collect sufficient personal information to provide a response or administer the service requested.
What follows below in Sections 1 and 2 are further details regarding the personal information we collect with our information-gathering tools, and our specific and general uses and access to and disclosure of your personal information associated with those tools.
Highmark Health invites users to contact us using inquiry forms available on our corporate-owned platforms for account questions or to learn more about our products and services. The personal information we request on inquiry forms generally includes your name, address, phone number, email address, and the details of your inquiry. We may use such information to review and respond to your request or communication, or use contracted service providers to do that for us. We may also use information collected through online forms as stated in Section 2 below.
Highmark Health has established secure portals for use by members and patients. When you access them to review your health and benefit-related information or to contact your health plan or physician’s office regarding certain inquiries, such as reviewing claims or requesting prescription refills, we collect certain personal information, such as your user ID and password, IP address, click streams, and cookie ID. Communications sent by or to members or patients who choose to use these secure portals may also be recorded in transaction logs to monitor content, compliance with applicable law and regulations, or functionality of the services. If the information collected is deemed to be PHI as noted above, its use and disclosure will be subject to HIPAA and an applicable NPP. We may also use information collected through secure portals pre-password as stated in Section 2 below.
Our consumer platforms may offer interactive chat technology to assist users. That interactive technology may collect personal information such as name, date of birth, address, and account number for authentication purposes or to provide specific plan benefit details in a personalized response. It may also capture session-related information such as web logs to document the interaction. If the information collected is deemed to be PHI as noted above, its use and disclosure will be subject to HIPAA and an applicable NPP. We may also use information collected through interactive chat pre-password as stated in Section 2 below.
You may be invited by your mobile device to use fingerprint, facial recognition, or similar recognition and biometric technology to login to our consumer platforms. When a biometric login is enabled, our consumer platforms recognize that you have selected this as a preference and have been authenticated through your mobile device and you are permitted access. When you use biometric login functionality on our consumer platforms, we do not collect any of the actual biometrics (e.g., fingerprints or facial images); that is managed and maintained on your mobile device and by the mobile device manufacturer (e.g., Apple, Samsung).
Our consumer platforms may use the location services functionality on your mobile device and thereby collect your geolocation data. We use geolocation data to assist you in finding local care sites, communicating about geographically-based products and services, and other relevant content based on your location. We may also use information collected through location services as stated in Section 2 below.
Our consumer platforms may collect certain personal information when being run on a mobile device; for example, if one of our mobile applications is downloaded, we may collect information about the device type, its software/operating system, and device identifier. We use this information to assess and analyze information about our general user base and to improve our technical support capabilities. We may also use information collected from your mobile device as stated in Section 2 below.
A cookie is a small text file that is stored on a computer or other internet-connected device when it accesses a digital resource. Cookies can capture user information such as IP address, internet browser and operating system type, the date and time of a digital interaction, session information such as page response times, your search history, saved preferences and password information (if a user elects to have a website remember this information), information about the referring uniform resource locator (URL), click stream to and through and from our consumer platforms, and similar details.
Highmark Health’s consumer platforms may use first-party cookies (i.e., ones we create) to support our digital resources, monitor their performance, enhance the user experience, and assess information about our user base to help inform our decisions about content delivery. We may gather and use information obtained from first-party cookies to provide customers and prospects with tailored messaging. We may also employ cookies on third party websites to facilitate the delivery of our services and help study users’ activities online over time.
Highmark Health may use third party advertising cookies to serve our ads on other websites and digital properties. Advertising companies may also use information obtained from cookies placed on your device in order to measure advertising effectiveness and to provide non-Highmark Health advertisements they deem of interest to you on other platforms. If you would like to review and manage and/or opt-out of third party cookies used for targeted advertising, you may navigate to the following links provided by the Network Advertising Initiative (http://optout.networkadvertising.org/?c=1) and the Digital Advertising Alliance (http://optout.aboutads.info/?c=2&lang=EN).
A third party, such as Twitter or LinkedIn, may employ cookies on our consumer platforms to facilitate the delivery of their services and help follow your online activities over time. Subsequent use of cookie data by third parties is subject to their online privacy policy and/or terms of use, and you are encouraged to review those documents.
Cookies that may be employed on our consumer platforms include the following types:
