Privacy Policy



Effective March 1, 2018

1. OUR PRIVACY PRACTICES

SilverScript Insurance Company is committed to protecting the privacy and confidentiality of your personal information in accordance with law and our own company policies. This notice describes our privacy practices for both current and former enrollees in our health insurance program. It explains how we use your health information and when we may share it. It also tells you about your rights with respect to your health information. We are required by law to maintain the privacy of your health information and to provide to you with this notice. We are also required to notify you if there is a breach of your health information.


When we refer to "health information" in this notice, we mean financial, health and other information about you that is non-public, and that we obtain so that we can provide you with health insurance coverage. It includes demographic information, and other information that may identify you and that relates to your past, present or future physical or mental health and related health care services.


Our workforce is required to comply with our policies and procedures to protect the confidentiality of health information, and will be subject to a disciplinary process if they violate them. We maintain physical, electronic and process safeguards to protect against unauthorized access to your health information, and authorized access is on a “need-to-know” basis only.


2. THE HEALTH CARE INFORMATION WE COLLECT

We obtain information from a variety of sources, not all of which apply to every enrollee. Following are the general categories of information we collect:

  • Information provided on enrollment forms, surveys and our Website, such as your name, address and date of birth
  • Information from pharmacies, physicians or other health care providers, Long Term Care facilities or health plans
  • Information provided by your employer or other plan sponsor regarding any group plan that you may have
  • Information we obtain from your transactions with us, our affiliates, or others, such as health care providers
  • Information we receive from consumer or medical reporting agencies or others, such as state regulators and law enforcement agencies.

3. HOW WE MAY USE OR DISCLOSE YOUR HEALTH INFORMATION

We may use and disclose your health information as follows.


For Treatment

We may use and disclose your health information to your pharmacy, doctors or other health care providers to help them provide medical care to you. For example, we may provide information about other medications you are taking to a pharmacist filling your prescription so as to avoid harmful drug interactions. We may also share your health information with health care providers to help coordinate and manage your health care. For example, we may talk to your doctor to suggest a medication therapy management program that can help improve your health.


For Payment

We may use and disclose your health information to determine your eligibility for coverage and benefits, and to see that the treatment and services you receive are properly billed and paid for. For example, we may use your health information to pay the pharmacies that fill your prescriptions. Other payment activities include claims management, drug utilization review and other related administrative functions. We are prohibited from using or disclosing any genetic information about you for underwriting purposes.


For Health Care Operations

We may use and disclose certain health information to conduct our health care operations. Examples of health care operations include: performing quality assessment and improvement activities; evaluating provider and health plan performance; performing auditing functions; fraud and abuse detection and compliance activities; resolving internal grievances; and addressing problems or complaints; making benefit determinations; administering a benefit plan; and providing customer care.


To Make Health-Related Communications to You

We may use and disclose your health information in order to inform you about health-related products and services. For example, we may contact you:

  • To remind you to refill your prescription or otherwise follow your drug therapy regimen.
  • To tell you about possible treatment options or medication alternatives that maybe beneficial to you.
  • To tell you about health-related program benefits and services that may be of interest to you.

To the Plan Sponsor of a Group Health Plan

Under certain circumstances, we may share limited health information about you with the sponsor of a group health plan through which you receive health benefits. For example, we may share information with a plan sponsor related to your enrollment or disenrollment in the plan, as well as summary health information to enable the plan sponsor to obtain bids from other health plans. We may also share information for plan administration purposes if certain protections are included in the plan document.


For the Treatment, Payment, and Health Care Operations of Other Health Plans or Health Care Providers

We may disclose your health information for another health plan or health care provider’s treatment, payment, and, if certain conditions are met, health care operations. For example, we may disclose your health information when it would facilitate payment for services under another health plan.


OTHER USES AND DISCLOSURES

We may also make the following types of uses and disclosure of your health information:

  • To a friend or family member who is involved in your care or to someone who helps pay for your care if you are not present or do not object and we believe it is in your best interests in the circumstances. This includes disclosure to an entity assisting in a disaster relief effort so that your family or those involved in your care can be notified about your condition, status or location.
  • To entities performing any business functions for us, provided the entity agrees to protect and safeguard your health information, and to use and disclose it only as permitted by us.
  • To conduct medical research, provided that additional measures are taken to protect your privacy.
  • To comply with state and federal laws that require the release of your health information
  • To public health authorities or others acting under their authority for purposes such as reporting adverse reactions to medications or problems with medical products, or if we believe there is a serious threat to your health and safety or that of others
  • To health oversight agencies for activities such as audits, inspections, licensure and peer review activities
  • For legal or administrative proceedings, such as pursuant to a court order, search warrant or subpoena
  • To support law enforcement activities; for example, we may provide health information to law enforcement agents for the purpose of identifying or locating a fugitive, material witness or missing person
  • To correctional institutions or law enforcement officials if you are an inmate or under the custody of a law enforcement official
  • To report information to a government authority regarding child abuse, neglect or domestic violence
  • To share information with a coroner or medical examiner as authorized by law, or with funeral directors, as necessary to carry out their duties
  • To use or share information for procurement, banking or transplantation of organs, eyes or tissues
  • To report information regarding job-related injuries as required by your state worker compensation laws
  • To share information related to specialized government functions, such as military and veteran activities, national security and intelligence activities and protective services for the President and others
  • To a third party, for example, in connection with any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock (including in connection with any bankruptcy or similar proceedings), but solely to the extent permitted by applicable law.
  • To personalize your experience on the Services, including by presenting products and content tailored to you, and for our business purposes, such as data analysis, audits, fraud monitoring and prevention, developing our Services and new products and services, determining the effectiveness of our promotional campaigns, and operating and expanding our business activities.
  • To our service providers, who provide services such as website hosting, data analysis, payment processing, order fulfillment, information technology and related infrastructure provision, customer service, email delivery, auditing, and other services.


4. USES AND DISCLOSURES REQUIRING WRITTEN AUTHORIZATION

Your written authorization is required for the following types of uses and disclosures of your health information:

  • Most uses and disclosures of psychotherapy notes (if applicable)
  • Uses and disclosures for marketing purposes, except for face-to-face communications and the provision of promotional gifts of nominal value. If we will receive payment for making such a marketing communication, the authorization is required to state this.
  • Uses and disclosures that qualify as a sale of health information. If we will receive direct or indirect payment in exchange for your health information, the authorization is required to state this.

In addition to the above, any other uses and disclosures of your health information not described elsewhere in this Notice will be made only with your prior written authorization. If you provide a written authorization and you change your mind, you may revoke your authorization in writing at any time. Once an authorization has been revoked, we will no longer use or disclose the health information as outlined in the authorization; however, you should be aware that we will not be able to retract a use or disclosure that was previously made based on a valid authorization.

5. YOUR HEALTH INFORMATION RIGHTS

You have certain rights regarding health information, as described below. To exercise any of these rights, you must send a request in writing, with any additional information required, to: SilverScript Insurance Company c/o CVS Caremark, Attn: Privacy Officer -- MC 016, P.O. Box 52072, Phoenix, AZ 85072-2072. Please include your card identification number on your written correspondence. If you have given someone medical power of attorney or if someone is your legal representative, such as your caregiver, that person can exercise your rights and make choices about your health information.

  • Right to Inspect and Copy. You have the right to inspect and copy health information that we maintain about you. You may also ask us to provide a copy of your health information to another person. In that case, your written request must be signed by you, must clearly identify the person to whom the copy is to be sent, and must state where the copy is to be sent. If you request a copy of the information, we may charge a fee for the costs of copying, mailing or, if you agree to receive a summary or explanation of the information, the cost of preparing the summary or explanation. We may deny your request in certain circumstances. If your request is denied, you may ask that we review the denial.
  • Right to Correct. If you believe that health information we maintain about you is inaccurate or incomplete, you may ask us to correct it. In your request, you must include a reason that supports the change you request. If we did not create the information, you must explain why you believe the person who created it is no longer available to correct it. We may deny your request in certain circumstances. If so, you may submit a statement disagreeing with the denial, which will be added or linked to the information in question.
  • Right to an Accounting of Disclosures. You have the right to receive a list of certain non-routine disclosures (e.g., disclosures not related to treatment, payment, or operations) we make of health information about you. In your request, you must specify the time period for which you want the list. The first list you request in any 12 month period will be free of charge; after that, we may charge a fee to cover the costs of providing this information to you.
  • Right to Request Restrictions. You have the right to request a restriction on how we use or disclose health information about you for treatment, payment or health care operations. You also have the right to request a restriction on disclosures to someone involved in your care or the payment of your care, like a family member. If you request a restriction, you must specify what information you want restricted and in what way. We are not required to agree to a requested restriction.
  • Right to Request Confidential Communications.You have the right to request that we send communications involving health information about you by a certain method of communication or to a certain address if you believe that disclosure of some or all of your health information could endanger you. If you request a confidential communication, your request must include a statement that the disclosure of your health information could endanger you, and it must state how or where you wish to be contacted. We will agree to all reasonable requests.
  • Right to Paper Copy of this Notice.You have the right to obtain a paper copy of this notice at any time by writing to the address provided below, even if you have previously agreed to receive it electronically. You may also view a copy of this notice on our Website at www.SilverScript.com.

6. STATE LAW

In some situations, state privacy or other applicable laws may provide greater privacy protections than those stated in this notice. For example, depending on the state in which you reside, there may be additional laws related to the use and disclosure of health information related to HIV status, communicable diseases, reproductive health, genetic test results, substance abuse, mental health and mental retardation. When appropriate, we will follow those state or other applicable laws.


7. CHANGES TO THIS NOTICE

We reserve the right to change this notice, and to make the changes effective for health information about you that we already have, as well as for any health information we obtain or create in the future.

We will retain health information about you even after your insurance coverage with us terminates, since it may be necessary to use and disclose it for the reasons described above. However, we will have in place policies and procedures to continue to protect the information. We will post a copy of our most current notice on our website at www.SilverScript.com. The effective date of the notice will be on the first page. In addition, paper copies of the most current notice may be obtained by sending a written request to SilverScript Insurance Company, c/o CVS Caremark, Attn: Privacy Officer -- MC 016, P.O. Box 52072, Phoenix, AZ 85072-2072.


8. COMPLAINTS

If you believe your privacy rights have been violated, you may file a complaint with us or with the Secretary of the Department of Health and Human Services. To file a complaint with us, you must send it in writing to SilverScript Insurance Company c/o CVS Caremark, Attn: Privacy Officer -- MC 016, P.O. Box 52072, Phoenix, AZ 85072-2072. You can file a complaint with the U.S. Department of Health and Human Services Office for Civil Rights by sending a letter to 200 Independence Ave., S.W., Washington, D.C. 20201, calling 1-877-696-6775, or visiting visit HIPPA Complains site atwww.hhs.gov/ocr/privacy/hipaa/complaints/. We will not retaliate against you in any way for filing a complaint, and the service you receive from us will be unaffected.


9. LINKS

The Services may contain links to, or otherwise make available, third-party websites, services, or other resources not operated by us or on our behalf (“Third Party Services”). These links are provided as a convenience only and do not constitute an affiliation with, endorsement, or sponsorship of the Third Party Services. Any information you provide to such third parties is not subject to the terms of this Privacy Policy, and we are not responsible for the privacy or security of the information you provide to them or their handling of your information. We recommend that you review the privacy policy of any third party to whom you provide personal information online.

In addition, we are not responsible for the information collection, use, disclosure, or security policies and practices of other organizations, such as Apple, Google, Microsoft, RIM, or any other app developer, app provider, operating system provider, wireless service provider, or device manufacturer.


10. SECURITY

We seek to use reasonable physical, technical, and administrative safeguards to protect personal information within our organization. Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of your account with us has been compromised), please immediately contact us in accordance with the “Contact Information” section below. You are responsible for maintaining the confidentiality of your Services access information and password and for restricting access to your device, and you agree to accept responsibility for all activities that occur under your password.


11. FRAUDULENT SITES, SPAM, & PHISHING

Please be aware that there may be fraudulent websites that illegally use SilverScript or CVS logos and other aspects of the SilverScript or CVS brand. SilverScript or CVS is in no way associated with any fraudulent websites. These sites may circulate their presence on the internet via spam email or through fraudulent phishing practices.

These sites have not been authorized by SilverScript or CVS to use our name, and we work aggressively to identify their source and have them shut down. If you are in receipt of this type of spam email, to help protect your privacy you should avoid replying to it or forwarding it to other people.


12. OTHER INFORMATION

Like many other websites and online services, we collect information about website traffic and usage patterns through the use of cookies, Web server logs, and other, similar technologies. We use this information for various purposes, such as to ensure that the website functions properly, to facilitate navigation, to personalize your experience, to understand use of the website, to diagnose problems, and to otherwise administer the website.

Cookies are small text files we transfer to your computer's hard drive. These small text files help us personalize content on our pages. Your browser software can be set to reject or accept cookies. Instructions for resetting the browser are available in the Help section of most browsers.

Our use of cookies also allows us to collect and retain certain information about a website user, such as the type of web browser used. Reviewing our web server logs and our users’ use of our site helps us to, among other purposes, statistically monitor how many people are using our site and for what purpose.

Your IP address is a number that is automatically assigned to the computer that you are using by your Internet Service Provider. An IP address may be identified and logged automatically in our server log files whenever a user accesses the website, along with the time of the visit and the page(s) that were visited. Collecting IP addresses is standard practice and is done automatically by many websites, applications and other services. We use IP addresses for purposes such as calculating usage levels of the website, helping diagnose server problems, and administering the website.

We may use Adobe Flash Local Stored Objects (“LSOs”) and other technologies to, among other things, collect and store information about your use of the website. If you do not want Flash LSOs stored on your computer, you can adjust the settings of your Flash player to block Flash LSO storage using the tools contained in the Website Storage Settings Panel. You can also control Flash LSOs by going to the Global Storage Settings Panel and following the instructions (which may include instructions that explain, for example, how to delete existing Flash LSOs (referred to "information" on the Macromedia site), how to prevent Flash LSOs from being placed on your computer without your being asked, and (for Flash Player 8 and later) how to block Flash LSOs that are not being delivered by the operator of the page you are on at the time). Please note that setting the Flash Player to restrict or limit acceptance of Flash LSOs may reduce or impede the functionality of some Flash applications.


We do not respond to browser do-not-track signals.


We may use analytics providers that use cookies, pixel tags and other, similar technologies to collect information about your use of the website and your use of other websites or online services.


13. CONTACT INFORMATION

If you have any questions about this notice, please contact us at:

SilverScript Insurance Company c/o CVS Caremark
Attn: Privacy Officer -- MC 016, P.O. Box 52072
Phoenix, AZ 85072-2072
1-866-443-0933