Agreement Between User and Partnership HealthPlan of California
The Partnership HealthPlan of California (PHC) web site is comprised of various web sites and web pages maintained by PHC, its affiliates, or contractors (collectively, the PHC Web Site).
The PHC web site is offered to you conditioned on your acceptance without modification of the terms, conditions, and notices contained in this agreement. Your use of the PHC web site constitutes your agreement to all such terms, conditions, and notices.
Member Account, Password, and Security
If a particular PHC Site/Service requires you to open an account, you must complete the registration process by providing us with current, complete and accurate information as prompted by the applicable registration form. You then will choose a password and a user name. You are entirely responsible for maintaining the confidentiality of your password and account. Furthermore, you are entirely responsible for any and all activities that occur under your account. You agree to notify PHC immediately of any unauthorized use of your account or any other breach of security. PHC will not be liable for any loss that you may incur as a result of someone else using your password or account, either with or without your knowledge. However, you could be held liable for losses incurred by PHC or another party due to someone else using your account or password. You may not use anyone else's account at any time, without the permission of the account holder. After HIPAA privacy becomes effective, you may not use anyone else's account at any time, period.
Personal and Non-Commercial Use Limitation
Unless otherwise specified, the PHC Site/Services are for your use as an agent of your employer only. Any and all patient-specific data are confidential. You may not modify, copy, distribute, transmit, display, perform, reproduce, publish, license, create derivative works from, transfer, or sell any information, software, products or services obtained from the PHC Site/Services. Patient-specific data are protected by Federal and State law and regulations and by this agreement.
Use of Services
The PHC Site/Services may contain data transmission services, bulletin board services, chat areas, forums, and/or other message or communication facilities designed to enable you to communicate with others (collectively, Communication Services). You agree to use the Communication Services only to post, send and receive messages and material that are proper and, when applicable, related to the particular Communication Service.
The information, software, products, and services included in or available through the PHC sites/services may include inaccuracies or typographical errors. Changes are periodically made to the PHC sites/services and to the information therein. PHC and/or its respective suppliers may make improvements and/or changes in the PHC sites/services at any time. Advice received via the PHC sites/services should not be relied upon for personal, medical, legal or financial decisions and you should consult an appropriate professional for specific advice tailored to your situation.
PHC and/or its suppliers make no representations about the suitability, reliability, availability, timeliness, lack of viruses or other harmful components and accuracy of the information, software, products, services and related graphics contained within the PHC sites/services for any purpose. All such information, software, products, services and related graphics are provided "as is" without warranty of any kind. PHC and/or its suppliers hereby disclaim all warranties and conditions with regard to this information, software, products, services and related graphics, including all implied warranties and conditions of merchantability, fitness for a particular purpose, workmanlike effort, title and non-infringement.
You specifically agree that PHC shall not be responsible for unauthorized access to or alteration of your transmissions or data, any material or data sent or received or not sent or received, or any transactions entered into through a PHC site/service. You specifically agree that PHC is not responsible or liable for any threatening, defamatory, obscene, offensive or illegal content or conduct of any other party or any infringement of another's rights, including intellectual property rights. You specifically agree that PHC is not responsible for any content sent using and/or included in a PHC site/service by any third party.
General Terms Regarding Use and Storage
You agree that PHC may establish limits concerning use of any service offered on a PHC Website, including without limitation, the maximum disk space that will be allotted on PHC's servers on your behalf, and the maximum number of times and duration you may access the service in a given period of time.
You agree that PHC has no responsibility or liability for the deletion, corruption or failure to store any content maintained or transmitted by the service. You acknowledge that PHC reserves the right to delete accounts that are inactive for an extended period of time.
PHC makes no warranty that any service will be uninterrupted, timely, secure or error-free.
Service contact: Information Technology Department at 800 863-4155.
PHC reserves the right, in its sole discretion, to terminate your access to any or all PHC Site/Services and the related services or any portion thereof at any time, without notice, though an attempt will be made to provide notice.
PHC may also terminate or suspend your access to PHC Site/Service(s) for inactivity, which is defined as failing to log into a particular service for an extended period of time, as determined by PHC. Upon termination of the PHC Site/Service, your right to use the PHC Site/Service immediately ceases.
This agreement is governed by the laws of the State of You hereby irrevocably consent to the exclusive jurisdiction and venue of courts in Solano County California U.S.A., in all disputes arising out of or relating to the use of the PHC Site/Services. Use of the PHC Site/Services is unauthorized in any jurisdiction that does not give effect to all provisions of these terms and conditions, including without limitation this paragraph. You agree that no joint venture, partnership, employment, or agency relationship exists between you and PHC as a result of this agreement or use of the PHC Site/Services. You agree to indemnify and hold PHC, its subsidiaries, affiliates, officers and employees, harmless from any claim, demand, or damage, including reasonable attorneys' fees, asserted by any third party due to or arising out of your use of or conduct on the PHC Site/Services. PHC reserves the right to disclose any personal information about you or your use of the PHC Site/Services, including its contents, without your prior permission if PHC has a good faith belief that such action is necessary to: (1) conform to legal requirements or comply with legal process; (2) protect and defend the rights or property of PHC or its affiliated companies; (3) enforce the terms or use; or (4) act to protect the interests of its members or others. PHC's performance of this agreement is subject to existing laws and legal process, and nothing contained in this agreement is in derogation of PHC's right to comply with governmental, court and law enforcement requests or requirements relating to your use of the PHC Site/Services or information provided to or gathered by PHC with respect to such use. If any part of this agreement is determined to be invalid or unenforceable pursuant to applicable law including, but not limited to, the warranty disclaimers and liability limitations set forth above, then the invalid or unenforceable provision will be deemed superseded by a valid, enforceable provision that most closely matches the intent of the original provision and the remainder of the agreement shall continue in effect. Unless otherwise specified herein, this agreement constitutes the entire agreement between the user and PHC with respect to the PHC Site/Services and it supersedes all prior or contemporaneous communications and proposals, whether electronic, oral or written, between the user and PHC with respect to the PHC Site/Services. A printed version of this agreement and of any notice given in electronic form shall be admissible in judicial or administrative proceedings based upon or relating to this agreement to the same extent and subject to the same conditions as other business documents and records originally generated and maintained in printed form.
Getting Your Health Data Through a 3rd-Party App
A Guide for Privacy when choosing third-party apps
We have to offer you access to your health records through a "Patient Access API." You can get this by downloading an application (app) on your smartphone, tablet, computer, or other device if you are a member. The records that you can get through the Patient Access API involve data we have gathered about you while you have been enrolled with us. This may involve health records gathered since January 1, 2016 if you were enrolled with us during that time. The health records involve the things listed below for as long as we have it in our system:
- Claims and encounter data which describe interactions with health care workers and doctors and visits to the hospital
- Clinical data such as lab results, allergies, and medicines you take
The health records that we send to the app can include private information (such as drug abuse, getting help with mental health, HIV status, and more)
You need to know that the app you get will have all kinds of health data records. This kind of health data might involve things like what is stated above. It could also involve other private data, such as your name, date of birth, and Medi-Cal ID. Be aware that the app may not have to follow certain privacy laws (like the Health Insurance Portability and Accountability Act (HIPAA) rules. Instead, the app may have a privacy rule that tells how the app can use, share, and possibly sell your data. Please know that Partnership no longer controls how the app uses or shares your data once we send your data to the app. Be sure to look at the privacy rules of any app you use to access your data through the Patient Access API. Make sure you are okay with what the app may do with your data.
Partnership asks that any makers of an app planning to use the Partnership Patient Access API state that it follows basic privacy and security rules. You also have to agree to let the app use your data.
Things you may want to think about when picking an app:
It is important that you look at the app's privacy rules if you want to use an app to get your health data.
Here are some questions you may want to think about if you are picking an app to use. Partnership can not answer these questions for you. You will need to decide if you are okay with the app's privacy rules and how the app will use your data.
- Will this app sell my data for any reason?
- Will this app share my data to third parties for something like research or advertising?
- How will this app use my data and why?
- Will the app allow me to tell them how it can use, share, or sell my data?
- Can I end the app's use of my data if don't want to use this app? What about if I don't want this app to have my health data? Is it hard to get the app to stop using my data?
- Does the app's rules say that they delete my data once I tell it to stop looking at my data? Do I have to do more than just delete the app from my phone, tablet, or computer?
- How will this app tell me about changes in its privacy rules?
- Will the app get any non-health data from my phone, tablet, or computer, such as where I am and where I go?
- What does this app do to protect my data?
- Can the app see or share information about contacts on my phone, such as their phone numbers?
- Will the app allow me to fix something in the data if it is wrong? (Note: fixing something in the data that the app gets will not fix any problems with the source of the data)
- Does the app have a way to respond to people who complain?
You may not want to use the app to see your health data if the app's privacy rules do not answer the questions above. Your health data may involve things that are very private. You should be careful when picking an app. Make sure it has good privacy and security rules to help keep it safe.
Covered groups and HIPAA
The U.S. Department of Health and Human Services' Office for Civil Rights (OCR) is in charge of making sure the HIPAA Privacy, Security, and Breach Notification Rules are followed.
Third-party apps may not have to follow HIPAA. Partnership and most health plans and health care experts, such as hospitals, doctors, and clinics do have to follow HIPAA.
You can do these things:
Apps and privacy
An app does not always have to follow HIPAA. Apps that have a privacy notice do have to follow the rules of that notice. They often do not have to follow other privacy laws. The Federal Trade Commission Act protects against actions that might try to trick you. For example, an app could try to share your data in a way that goes against its own privacy rules. An app that does not follow the rules of its privacy notice may get into trouble with the Federal Trade Commission (FTC). The FTC can tell you more about mobile app privacy and security for the public.
You should reach out to the FTC and file a complaint if you think an app used, shared, or sold your data in a way that it said it would not.
Copyright and Trademark Notices
All contents of the PHC Web Site and PHC Primary Care Blog are:
Copyright © 2015 PHC and/or its Suppliers
4665 Business Center Drive, Fairfield, CA, 94534-1675 U.S.A
All rights reserved