At MedTrak Services, LLC (“MedTrak” or “We”), we respect your privacy and are committed to protecting it through our compliance with this policy.
This policy describes the types of information we may collect from you or that you may provide when you visit the website www.medtrakservices.com (our “Website”), and our practices for collecting, using, maintaining, protecting and disclosing that information.
This policy applies to information we collect:
- On this Website;
- In e-mail, text and other electronic messages between you and this Website; and
- Through mobile and desktop applications you download from this Website, which provide dedicated non-browser-based interaction between you and this Website.
It does not apply to information collected by:
- us offline or through any other means, including on any other website operated by MedTrak or any third party; or
- any third party, including through any application or content (including advertising) that may link to or be accessible from or on the Website.
Children Under the Age of 13
Our Website is not intended for children under 13 years of age. No one under age 13 may provide any personal information to or on the Website. We do not knowingly collect personal information from children under 13. If we learn we have collected or received personal information from a child under 13 without verification of parental consent, we will delete that information.
Information We Collect About You and How We Collect It
We collect several types of information from and about users of our Website, including both personally identifiable and non-personally identifiable information, such as information:
- by which you may be personally identified, such as name, postal address, e-mail address, telephone number, personal identification number, or any other identifier by which you may be contacted online or offline (“personal information”);
- that is about you but individually does not identify you, such as how many people visit this Website, which pages they visited, how long they remained on the Website, etc.; and/or
- about your internet connection, the equipment you use to access our Website and usage details.
We collect this information:
- Directly from you when you provide it to us; and
- Automatically as you navigate through the site.
Information You Provide to Us. The information we collect on or through our Website may include:
- Information that you provide by filling in forms on our Website. This includes information provided at the time of registering to use our Website or requesting further services. We may also ask you for information when you report a problem with our Website or our services.
- Records and copies of your correspondence (including e-mail addresses), if you contact us.
- Your search queries on the Website.
Information We Collect Through Automatic Data Collection Technologies. As you navigate through and interact with our Website, we may use automatic data collection technologies to collect certain information about your equipment, browsing actions and patterns, including:
- Details of your visits to our Website, including traffic data, location data, logs and other communication data and the resources that you access and use on the Website.
- Information about your computer and internet connection, including your IP address, operating system and browser type.
The information we collect automatically is statistical data and may include personal information, and we may maintain it or associate it with personal information we collect in other ways or receive from third parties. It helps us to improve our Website and to deliver a better and more personalized service, including by enabling us to:
- Estimate our audience size and usage patterns.
- Store information about your preferences, allowing us to customize our Website according to your individual interests.
- Speed up your searches.
- Recognize you when you return to our Website.
The technologies we use for this automatic data collection may include:
- Flash Cookies. Certain features of our Website may use local stored objects (or Flash cookies) to collect and store information about your preferences and navigation to, from and on our Website. Flash cookies are not managed by the same browser settings as are used for browser cookies.
How We Use Your Information
We use information that we collect about you or that you provide to us, including any personal information:
- To present our Website and its contents to you.
- To provide you with information that you request from us.
- To fulfill any other purpose for which you provide it.
- To notify you about changes to our Website or any services we offer or provide though it.
- In any other way we may describe when you provide the information.
- For any other purpose with your consent.
Disclosure of Your Information
- To our subsidiaries and affiliates.
- To MedTrak personnel, your health plan, and other companies performing services on behalf of MedTrak or your health plan.
- To contractors, service providers and other third parties we use to support our business and who are bound by contractual and/or legal obligations to keep personal information confidential and use it only for the purposes for which we disclose it to them.
- To fulfill the purpose for which you provide it.
- For any other purpose disclosed by us when you provide the information.
- With your consent.
We may also disclose your personal information:
- To comply with any court order, law or legal process, including to respond to any government or regulatory request.
- If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of MedTrak, our customers or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.
We have implemented measures designed to secure your personal information from accidental loss and from unauthorized access, use, alteration and disclosure. All information you provide to us is stored on our secure servers behind firewalls. MedTrak protects your transactions using Secure Socket Layer (SSL) technology. Your sensitive information will automatically be encrypted before being sent over the internet. Encryption involves systematically scrambling numbers and letters so if someone managed to intercept that information they would not be able to make sense of it.
The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password for access to certain parts of our Website, you are responsible for keeping this password confidential. We ask you not to share your password with anyone. We urge you to be careful about giving out information in public areas of the Website like message boards. The information you share in public areas may be viewed by any user of the Website.
Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your personal information, we cannot guarantee the security of your personal information transmitted to our Website. Any transmission of personal information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Website.
Requirements and Responsibilities Regarding Your Protected Health Information (PHI) under HIPAA
As a Business Associate under the Health Insurance Portability and Accountability Act (“HIPAA”), MedTrak must comply with all HIPAA privacy provisions that protect beneficiaries’ protected health information (PHI). Please be aware that a beneficiary’s PHI may be used for the purposes of treatment, payment, and/or health care related operations.
MedTrak is dedicated to the protection of your PHI. We wish to make you aware of the use your PHI and to inform you of your rights and our obligations by law. We are required to do the following:
- Ensure all PHI remains private.
- Forward to you this notification explaining how MedTrak may use and disclose your PHI.
- Notify you of your rights regarding your PHI.
We will not use or disclose any of your PHI to others without your written permission, except as described below.
MedTrak may utilize and release your PHI in the following ways:
- To physicians and/or pharmacists for treatment reasons, such as managing or coordinating your care through their knowledge of knowing what your prescriptions are to avoid dangerous drug interactions.
- For reimbursement or payment purposes to your pharmacy for dispensing your prescriptions to you or to collect payment from you or a third party payor for the drugs you receive.
- For health care operations of your health plan and for our health care organization to improve the quality and service of the MedTrak program. This may include educational and wellness programs about medications you may be taking, customer care related matters to improve performance, medicine refill reminders, and to evaluate and improve the performance of our providers.
- For health plans or providers who are reimbursed for their services, including pharmacies that bill another payer or a health plan for your treatment and/or improvement requirements.
- For certain contractors who assist us with the operation of the MedTrak program regarding enrollment, outreach materials, educational programs, or external agencies for auditing purposes.
We will require contractors to agree in writing that they must protect your PHI they receive to perform their required services. We may use your PHI to contact you about certain products or services offered as part of the MedTrak program, which may include prescription refill reminders, alternative treatment options that may be beneficial to you and other health and wellness programs that may be of benefit or of interest to you. Under no circumstances will your PHI be used to contact you about any product or service not offered by MedTrak.
There are other circumstances where disclosure of your PHI may be made if certain circumstances apply. This includes:
- A personal representative who is actively involved in your care or to an individual who helps or assists you in payment of care and must be informed since you may be unable to, do not object to, or in a disaster relief matter that requires notification as to your medical status, condition, and/or location.
- As required by local, state, or federal law.
- To governmental agencies for oversight, compliance, civil rights issues, fraud and abuse investigations, abuse, neglect, and domestic violence.
- Organizations engaged in organ procurement transplants or to assist in facilitating donations or transplantations. To avoid a major threat to your general health and safety in addition to others around you, to appropriate military personnel in select circumstances should you be in armed forces or a military member, federal officials for intelligence and protection of our legislative, executive, and judicial branches of government, and correctional institutions and law enforcement officials if you are imprisoned. All of the above are under special and certain circumstances.
Your Protected Health Information (PHI) Rights
You have certain rights related to your PHI as described below. To exercise any of these rights, you must send a request in writing with any additional information you feel is necessary, including your card identification to:
MedTrak Services, LLC Attention: Privacy Officer 7101 College Blvd., Suite 1000 Overland Park, KS 66210
Right to Inspect and Copy Personal Health Information (PHI) About You
You have the right to inspect and copy PHI that is maintained about you. You may request a copy of the PHI and you may be charged to cover the cost of copying and mailing.
Amending your PHI
If it is your belief that your PHI is incomplete, inaccurate, or incorrect, you have the right to request that it be amended. In such a request, you must also include the version(s) that support the amendment. If MedTrak did not create the PHI, it is requested you explain why you believe the individual who created it is no longer available to amend the change.
Right to Account for PHI Disclosures
You may request a list of certain non-routine disclosures about your PHI. You must identify the time frame requested, you will be charged to cover costs of producing this information after the first 12 month period.
Your Right to Restrict PHI About You
You have the right to request a restriction on how MedTrak uses or discloses PHI about you regarding payment, treatment, or other health care operations. Furthermore, you have the right to request a restriction on information to be disclosed about you to the person or family member involved in your care. Such a request must specify what information should be restricted and in what way. Please note we are not required to comply with the request.
Permission to Copy this Notice in Paper
You may make a paper copy of this notice at any time. As a reminder, MedTrak will not disclose your PHI for any reason other than as described in this notice, or required or permitted by applicable law, without your written permission or authorization.
Effective Date: February 23, 2015