Effective January 2021
The following information summarizes our personal identifying information gathering and dissemination practices for the Signify Health's website located at the URL, www.signifyhealth.com, (the "Site"). Personal identifying information includes information that can be linked to a specific individual, such as a name, address, phone number, or email address.
We collect and process personal information in two capacities. When you visit the Site, we may collect and process information for our own business purposes. In addition, when we are providing services for a “covered entity” partner, we act as a “business associate” under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). In that capacity, we collect, receive, maintain, use, and disclose Protected Health Information (“PHI”) only as permitted or required under applicable laws and contract, and our partner’s privacy notice describes and controls how we collect and process PHI.
By using our website, you consent to the collection and use of your information by Signify Health, as described below.
What Information Does Signify Health Collect?
Users may visit the website without giving Signify Health any personal information. However, users will need to register to gain access to resource content, receive customized information or enroll in a Signify Health-sponsored education or training program.
Signify Health will collect name, title, employer, mailing address, telephone number, fax number and email address. Contact demographic information may be voluntarily provided by individuals who register on Signify Health's website. We also collect Internet Protocol (IP) addresses from all users of our Site, the date and time of access, and may catalog the type of computer, browser, or operating system used by the user. If we conduct a video assessment with you, we will receive audio and video images of you and information about your health status.
How Does Signify Health Use that Information?
Until you register to gain access to the resources section of the Signify Health website or enroll in an Signify Health-sponsored education or training program, you are able to browse the Site without providing any personal identifying information, although your browser may tell us what type of computer and operating system you are using as well as other kinds of technical information.
Below, is more detail on how Signify Health uses the personal identifying information of those individuals who have registered for the resource section of the Site or enrolled in an Signify Health -sponsored education or training program. Signify Health collects, receives, maintains, uses, and discloses PHI on behalf of our “covered entity” partners, as permitted or required under applicable law and contract.
Contact Information: Where permitted by applicable law and contract, Signify Health may use your contact information to provide its services, to advertise its services, to provide you with news, updates, products, services, upcoming events and other information, to send you text messages and SMS notifications, to communicate with you via email, and to get in touch with you when necessary with respect to transactions. We do share your contact information with our business partners, as is necessary to provide our services and, if permitted by law and contract, for advertising purposes. For example, we may disclose your information to our communications vendors to enable a video assessment or to send you emails or text messages. Except for sharing arrangements with Signify Health's business partners, we do not share your contact information with other types of third parties for any other purpose, except to a court or governmental agency if required by law or unless we first obtain consent from you to do so. Site visitors who do not wish to receive notifications or other information via email can choose to opt out of receiving such information at any time upon receipt of any promotional email.
Demographic Information: Where permitted by applicable law and contract, Signify Health may use or share, lease, rent, license, and/or sell demographic data on an aggregated basis, which will not identify any particular user, with our business partners, suppliers, and, if permitted by law and contract, for advertising purposes.
Transactional Information: Where permitted by applicable law and contract, Signify Health may use or share, lease, rent, license, and/or sell transactional data on an aggregated basis, which will not identify any particular user with advertisers or other third parties, including our business partners, suppliers, sponsors, and vendors, for business purposes.
Technical Information: We use technical information, such as your IP address or browser type, to help diagnose problems with our servers, analyze Site usage trends, track user movements on the Site, to provide our services, and to otherwise manage and monitor our Site.
Training and Examination Information for Users Which Enroll in Certain Signify Health Training Programs: Individuals may enroll in Signify Health training programs through this Site. If agreed to by the individual enrolled in a program, Signify Health may share certain training and examination information about that individual with third parties upon request.
Video Consultations: If we conduct a video assessment with you, we will receive audio and video images of you and information about your health status. We use and share this information as necessary to provide our services. For example, we will share your results with the covered entity and our communications vendors. Our “covered entity” partner’s privacy notice controls how we collect and process PHI.
By registering for a password and logging on to the member-level areas of the Signify Health site, registered members need only enter their username and password once, utilizing enabled cookies. For subsequent visits, the website grants the user the option to "remember" username and password. If a user's browser is configured to reject the cookie, they may still use our site.
What About External or Third Party Websites?
What About Security?
Signify Health places a premium on making sure that personal identifying information remains private and secure and is not subject to misuse or manipulation. Accordingly, this Site has industry standard security measures in place, including storage of personal identifying information in a secure environment, to protect against the loss, misuse, and alteration of the information under Signify Health's control. Although Signify Health has endeavored to create a secure and reliable Site, the confidentiality of any communication or material transmitted via the Internet cannot be guaranteed. Accordingly, you should consider carefully if you want to submit sensitive information via the Internet. Messages that you send to us via e-mail may not be secure. Signify Health suggests that you do not send any confidential information to us by e-mail. If you choose to send confidential information to us by email, you accept the risk that a third party may intercept your information. Signify Health urges you to take every precaution to protect your personal identifying information when online.
What About Correcting, Deleting, or Updating Information?
At any time, you may contact Signify Health at webmaster@SignifyHealth.com to correct, modify, or delete the information you provide to Signify Health through this Site, namely, your name, address, e-mail address and phone number. Moreover, when you cease to use Signify Health's services and no longer wish to be included in Signify Health database, you may contact Signify Health at webmaster@SignifyHealth.com to request to have your information removed from our database. In the event that Signify Health receives such a request or change, Signify Health may require you to confirm or verify any change to your record. Please note, however, that the collection and uses of certain personal identifying information is necessary to provide certain products and services through the Site and the deletion of such necessary information (e.g., an e-mail address) may render a particular service or Signify Health's ability to provide it inoperable.
What About Children?
Signify Health cares about the safety of children on its Site and encourages parents and guardians to monitor their children’s use of the Internet. Although the Site is suitable for a general audience, this Site is intended for use only by users who are over 18 years of age. Accordingly, Signify Health does not knowingly solicit personal identifying information from children or send them requests for personal information.
Privacy Notice for California Residents
Effective: February 3, 2021
The CCPA is a law related to protecting the privacy of consumers who reside in the State of California. This Notice describes when, why and how we collect, use and otherwise handle personal information of California residents.
What Personal Information Do We Collect?
We collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device (“personal information”).
Personal information does not include:
We obtain the categories of personal information listed above from the following categories of sources:
Notwithstanding the foregoing, we may have collected the following categories of personal information from consumers within the last twelve (12) months:
Examples: Name, postal address, Internet Protocol address, email address, Social Security number, driver’s license number, passport number, an alias or unique personal/online identifier (such as user name or login name), or other similar identifiers.
Examples: Name, signature, voice, photograph, physical characteristics, Social Security number, address, telephone number, fax number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, bank account number, credit card number, debit card number, or any other financial information, physical illness, mental illness or disabilities.
Examples: Age, ethnicity, citizenship, religion or creed, marital status, physical illness, mental illness or disabilities, gender, veteran status.
Examples: Records of personal property, dates and locations of products or services purchased, obtained, or considered; or other purchasing or consuming histories or tendencies.
Examples: Access history and information on your interaction with our website and Services.
Examples: Location information collected by a browser or inferred by IP addresses, mobile device signals.
Examples: Audio recordings, electronic, visual or similar information.
Examples: Occupation, employer information.
Examples: Education level, school attended.
Examples: Consumer type, potential purchasing behavior.
Use of Personal Information
We may use or disclose the personal information we collect for one or more of the following business purposes:
We will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated, or incompatible purposes without providing you notice.
Sharing Personal Information
We may disclose your personal information to a third party for a business purpose. When we disclose personal information for a business purpose, we enter a contract that describes the purpose and requires the recipient to both keep that personal information confidential and not use it for any purpose except performing the contract.
In the preceding twelve (12) months, we have disclosed the following categories of personal information for a business purpose:
We disclose your personal information for a business purpose to the following categories of third parties:
In the preceding twelve (12) months, we have not sold any personal information.
Your Rights and Choices
The CCPA provides California residents with specific rights regarding their personal information. This section describes your CCPA rights and explains how to exercise those rights.
Access to Specific Information and Data Portability Rights
You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months. Once we receive and confirm your verifiable consumer request, we will disclose to you:
Deletion Request Rights
You have the right to request that we delete any of your personal information we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies.
We may deny your deletion request if retaining the information is necessary for us or our service providers to:
Exercising Access, Data Portability, and Deletion Rights
To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request to us by email at email@example.com.
Only you or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information.
You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:
We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. Making a verifiable consumer request does not require you to create an account with us. We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.
Response Timing and Format
We strive to respond to a verifiable consumer request within 45 days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing. If you have an account with us, we will deliver our written response to the registered email associated with the account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option. Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.
We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:
Changes to Our Privacy Notice
We reserve the right to amend this Privacy Notice at our discretion and at any time. The date this Privacy Notice was last updated is identified at the top of this Notice. You are responsible for periodically visiting the Signify website and this Privacy Notice to check for any changes.
What About Any Other Questions?
If you have any questions about Signify Health's security policies, you can contact Signify Health at Signify Health LLC, 4055 Valley View Lane, Ste 400, Dallas, TX 75244 ATTN: Security Department or email Security@signifyhealth.com.