Last Updated: April 26, 2020
Information Collected or Received from You
When you use the Site, we may collect Personal Information and other information from you as further described below.
HSM Account Information
If you create an HSM Account, we’ll collect certain information that can be used to identify you, such as your name and email address, which is Personal Information.
Information Collected Using Cookies and other Web Technologies
Like many website owners and operators, we use automated data collection tools such as Cookies and Web Beacons to collect certain information.
“Web Beacons” (also known as Web bugs, pixel tags or clear GIFs) are tiny graphics with a unique identifier that may be included on our Site for several purposes, including to deliver or communicate with Cookies, to track and measure the performance of our Site, to monitor how many visitors view our Site, and to monitor the effectiveness of our advertising. Unlike Cookies, which are stored on the user’s hard drive, Web Beacons are typically embedded invisibly on web pages (or in an e-mail).
HIPAA and PHI
Certain demographic, health and/or health-related information that HSM collects about Consumers as part of providing the Site to our Clients may be considered “protected health information” or “PHI” under the Health Insurance Portability and Accountability Act (“HIPAA”). Specifically, when HSM, acting as a “Business Associate” (as such term is defined in HIPAA) receives identifiable information about a Consumer from or on behalf of a Client, or Customer’s doctor, dentist, or other healthcare specialist, professional, provider, organization or agent or affiliate thereof (collectively, “Healthcare Providers”), this information is considered PHI. Personal data that a Consumer provides to HSM outside of the foregoing context is not PHI. For example, when you provide information directly to us, such as when creating an account or using our interactive tools and Site, searching for Healthcare Providers or available appointments with Healthcare Providers, and completing medical history forms (“Medical History Forms”); or when you voluntarily provide information in free-form text boxes through the Site or through responses to surveys and questionnaires, or post reviews; or when you send us an email or otherwise contact us, that information is not PHI.
HIPAA provides specific protections for the privacy and security of PHI and restricts how PHI is used and disclosed. HSM may only use and disclose PHI in the ways permitted by a Consumer’s Healthcare Provider(s) or authorized by a Consumer.
Links to Other Sites
Information Related to Use of the Site
Our servers automatically record certain information about how our users (each, a “User”) use our Site (we refer to this information as “Log Data”). Log Data may include information such as a User’s Internet Protocol (IP) address, browser type, operating system, the web page that a User was visiting before accessing our Site, the pages or features of our Site to which a User browsed and the time spent on those pages or features, search terms, the links on our Site that a User clicked on and other statistics. We use Log Data to administer the Site and we analyze (and may engage third parties to analyze) Log Data to improve, customize and enhance our Site by expanding their features and functionality and tailoring them to our Users’ needs and preferences. We may use a person’s IP address to generate aggregate, non-identifying information about how our Site is used.
Information Sent by Your Mobile Device
We collect certain information that your mobile device sends when you use our Site. For example, we may collect a device identifier, user settings and the operating system of your device, as well as information about your use of our Site.
How We Use Information
Our primary goals in collecting information are to provide you a secure, smooth, and customized experience, to administer your use of the Site (including your HSM Account), and to enable you to enjoy and easily navigate our Site. For example, we may use your information to verify your identity, allow you to register with HSM, improve content on the Site, provide notices, communicate with you via email, monitor against fraud, or provide customer support at your request.
Information that We Share with Third Parties
We will never sell User Information to any third parties without your consent. We will not share any User Information that we have collected from or regarding you except as described below:
Information Shared with Our Site Providers
We may engage third-party Site providers to work with us to administer and provide the Site. These third-party Site providers have access to your Personal Information only for the purpose of performing Site on our behalf.
Information Shared with Other Third Parties
We may share aggregated information and non-identifying information with third parties for industry research and analysis, demographic profiling and other similar purposes.
Information Disclosed for Our Protection and the Protection of Others
We cooperate with government and law enforcement officials or private parties to enforce and comply with the law. We may disclose any information about you to government or law enforcement officials or private parties as we, in our sole discretion, believe necessary or appropriate: (i) to respond to claims, legal process (including subpoenas); (ii) to protect our property, rights and safety and the property, rights and safety of a third party or the public in general; and (iii) to stop any activity that we consider illegal, unethical or legally actionable activity.
California Privacy Rights
California residents may seek disclosures as to the categories or specific pieces of Personal Information HSM collects, processes, and stores about them, and may contact us regarding their rights to access and request deletion of their Personal Information. Please refer to the California Consumer Privacy Act (CCPA) Privacy Notice for further information.
We offer you choices regarding the collection, use and sharing of your Personal Information and we’ll respect the choices you make. Please note that if you decide not to provide us with the Personal Information that we request, you may not be able to access all of the features of the Site.
Modifying Your Information
Responding to Do Not Track Signals
Our Site does not have the capability to respond to “Do Not Track” signals received from various web browsers.
The Security of Your Information
We take reasonable administrative, physical, and electronic measures designed to protect the information that we collect from or about you (including your Personal Information) from unauthorized access, use or disclosure. When you enter sensitive information on our forms, we encrypt this data using SSL or other technologies. Please be aware, however, that no method of transmitting information over the Internet or storing information is completely secure. Accordingly, we cannot guarantee the absolute security of any information.
Your Personal Information may be transferred to, and maintained on, computers located outside of your state, province, country or other governmental jurisdiction where the privacy laws may not be as protective as those in your jurisdiction. If you’re located outside the United States and choose to provide your Personal Information to us, we may transfer your Personal Information to the United States and process it there.
Our Policy Toward Children
Our Site is not directed to children under 13 and we do not knowingly collect Personal Information from children under 13. If we learn that we have collected Personal Information of a child under 13 we will take steps to delete such information from our files as soon as possible.