The majority of the ProActRx.com website is accessible only to registered users. To become a registered user, you must receive prescription benefits from a company who has hired ProAct Inc. to provide you with online prescription services. Your name, address, password, medical information and e-mail address are examples of personally identifiable information that we collect. This information is necessary to provide online prescription services and to provide additional information needed to process your orders.
We do not sell, rent or loan or give your personal information to any non-affiliated third parties, except as described in this Policy. We will not intentionally release your prescription information other than to you, ProAct Inc. and its affiliated companies, our agents (such as contracted fulfillment parties, if any), your authorized representative or your prescription drug plan, so that we can handle reimbursement of your prescription purchase for your convenience. As required by law, we will disclose medical and other information which may relate to you.
In some circumstances, our use of your information is subject to the requirements of the Health Information Portability and Accountability Act (“HIPAA”). This will be the case when you submit information to ProAct as your pharmacy (i.e., to request a prescription refill) or when you submit information to ProAct when ProAct is acting on behalf of your health plan, in which case your health plan’s HIPAA Notice of Privacy Practices will apply.
ProAct collects personally identifiable information at ProActRx.com from web visitors who are interested in receiving services it offers. ProAct also collects additional information from registered users, such as shipping address, billing address, credit card number and other information necessary to process your prescription drug order. In order to provide you with online pharmacy services, ProAct receives certain personally identifiable information about registered users from the user’s employer’s health plan.
For potential registered users, we will compare information you provide to the database of information provided by your employer or health plan in order to confirm your eligibility to become a registered user.
To register on this site, we collect Personally Identifiable Information, or PII. This includes information like your name, address, e-mail address and/or birth date. This PII is maintained throughout the time you are an active ProAct member. If your membership status changes, we maintain this information securely in accordance with our Records Retention Policy and Procedure. Our current policy is to retain this information for seven (7) years after your membership status terminates.
How We Use Your Personal Heath Information.
We may use and disclose your Personal Health Information (PHI) for the following purposes:
- We may use and disclose your PHI to healthcare professionals or other third parties to provide, coordinate and manage the delivery of healthcare.
- We may use and disclose PHI about you to receive payment for our services, manage your account, fulfill our responsibilities under your benefit plan and process your claims for drugs you have received.
- We may use and disclose your PHI to carry on our own business planning and administrative operations. We need to do this so we can provide you with high-quality services.
- We may use or disclose your PHI to contact you about treatment options or alternatives that may be of interest to you.
- We may disclose PHI about you to someone who assists in or pays for your care. Unless you write to use and specifically tell us not to, we may disclose your PHI to someone who has your permission to act on your behalf. We will require this person to provide adequate proof that he or she has your permission.
- If you are a minor or under a legal guardianship, we may release your PHI to your parents or legal guardians when we are permitted or required to do so under federal and applicable state law.
- We arrange to provide some services through contracts with business associates so that they may help us operate more efficiently. We may disclose your PHI to business associates acting on our behalf. If any PHI is disclosed, we will protect your information from unauthorized use and disclosure using confidentiality agreements. Our business associates may, in turn, use vendors to assist them in providing services to us. If so, the business associates must enter into a confidentiality agreement with the vendor, which protects your information from unauthorized use and disclosure.
- Under certain circumstances, we may use and disclose PHI about you for research purposes. Before we use or disclose PHI about you, we will either remove information that personally identifies you, obtain your written authorization or gain approval through a special approval process designed to protect the privacy of your PHI. In some circumstances, we may use your PHI to generate aggregate data (summarized data that does not identify you) to study outcomes, costs and provider profits, and to suggest benefit designs for your employer or health plan.
- We may disclose PHI to a health oversight agency performing activities authorized by law, such as investigations and audits. These agencies include governmental agencies that oversee the healthcare system, government benefit programs and organizations subject to government regulation and civil rights laws.
- We may use your PHI to create data that cannot be linked to you by removing certain elements from your PHI, such as your name, address, telephone number and member identification number. We may use this de-identified information to conduct certain business activities, for example, to create summary reports and to analyze and monitor industry trends.
- We may disclose your PHI to prevent or lessen an imminent threat to the health or safety of another person or the public. Such disclosure will only be made to someone in a position to prevent or lessen the threat.
- If we are requested by law enforcement officials or judicial authorities to provide information on individuals, we may, without your consent, provide such information. In matters involving claims of personal or public safety, or in litigation where the data is pertinent, we may use or disclose personal information without your consent or court process.
- We may use information you submit to investigate security breaches or otherwise cooperate with authorities pursuant to a legal matter. We may also remove personally identifiable information and use remaining data for historical, statistical or business planning purposes.
Your Rights with Respect to Your PHI.
Subject to some restrictions, you may inspect and copy PHI that may be used to make decisions about you. If we maintain an electronic health record containing your PHI, you have the right to request that we send a copy of your PHI in an electronic format to you or to a third party that you identify.
If you believe PHI about you is incorrect or incomplete, you may ask us to amend the information. You must provide a reason supporting your request to amend.
You have the right to request an accounting of disclosures of your PHI. This accounting identifies the disclosures we have made of your PHI other than for treatment, payment or healthcare operations. The provision of an accounting of disclosures is subject to certain restrictions.
You have the right to request a restriction or limitation on the PHI we use and disclose about you for treatment, payment or healthcare operations. You may also request your PHI not be disclosed to family members or friends who may be involved in your care or paying for your care.
You may ask that we communicate with you in an alternate way or at an alternate location to protect the confidentiality of your PHI.
You have the right to be notified following a breach of unsecured PHI if your PHI is affected.
How We Protect Your Information.
Our website is scanned on a regular basis for security holes and known vulnerabilities in order to make your visit to our site as safe as possible.
Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and we are required to keep the information confidential. In addition, all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology.
We implement a variety of security measures when a user placing an order enters, submits or accesses their information to maintain the safety of your personal information.
You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser settings.
If you disable cookies off, some features will be disabled. It won’t affect the user’s experience that make your site experience more efficient, and some of our services will not function properly.
Third Party Disclosure.
We do not sell, trade or otherwise transfer to outside parties your personally identifiable information.
Third Party Links.
Occasionally, at our discretion, we may include or offer third party products or services on our website. These third party sites have separate and independent privacy policies. We therefore have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our site and welcome any feedback about these sites.
Does our site allow third party behavioral tracking?
It is important to note that we do not allow third party behavioral tracking.
COPPA (Children Online Privacy Protection Act).
When it comes to the collection of personal information from children under 13, the Children’s Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, the nation’s consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children’s privacy and safety online. We do not specifically market to children under the age of 13.
Fair Information Practices.
The Fair Information Practices Principles form the backbone of privacy law in the Unites States, and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.