Privacy Statement

Introduction

This Privacy Statement applies to the Websites which are owned and operated by Kaiser Foundation Health Plan, Inc. (“Kaiser Permanente”, “KP”). This Privacy Statement describes how Kaiser Permanente collects and uses the personal information you provide, and other information that is collected from your use of the Websites. It also describes the choices available to you regarding our use of your personal information and how you can access and update this information.

Kaiser Permanente is committed to protecting the privacy of the users of the Websites. We will use and disclose your personal information as stated in this Privacy Statement.

Website Privacy Statement

Our use and disclosure of an individual’s personal information is limited as required by state and federal law. We do not sell or rent personal information about visitors to the Websites.

Security

The Websites have security measures in place that are intended to help protect against the loss, misuse, unauthorized access or alteration of information under our control. These measures may include encryption of data using the Secure Socket Layer (SSL) system. Despite these measures, the confidentiality of any communication or material transmitted to or from us via the Websites by the Internet cannot be guaranteed. At your discretion, you may contact us at the mailing address or telephone number listed in the “Questions, complaints, and contacts” section at the end of this Privacy Statement.

Revisions to the Privacy Statement

We may revise this Privacy Statement from time to time as we add new features or modify the way in which we manage information, or as laws change that may affect our services. If we make material changes to our Privacy Statement, we will post notice of this on our Websites prior to the changes becoming effective. Any revised Privacy Statement will apply both to information we already have about you at the time of the change, and any personal information created or received after the change takes effect. We include a version number on this Privacy Statement consisting of the date (year, month, and day) it was last revised. We encourage you to periodically reread this Privacy Statement, to see if there have been any changes to our policies that may affect you.

Website visitor data

Kaiser Permanente routinely gathers data on website and mobile application activity, such as how many people visit the sites, the web pages they visit, where they come from, how long they stay, etc. The data is collected on an aggregate, anonymous basis, which means that no personally identifiable information is associated with the data. This data helps us improve our content and overall usage. The information is not shared with other organizations for their independent use.

The Websites do not honor a browser’s signal or header request not to track the user’s activity.

Collecting and using personal information

Except as disclosed in this Privacy Statement, we do not collect any personally identifiable information about visitors to the Websites. The policies, sources, and uses of information are outlined in Sections 1 through 15 that follow:

1. Information Collection and use

We collect the following personal information from you:

We use this information to:

2. Web Logs

We maintain standard Web logs that record data about all visitors and customers who use the Websites and we store this information. These logs may contain the Internet domain from which you access the site (such as aol.com, abc.org, etc.); the IP address which is automatically assigned to your computer when you get on the Internet (a static IP address may be identifiable as being connected to you, while a dynamic address is usually not identifiable); the type of browser and operating system you use; the date and time you visited; the pages; and the address of the website you linked from, if any. All Web logs are stored securely, and may only be accessed by Kaiser Permanente employees or designees on a need-to-know basis for a specific purpose. Kaiser Permanente uses Web log information to help us design our Websites, to identify popular features, to resolve user, hardware, and software problems, and to make the Websites more useful to visitors.

3. Internet cookies

We may place Internet “cookies” on the computer hard drives of visitors to the Websites. Information we obtain from cookies helps us to tailor our sites to be more helpful and efficient for our visitors. The cookie consists of a unique identifier that does not contain information about you or your health history. We use two types of cookies, “session” cookies and “persistent” cookies.

A session cookie is temporary, and expires after you end a session and close your web or app browser. We use session cookies to help customize your experience on our site, maintain your signed-on status as you navigate through our features, and to track your “click path” through our Web pages.

Persistent cookies remain on your hard drive after you’ve exited from our website, and we use them for several reasons. For instance, if you’ve given us permission to email you with information, we may place a persistent cookie on your hard drive that will let us know when you come back to visit our site. We sometimes use this type of persistent cookie with a “Web beacon” (see below). Persistent cookies will not contain any personal information about you. You may have software on your computer that will allow you to decline or deactivate Internet cookies, but if you do so, some features of the Websites may not work properly for you. For instructions on how to remove cookies from your hard drive, go to your browser’s website for detailed instructions. In addition, further information regarding cookies may be available on other websites or from your Internet service provider. Safari, Chrome, Firefox, Internet Explorer and iOS browsers are commonly used browsers.

4. Web beacons

We may also occasionally use “Web beacons” (also known as “clear gifs,” “Web bugs,” “1-pixel gifs,” etc.) that allow us to collect non-personal information about your response to our email communications, and for other purposes. Web beacons are tiny images, placed on a Web page or email, that can tell us if you’ve gone to a particular area on our website. For example, if you’ve given us permission to send you emails, we may send you an email urging you to use a certain feature on our website. If you do respond to that email and use that feature, the Web beacon will tell us that our email communication with you has been successful. We do not collect any personal information with a Web beacon.

Since Web beacons are used in conjunction with persistent cookies (described above), if you set your browser to decline or deactivate cookies, Web beacons cannot function.

5. Re-Targeting

We partner with a third party ad network to manage our advertising on other sites.  Our ad network partner uses cookies and Web beacons to collect non-personally identifiable information about your activities on the Websites and to then provide you with KP advertising on other websites.  We may also place a persistent third-party cookie (provided by Google) on your hard drive if you sign on to kp.org.  This cookie will prevent kp.org members from seeing advertising that is targeted towards people who are not members of Kaiser Permanente’s health plan, when searching on Google.

If you wish to not have this information used for the purpose of serving you targeted ads, you may opt-out by utilizing the Google opt-out tool.

Please note this does not opt you out of being served advertising.  You may continue to receive generic non-targeted ads.

6. Emails and SMS text messaging

Kaiser Permanente uses a third-party vendor to help us manage some of our email and text messaging communications with you. While we do supply these vendors with email addresses or mobile telephone numbers of those we wish them to contact, your email address or mobile telephone number is never used for any purpose other than to communicate with you on our behalf. When you click on a link in an email, you may temporarily be redirected through one of the vendor’s servers (although this process will be invisible to you) which will register that you’ve clicked on that link, and have visited our Websites. Kaiser Permanente never shares any information, other than your email address or telephone number, with our third-party vendors, which may only share this information with its authorized subcontractors.

Even if you have given us permission to send emails or text messages to you, you may revoke that permission at any time by following the “unsubscribe” information at the bottom of the email or by replying “Stop” to any text message you receive from us.

7. Evaluation and quality improvement

We may periodically ask users to complete voluntary surveys asking about their experiences with features of the Websites. Our surveys ask visitors for demographic information such as age, gender, and education, but will not request that users provide specific information about any medical condition. We use survey information for evaluation and quality improvement purposes, including helping Kaiser Permanente to improve information and services offered through the Websites. In addition, with your permission, users giving feedback may be individually contacted for follow-up due to concerns raised during the course of such evaluation. Demographic information and Web log data may be stored for future evaluation and quality improvement activities.

8. Messages you send us

Comments or questions sent to us by email will be shared with Kaiser Permanente staff who are most able to address your concerns. We will archive your messages once we have made our best effort to provide you with a complete and satisfactory response.

9. Data integrity and correction

If your personal information changes, or to update or request deletion of information collected on our Websites, please use the contact information in the “Questions, complaints, and contacts” section below.  We will respond to all such requests within 30 days.

10. Children

We do not knowingly collect personally identifiable information from children under the age of 13.  If Kaiser Permanente is made aware of collecting information from a child under 13 we will delete this information.

11. Disclosures

We may disclose personal information to any person performing audit, legal, operational, or other services for us. We will use information which does not identify the individual for these activities whenever reasonably possible. Information disclosed to vendors or contractors for operational purposes may not be re-disclosed to others by such a vendor or contractor, except as permitted by KP and applicable law.

We may also disclose your personal information:

12. Opt out

If a user makes a request to receive information (for example, requesting a subscription to one of our online publications)  in an ongoing manner through the Websites by providing an email address or mobile phone number the user may request to discontinue future mailings or messages. Similarly, if you receive information about a Kaiser Permanente service through email or text message, you may make a request to discontinue receiving similar messages in the future. All such materials sent to you by email or text message will contain information about how to opt out.

13. Data Retention

We will retain your information for as long as needed to provide you services.  We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements

14. Social Media

Our Websites include Social Media Features, such as the Facebook button. These Features may collect your IP address, which page you are visiting on our site, and may set a cookie to enable the Feature to function properly. Social Media Features are either hosted by a third party or hosted directly on our Site. Your interactions with these Features are governed by the privacy statement of the company providing them.

15. Links to Third Party Websites

Our Websites may include links to other websites whose privacy practices may differ from those of Kaiser Permanente. If you submit personal information to any of those sites, your information is governed by their privacy statements. We encourage you to carefully read the privacy statement of any website you visit. Our Websites may include links to other websites whose privacy practices may differ from those of Kaiser Permanente. If you submit personal information to any of those sites, your information is governed by their privacy statements. We encourage you to carefully read the privacy statement of any website you visit.

Questions, complaints, and contacts

If you have any questions about this Privacy Statement, our policies and practices concerning the Websites or the App, your rights under this statement, and your dealings with the Kaiser Permanente Websites, you can contact Kaiser Permanente by telephone at 1-800-556-7677 (toll free), 1-800-777-1370 TTY (toll free), or by U.S. mail at the address below:

Kaiser Permanente Digital Services Group
5820 Owens Drive, Building E-2, Second Floor
Pleasanton, CA 94588

Last revised December 31, 2014