Rx Savings, LLC d/b/a Rx Savings Solutions, a Kansas limited liability company ("Rx Savings"), is committed to maintaining your confidence and trust. We will hold your personal health information in the strictest confidence and will keep your personal health information secure in accordance with the Security Rules under the Health Insurance Portability and Accountability Act of 1996 ("HIPAA Security Rules"). Above is a notification of how we may disclose your personal information in accordance with HIPAA and what rights you have to your personal health information under HIPAA (the "HIPAA Notice").
What information does Rx Savings collect?
Information You Give Us: Rx Savings collects all information that you provide to us online through completion of registration. It also includes information we collect in the following manner:
- If you use the Service, we will ask you to register with us and may ask for your contact information, prescription medication information, other health information and location. We may also ask for your postal address, email address, telephone number, and any additional necessary information for verification purposes.
- If you contact our Member Service phone line, we may ask for your name, postal address, e-mail address, telephone number, prescription medication/health information and such other information for verification purposes in allowing us to assist you.
Information from Employer/Health Plan: As part of the Service, we may have partnered with your employer, health plan, pharmacy benefit manager or other third-party to provide you the Service and to provide such third-party additional services. This third-party may provide us personal information which we will collect and securely store for the purpose of providing you and such third-party any and all services we may have agreed to provide.
Automatic Gathering of Information: We and individuals we may contract with to provide us with services (each, a "Service Provider"), may collect non-identifying information about your visit to our site or use of the Service, and your interaction with the Service. For example, we may keep track of how you navigate the Service and which parts you used and/or viewed. Dependent upon your internet service provider and/or browsing history, other companies may collect your Web browsing movements across the Internet (not just on the Service).
To do this, we and our Service Providers, use technology (e.g., cookies, action tags, Web beacons, and GIF tags), placed at various sections within the Service delivered by e-mail or served during your Web browsing session. Some of this technology may be disabled by changing your Web browser settings. Please consult the documentation for your Web browser on how to manage the information gathering and storage aspects of this technology on your computer. We and our Service Providers do not collect any personal information through the use of this technology. If you choose to reject all cookies, anonymous identifiers or similar technology, you may be unable to use much of the functionality of the Service. If you opt out of being tracked, we will reasonably attempt to ensure that new data collected about you will not be used by us for targeted advertising purposes. Unless we associate non-identifying information that we gather through use of the technology with your personal information, we will NOT treat such information as personal information.
Information from Other Sources: We may also collect information (including personal information) about you from our Service Providers and other third parties and add it to the personal information we maintain.
Transfer of Personal Information within the U.S. Only: Rx Savings’ headquarters is in the United States. Any information we collect from you will be processed in the United States only. The United States government has not sought nor received a finding of “adequacy” from the European Union under Article 45 of the General Data Protection Regulation (“GDPR”). In short, a finding of “adequacy” means that the European Commission has the power to determine whether a non-European Union country offers an adequate level of data protection. In the absence of an “adequacy” decision and no GDPR safeguards in place (e.g. binding corporate rules on the transfer of personal data outside the European Union), Rx Savings shall rely on derogations as set forth in Article 49 of GDPR where applicable and the protected health information safeguards required under the Health Insurance Portability and Accountability Act (“HIPAA”) Security Rule. Examples of derogations Rx Savings would rely on are that we control or process personal data: within the United States only with the user’s explicit consent; to perform a contract; under a legal obligation; or in a manner that does not outweigh the individual’s rights and freedoms. Rx Savings seeks to apply suitable and applicable safeguards to protect the privacy and security of your personal data by the use of data protection measures consistent with HIPAA, Health Information Technology for Economic and Clinical Health (“HITECH”) and the NIST Cybersecurity Framework.
If at any time you wish to confirm that Rx Savings is only processing personal data within the United States, please contact our Privacy Officer at firstname.lastname@example.org.
How does Rx Savings use the information it collects?
To Provide Services
We use your personal information, including contact information, to provide you the Service, respond to your requests, provide services to a third-party partner that is assisting to provide the Service for your benefit (such as your employer, health plan or pharmacy benefit manager), and/or as otherwise necessary for us to conduct business, so long as such use is permitted by law. We may also use your personal information to contact you via email, phone, mail or text messaging if we want to communicate with you about the Service (i.e. your prescription cost savings report is ready to be reviewed or we have found you additional cost savings opportunities) and/or submissions to us or to respond to other requests.
When you register with us and provide your phone number to receive text messages, you are specifically giving your express consent and agree to allow us to send you text message notifications related to the Service (i.e., you have an opportunity to save money on a prescription medication).
To Provide Promotional Messages
We may also use your personal information to send newsletters, information about us and the Service, notify you of changes to the Service and to provide up-to-date information on Rx Savings’ services that may be of interest to you. We may also use non-identifying information about your visits to the Service and other websites in order to inform you of services that may be of interest to you, make sure you are not shown content repeatedly on the Service, deliver information specific to your interests, and save your password so you don't have to re-enter it each time you visit our website.
Other Business Purposes
Will Rx Savings disclose my personal information?
Disclosure In Compliance with the HIPAA Security Rule
We protect your personal health information in accordance with the HIPAA Security Rules. We may use or disclose your personal information in accordance with HIPAA. Please see the HIPAA Notice of Privacy Practices for a discussion of how your medical information may be used and disclosed in accordance with HIPAA.
Disclosure to Service Providers
We may engage Service Providers from time to time to perform business functions on our behalf, including, but not limited to, sending e-mail, maintaining customer lists, analyzing data, providing marketing assistance, processing payments, and providing customer service. We may furnish personal information to our Service Providers as required to perform these business functions on our behalf; provided, however, we will not disclose or share any of your personal health information to any Service Provider unless it is a permitted disclosure under HIPAA. The HIPAA Notice of Privacy Practices sets forth the list of disclosures that are permitted under HIPAA, 45 C.F.R. § 164.512 (2016).
We may engage Service Providers and share non-identifying information and aggregated information with them for purposes of analysis and improvement of the Service. In addition, we may select certain Service Providers to provide us with digital analytics and marketing optimization services. These Service Providers use technology, such as cookies and anonymous identifiers, to collect information on our behalf that will educate us on such things as search engine referral, how you navigate around the Service, and unique visitor identification. These Service Providers are not permitted to use personal health information, username or password information. We engage these Service Providers solely for the purpose of helping us improve the Services.
We may use and disclose de-identified health information with Service Providers for data analytics purposes. Prior to data transfer, protocols will be followed to certify the information has been properly de-identified in accordance with the HIPAA Privacy Rule. The information will be aggregated, de-identified, collected, and/or reported for purpose of research according to standard research rules, and will be stripped of patient identifiers. De-identified data sets will contain no protected health information. When the de-identified health information is shared with Service Providers or a third-party, the recipient will not have access to a crosswalk file or any other means of re-identifying patients or linking PHI.
These Service Providers analyze the information collected on our behalf and return it to us through a secure web connection for our use in understanding your use of the Service and how to better serve you. These Service Providers will be contractually prohibited from using our information for any other purpose and are required to maintain all information collected and their analyses in strictest confidence. You may choose to continue to benefit from the improved experience with the Service that such analyses provide to you, but maintain your anonymity. You may also choose to deactivate the ability of these Service Providers to analyze your browsing behavior at the Service by setting your Web browser to reject cookies and other technology.
Disclosure to Law Enforcement
From time to time, we may be required to disclose your personal information in response to a court order, subpoena, government investigation, or as otherwise required by law. We also reserve the right to share information with law enforcement agencies concerning any activities that we, in good faith, believe to be unlawful. We also may share certain personal information when we believe that such sharing is reasonably necessary to protect the rights, property, and safety of others and ourselves.
How can I review and revise my personal information?
You may always review your Service account profile and update it. You may also modify certain personal information including your personal prescription medication profile at any time by logging into your account.
We are ready to assist you in checking or changing your personal profile. You may reach us by any means found on the "Contact Us" page of www.rxsavingssolutions.com.
Please note that you may not access or change non-identifying information that we collect from visitors to the Service through use of technology or otherwise.
How can I opt-out of receiving communications from Rx Savings?
If you would prefer not to receive our e-mail offers, please select the "unsubscribe" link or follow the instructions in our e-mail message. To unsubscribe from text messages, text “STOP” to our opt-out number (1-913-210-8326). It may take Rx Savings up to ten (10) business days to reflect your preferences in our databases.
How does Rx Savings protect my personal information?
Rx Savings protects all of your personally identifiable information, including, but not limited to your medical information and prescription medication profile in compliance with the HIPAA Security Rule. We hold all of your personal information in the strictest confidence. We have implemented commercially reasonable physical, technological, and administrative procedures to safeguard and secure the personal information we collect. In addition, we use other means, such as firewalls and encryption, to safeguard the confidentiality of this information.
However, no method of transmission or electronic storage provides absolute certainty of security. Therefore, we cannot guarantee the absolute security of the information that we collect.
The safety of children is very important to us. We are committed to protecting children's privacy on the Internet and comply fully with the Children's Online Privacy Protection Act. We do not knowingly or intentionally collect personal information from children under the age of 13. If a child has provided us with personal information through the Service or otherwise, we ask that a parent or guardian contact us through the "Contact Us" page of www.rxsavingssolutions.com, and we will delete the information about the child from our files.
Use of Voice Assistant Devices.
Communication of health information through the use of the Services in connection with a voice assistant device contains the risk of unauthorized interception of the transmission. While Rx Savings is fully compliant with the HIPAA Rules, the voice device itself is not HIPAA compliant. Voice assistant devices collect and store both the spoken utterance from the user and the skill’s response. While the user may delete data held by the voice assistant device in the application’s settings, there remains a high risk that health information could be inadvertently disclosed to an unauthorized third-party. By using the Service in connection with a voice assistant device, you acknowledge and consent that such use may or may not always be secure, as defined under 45 C.F.R. § 164.402. As such, Rx Savings will not be liable for any unauthorized disclosures that occur while in transmission.
How to Contact Us.
Rx Savings, LLC
Attn: Privacy Officer
5440 W. 110th Street, Suite 200
Overland Park, KS 66211
Toll Free: 1-800-268-4476