Patient Application Privacy Notice
1. Rx Connect's Limited Role
Rx Connect’s applications and services subject to this Notice are designed to help healthcare providers interact with their patients. Our applications connect to servers operated, maintained, or otherwise managed by healthcare providers. To use an application or service subject to this Notice, you must be invited or authorized to do so by your healthcare provider, and you must have (or create) an account registered with or managed by your healthcare provider. Your use of our application or service is subject to your healthcare provider’s privacy notice.
You should consult your healthcare provider or their privacy notice to learn more about how your data will be used and stored, as well as your rights under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) and other data privacy laws. Rx Connect acts as a business associate, as defined in the context of HIPAA, on behalf of your healthcare provider in offering the application or service. This means that, except as necessary to support your use of the application or service, Rx Connect does not use, disclose, or retain any personal information except as directed by your healthcare provider.
Your account, including access to the application and associated personal information or records, may be modified or terminated by your healthcare provider or as otherwise permitted by applicable agreements. Rx Connect retains and deletes information in accordance with applicable law and its contractual obligations to healthcare providers. Rx Connect does not control and is not responsible for how your healthcare provider or third parties authorized by you or your healthcare provider may use, retain, or disclose your personal information.
2. Limited Ways We May Use Your Personal Information
As explained above, your account is owned and managed by your healthcare provider. Your healthcare provider is responsible for any personal information or health information exchanged in relation to use of our application or services. Rx Connect only collects, uses, and discloses your personal information to support your use of the application or service and as directed by your healthcare provider.
To support your use of the application or service, we may collect the following limited types of personal information for the purposes described.
Registration and log-in information, such as name, email, password, date of birth, and registration code. This information is used to register, validate, and/or create your healthcare provider-managed account and some of it may be retained to validate and/or authenticate future log-in attempts.
Depending on how your healthcare provider manages your account, we may use device, browser, IP address, and location information to validate security and, in some instances, appointment arrival and/or verification. This may involve use of necessary cookies which are required to provide the application or services.
When you use the application, we may collect non-identifying and/or usage information so that we can provide customer service to you or your healthcare provider and understand how people use our services so we can improve and troubleshoot our products. This may include information such as the time you began using the application, the healthcare organization you interacted with, any error messages or codes, the model of device used and its operating system, and the version of our application used. It may also include de-identified or aggregated data derived from your use of the application which may be used for analytics, service improvement, reporting, or other lawful purposes.
Depending on how your healthcare provider configures their communication preferences, we may use your contact information to send or facilitate transmission of certain messages, including messages sent via the application, text message, or email. You can generally set your communication preferences in-app, through your healthcare provider account, or by contacting your healthcare provider.
If you view, download, or upload documents to or from your healthcare provider within the application, then the application may temporarily store copies of such documents or images in-app or on your device to facilitate their transmission.
If your healthcare provider uses the application in connection with telehealth visits or similar services, then you may be asked for permission to access your device’s video and audio functionality to make the telehealth visit or similar services possible.
If your healthcare provider enables third-party services or features within the application, your use of those services may result in your information being shared with such third parties to provide the functionality you request.
If your healthcare provider uses the application to collect payment information, then your payment information may be processed by a bank or third-party payment processor on behalf of your healthcare provider to facilitate the transaction and maintain data security. Payment processing is ordinarily subject to your healthcare provider’s privacy notice, your healthcare provider’s agreement with the third-party payment processor, or the third-party payment processor’s terms of service. By submitting your payment information, you authorize payment to your healthcare provider and acknowledge that your payment information may be processed as needed for this purpose.
3. How We Share Your Information
We do not disclose your information except as authorized by your healthcare provider. We do not sell or share your information as defined by other privacy laws. Generally speaking, we only disclose personal information to third parties in the following circumstances:
With other healthcare providers, service providers, or third-party partners as directed by your healthcare provider.
With service providers or third-party partners necessary to provide the application.
With your consent or at your direction for the purpose authorized by you.
To comply with legal obligations or in connection with a merger, acquisition, or other business transaction.
Information entered or modified through the application may be shared with your healthcare provider’s servers and is subject to review or approval by your healthcare provider. Your healthcare provider controls how such information is incorporated into their records and your individual health record.
Once your personal information is shared with a third party at the direction of you or your healthcare provider, such information may be retained and used by the receiving party in accordance with their own policies. Rx Connect is not responsible for the privacy practices of healthcare providers or other third parties.
4. Data Security
We implement technical and organizational safeguards to help protect your information from unauthorized access, alteration, disclosure, or destruction. Your healthcare provider is responsible for configuring their systems, servers, application preferences, and accounts in an appropriately secure way. Please contact them if you have any questions about security safeguards.
You can also take other steps to help protect your information:
Do not share the username and password you use with our application for other purposes or accounts.
Change your password regularly and do so immediately if you become aware of any potentially unauthorized access to your login credentials, account, or device.
Use the security tools on your device to protect your applications.
Do not root or jailbreak devices you use with our applications. Doing so can create security risks by removing your devices’ built-in security measures and exposing sensitive information on your device.
To help protect your security, your ability to download, use, or access our application or service may be limited in certain jurisdictions.
5. Your Choices
Please contact your healthcare provider if you have any questions about their privacy notice, your personal information, or wish to exercise any privacy rights.
Depending on how your healthcare provider utilizes our application or services, you may be able to directly make the following choices regarding your information:
You may be able to access and update certain personal information or preferences through your account or application settings.
You may be able to opt-out of certain emails, communications, or functionalities, although this may impact your ability to use certain features.
You may be permitted to grant access to your account or information to individuals you authorize, such as caregivers, family members, or legal representatives, depending on how your healthcare provider configures the application. Any access you grant allows such individuals to view or interact with your information as authorized by you and your healthcare provider. You are responsible for managing and monitoring such access.
If you have additional questions about this Notice or Rx Connect’s privacy practices, please refer to the contact information in Rx Connect’s Privacy Policy or consult the applicable brand’s website.
6. Updates
We may update this Notice from time to time. We will notify you of any changes by posting the new Notice on this page.