Last updated: 02/23/2024
Insightin Health values your privacy and the security of your information. This Privacy Statement applies to Insightin Health’s (“Insightin,” “we,” or “our”) collection and use of information, including personal information and information subject to other privacy laws, such as HIPAA. This statement describes how we collect, use, disclose, and process personal information, and the rights and choices you may have regarding that processing.
This privacy statement only applies to and describes the personal information we collect from or about consumers, which are individuals or sometimes, households. It does not describe or apply to personal information collected by healthcare payers (our clients) or any other third parties who collect personal information about you. This privacy statement also does not apply to aggregate, de-identified, or statistical information that we collect and process, which does not identify or relate to an individual consumer or household. If you interact with us in an employment or job applicant context, this privacy statement also does not apply to our processing of the personal information we collect in that context.
Personal information is information that identifies, relates to, describes, or is reasonably capable of being associated with an individual or household.
To the extent you are a healthcare payer who has an agreement or contract with us to use our service offerings, in the event of any conflict between this Privacy Statement and the agreement, the agreement will control.
Our primary means of collecting information is from our customers, which are businesses who provide us with personal information to process on their behalf as a service provider or business associate to them. Accordingly, most of the information we obtain about individuals is collected from our healthcare payer customers, rather than directly from the individual to whom the information relates. We also collect information from the Centers for Medicare and Medicaid, from publicly available sources.
We collect information directly from individuals who visit our website, such as the IP address associated with the device that accesses our website and services and other log or device information, which may identify or relate to an individual consumer or household. Some of this information collection occurs automatically through the use of cookies and other similar technologies, as described below.
We have collected the following categories of personal information from or about consumers in the last 12 months:
| Category | Examples | Collected |
|---|---|---|
| A. Identifiers | A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers. | Yes |
| B. Personal information categories listed in state statutes (Cal. Civ. Code § 1798.80(e)). | A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. | Yes |
| C. Protected classification characteristics under state or federal law | Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information). | Yes |
| D. Commercial information | Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. | Yes |
| E. Biometric information | Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data. | No |
| F. Internet or other similar network activity | Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement. | Yes |
| G. Geolocation data | Physical location or movements. | Yes |
| H. Sensory data | Audio, electronic, visual, thermal, olfactory, or similar information. | No |
| I. Professional or employment-related information | Current or past job history or performance evaluations. | No |
| J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)). | Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records. | No |
| K. Inferences drawn from other personal information | Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. | Yes |
| L. Sensitive Personal Information | Racial or ethnic origin, health information | Yes |
We may not collect all of the above categories of personal information from every individual or household from or about whom we collect information.
We rely on cookies and similar technologies to facilitate our collection of information from you automatically. For more information about the use of cookies and similar technologies on this website, please review the section below titled “Cookies.”
We use the information we collect from you for the following purposes:
We do not combine data we receive from various payers, including to create an output.
However, we may combine the information we collect from payers with information we collect from other sources (including publicly available sources) to support our models. For example, we pay collect information we receive about you from a healthcare payer with publicly available data. We use combined information for the above purposes.
Insightin will retain the personal information we collect for as long as necessary in light of the purpose for which it was collected, consistent with applicable law, regulations, consumer expectations, customer agreements, and our information retention policies. We generally retain the above categories of personal information that we collect for the duration of our customer agreements, or consistent with the timeframe set forth in our customer agreements.
We may retain de-identified or anonymized information beyond the time period that we retain personal information.
Insightin may disclose your information for a business purpose to third party service providers, contractors, or vendors who assist us in providing our website, platform, and other service offerings. Our service providers, vendors and contractors include affiliate marketing programs, communication and collaboration tools, data storage service providers, performance monitoring tools, product engineering and design tools, sales and marketing tools, testing tools, and website hosting service providers.
In the last 12 months, we have disclosed the following categories of information to third parties for a business purpose:
| Category | Disclosed for a Business Purpose? | Categories of Third Parties |
|---|---|---|
| A. Identifiers | Yes | Service providers, vendors, consultants; customers who originally provided us with the information. |
| B. Personal information categories listed in state statutes (Cal. Civ. Code § 1798.80(e)). | Yes | Service providers, vendors, consultants; customers who originally provided us with the information. |
| C. Protected classification characteristics under state or federal law | Yes | Service providers, vendors, consultants; customers who originally provided us with the information. |
| D. Commercial information | Yes | Service providers, vendors, consultants; customers who originally provided us with the information. |
| E. Biometric information | Not collected | N/A |
| F. Internet or other similar network activity | Yes | Service providers, vendors, and consultants. |
| G. Geolocation data | Yes | Service providers, vendors, consultants; customers who originally provided us with the information. |
| H. Sensory data | Not collected | N/A |
| I. Professional or employment-related information | Not collected | N/A |
| J. Non-public education information (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)). | Not collected | N/A |
| K. Inferences drawn from other personal information | Yes | Service providers, vendors, consultants; customers who originally provided us with the information. |
| L. Sensitive Personal Information – racial or ethnic origin, health information | Yes | Service providers, vendors, consultants; customers who originally provided us with the information. |
When we disclose your information to our healthcare payer customers who we are providing services to pursuant to our agreement and relationship with them, the healthcare payer customer’s use of your personal information falls within their privacy policy. If you have any questions about how they use your information, we encourage you to reach out to your healthcare payer and ask to review their relevant policies.
In addition to the above, we may also disclose your information in the following circumstances:
Finally, we will further disclose your information as you direct us to, or as you otherwise consent to at the point of collection.
We disclose information collected through this website for a commercial purpose. Under certain state privacy laws, our collection and use of your personal information, particularly as it relates to our marketing practices, may constitute a sale of your personal information. We also use information we collect from or about you on this website, including information collected via cookies, to display advertising to you based on your activity on this website and across other websites. This is sometimes referred to as behavioral targeted advertising, or remarketing. Based upon your visit to this website, we may utilize cookie technology to present you with advertisements about Insightin or other programs, products, or services during your future web browsing, such as sidebar advertisements, based on your interest in Insightin.
In the last 12 months, we have sold, shared, or disclosed for a commercial purpose the following categories of information with the following types of third parties:
| Category | Disclosed for a Commercial Purpose, Sold, Shared, or Used for Targeted Advertising? | Categories of Third Parties |
|---|---|---|
| A. Identifiers | Yes | Network advertisers; affiliate marketing programs; data analytics services; performance monitoring tools; social networks; retargeting platforms |
| B. Personal information categories listed in state statutes, including the California Customer Records statute (Cal. Civ. Code § 1798.80(e)) | Yes | Network advertisers; affiliate marketing programs; data analytics services; performance monitoring tools; social networks; retargeting platforms |
| C. Protected classification characteristics under state or federal law | No | N/A |
| D. Commercial information | Yes | Network advertisers; affiliate marketing programs; data analytics services; performance monitoring tools; social networks; retargeting platforms |
| E. Biometric information | Not collected | N/A |
| F. Internet or other similar network activity | Yes | Network advertisers; affiliate marketing programs; data analytics services; performance monitoring tools; social networks; retargeting platforms |
| G. Geolocation data | Yes | Network advertisers; affiliate marketing programs; data analytics services; performance monitoring tools; social networks; retargeting platforms |
| H. Sensory data | Not collected | N/A |
| I. Professional or employment-related information | Not collected | N/A |
| J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)) | Not collected | N/A |
| K. Inferences drawn from other personal information | Yes | Network advertisers; affiliate marketing programs; data analytics services; performance monitoring tools; social networks; retargeting platforms |
| L. Sensitive Personal Information | No | N/A |
For more information about rights and choices you may have regarding these practices, please visit the “Your Rights and Choices” section below.
Our website uses cookies, clear GIFs, pixel tags, and similar technologies (referred to collectively in this policy as “cookies”) to automatically collect information from or about you when you visit the website. Cookies are small data files that are sent to and stored on your computer, smart phone, tablet, or other device for accessing the internet whenever you visit a website. Cookies are useful because they allow a website to recognize a user or device. For more information about cookies generally, visit All About Cookies | Online Privacy and Digital Security
The website uses the following types of cookies:
Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies may not be disabled and are always active.
Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features. These cookies may be disabled using our cookie consent tool.
These cookies are used to provide you with personalized or targeted advertisements on this website and across the Internet. These cookies may be disabled using our cookie consent tool.
Analytics cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, and similar statistical data. These cookies may be disabled using our cookie consent tool.
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors. These cookies may be disabled using our cookie consent tool.
These cookies are placed by our service providers, such as our website provider, and third party analytics and advertising partners including:
Facebook (https://www.facebook.com/policy.php),
Twitter (https://twitter.com/en/privacy),
Evergage (http://www.evergage.com/privacy-policy/),
Slate (https://technolutions.com/privacy-policy),
Google (https://policies.google.com/?hl=en),
Chartbeat (https://chartbeat.com/privacy/), and
LinkedIn (https://www.linkedin.com/legal/privacy-policy).
Most web browsers are set to accept cookies by default. If you prefer, you can usually choose to set your browser to remove or reject browser cookies by adjusting the settings in your browser. You can also indicate your preferences for cookies the first time you visit our website by adjusting your preferences in the cookie popup banner. Please note that if you choose to remove or reject cookies, this could affect the availability and functionality of our website. You may opt-out of a third party’s use of cookies by visiting the Network Advertising Initiative opt-out page located at this link.
If you’d like to opt-out of the sale or sharing of your personal information by Insightin or out of behavioral targeted advertising, please adjust your preferences in the cookie consent tool to disable advertisement, analytics, functional, and performance cookies, and contact us using the information below.
Insightin takes data security very seriously. We utilize reasonable technical, organizational, administrative, and physical security measures to protect information collected through this website, based on the information and technology available to us and the categories of personal information collected. Insightin is also HiTRUST certified and follows guidelines to protect personal information and protected health information, to the extent we collect it. . However, despite our safeguards and efforts to ensure your information stays secure, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or guarantee that hackers, cybercriminals, or other unauthorized third parties will not be able to defeat our security and improperly collect, access, steal, or modify your information. Although we do our best to protect your personal information, transmission of personal information to and from this website is at your own risk. You should only access this website within a secure environment.
As mentioned throughout this statement, Insightin is a business to business service provider who offers a SaaS platform to provide services to healthcare payers to assist in their member engagement and marketing efforts. Accordingly, we collect personal information from and disclose personal information back to our healthcare payer clients. This statement applies to our collection and use of your information. Your healthcare payer’s privacy policy, statement, or notice applies to their collection, use, and disclosure of your information. Please reach out to your healthcare payer and ask to review their policy if you have any questions about your healthcare payer’s practices.
Our website may link to other external third-party websites. These websites may have different privacy and information practices than Insightin. We encourage you to review the privacy policies of all websites you visit.
You may have certain rights regarding the information we collect from or about you pursuant to state law, including the California Consumer Privacy Act (“CCPA”), Virginia Consumer Data Protection Act (“VCDPA”), Colorado Privacy Act (“CPA”), Connecticut Data Privacy Act (“CTDPA”) and the Utah Consumer Privacy Act (“UCPA”), or under federal law, including the Health Insurance Portability and Accountability Act (“HIPAA”), depending on how you interact with us. The applicable law and rights you may have may depend on the state in which you reside, whether you are an individual associated with our healthcare payer clients, or whether you are a website visitor.
If the information collected through the website is within the scope of state consumer privacy laws, you may have the following rights:
You have the right to request that we provide you with the information we have collected about you through the website in the last 12 months in a portable, machine-readable format, to the extent technically feasible.
You have the right to request that we disclose information to you about our collection and use of your personal information collected through the website over the past 12 months. Specifically, you have the right to know:
You have the right to have the information collected through the website deleted, subject to applicable exceptions.
You have the right to request that we update your personal information, or that we correct your personal information that is inaccurate.
You have the right to request that we limit certain uses and disclosures of sensitive personal information, to the extent we collect it or use it in ways that reasonable consumers would not expect. We currently do not collect any sensitive personal information, but you may contact us if you are interested in learning more about this right or if you wish to confirm.
You have the right to opt-out of the sale or sharing of your personal information, or to opt-out of targeted advertising, as those terms are defined in applicable law. You may manage information collected through cookies without making a formal request by adjusting your preferences in the cookie consent tool.
You may have the right to have an authorized agent make a request on your behalf. Please note that if you elect to have an authorized agent exercise your rights on your behalf, we will take steps to ensure that they have your authority, consistent with the applicable law and regulations.
If we notify you that we are unable to process your request, you may have the right to appeal our decision not to fulfill your request.
If you are an individual who is associated with a healthcare payer and we received your information from the healthcare payer, please contact your healthcare payer to exercise any applicable rights you may have. If we have collected information from or about you via a healthcare payer and we receive a request from you directly, we will direct you to make the request to your payer, consistent with our agreement with them. we will support the rights we are obligated to afford pursuant to applicable law and our agreements with our healthcare payer clients.
To inquire about whether applicable law affords you the rights listed above, or to exercise your rights, please contact us using the information listed below. Please note that if you wish to exercise your rights, we will take steps to verify your request, including to ensure that you are the individual making the request (or that the individual making the request is your authorized agent).
We may modify this Privacy Statement from time to time if our practices or the law changes, or for other reasons. Your continued use of the website following our posting of a change notice will constitute binding acceptance of those changes and this Privacy Statement. Changes will be effective upon posting, unless otherwise indicated. We will update the “last updated” date at the top of this notice so that you are aware of when it was last updated. We encourage you to check this notice frequently and to observe the last updated date so that you are aware of changes to this notice.
If you have questions or comments about this privacy notice or our privacy practices, or if you’d like to mention any rights you are afforded under applicable law, you may contact us at info@insightinhealth.com, by phone at 888-524-6744, or by post to:
Attn: Privacy Manager
333 W Ostend St.
Suite 100
Baltimore, MD 21230
United States
