Privacy Policy

Last updated: November 3, 2016

This is RedBrick Health Corporation’s (“RedBrick,” “we,” “our” or “us”) Privacy Policy. This Privacy Policy applies to www.redbrickhealth.com and our mobile platforms. Please read this Privacy Policy, which, among other things, describes how we collect, use, protect and disclose your information.

EU-U.S. Privacy Shield
RedBrick participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework. RedBrick is committed to subjecting all personal data received from European Union (EU) member countries, in reliance on the Privacy Shield Framework, to the Framework’s applicable Principles. To learn more about the Privacy Shield Framework, visit the U.S. Department of Commerce’s Privacy Shield List.

RedBrick is responsible for the processing of personal data it receives, under the Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on its behalf. RedBrick complies with the Privacy Shield Principles for all onward transfers of personal data from the EU, including the onward transfer liability provisions.

With respect to personal data received or transferred pursuant to the Privacy Shield Framework, RedBrick is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, RedBrick may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

If you have an unresolved privacy or data-use concern that we have not addressed satisfactorily, please contact our U.S.-based third-party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.

Under certain conditions, more fully described on the Privacy Shield website, you may invoke binding arbitration when other dispute-resolution procedures have been exhausted.

U.S.-Swiss Safe Harbor Framework
RedBrick complies with the U.S.-Swiss Safe Harbor Framework as set forth by the U.S. Department of Commerce regarding the collection, use and retention of personal data from Switzerland. RedBrick has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access and enforcement. To learn more about the Safe Harbor program, and to view RedBrick’s certification, please visit https://safeharbor.export.gov/swisslist.aspx.

 

1.  Will This Privacy Policy Change?

Yes, as allowed or required by applicable laws, we may modify our Privacy Policy at any time. We encourage you to check this Privacy Policy often to review any changes. We will provide you with notice of any significant or material changes to our Privacy Policy when you sign in to our website or user experience. A material change is any change that affects how your data is used or shared in any way that is not already described within this policy.

We may send you notice of any changes to this Privacy Policy to the email address we have on file for you.

If we make any change to this Privacy Policy, we will always update the “Last Updated” information at the top of this Privacy Policy.

 

2.  Why Do We Collect Information About You?

We collect your Personal Information to determine your eligibility for our Services (as defined below), to provide you with our Services and to tailor our Services for you. Information may include Personal Information like your name, address, gender, health habit information such as how much you exercise, biometric screening values such as your cholesterol measurement, your health goals, and information about how your health habits change as a result of the Service you experience.

The use of information collected through our service shall be limited to the purpose of providing the Service for which the Sponsor has engaged RedBrick.

RedBrick collects information under the direction of its Sponsors. If you are a Participant of one of our Sponsors and would no longer like to be contacted by the Sponsor, please contact the Sponsor directly.

 

3.  What Wellness Services Do We Provide?

RedBrick contracts with “Sponsors” to provide certain “Services” to eligible “Participants.” A Sponsor may be a health insurance company, an employer-sponsored health plan, or another organization that is concerned about your health and well-being. Our “Services” revolve around providing a health and wellness program, which involves assessing the impact behaviors and habits may have on eligible Participants’ general health. The Services cover many different aspects and areas including general health information, nutrition, exercise, personal care and other similar content. We provide eligible Participants with tools and information to help make healthy lifestyle choices.

 

4.  Where Do We Get Information About You?

We collect information about you from multiple sources.

Directly from You:

  • When you complete one of our online forms.
  • When you use any of our online Services.
  • When you participate in any of our phone or onsite Services.

 

From Your Sponsor

  • Your Sponsor may provide us your Personal Information to identify you as an eligible Participant.

 

From Our Partners

  • Subject to your prior approval, organizations that provide biometric or lab testing services may share those results with us.
  • Subject to your prior approval, our “Sync Partners” may share information related to or recorded by the physical device you use with their services. Click here to see an up-to-date list of all of our Sync Partners on our web portal.

 

From Your Healthcare or Insurance Provider

  • Subject to your prior approval, we may receive healthcare-related information from your healthcare provider and any clinics or organized care facility with which your provider is associated.
  • At the direction of your Sponsor, your health insurance provider may share claims-related information with us.

 

Public Databases

We may receive information about you from other sources including publicly available databases or third parties from whom we have purchased data, and combine this data with information we already have about you. This helps us analyze our records to better evaluate the effectiveness of our services.

Examples of the types of Personal Information that may be obtained from public sources or purchased from third parties and combined with information we already have about you:

  • Address information about you from third-party sources, such as the U.S. Postal Service, to verify your address before we send you mail
  • The U.S. Federal Do Not Call registry, to verify do not call preferences recorded there
  • Census and other aggregate data sources containing statistical information about people who share some of your traits or demographic markers

 

 

5.  What Information Do We Collect About You?

We collect, create and use Personal Information and Protected Health Information about you, as well as Non-Personal Information.

Personal Information

Personal Information includes both information that can specifically identify you and information about you that may be combined with identifying information. For example, Personal Information includes:

  • Your name
  • Your address
  • Your phone number
  • Your health information
  • Your date of birth
  • Your social security number
  • Your email address
  • Insurance claims information
  • Healthcare outcomes

 

RedBrick never asks for your credit card number. If anyone calls claiming to be RedBrick asking for your credit card number, please contact us using the information at the bottom of this notice.

Protected Health Information

Protected Health Information is a special category of Personal Information defined and protected by Health Insurance Portability and Accountability Act of 1996 (HIPAA), a federal law within the United States. Protected Health Information includes individually identifiable information, like your name, combined with medical or health insurance–related information that is collected or maintained on behalf of your health insurance provider or your medical provider.

Non-Personal Information

Non-Personal Information is information we create or collect about your visit to our website that is not specific to you or does not identify you. For example, Non-Personal Information includes:

  • Number of visitors to the website
  • The websites from which visitors came to our website
  • The pages visited while on our website
  • The length of visits to our website
  • The names of internet providers
  • Internet Protocol (IP) addresses
  • Browser information
  • Connection speed
  • Search terms used to find our website

 

 

6.  How Do We Use Cookies and Other Tracking Devices?

As is true of most websites, we gather certain information automatically and store it. This information may include internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and/or clickstream data.

RedBrick and its partners use cookies or similar technologies to analyze trends, administer the website, track users’ movement around the website, and to gather demographic information about our user base as a whole. You can control the use of cookies at the individual browser level, but if you choose to disable cookies, it may limit your use of certain features or functions on our website or service.

 

7.  Can You Use Do-Not-Track?

Our website and web portal are not configured to respond to do-not-track settings in your browser.

 

8.  What Information Do We Keep?

We retain your information as needed to provide our Services. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes and enforce our agreements.

 

9.  Where Do We Keep Your Information? 

We store your information in the United States in one of our data centers.

 

10.  Do We Share Information We Have About You?

Yes. We share information we have about you in order to provide you with our Services. We share your Personal Information with third parties that help us provide our service. We only share your Personal Information in the ways that are described in this Privacy Policy. We will only share your Personal Information with entities that have a legal right to access it and that are obligated to protect it in similar ways that we are obligated to protect it. We may further limit the way we share your Personal Information based on the direction of your Sponsor and any privacy policy that they may ask us to adhere to. Transfers to subsequent third parties are covered by the service agreements with our Sponsors.

Your Access to Your Personal Information

You may access your own Personal Information and information about your participation in our Services through our secure, password-protected web portal. You may also request a copy of the Personal Information we have on file for you by contacting us using the information at the bottom of this notice.

Sharing Information With Healthcare Providers

We may share your Personal Information with your healthcare providers and any clinics or organized healthcare organizations with whom they are associated, such as an Accountable Care Organization (ACO).

Sharing Information With Other Participants

Your Sponsor may arrange for us to create a wellness-based contest between you and other participants. If you choose to participate in those contests, we may share limited information about you with other participants. The type of information will be limited to information that is relevant for the contest. For example, in a contest based on number of steps taken, other participants may see your name, that you have registered to participate in the contest, and that you have taken a certain number of steps. In these situations, your Personal Information will not be available unless you choose to register for the contest.

Sharing Information With Our Business Partners

We enter into agreements with our business partners to assist us in providing you with our Services. These business partners are authorized to use your Personal Information only as necessary to provide these Services. We require these business partners to protect your Personal Information and to comply with applicable laws or regulations.

Sharing Information With Sponsors

Under U.S. laws, we may share Protected Health Information with Sponsors for plan administration purposes and coordination of your care.

Sharing Information With Your Employer

We will not share your individually identifiable Protected Health Information with your employer for employment-related purposes. Your employer will only have access to the information needed to plan and deliver health programs.

Sharing Information for Marketing Purposes

We do not sell and will not give your Personal Information to any other entity for any marketing purpose. We may use your Personal Information to communicate with you about our Services that are available to you as a benefit under your health plan.

Sharing Information to Meet Legal Requirements

We will not share Personal Information with a third party without prior authorization, except (i) in compliance with law, regulation or other legal processes (ii) to protect the rights, property or safety of us or others, (iii) in emergency situations, and (iv) in the event that we or substantially all of our assets are acquired by one or more third parties as a result of an acquisition, merger, sale, reorganization, consolidation or liquidation, in which case Personal Information may be one of the transferred assets.

 

11.  Do You Have Choices Related to Your Personal Information?

You have the ability to “opt out” of communications from us or our partners if you wish, but this will limit our ability to support you when or if you have questions. It will also limit our ability to provide you with important updates from us, and potentially your Sponsor, about changes or deadlines in your programs.

If you would prefer not to receive any communications from RedBrick Health, please call your designated 800 number and let the support specialist know you would like to opt out of communications.

You may have additional rights with respect to Protected Health Information as may be explained in your Sponsor’s Notice of Privacy Practices. Contact your Sponsor for a copy of that Notice.

 

12.  Can You Correct Errors With Your Personal Information?

RedBrick acknowledges that you have the right to access your Personal Information.

Upon request, we will provide you with information about whether we hold, or process on behalf of a third party, any of your Personal Information. We will also provide you with a copy of the Personal Information we have on file for you. To request this information, please contact us using the contact information at the bottom of this notice.

You may review your Personal Information on our web portal or review the copy of information you receive from us. If you notice any errors, you may contact us using the contact information provided at the bottom of this notice, and request that we correct your Personal Information. If we determine that the information is inaccurate and we are the source of the error, we will try to correct the information. We will respond to your request within a reasonable time frame. Because we collect information about you from a variety of sources, we may ask you to contact the source of the information to correct the information. For example, we may not be able to correct information received from a Sync Partner or as part of a laboratory test result received from your healthcare provider. In some circumstances, we may need to ask you to contact your Sponsor directly to correct, amend or delete inaccurate Personal Information.

 

13.  Links to Other Websites

We may include links to other websites on our website. We do not endorse and are not responsible for the information practices or privacy policies of these websites operated by others that may be linked to or from our website. If you decide to access a third party’s website that may be linked to or from our website, you should consult that website’s Privacy Policy and Terms of Use documents.

 

14.  Social Media

Our website includes social media features, such as the option to share on Facebook or Twitter. These features may collect your Internet protocol address and which page you are visiting on our website. They may also set a cookie to enable the feature to function properly. Social media features are either hosted by a third party or hosted directly on our website. Your interactions with these features are governed by the privacy policy of the company providing it.

 

15.  Blogs

Our website offers publicly accessible blogs or community forums. If you choose to participate in these blogs or community forums, be aware that any information you provide in these areas may be read, collected and used by others who access them.

Contact us to request removal of your Personal Information from our blog. In some cases, we may not be able to remove your Personal Information, in which case we will let you know if we are unable to do so.

 

16.  Data Security

We deliver our Services over the Internet, and no transaction over the Internet can be totally secure. We do, however, implement industry-standard security measures including physical, administrative and technical safeguards. We protect your Personal Information transmitted over the Internet using Secure Socket Layer (SSL) technology. We also restrict access to your Personal Information to our authorized employees, our agents and certain of our authorized partners responsible for providing our Services.

 

17.  Children’s Privacy

The website is not intended for use by children under the age of 13. We will not knowingly collect any Personal Information from persons under the age of 13. If you are the legal guardian of a child under the age of 13 and think that we have inappropriately collected Personal Information from this child, please contact us.

 

Contact Us

If you have any questions, comments or complaints related to this Privacy Policy, please contact us so we can help. You can reach by using the methods identified below.

  • Toll-free at: (866) 322-1255
  • By mail at

 

RedBrick Health Corporation
Attn: Privacy Officer
510 Marquette Avenue South
Suite 500
Minneapolis, MN 55402

TRUSTe Privacy Certification

Stay up to date on the latest from RedBrick Health, visit our blog and follow us on: