ArroHealth maintains security policies and practices in its facilities and systems to protect appropriate information from unauthorized access and inappropriate disclosure, alteration or destruction. Security may include, but is not limited to, encryption, physical access security and other appropriate technologies. ArroHealth continually reviews and enhances security systems as necessary. Personnel failure to hold in confidence private information are subject to disciplinary process. Personnel are required to execute an acknowledgement of their receipt and understanding of ArroHealth’s policies and procedures containing confidentiality obligations, to which they are subject. ArroHealth does not provide private information to the general public. ArroHealth does not compile or distribute mailing lists or consumer marketing data from information received from clients. ArroHealth does not modify or correct information obtained from other persons or organizations, since such information is not prepared by ArroHealth.
ArroHealth makes use of both session and persistent cookies on its websites. Cookies are small pieces of data that are stored by the user’s web browser on the user’s hard drive. Cookies are utilized by the web servers to enhance a user’s experience on the sites and to remember information such as user name, language, web top view, shortcut navigation, etc. At no point in time will any personal information be stored in the cookies, nor will the cookies be utilized to track a user’s browsing and/or buying habits.
Server and Application Logging
ArroHealth’s web servers automatically collect Internet Protocol (IP) addresses which are used solely for reporting demographic information, number of visits and in communications troubleshooting. Authentication credentials are also recorded to comply with auditing requirements and assist in investigation of customer-initiated service requests. As ArroHealth upgrades, enhances, modifies or maintains its systems, services and procedures, modifications may be made to this policy.
Obtaining and Sharing Information
ArroHealth respects the privacy of individuals while obtaining information for legitimate businesses that can demonstrate an appropriate need for the information. ArroHealth obtains information ordered by its clients using sources identified by clients – either by subject, individual or a reputable source. ArroHealth obtains and discloses such information pursuant to appropriate written authorizations to gather information for, and disclose it to, its clients for the purposes of their underwriting and servicing of insurance policies, and for their other legitimate purposes authorized by law. ArroHealth handles such information in accordance with its clients’ directions, the written authorizations, ArroHealth’s contracts with clients, and applicable law. ArroHealth does not share information it obtained for a client with its other clients, unless the subject’s authorization permits such.
Kinds of Information
ArroHealth is authorized by clients to act as their representatives in obtaining information on individuals regarding the following:
Habits, use of alcohol and other drugs
Civil and criminal court records
Past and present employment and job duties
Other insurance coverage
Sources of such information may include various governmental agencies, medical facilities, independent consumer reporting agencies or other information exchange organizations or individuals provided for personal and business references.
ArroHealth does not use the information it obtains on behalf of its clients. Therefore, if a subject of information desires to opt out of having the information used for any purpose, the subject should address this option with ArroHealth’s client when the subject provides the authorization to release information to ArroHealth’s client. However, when ArroHealth makes a direct inquiry of the subject of the information, there is an opportunity presented for the subject to opt out of providing the information. In these instances, the subject need only decline to provide the requested material. In all other instances, ArroHealth only gathers and discloses the information pursuant to the subject’s written authorization obtained by ArroHealth’s clients.
By RaeAnn Grossman Ok, we all know that our EMR systems lack interoperability and that this is a barrier to efficiency and knowledge. We have a choice, a legislative answer or innovative an answer. We either need legislation to enforce interoperability standards or to create an innovative solution to overlay or embed into EMRs to […]
By RaeAnn Grossman What does your risk adjustment team need to think about from application time to bid season? Answers include but are not limited to: Are we changing our formulary and will this impact Rx risk adjustment? Are we narrowing our provider networks and will this impact campaigns or waves? Are we capitating more […]