Internet Privacy & Security Statement

Welcome to the Internet Privacy & Security Statement (“Privacy & Security Statement”) of AllOne HealthSM (hereinafter defined as “AllOne Health”)

The purpose of this Privacy & Security Statement is to summarize and disclose all information collecting and disseminating practices of AllOne Health concerning its web site, www.allonehealth.com (“Public Pages”).

This Privacy Statement is effective as of January 29, 2009 and was last updated on February 7, 2014. However, AllOne Health reserves the right to change this Privacy & Security Statement as necessary and without notice to users of this site. This Privacy & Security Statement is not intended to and does not imply any contractual or other legal rights or remedies to or from AllOne Health, its affiliates, subsidiaries, assigns, agents or any other party.

1. Security Features

a. Public Pages

Secure connections are supported on the current server supporting this site. Visitors are urged to review the privacy/security statements of any links that visitors may access from this site, as such terms may be different and are not the legal responsibility of AllOne Health, as more fully described in the disclaimer language that will be displayed for users prior to entering these links.

b. Self Service

There is a self-service portal for members and group administrators of AllOne Health that requires a Log-In (User I.D. and password). Secure connections are supported on the current server supporting this site. Visitors are urged to review the privacy/security statements of any links that visitors may access from this site, as such terms may be different and are not the legal responsibility of AllOne Health, as more fully described in the disclaimer language that will be displayed for users prior to entering these links. In addition to these security features, after a designated amount of time of non-use, member or group administrator will be logged out of blue solutions and be required to log back in to continue session.

2. Collection of Personal Information

a. Public Pages

AllOne Health will not be tracking personal data. The only data recorded will be the volume of visits as tracked by IP address and pages accessed.

AllOne Health will be creating and placing non-expiring cookies on the systems of visitors to this site.

In addition, utilization statistics for all traffic on our public pages is being collected by a third party.

b. Self Service

AllOne Health will not be tracking personal data, and thus, no “cookies” will be placed on the hard-drives of visitors to stop personal data. However, AllOne Health’s server will track session information and “cookies” containing this session information will be placed on the hard drive of visitors.

3. Use of Data Collected from Input Forms

a. Public Pages

The current site does have a limited ability to input personal information onto data input forms for contact information purposes. Data entered consists of name, company name, address and phone number. This information is solely for contact purposes.

b. Self Service

AllOne Health Self Service does have an ability to input personal information into data input forms. Data must be entered by member or group administrator to verify identity and authority of user and that information will include, but is not limited to, group number, member number, member name, primary care physician ("PCP") or any treating physician information, email address, phone number, date of birth, claim numbers, referral numbers and any and all changes to this information. Prior to entering such data, users should carefully review this statement and AllOne Health’s description of its limited security feature. Use of this information by AllOne Health is solely for customer service purposes.

c. Occupational Health

The secure portal tracks utilization statistics for the client services site, however, no personal or private data is tracked.

d. Careers

The careers link does have the ability to input personal information onto data input forms. Data must be entered by job applicants and will include their name, address, telephone number, email address, resume, gender and ethnicity. Prior to entering such data, users should carefully review this statement and AllOne Health’s description of its limited security feature. Use of this information is solely for employment purposes.

4. Disclosure of Data

AllOne Health will not sell, trade or disclose data to non-affiliated third parties for any purpose other than AllOne Health’s operations.

5. Logging and Tracking

AllOne Health will not be logging or tracking personal data. AllOne Health will be collecting certain activity including, but not limited to, successful and failed log-in attempts as well as usage statistics for all functional components. The only other data recorded will be the volume of visits as tracked by IP address and pages accessed.

6. Collection of Personal Data From Children

Children under the age of 18 can access our site as guests. AllOne Health will not knowingly collect or use any personal information from individuals under the age of eighteen without the consent of a parent or guardian, or provide any personally identifying information collected from children, regardless of its source, to any third party for any purpose.

If a visitor submits information to the web site through the registration process that indicates the visitor is a child, the child’s parent or guardian will be alerted to the child’s registration and will be provided instructions on how the parent or guardian can delete the child’s registration, if so desired. No information collected through the site from visitors that identify themselves, as children will knowingly be used for any direct marketing or promotional purposes.

AllOne Health does not require a child to disclose more information than is reasonably necessary to participate in an activity.

7. Parental Access

A parent can contact our Privacy & Security Office to access, change or delete the personal information that we have collected from his or her child by sending an email to privacy@allonehealth.com. Please include the child’s membership number, name, and the parent’s email address so that we can better assist you with your inquiry or request.

AllOne Health takes steps to verify the identity of anyone requesting information about a child and to ensure that the person is in fact the child’s parent or legal guardian.

We may amend our privacy policy at any time. We will provide parent’s notice by email of any material changes in the collection, use or disclosure practices to which you had previously agreed.

8. Privacy/Security Breaches

AllOne Health is concerned about the privacy and security of this site and its visitors. Because the privacy and security of this site cannot be fully protected from breaches, AllOne Health has established an address for visitors to report breaches and suspected breaches of the privacy and security of this site. Visitors should report any such breaches at abuse@allonehealth.com.

9. Questions/Concerns

If you have any comments, questions or concerns regarding AllOne Health’s privacy policy and or practices, please send an email to privacy@allonehealth.com, or contact us at 1-866-262-5867.

10. Ownership

AllOne Health Resources is an AllOne Health Company (CTC).

nGgZVFzoWVMdKRGBAAb9529HyOCzy1lJ_zKmCsnOODY