Rx Savings, LLC d/b/a Rx Savings Solutions, a Kansas limited liability company (“Rx Savings”), is committed to maintaining your confidence and trust. We will hold your personal health information in the strictest confidence, and we will keep your personal health information secure in accordance with the Security Rule under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA Security Rules”). In the link below is a notification of how we may disclose your personal information in accordance with HIPAA and what rights you have to your personal health information under HIPAA (the “HIPAA Notice”).
What information does Rx Savings collect?
Information You Give Us: Rx Savings collects all information that you provide to us online through completion of registration. It also includes information we collect in the following manner:
- If you use the Service, we will ask you to register with us and may ask you to provide us your contact information, your prescription medication information, other health information and location. We may also ask you for your postal address, email address, a telephone number, and for any additional necessary information for verification purposes.
- If you contact our Pharmacy Support phone line, we may ask you for your name, postal address, e-mail address, telephone number, prescription medication/health information and such other information for verification purposes in allowing us to assist you.
Information from Employer/Health Plan: As part of the Service, we may have partnered with your employer, health plan, pharmacy benefit manager or other third party to provide you the Service and to provide such third-party additional services. This third party may provide us personal information and we will collect and securely store this information for the purpose of providing you and such third-party any and all services we may have agreed to provide.
Automatic Gathering of Information: As you navigate through and interact with our website, we and automatic data collection technologies we may contract with to provide us with services (each, a “Service Provider”), may collect non-identifying information about your visit to our site or use of the Service. For example, we may keep track of how you navigate around the Service and what parts of the Service you used and/or viewed. Dependent upon your internet service provider and/or browsing history other companies may collect your Web browsing movements across the Internet (not just on our website).
To do this, we and our Service Providers, use technologies (e.g., cookies, action tags, Web beacons, and GIF tags), placed at various sections within the Service delivered by e-mail or served during your Web browsing session. Some of these technologies may be disabled by changing your Web browser settings. Please consult the documentation for your Web browser on how to manage the information gathering and storage aspects of these technologies on your computer. We and our Service Providers do not collect any personal information through the use of these technologies. If you choose to reject all cookies, anonymous identifiers or similar technology, you may be unable to use much of the functionality of the Service. If you opt out of being tracked, we will reasonably attempt to ensure that new data collected about you will not be used by us for targeted advertising purposes. Unless we associate non-identifying information that we gather through use of the technology with your personal information, we will NOT treat such information as personal information.
Information from Other Sources: We may also collect information (including personal information) about you from our Service Providers and other third parties and add it to the personal information we maintain.
Transfer of Personal Information within the U.S. Only: Rx Savings has its headquarters in the United States. Any information we collect from you will be processed in the United States only. The United States government has not sought nor received a finding of “adequacy” from the European Union under Article 45 of the General Data Protection Regulation (“GDPR”). In short, a finding of “adequacy” means that the European Commission has the power to determine whether a non-European Union country offers an adequate level of data protection. In the absence of an “adequacy” decision and no GDPR safeguards in place (e.g. binding corporate rules on the transfer of personal data outside the European Union), Rx Savings shall rely on derogations as set forth in Article 49 of GDPR where applicable and the protected health information safeguards required under the Health Insurance Portability and Accountability Act (“HIPAA”) Security Rule. Examples of derogations Rx Savings would rely on are that we control or process personal data: within the United States only with the user’s explicit consent; to perform a contract; under a legal obligation; or in a manner that does not outweigh the individual’s rights and freedoms. Rx Savings seeks to apply suitable and applicable safeguards to protect the privacy and security of your personal data by the use of data protection measures consistent with HIPAA, Health Information Technology for Economic and Clinical Health (“HITECH”) and the NIST Cybersecurity Framework.
If at any time you wish to confirm that Rx Savings is only processing personal data within the United States, please contact our Privacy Officer at [email protected]
How does Rx Savings use the information it collects?
To Provide Services
We use your personal information, including your contact information, to provide you the Service, respond to your requests, to provide services to a third-party partner that is assisting to provide the Service for your benefit (such as your employer, health plan or pharmacy benefit manager), and/or as otherwise necessary for us to conduct business, so long as such use is permitted by law. We may also use your personal information to contact you via email, phone, mail or text messaging if we want to communicate with you about the Service provided to you (i.e., your prescription cost savings report is ready to be reviewed or we have found you additional cost savings opportunities) and/or submissions to us or to respond to other requests.
When you register with us and provide us your phone number to receive text messages, you are specifically giving your express consent to allow us to send you text message notifications related to the Service (i.e., that you have the opportunity to save money on a prescription medication).
To Provide Promotional Messages
We may also use your personal information to send you newsletters, information about us and the Service, to notify you of changes to the Service and to provide you with up-to-date information on the Rx Savings services that may be of interest to you. We may also use non-identifying information about your visits to the Service and other Web sites in order to provide you with information regarding services that may be of interest to you, to make sure you are not shown the same content repeatedly on the Service, deliver information that is specific to your interests, and to save your password so you don’t have to re-enter it each time you visit our Web site.
If you do not wish to have your personal information used by us to promote our own or a third parties’ products or services, you can opt-out at any time by logging into the website and adjusting your preferences in your account profile or by sending us an email stating your request to [email protected].
We do not control third parties’ collection or use of your information to serve interest-based advertising. However, these third parties may provide you with ways to choose not to have your information collected or used in this way. You can opt out of receiving targeted ads from members of the Network Advertising Initiative.
Other Business Purposes
Will Rx Savings disclose my personal information?
Disclosure In Compliance with the HIPAA Security Rule
We protect your personal health information in accordance with the HIPAA Security Rule. We may use or disclose your personal information in accordance with HIPAA. Please see the HIPAA Notice of Privacy Practices for a discussion of how your medical information may be used and disclosed in accordance with HIPAA.
Disclosure to Service Providers
We may engage Service Providers from time to time to perform business functions on our behalf, including, but not limited to, sending e-mail, maintaining customer lists, analyzing data, providing marketing assistance, processing payments, and providing customer service. We may furnish personal information to our Service Providers as required to perform these business functions on our behalf; provided, however, we will not disclose or share any of your personal health information to any Service Provider unless it is a permitted disclosure under HIPAA. The HIPAA Notice of Privacy Practices sets forth the list of disclosures that are permitted under HIPAA, 45 C.F.R. § 164.512 (2016).
We may engage Service Providers and share non-identifying information and aggregated information with them for purposes of analysis and improvement of the Service. In addition, we may select certain Service Providers to provide us with digital analytics and marketing optimization services. These Service Providers use technology, such as cookies and anonymous identifiers, to collect information on our behalf that will educate us on such things as search engine referral, how you navigate around the Service, and unique visitor identification. These Service Providers are not permitted to use personal health information, username or password information. We engage these Service Providers solely for the purpose of helping us improve the Services.
We may use and disclose de-identified health information with Service Providers for data analytics purposes. Prior to data transfer, protocols will be followed to certify the information has been properly de-identified in accordance with the HIPAA Privacy Rule. The information will be aggregated, de-identified, collected, and/or reported for purpose of research according to standard research rules, and will be stripped of patient identifiers. De-identified data sets will contain no protected health information. When the de-identified health information is shared with Service Providers or a third-party, the recipient will not have access to a crosswalk file or any other means of re-identifying patients or linking PHI.
These Service Providers analyze the information collected on our behalf and return it to us through a secure web connection for our use in understanding your use of the Service and how to better serve you. These Service Providers will be contractually prohibited from using our information for any other purpose and are required to maintain all information collected and their analyses in strictest confidence. You may choose to continue to benefit from the improved experience with the Service that such analyses provide to you, but maintain your anonymity. You may also choose to deactivate the ability of these Service Providers to analyze your browsing behavior at the Service by setting your Web browser to reject cookies and other technology.
Disclosure to Law Enforcement
From time to time, we may be required to disclose your personal information in response to a court order, subpoena, government investigation, or as otherwise required by law. We also reserve the right to share information with law enforcement agencies concerning any activities that we, in good faith, believe to be unlawful. We also may share certain personal information when we believe that such sharing is reasonably necessary to protect the rights, property, and safety of others and ourselves.
How can I review and revise my personal information?
You may always review your Service account profile and update it. You may also modify certain personal information and you may edit your personal prescription medication profile at any time by logging into your account.
Please note that you may not access or change non-identifying information that we collect from visitors to the Service through use of technology or otherwise.
If you are a California resident, California law may provide you with additional rights regarding use of your personal information. To learn more about your California privacy rights, please see our Privacy Notice for California Residents.
How can I opt-out of receiving communications from Rx Savings?
If you would prefer not to receive our e-mail offers, please click on the “unsubscribe” link or follow the instructions in our e-mail message. To unsubscribe from text messages, text “STOP” to our opt-out number.
- Text message opt-out: 1*913-210-8326
It may take Rx Savings up to ten (10) business days to reflect your preferences in our databases.
How does Rx Savings protect my personal information?
Rx Savings protects all of your personally identifiable information, including, but not limited to, all of your medical information and your prescription medication profile in compliance with the HIPAA Security Rule. We hold all of your personal information in the strictest confidence. We have implemented commercially reasonable physical, technological, and administrative procedures to safeguard and secure the personal information we collect. In addition, we use other means, such as firewalls and encryption, to safeguard the confidentiality of this information.
However, no method of transmission or electronic storage provides absolute certainty of security. Therefore, we cannot guarantee the absolute security of the information that we collect.
The safety of children is very important to us. We are committed to protecting children’s privacy on the Internet and we comply fully with the Children’s Online Privacy Protection Act. Our website is not intended for children under the age of 13. If you are under 13, do not use or provide any information on this website. If we learn we have collected or received personal information from a child under 13 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 13, please contact us through the “Contact Us” page of rxss.com.
Use of Voice Assistant Devices.
Communication of health information through the use of the Services in connection with a voice assistant device contains the risk of unauthorized interception of the transmission. While Rx Savings is fully compliant with the HIPAA Rules, the voice device itself is not HIPAA compliant. Voice assistant devices collect and store both the spoken utterance from the user and the skill’s response. While the user may delete this data held by the voice assistant device in the application’s settings there remains a high risk that health information could be inadvertently disclosed to an unauthorized third-party. By using the Service in connection with a voice assistant device, you acknowledge and consent that such use may or may not always be secure, as defined under 45 C.F.R. § 164.402. As such, Rx Savings will not be liable for any unauthorized disclosures that occur while in transmission.
How to Contact Us.
Rx Savings, LLC
Attn: Privacy Officer
5440 W. 110th Street, Suite 200
Overland Park, KS 66211
Toll Free: 1-800-268-4476