WellSky Corporation privacy policy

Last updated: June 21, 2023

WellSky Corporation (“WellSky”, “we”, “us” or “our”) is committed to protecting the privacy of your information.  We believe it is a good business practice to disclose to you how your personal information may be used by WellSky, including, but not limited to information collected and your activity on the website www.wellsky.com and its subpages and content (collectively, the “Site”) may be used.  As a user of this website, or the services or products available through the Site (collectively, “Service(s)”) provided by WellSky, this Privacy Policy set forth herein (this “Privacy Policy”) is intended to describe in a straight-forward and easily understandable manner:  

  • the information we collect about you; 
  • how that information may be used; 
  • with whom the information may be shared; 
  • how you may update the information you provide us; 
  • how you may contact us; and 
  • your choices about our uses and disclosures of your information.   

As noted in the Terms of Use applicable to the Site (the “TOU”), by using the Site and/or Services you accept and acknowledge that you are bound by this Privacy Policy.  Accordingly, we encourage you to read this Privacy Policy carefully.  If you have questions or concerns regarding this Privacy Policy, please feel welcome to contact us through the Site at: www.wellsky.com.  Alternatively, you can also e-mail us at [email protected], or send mail to WellSky Corporation, Attn: Regulatory Compliance Manager, 11300 Switzer Rd, Overland Park, KS 66210. 

Information We Collect 

Information from Our Clients 

The majority of the information we receive is provided by or on behalf of our clients, which include, but are not limited to, health plans, health care providers, personal care providers, and other organizations (“Clients”).  When we receive information on behalf of our Clients, our use and disclosure of that information is governed by the Client agreement and the Client’s privacy notice.  To the extent the Client agreement or Client’s privacy notice differ from this Privacy Policy, the terms of the Client agreement and Client’s privacy notice shall apply to the information held on behalf of the Client. 

Information from You 

We collect information about you so we can continue to provide and improve our Services to you and other users of the Site.  The information collected directly by WellSky through the Site may include items such as your name, e-mail address, mailing address, phone number, facsimile number, business size, industry type, personal health and social information as well as other information that may or may not specifically identify you.  The information collected on the Site may be stored at servers, computers, or other media located in in the country of origin. 

Information for Health Information Exchange 

In some situations, WellSky serves as a health information exchange (“HIE”).  This occurs when WellSky aggregates health information from multiple organizations to facilitate the sharing of the information across those organizations.  This exchange of data can improve the ability of our Clients to provide services to you.  The information provided to WellSky for the purposes of an HIE may include your name and demographic information, your health information such as dates of service, medical conditions, and medical services provided, and information related to your eligibility for or receipt of social services that impact your health care. 

Third-Party Sources 

We may obtain personal and non-personal information about you from other third-party sources.  This information may be utilized, analyzed, and/or compared with information that we have collected from you or that you have submitted to the Site.  If the third parties unlawfully obtained and/or provided the information to us, you understand, agree, and acknowledge that your sole legal remedy is against the third party that engaged in the unlawful activity and that you will not assert any cause of action, claim or demand against us. 

Information Collection Technology (Web Beacons and Cookies) 

We may use various technologies to collect information from your electronic device about your activities on the Site.  We may collect and store non-personally identifying information through cookies, log files, clear gifs (commonly known as “web beacons”), and third parties to profile user activity and preferences.  Technical and specification information about your browser and computer is automatically collected when you use or visit the Site.  This information may include but not be limited to your Internet Protocol (“IP”) address, your browser type, operating system, geographic location, access time(s), the content of previously accepted “cookies” from us, and the website address that referred you to the Site. 

A cookie is data stored on your computer that tracks non-personal information about you.  When you use the Site, we may assign your computer one or more cookies that enable us to improve the quality of the Services and to personalize your experience.  Cookies allow us to automatically collect information about your activity on the Site, such as the content you access while on the Site, the links you click, and other activity you conduct while using the Site.  You may choose to modify your web browser’s setting to disable cookies or limit their use.  If you choose to disable or limit cookies, you are still able to access the Site, but you may be unable to use all of the features on the Site.  Additional information about cookies may be found at: https://support.microsoft.com/en-us/help/260971/description-of-cookies. 

The Site may contain web beacons (also known as “clear gifs”) or similar technologies that gather non-personally identifiable information about your use of the Site.  Such technology may also be contained in e-mail messages or newsletters from us that allow us to determine whether messages have been accessed.  The purpose of our use of this technology is so that we may analyze the effectiveness of our marketing efforts, the quality of the Site, and the Services we provide. 

Personal Information About Users Under 18 Years of Age Not Collected 

The Site is meant for adults and those who have reached the age of majority as defined by the laws of their domicile.  The Site is not meant for individuals under the age of eighteen (18) or those defined by the laws of their domicile as minors.  Nonetheless, this Privacy Policy is still designed to comply with the Children’s Online Privacy Protection Act (“COPPA”) to the extent COPPA applies.  Accordingly, we do not knowingly collect or retain any personal information about users under the age of thirteen (13).  If we obtain actual knowledge that we collected or retained personal information about a child under the age of thirteen (13), that information will be promptly deleted from our database, servers, and all other media.  Since we do not collect information from users under 13 years old, no such information is disclosed to third parties. 

If parents or guardians wish to create an account for, and provide information related to, their child who is under the age of eighteen (18), the parent or guardian may do so, but assumes full responsibility for ensuring that the information is kept secure and that the information submitted is accurate.  In creating such an account, the parent or guardian accepts that this Privacy Policy will apply to the minor child’s information. 

Information Use and Sharing 

We may use and share your information for any legally permissible purpose.  We may match, use, and share any of the information we collect from you to any personally identifiable information we obtain from Clients or third parties.  Examples of some ways we may use or share information that we collect about you include: 

  • To share information between our Clients for their treatment, payment, and other business operations; 
  • For referrals for treatment, care coordination, and case management; 
  • To determine your eligibility for benefits or services; 
  • To provide data analytics services to our Clients; 
  • To provide services to you; 
  • To provide you with customized content and services; 
  • To contact you, a family member, or caregiver; 
  • To comply with applicable law; 
  • To fulfill our business obligations; and  
  • For our internal record keeping. 

You acknowledge and agree that WellSky may use and disclose your personal and non-personal information to public or private third parties: (i) to provide products or services to you or our Clients; (ii) to comply with requests for inspection by law enforcement officials (including potential criminal activity); (iii) to respond to cease and desist letters, arbitration proceedings, legal actions and suits, criminal and civil subpoenas, or any court orders; (iv) to enforce or apply the terms of this Privacy Policy or any other agreement between us, including the Terms of Use; and (v) to protect our rights, property, or safety, as well as the rights, property, or safety of our users, or others, whether during or after the term of your use of the Site or any Services. 

Personal Health Information Sharing and Exchange 

We may use or disclose your personal health information to provide services to you and our Clients, consistent with the applicable Client’s Notice of Privacy Practices, the Health Insurance Portability and Accountability Act and its implementing regulations (“HIPAA”), and other applicable law.  In most situations, this use and disclosure of your information is for the treatment, payment, or health care operations of our Clients.   

Some of the Services provided by WellSky to its Clients are considered “Health Information Exchange” or “HIE” under applicable state law.  The information maintained in the HIE may be available to health care providers, health plans, personal care providers, or community organizations that may provide services to you.  Depending on your state law, the organization disclosing your information to or obtaining your information from WellSky for the HIE may be required to first obtain your consent.  In other cases, the exchange of this information is permitted unless you object.  Your state law may allow you to opt out of participation in an HIE, described more fully below. 

Legal Process and Investigation Issues 

From time to time, WellSky may be required to respond to a subpoena, a court order or similar investigative demand from law enforcement, a government agency, or a private litigant.  WellSky reserves all rights to defend, within its sole discretion, against such legal requests, demands, and claims.  For instance, WellSky may raise or waive legal objections or rights.  WellSky also reserves the right to disclose your information, as allowed by applicable law, when we believe it is reasonably appropriate based on the situation.  Such disclosure may occur, but is not limited to, disclosing your information in connection with efforts to:  (i) investigate, prevent, or commence other actions regarding suspected illegal activity or other wrongdoing; (ii) protect or defend the rights, property or safety of our company, our users, our employees, or others; (iii) comply with applicable law or cooperate with law enforcement; or (iv) enforce the TOS or other agreements or policies related to the Site or the Services. 

Notice about Social Security Numbers 

We do not collect social security numbers of customers or other users, and you should not provide such information to WellSky.  Nonetheless, if WellSky comes into possession of users’ social security numbers or collects such information in the future, the information will be treated confidentially and not shared with third parties unless allowed by law.  Additionally, WellSky will take reasonable steps to limit the access to such social security numbers and take legally required steps to secure the transmission of the data containing such social security numbers. 

Third Party Privacy Policies May Be Applicable 

This Privacy Policy does not cover any Client’s or third party’s use or handling of your information once it is shared.  Instead, the privacy policies of the Client or third party(ies) will govern.  We encourage you to visit the websites of those third parties and fully read and understand their privacy policies.   

DO NOT TRACK REQUESTS 

In some states, users may be entitled to know how we respond to “Do Not Track” browser settings.  There is little consensus in the industry about what “Do Not Track” means; however, we recognize “Do Not Track” signals as an opt-out for the sharing of your data with third parties.  We take good faith efforts to comply with any “Do Not Track” request; however, you may still need to contact any third-party companies (including those who may have cookies or beacons on the Site) to direct them to not share your data with third parties. To learn more or opt-out from data collection by third-party companies you can visit:  http://www.networkadvertising.org/choices or www.aboutads.info/choices/ 

Opt-Out Provisions and Updating Your Information 

We value our users’ privacy and provide them with the option to “opt-out” of having their information used for purposes not directly related to the Site or our services for Clients.  The opt-out option is available at the time you sign up for your account on the Site.  If you wish to change your opt-out preference or update your information after you initially sign up for your account, you can opt-out by any of the following means: 

  1. Send a written request to: Attn: Compliance, WellSky Corporation, 11300 Switzer Rd, Overland Park, KS 66210; or 
  2. E-mail [email protected] 

Your request will generally be responded to within three (3) business days if your request is via e-mail, or thirty (30) days if your request is via United States mail. 

Your state law may provide you the right to “opt-out” of the HIE functions provided by WellSky.  For Arizona residents, this right is provided under Article XXVII, Section 2 of the Constitution of Arizona.  To opt-opt out of HIE functions, please contact [email protected]   In some cases, we may direct you to contact your health care provider regarding your HIE opt out request. 

Please note that changing your opt-out preference will only affect future activities or communications from us.  To opt-out of communications from our Clients or third-party business partners, if any, please contact them directly. 

Information Retention and Security 

We will store and retain the personal information we collect about you in accordance with our Corporate Record Retention processes. Please note that certain information such as Personal Health Information may be retained for a longer period if we have continuing obligations to you, our Clients, or if required by law.   

We take reasonable security measures to protect users’ information against unauthorized access, loss, alteration, or destruction.  Despite these reasonable measures, we cannot guarantee our security measures are impenetrable.  Therefore, although we take reasonable steps to secure your information, we cannot and do not promise or warrant that your information will always remain secure. 

Visitors Outside the United States 

This Privacy Policy is intended to cover collection of information on the Site from residents of the United States. The laws in other countries may or may not be as comprehensive as those in the United States.  If you are a resident of another country and/or are visiting the Site from outside the United States, you acknowledge and agree that your information may be transferred to, stored, and processed in the United States where our servers are located and our central database is operated.  You also acknowledge that your use of the Site or the Services shall be governed exclusively by the laws of Kansas and as if all transactions with us or otherwise through the Site take place within Kansas.  By using the Site, you acknowledge and agree that your information may be transferred to our facilities and those third parties with whom we share it as described in this Privacy Policy.  If you are unwilling to accept these terms, then you agree that you will not use or access the Site or our services. 

Privacy Policy Updates and Revisions 

This Privacy Policy may be updated from time to time.  We reserve the right to modify this Privacy Policy at any time without notice.  When changes are made to this Privacy Policy, we will revise the “last updated” date at the top of this Privacy Policy and post the updated Privacy Policy on the Site.  Your continued use of the Site or any Services after we have posted any Privacy Policy changes indicates your agreement to such changes unless you notify us otherwise. 

If you wish to retain a copy of this Privacy Policy, you should print a copy for your records. 

Terms of Privacy Policy Survive  

If any terms of this Privacy Policy are held invalid and/or unenforceable by a court of law or a competent jurisdiction, the remaining provisions of this Privacy Policy shall remain in full force and effect. 

SUPPLEMENTAL PRIVACY POLICY APPLICABLE TO CALIFORNIA, COLORADO, CONNECTICUT, NEVADA, VIRGINIA, AND UTAH RESIDENTS ONLY. 

The disclosures in this section (and linked Supplemental Privacy Policy) apply only to individual residents of the States of California, Colorado, Connecticut, Nevada, Virginia, Utah, as applicable.  Residents of California, Colorado, Connecticut, Nevada, Virginia, Utah Residents can click here to review the Supplemental Privacy Policy. 

Limitations 

The adoption or publication of this Privacy Policy does not subject WellSky to any stricter duty in its collection, handling, storage and disclosure of nonpublic information than otherwise applies to WellSky under applicable law.  No person or entity shall have any right or recourse against WellSky nor any of its affiliates, agents, sponsors, or other related parties based on any alleged violation of or noncompliance with this Privacy Policy. 

General Contact: 

WellSky Corporation 

11300 Switzer Rd 

Overland Park, KS 66210 

(913) 307-1000 

[email protected]