Skip to content

Privacy Statements

Website Privacy Policy

Effective as of December 28th, 2022

This Privacy Policy ("Policy") explains how we collect, use, and disclose personal information we receive from users of our website, www.sidecarhealth.com (the "Site"), any mobile applications we may make available (the "App"), and the services available through our Site and App (collectively, the "Services"). This Policy is provided on behalf of the following entities: Sidecar Health, Inc., Sidecar Health Insurance Solutions, LLC, and Sidecar Health Insurance Company, and any of their parents, subsidiaries, affiliates, licensees, successors, and assigns, or those acting under their authority.

This Policy is current as of the effective date listed above. We may update this Policy from time to time, so please be sure to check back periodically. Your continued use of the Site, App, or Services after the effective date of any updates will mean you acknowledge and agree to be bound by those revisions.

Your use of our Site, App, or Services, and any dispute over privacy, is subject to this Policy, our HIPAA Notice of Privacy Practices, and our Terms of Use. You also agree to any limitations on damages and the resolution of disputes. The Sidecar Health Terms of Use and HIPAA Notice of Privacy Practices are incorporated by reference into this Policy. In the event of any conflict or ambiguity between this Policy and the HIPAA Notice of Privacy Practices, the HIPAA Notice of Privacy Practices will control.

The Information We Collect About You

We collect information about you directly from you, automatically through your use of our Site, App or Services, and from third parties.

 

Information We Collect Directly from You. The information we collect from you depends on how you use our Services. Information we collect may include:

 

  • If you create an account with us, we collect your email address and the password you create for your account.
  • If you would like to get a quote for, apply for, or enroll in health insurance coverage (for yourself or a dependent), the information we collect may include: your name, gender, birthdate, physical address, email address, Social Security number, phone number, and information about any health conditions, upcoming procedures, and tobacco usage for any individual seeking coverage. If you submit an application for or enroll in health insurance coverage, we will collect additional information, including but not limited to, your payment information (such as your payment method and billing address).
  • When you submit your claims, we collect images of the documentation you upload, such as medical invoices from your physician, pharmacy, or other health care provider. These medical invoices may include name, date of birth, mailing address, and information about the treatment, services, and products received.
  • We collect the information you provide us when you fill out a survey, questionnaire, or other type of form you complete through the Services.
  • If you contact us, we collect contact information, such as name, email address, mailing address, and phone number. We also collect any information you choose to communicate.
  • While you are navigating the Site or using the Services, we may also collect your search queries, such as services or prescription drugs.

 

Information We Collect Automatically. We automatically collect information about your use of our Services through cookies, web beacons, and other technologies. To the extent permitted by applicable law, we combine this information with other information we collect about you, including your personal information. Please see the section "Cookies and Other Tracking Mechanisms" below for more information.

 

When you use our Site, we may collect your domain name, browser type and operating system, web pages you view on the Site, links you click on the Site, and your IP address. We may also collect information about your activities within the Site, the length of time you spent visiting our Site and/or using our Services, and the referring URL, the web pages that led you to our Site, the date of your visit, referring search keywords, and your device type, model, and version. We may also collect your location.

 

We may make an App available. When you use such App, we may collect your mobile device ID, device type and model, operating system type, name and version, and language information. We may also collect information about your activities within the App, and the length of time that you are logged into our App. When you share your location with us, we will collect location information from your mobile device to show you policy options available in your area and to show you health care providers and pharmacies near your location. We may also collect browser links in any app that sends you to a sidecarhealth.com URL. In those cases, we will offer to redirect you to our App instead.

 

Information We Collect from Other Entities. We may collect information about you from third-party sources, such as: your employer, service providers, business partners, your financial institution (if you have linked a bank account as a designated payment method), public and third-party databases, your health care providers and pharmacies, platform providers, non-affiliated partners, other users of our Services, public sources, third-party advertising partners, or from other third parties. Information we collect from third parties may be combined with other information we have collected about you.

 

If someone else requests a quote for, applies for, or enrolls in health insurance coverage on your behalf (e.g., if you're a dependent), we may collect the following information from them or their employer about you: your name, gender, birthdate, physical address, email address, Social Security number, phone number, and information about any health conditions, upcoming procedures, and tobacco usage.

 

Biometric Authentication. You may choose to enable biometric authentication (using fingerprint, Touch ID, or Face ID) to sign in to our Site or App. To do this, you are required to save your Sidecar Health account ID on your mobile device. We do not control the functionality of fingerprint, Touch ID or Face ID and we do not have access to your fingerprints or facial recognition information. You understand and agree that any fingerprint stored on your mobile device can be used to access your account at Sidecar Health. For more information on how biometric functionality works for your device, please refer to your device manufacturer's support resources. There may be circumstances where biometric authentication will not function as expected and you will be required to sign in to your Sidecar Health account using your passcode.

 

How We Use Your Information

Our Uses of Your Information. We use your information, including your personal information, for the following purposes:

 

  • To provide, maintain, and improve our Services.
  • To enable you to apply for, or enroll in, a health insurance policy.
  • To provide you with a Sidecar Health payment card to use when you pay for covered health care procedures, services, and products.
  • To underwrite the health insurance policy or, if applicable, to provide services to our partner insurance carrier that underwrites the policy, such as issuing and administering the policies and handling claims.
  • To process your claims; for example, to request that your provider send additional information about your diagnosis and treatment.
  • To facilitate payments to health care providers and pharmacies.
  • To assess your ability to pay your share of a payment to a health care provider or pharmacy.
  • To notify you about changes to our Services.
  • To communicate with you, including via text message, about your use of our Services, to respond to your inquiries and complaints, and for other customer service purposes.
  • To tailor the content and information that we may send or display to you, to offer location customization and personalized help and instructions, and to otherwise personalize your experiences while using the Services. For example, we may display to you the different insurance policies available to you, or we may display available health care providers and/or pharmacies in your geographic area.
  • To the extent permitted by law, to send you marketing materials, via mail, email, text, or telephone, about products and services that may be of interest to you either from us, our business partners, or other third parties.
  • To send you news and newsletters.
  • For research and analytics purposes, including to better understand how users access and use our Services, both on an aggregated and individualized basis.
  • To administer surveys and questionnaires, such as for market research or user satisfaction purposes.
  • To comply with legal obligations, as part of our general business operations, and for other business administration purposes, such as maintaining customer records, monitoring your compliance with any of your agreements with us, collecting debts owed to us, and safeguarding our business interests.
  • Where we believe necessary to investigate, prevent or take action regarding illegal activities, suspected fraud, and in situations involving potential threats to the safety of any person or violations of our Terms of Use or this Policy.
  • To fulfill any other purpose for which you provide the information or to fulfill purposes that you otherwise request or consent to.

 

How We Share Your Information

We may share your information, including personal information, as follows:

 

Partner Carriers. If you enroll in an Access Plan, We may share the information we collect from you or about you with the partner insurance carrier that underwrites your health insurance policy.

 

Service Providers, and Other Processors. We may disclose the information we collect from you or about you to service providers or other processors, such as customer management providers and IT services providers, to help us provide our Services to you, to assist us in analyzing how our Services are used, to market to you, and to provide other services.

 

In providing our health insurance services, you will receive a Sidecar Health payment card to use when paying for covered health care procedures, services, and products. We will share your information with our payment processor, including your name and address to enable you to use this payment card and to help us process claims. This includes printing and shipping a payment card to you, and other information needed to process the payment of your claims. We may share your information, including your personal information and health conditions, with health care providers and pharmacies.

 

We will not share your personal information with third-parties for their own marketing purposes without your consent.

 

Subsidiaries and Affiliates. We may disclose the information we collect from you or about you to our affiliates or subsidiaries as needed to provide the Services to you.

 

Other Affiliated and Non-Affiliated Third Parties. We may share the information we collect from you or about you with other affiliated and non-affiliated third parties, including:

 

  • Insurance support organizations;
  • Brokers and agents;
  • Government entities (e.g. regulatory, quasi-regulatory, tax or other authorities, law enforcement agencies, courts, arbitrational bodies, and fraud prevention agencies);
  • Consumer reporting agencies;
  • Advisors including law firms, accountants, auditors, and tax advisors;
  • Insurers, re-insurers, policy holders, and claimants;
  • Group policyholders (for reporting claims data or an audit);
  • Advertising networks, data analytics providers, and social networks;
  • Service providers and affiliates for actuarial or research studies; and
  • As permitted by law.

 

In addition, we may also share your personal information under the following circumstances:

 

Business Transfers. If we or our affiliates are or may be acquired by, merged with, or invested in by another company, or if any of our assets are or may be transferred to another company, whether as part of a bankruptcy or insolvency proceeding or otherwise, we may transfer the information we have collected from you to the other company. As part of the business transfer process, we may share certain of your personal information with lenders, auditors, and third-party advisors, including attorneys and consultants.

 

In Response to Legal Process. We disclose your information to comply with the law, a judicial or regulatory proceeding, court order, or other legal process, such as in response to a court order or a subpoena.

 

To Protect Us and Others. We disclose your information when we believe it is appropriate to do so to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the safety of any person, violations of our Terms of Use or this Policy, or as evidence in litigation in which we are involved.

 

Aggregate and De-Identified Information. We share aggregate or de-identified information about users with third parties for marketing, advertising, research, or other purposes.

 

Others for Business Purposes. We may also share your personal information by disclosing it to a third party for a business purpose, including the business purpose of directly or indirectly enabling or effecting commercial transactions. We only make these business purpose disclosures under written contracts that describe the purposes, require the recipient to keep the personal information confidential, and prohibit using the disclosed information for any purposes except performing the contract.

 

Our Role as a Business Associate Under the Health Insurance Portability and Accountability Act ("HIPAA")

When we act as a Business Associate to a Covered Entity (such as a health plan) under HIPAA, our uses and disclosures of personal information are limited to the following purposes to provide you with the Services: for proper business, management, and administration purposes, to de-identify data, for data aggregation, and to meet our legal obligations.

 

We may use or disclose personal information on behalf of, or to provide services to, Covered Entities for purposes of fulfilling our service obligations to them, if such use or disclosure of PHI is permitted or required by the Business Associate agreement and is in compliance with HIPAA.

 

Our Use of Cookies and Other Tracking Mechanisms

We and our third-party service providers use cookies and other tracking mechanisms to track information about your use of our Services. We may combine this information with other personal information we collect from you (and our third-party service providers may do so on our behalf).

 

Cookies. Cookies are alphanumeric identifiers that we transfer to your device's hard drive through your web browser for record-keeping purposes. Some cookies allow us to make it easier for you to navigate our Services, while others are used to enable a faster log-in process or to allow us to track your activities while using our Services. There are two types of cookies: session and persistent cookies.

 

  • Session Cookies. Session cookies exist only during an online session. They disappear from your device when you close your browser or turn off your device. We use session cookies to allow our systems to uniquely identify you during a session or while you are logged into the Services. This allows us to process your online transactions and requests and verify your identity, after you have logged in and as you move through our Services.
  • Persistent Cookies. Persistent cookies remain on your device after you have closed your browser or turned off your device. We use persistent cookies to track aggregate and statistical information about user activity.

 

Disabling Cookies. Most web browsers automatically accept cookies, but if you prefer, you can edit your browser options to block them in the future. The Help portion of the toolbar on most browsers will tell you how to prevent your computer from accepting new cookies, how to have the browser notify you when you receive a new cookie, or how to disable cookies altogether. Visitors to our Site who disable cookies will be able to browse certain areas of the Site, but some features may not function.

 

Cached Information. The Site and App automatically store small bits of information to the local data storage on your browser and mobile device about your use of the Site and App and your preferences ("Cached Information"). We use Cached Information to enhance your experience on our Site and App. If you log out of the Site, Cached Information stored on the browser will be deleted. If you delete the App from your device, Cached Information stored on the device will also be deleted.

 

Clear GIFs, Pixel Tags and Other Technologies. Clear GIFs are tiny graphics with a unique identifier, similar in function to cookies. In contrast to cookies, which are stored on your computer's hard drive, clear GIFs are embedded invisibly on web and app pages. We may use clear GIFs (a.k.a. web beacons, web bugs or pixel tags), in connection with our Services to, among other things, track the activities of Site visitors, help us manage content, and compile statistics about Site usage. We and our third-party service providers also use clear GIFs in HTML e-mails to our customers, to help us track e-mail response rates, identify when our e-mails are viewed, and track whether our e-mails are forwarded.

 

Third Party Analytics. We use automated devices and applications, such as Google Analytics, to evaluate usage of our Site. We also may use other analytic means to evaluate our Site. We use these tools to help us improve the performance of our Sites, Services, and user experiences. These entities may use cookies and other tracking technologies, such as web beacons or local storage objects (LSOs), to perform their services. To learn more about Google's privacy practices, please review the Google Privacy Policy at https://www.google.com/policies/privacy/. You can also download the Google Analytics Opt-out Browser Add-on to prevent their data from being used by Google Analytics at https://tools.google.com/dlpage/gaoptout.

 

Cross-Device Use. We and our third-party service providers, including Google, may use the information that we collect about you (whether directly from our Site, through your device(s), or from a third party) to help us and our third party service providers identify other devices that you use (e.g., a mobile phone, tablet, other computer, etc.). We and our third-party service providers also may use the cross-device use and other information we learn about you to serve targeted advertising on your devices and to send you e-mails. To opt-out of cross-device advertising, you may follow the instructions set forth in the Third-Party Ad Networks section below. Please note: if you opt-out of these targeted advertising cookies, your opt-out may be specific to the web browser, app, or device from which you accessed the opt-out. If you use multiple devices or web browsers, you may need to opt-out from each browser or device that you use.

 

Third-Party Data Collection. We may use third-party data collectors to record and store information about how our Site and App are used. These third-party service providers use tracking technologies to analyze a visitor's real-time interactions with our Site and App, including for example, clicks, mouse movements, and data inputs. They then store such information on our behalf. We may provide these third-party data collectors with information, including personal information, about you.

 

Do-Not-Track Signals. Please note that our Site does not recognize or respond to any signal which your browser might transmit through the so-called "Do Not Track" feature your browser might have. If you wish to disable cookies on our Site, you should not rely on any "Do Not Track" feature your browser might have. For more information about do-not-track signals, please click here.

 

Ad Networks. We use network advertisers to serve advertisements on non-affiliated websites or other media (e.g., social networking platforms). This enables us and these network advertisers to target advertisements to you for products and services in which you might be interested. Ad network providers, advertisers, sponsors and/or traffic measurement services may use cookies, JavaScript, pixels, LSOs and other tracking technologies to measure the effectiveness of their ads and to personalize advertising content to you. These cookies and other technologies are governed by each entity's specific privacy policy, not this one. We may provide these advertisers with information, including personal information, about you.

 

Users may opt out of many ad networks. For example, you may go to the Digital Advertising Alliance ("DAA") Consumer Choice Page for information about opting out of interest-based advertising. Please be advised that opting out of ad networks will opt you out from certain companies' delivery of interest-based content or ads to you, but it does not mean you will no longer receive any advertising through our Site or on other websites. You may continue to receive advertisements, for example, based on the particular website that you are viewing (i.e., contextually based ads). Additional information is available on the DAA's website at www.aboutads.info and https://youradchoices.com/appchoices.

 

User Generated Content

We invite you to post content on our Services, including your comments and healthcare provider reviews that you would like to be available on our Services. If you post content to our Services, all of the information that you post will be available to all users of our Services. If you post your own content on our Services, your posting may become public and Sidecar Health cannot prevent such information from being used in a manner that may violate this Policy, the law, or your personal privacy.

 

Security of Your Personal Information

We have implemented reasonable organizational, technical, and administrative measures to protect the information we collect from loss, misuse, and unauthorized access, disclosure, alteration, and destruction. Please be aware that despite our efforts, no data security measures can guarantee security.

 

You should take steps to protect against unauthorized access to your account, phone, and computer by, among other things, signing off after using a shared computer, choosing a robust, unique password that nobody else knows or can easily guess, and keeping your log-in and password private. We are not responsible for any lost, stolen, or compromised passwords or for any activity on your account via unauthorized password activity.

 

Access Your Personal Information
You may modify certain personal information that you have submitted by logging into your account and updating your profile information.

 

We may also modify your personal information on your behalf if you have requested us to do so. If you would like to request that we update your personal information, you can call our Member Care team at 1-877-653-6440.

 

Please note that copies of information that you have updated, modified, or deleted may remain viewable in cached and archived pages or backups of the Services for a period of time.

 

Promotional Communications

To the extent permitted by law, we may use your personal information to send promotional communications to you by mail, email, telephone, or text message. You may opt-out of promotional communications by following the opt-out instructions below:

 

  • Email: click the 'unsubscribe' link in any promotional email
  • Text: text 'STOP' to unsubscribe
  • Other: contact our Member Care team to update your marketing preferences

 

Please note that it may take up to 10 business days for us to process opt-out requests. If you opt-out of receiving promotional communications, we may still send you communications about your account or any services you have requested or received from us.

 

Other Websites, Platforms and Applications

Our Services may be provided through, or utilize features operated by, third-party platforms or contain links to sites operated by third parties whose policies regarding the handling of information may differ from ours. In addition, you may encounter third party applications that are integrated into our Services. For example, we use Stripe (https://stripe.com/) and Plaid (https://plaid.com/) to process payments.

 

These websites and platforms have their own privacy policies and terms of use. This Policy applies solely to our Site, App, and Services. We are not responsible for the privacy practices of third-party websites or platforms.

 

Notice Concerning Children

Parents and legal guardians may use our Site, App, and Services on behalf of their minor dependents, but our Site, App, and Services are not intended to be used directly by children under 18 years old. By using our Site, App, or Services, you represent and warrant that you are at least 18 years of age. In addition, if you are using our Site, App, or Services on behalf of an individual under 18, you represent and warrant that you are their parent or legal guardian with the legal authority to do so.

 

We do not knowingly collect personal information from, or target our Site, App, or Services to, children under the age of 18. If we discover that the Site, App, or Services are being used inappropriately, we may disable account access. If we learn that we have directly collected the personal information of a child under 18 without verifiable parental consent, we will take steps to delete the information as soon as possible. Please immediately contact us if you become aware that a child has provided us with personal information. We understand that there may be exceptions to this rule, such as for children who are emancipated.

 

Contact Us

If you have questions about this Policy or would like to make a complaint, you can contact us here:
legal@sidecarhealth.com

 

1-877-653-6440

 

Sidecar Health
Attn: Legal
2381 Rosecrans Ave., Ste. 400
El Segundo, CA 90245

 

Remember, you will always have the option to remain anonymous via our Online Form or Hotline number.

  • Call or Text our Hotline at 234-901-1733. All calls are confidential and can be made 24 hours a day, 7 days a week. Dial *67 to remain anonymous when calling.
  • Email privacy@sidecarhealth.com

Notice of Privacy Practices

Sidecar Health, Inc. (including our subsidiaries and affiliates, collectively “Sidecar Health”, “we”, or “us”) is committed to maintaining business practices and standards that meet or exceed requirements under the Health Insurance Portability and Accountability Act (HIPAA) to ensure your personal health information remains protected. Personal Health Information (“PHI”) is information created or received by Sidecar Health that identifies you and is related to your medical history including medical records or payment information.

This Notice of Privacy Practices (“Notice”) describes how personal information about you may be used and disclosed and how you can get access to this information. Please review it carefully.1

How We Collect Your Information

Sidecar Health collects information about you from enrollment applications and other insurance-related transactions including claims (i.e., expenses), payments, or other communications.

In addition to information received directly from you, we may collect information from:

  • A health care provider that will provide or has provided treatment to you.
  • A representative acting on your behalf as appointed by you or designated by law.
  • Your employer if your coverage is offered through an employer-sponsored group health plan.
  • A broker or agent if you or your employer purchased coverage through a broker or agent.

Our Responsibilities

Sidecar Health is required by law to:

  • Maintain the privacy and security of your PHI. We have established technical, physical, and administrative safeguards to protect your information and comply with the terms of this Notice. We may retain your health information even after your coverage terminates as it may be necessary to use and disclose this information for the purposes described in this notice or otherwise to comply with applicable law.
  • Let you know promptly if a breach occurs. If your PHI is compromised, we will notify you, and other entities as required by law.
  • Provide this notice to you. We will provide this Notice to you electronically and publish it on our website. We will mail you a paper copy if you request it.
  • Abide by the terms of this Notice. We will not use or share your PHI other than as described here unless you tell us we can in writing.

We reserve the right to change our privacy practices and the terms of this Notice at any time. We reserve the right to make the changes in our privacy practices and the new terms of our Notice effective for all PHI that we maintain, including PHI created or received before we made the changes. If we make a material change to this Notice, we will post the new notice on our website and provide an electronic copy of the new notice or a summary of the changes and how to obtain the new notice.

HIPAA, the federal privacy law, generally doesn’t cancel other laws that protect your privacy. If any state or federal law requires us to give you more privacy protection than HIPAA, Sidecar Health will follow the stricter law.

How we use and disclose your PHI

We may use and disclose your PHI for treatment, payment and healthcare operations as described below. When using or disclosing your information for these purposes, we use or disclose just the minimum amount of PHI necessary to accomplish the task. Below are examples of such use and disclosure, although not every possible use or disclosure is listed.  Sidecar Health may limit the amount of PHI we use or disclose if we are required to do so or where we chose to do so.

Treatment

We may use your PHI and share it with professionals who support your access to or administration of healthcare services or treatment. This includes doctors, pharmacies, hospitals, and personnel or vendors that support these entities. For example, we use or disclose PHI to help you find a healthcare provider, plan for care, or shop for care. 

Payment

We may use and disclose your PHI to help pay or receive payment for services. This may include, but is not limited to:

  • We may share information with the primary policy holder (e.g., the employee, if your plan is an employer sponsored plan) to facilitate payment of premiums or expenses.
  • We may exchange information with your doctor or other healthcare provider to determine your coverage, process claims, or support risk adjustment programs.
  • We provide an explanation of benefits under the plan and make expense (e.g., claims) information available to the primary policy holder on our secure member portal, by mail, or by telephone.

Operations

We may use and disclose your PHI to run our business, contact you, and develop better services for you. This may include, but is not limited to:

  • Coordination of coverage or payment with other health insurance companies or plan sponsors.
  • Underwriting; however, we are not allowed to use genetic information to decide whether to give you coverage and the price of that coverage.
  • Support functions delegated to companies that we have contracted with to help us provide services to you (deemed “business associates” under federal privacy rules).
  • Combat fraud, waste, abuse or other criminal activities.
  • Disclose summary information to a group policy holder if you are enrolled in an employer sponsored plan. This information cannot be used for employment-related purposes.
  • Tell you about health-related products or services such as wellness programs or preventive care recommendations.

Other permitted uses and disclosures of PHI

We may use and disclose your PHI for other purposes when permitted or required by law. We must meet any condition or limitation in the law before we can share your information for these purposes.

Public health and safety

We are allowed, and sometimes required, to share your PHI in ways that contribute to the public good such as:

  • Preventing disease.
  • Helping with product recalls.
  • Reporting adverse reactions to medications.
  • Reporting suspected abuse, neglect, or domestic violence.
  • Preventing or reducing a serious threat to anyone’s health or safety.

Research

We can use or share your information for health research.

Required by law

We may use or disclose PHI when we are required to do so by state or federal law.

Government or law enforcement requests

We can use or share your PHI to respond to government or law enforcement requests including:

  • Organ and tissue procurement organizations or a coroner, medical examiner, or funeral director;
  • Workers’ compensation companies or programs to address claims; or
  • Law enforcement and other government agencies including the military or the Department of Health and Human Services.

Legal Proceedings

We can share PHI to respond to lawsuits and other legal actions such as judicial orders or subpoenas.

Your Rights

You have the right to make certain requests regarding your PHI that is maintained by Sidecar Health. To exercise any of these rights, you must submit your request in writing. Contact our Privacy Office for assistance in submitting the necessary information to make the request. Submit your request via email or mail to the addresses listed in the Contact Us section at the end of this Notice. Requests will be responded to within a reasonable timeframe, typically within 30 days, in a form and manner that is feasible based on how the PHI is retained. In certain situations, and where allowed, we may charge a reasonable, cost-based fee.

Your rights include the ability to:

1. Inspect and copy your information

You can ask to see or get a copy of your claim records and other health information we have about you by contacting our Privacy Office. We will provide a copy or a summary of the requested information.

2. Ask us to correct your information

You can ask us to correct your health and claims records if you think they are incorrect or incomplete. We may deny your request for amendment in some circumstances, such as if we believe the information we have is accurate and complete.

3. Request confidential communications

You can ask us to contact you in a specific way such as using a specific phone number, address, or other manner. If you tell us that the request is made to avoid danger, we must agree and will make the update promptly.

4. Ask us to limit what we use or share

You can ask us not to use or share certain health information for treatment, payment, or our operations. We are not required to agree to your request. If we deny your request, we will tell you why the request was denied.

5. Get a list of those with whom we’ve shared information

You can ask for a list (i.e., accounting) of the times we’ve shared your health information for six years prior to the date you ask, who we shared it with, and why. We will include all the disclosures except for those about treatment, payment, and health care operations, and certain other disclosures (such as any you asked us to make).

6. Get a copy of this Notice

You can ask for a paper copy of this notice at any time, and we will provide it to you.

Your choices

You can choose someone to receive your PHI or act on your behalf as further described in this section.

  • Legal representative. Your legal guardian or another person with medical power of attorney can exercise your rights and make choices about your health information. To ensure we have accurate information, please provide a copy of the legal document showing authority to our Privacy Office.
  • Authorized representative. If you are enrolled as a dependent, the primary policy holder is an authorized representative to receive your information for payment and healthcare operations. If you are adult dependent aged 16 or older, you may create your own account to limit the amount of information that is shared with the primary policy holder. Creating your own account will reduce the amount of information shared with the primary policy holder and offer you the ability to assign individual contact information. Please note, the primary policy holder will always have access to certain information under the plan such as accumulation toward deductibles and service limits, expense amounts due, and contact information. Once you create your own account, it cannot be undone.To create your account, go to our website, SidecarHealth.com. If you are under the age of 16, please contact our Privacy Office for assistance.
  • Family and friends. You can ask us to share information with family, close friends, or others involved in payment for your care, such as your doctor, to receive PHI from Sidecar Health. You can do this on a temporary basis by providing verbal consent with the representative on the phone or you can assign long-term authority by completing the HIPAA Authorization Form available on our website (SidecarHealth.com). You may cancel your permission for an individual to receive your information at any time, in writing, and we will then stop. But if we’ve already used or shared your PHI with your permission, we cannot undo any actions we took before you told us to stop.
  • Best Interest. If you are not able to tell us your preference, for example if you are unconscious, we may share your information if we believe it is in your best interest. We may also share your information when needed to lessen a serious and imminent threat to your health or safety.

In most cases, if we use or share your PHI outside of treatment, payment, healthcare operations, or other permitted activities described in this Notice, we must get your in writing first. We must also get your written permission before:

  • Using your PHI for certain marketing activities.
  • Selling any of your information.
  • Sharing psychotherapy notes we may receive from your doctor or therapist.

Contact Us

If you have questions, wish to exercise your rights, or feel your rights were violated, please contact the Sidecar Health Privacy Office.

Mail:
ATTN: Sidecar Health Privacy Officer
440 N Barranca Ave #7028
Covina, CA 91723

Email: privacy@sidecarhealth.com

Phone: Call or Text our Hotline (234) 901-1733.
This Hotline is available 24 hours a day, 7 days a week. To remain anonymous dial *67 before calling.

If you feel your rights were violated, you can also file a complaint with the U.S. Department of Health and Human Services Office for Civil Rights by sending a letter to 200 Independence Avenue, S.W., Washington, D.C. 20201. We will not retaliate against you for filing a complaint.

Effective

This Notice is effective as of August 10, 2023.

 

1 This Notice of Privacy Practices is not applicable to enrollees in Access Plans which are excepted benefit plans not subject to HIPAA.