Privacy Policy

Navigating Cancer and Navigating Care Privacy Policy

Last updated July 6, 2023.

This privacy policy describes the privacy practices for Navigating Cancer, Inc. (“Navigating Care” “our,” “we,” or “us”). Navigating Care™ considers the privacy and security of user information an important component of the Navigating Care service, including services offered on our websites, navigatingcare.com and nav.care (the “Sites”), email and text communications.   Navigating Care is committed to the privacy and confidentiality of your personal information. The following information explains how Navigating Care collects and uses information obtained from its users in connection with our services (collectively, the “Services”).

Your use of the Sites and Services are subject to this Privacy Policy as well as our Terms of Use. By accessing the Sites or using the Services, you agree to the terms of this Privacy Policy. If you do not agree to this Privacy Policy, please do not use the Sites or Services.

Click Here for Clinic Patient Privacy Policy

Click Here for Insurance/Employer Member Privacy Policy

Click Here for State Specific Privacy Notice

Clinic Patient Privacy Policy

What this Privacy Policy Covers.

This Privacy Policy covers the personal information collected from you when you are on the Sites and when you use the Services and Navigating Care’s treatment of such personal information. Also, this Privacy Policy covers Navigating Care’s treatment of personal information that Navigating Care’s business partners and healthcare providers share with Navigating Care. This Privacy Policy does not apply to the practices of companies that Navigating Care does not own or control, or to individuals that Navigating Care does not employ or manage.   Our use of your personal information is controlled by the Health Insurance Portability and Accountability Act of 1996 and its implementing regulations (“HIPAA”) as well as our contracts with your healthcare providers.

HIPAA Notice of Privacy Practices.

To access your healthcare provider’s HIPAA Notice of Privacy Practices please visit your healthcare provider’s website.

Personal Information Collected and How We Use It.

In order to provide users with a friendly, customized, and efficient experience, we collect personal information of several types and we collect personal information received from your healthcare provider in order to provide Services to you and to your healthcare provider including but not limited to care management, health tracker, and patient engagement solutions and other services.  We collect personal information from your device or browser, and directly from you.  We may use personal information we collect in order to provide you with our Services, to address your questions, comments or requests, to develop and analyze our products and Services, to personalize your experience with our Services, comply with our legal and contractual obligations, and protect our rights, property, and safety (or the rights, property and safety of others).  We have collected the following categories of information within the last twelve months.

A) Information You Provide to Us:

We may receive and store information you enter on the Sites or otherwise provide to us through the Services, including information that we receive as a result of our back-office integration with your healthcare provider’s clinical systems.

  1. Registration. In order for you to use certain features of the Services, you may be required to complete a registration form which may ask for personal information.
  2. Health Records. We work with your healthcare providers to provide you the Services.  Your healthcare providers share personal information about you and your treatment with us, in order for us to provide you with the Services, and we share with your healthcare provider information that you input into the Sites (e.g., secure messaging).  We recognize the sensitivity of your personal information and we will protect any information provided by your healthcare providers to us as required by HIPAA and other applicable federal and state laws.  As a user of Navigating Care, you can access and manage your health records and monitor and record your health information and disease symptoms and/or side effects. All of the health record pages on Navigating Care use Secure Sockets Layer (SSL) encryption to protect your personal information. Examples of the types of information stored in your Navigating Care health records include (this is not an exclusive list):
    • General demographic personal information including, but not limited to, your name, address, date of birth, gender and contact information
    • Diagnosis
    • Treatments including surgeries, radiation treatments, chemotherapy, complementary or alternative medicines
    • Lab results and clinical notes
    • Prescription medications, dietary supplements, herbal remedies, or other medications
    • Clinic contact information such as your doctor’s name, specialty, address, email and phone numbers
    • Clinic facility information, such as names, addresses and phone numbers
    • Daily Health Tracker information, including self-reported details about your general health and wellbeing, as well as self-reported disease symptoms and/or side effects of treatment
    • Medical appointment dates, times and physician information
    • Secure messaging with your healthcare providers
  1. Your Communications with Us.  We collect personal information from you such as email address, date of birth, zip code, phone number, or mailing address when you request information about our Services, sign up for communications, request customer or technical support, apply for a job or otherwise communicate with us.
  2. Surveys.  We may contact you to participate in surveys.  If you decide to participate, you may be asked to provide certain information which may include personal information.

B) Automatic Information:

We may receive and store certain types of information whenever you interact with the Sites or Services. Navigating Care may automatically receive and record certain “traffic data” on our server logs from your browser including your Internet Protocol (IP) address, geo-location, search history, browsing history, the uniform resource locator (URL), the website you linked from, Navigating Care cookie information, and the page you requested.

In addition, we may automatically collect data regarding your use of our Services, such as the types of content you interact with and the frequency and duration of your activities.  We may combine your information with information that other people provide when they use our Services.  We may also use third party service providers to collect information regarding visitor behavior and visitor demographics on our Services.

C) E-mail and SMS Communications:

We may communicate with you via email and text messaging (SMS), for example for registration purposes, to provide educational materials, and to notify you when your clinic has updated your patient portal, when you receive a secure message, or when there are updates or information relevant to you within our Sites or Services.   We may also send out emails with news or promotions. If you do not want to receive e-mail or other mail from us, please notify us by e-mail at support@navigatingcancer.com and include sufficient information for us to identify your account.

D) Information from Other Sources:

In order for us to develop a more personalized service offering, we may receive information about you from other sources and add it to our account information.

Sharing and Use of Information.

We do not sell any personally identifiable information to anyone without your consent, and within the last twelve months we have shared your information consistent with the statements below. We will not share your personal information (described above) except in the following circumstances:

A) Consent:

Navigating Care may disclose personal information when you have provided consent to do so.

B) Consistent with HIPAA:

Navigating Care may use and disclose personal information if it is required to do so by law, when it is permitted to do so consistent with HIPAA, or if Navigating Care has a good faith belief that such action is necessary to conform to applicable laws or comply with any legal, regulatory or similar requirement or investigation, to protect or defend the rights or property of Navigating Care or another user or to enforce Navigating Care’s Terms of Use.

C) To Provide Our Services:

Navigating Care may use and disclose personal information in order to provide our Services to you and your healthcare provider.

D) Business Transfers:

Navigating Care may transfer your personal information to any successor to all or substantially all of its business or assets that concern the Services.

E) Government Entities/Security:

We may share personal information in response to a court order, subpoena, search warrant, law or regulation. We may also use personal information to comply with our legal, regulatory, security and risk management obligations, including defending legal claims.  We may cooperate with law enforcement authorities in investigating and prosecuting activities that are illegal, violate our rules, or may be harmful to other visitors.  We may share personal information, to address fraud, security or other technical issues.  We may also share personal information to protect against harm to Navigating Care or other third parties.

F) Service Providers:

We may share your personal information with our third-party service providers.  The categories of service providers to whom we entrust personal information include IT and related services; information and services; IP tracking services, customer service providers; and vendors to support the provision of the Services.

G) International Data Transfers:

You agree that all information processed by us may be transferred, processed, and stored anywhere in the world, including but not limited to, the United States or other countries, which may have data protection laws that are different from the laws where you live.  We have taken appropriate safeguards to require that your personal information will remain protected and require our third-party service providers and partners to have appropriate safeguards as well.

H) Information You Share with Third Parties:

You should be aware that by providing third parties with your login information, name (User ID) and password, you may inadvertently enable unauthorized persons to review, modify or delete your health records. If you provide a third party with your user credentials, Navigating Care cannot monitor their use of the Site or Services.

Our Site may direct you to third party websites or information, including but not limited to education resources.  If you are re-directed to a third party website, please note that the website is governed by the third party privacy policy and terms and conditions, which may not be protected by HIPAA and may use tracking technologies.  Usage and viewing of these sites are optional.  We suggest you review all third party privacy and security policies before proceeding.

Aggregation of De-identified Information and Statistics.

Navigating Care may de-identify your personal information, including your healthcare information.  Navigating Care and its partners may use and disclose de-identified and or aggregated information gathered from your profile or records and your usage of the Sites and related statistics.   If we are de-identifying personal healthcare information then, such de-identification will be in compliance with HIPAA requirements and such de-identified information will not include personally identifiable information relating to users such as name, email address, or address, but may include categories such as gender, height, weight, postal code, and medical information (e.g., diagnosis and stage of illness). We will not attempt to re-identify the de-identified information, except we may attempt to re-identify the information solely for the purpose of determining whether our de-identification processes satisfy legal requirements.  Aggregated information is information from multiple users that cannot be “re-identified,” or associated with any individual user or account.  This de-identified data may also include data extracted on an anonymous basis from the health care information we receive from your physician or other care providers once you have agreed to the use of our Services.  We will require any of our partners that receive de-identified data from us to agree to not re-identify the data.

Security.

Your Navigating Care account information is protected by a password for your privacy and security. You are responsible to protect against unauthorized access to your account and to your computer by logging off once you have finished using a shared computer, and to your mobile phone by enabling your device’s security features.

We aim to not collect Social Security Numbers (“SSNs”).  To the extent that we do, it is our policy to protect the confidentiality of the SSNs that we receive or collect in the course of business. We secure the confidentiality of SSNs through various means, including physical, technical, and administrative safeguards that are designed to protect against unauthorized access. It is our policy to limit access to SSNs to that which is lawful, and to prohibit unlawful disclosure of SSNs.

“Do Not Track.”  Do Not Track (“DNT”) is a preference you can set in your web browser to let the websites you visit know that you do not want them collecting data about you. At this time, this Site does not respond to DNT or similar signals.

Third Party Sites.

The Services may contain links to other websites, and other websites may reference or link to our website or other Services.  These other websites are not controlled by us.  We encourage our users to read the privacy policies of each website and application with which they interact.  We do not endorse, screen or approve and are not responsible for the privacy practices or content of such other websites or applications.  Visiting these other websites or applications is at your own risk.

Cookies.

Cookies are alphanumeric identifiers that we may transfer to your computer’s hard drive through your Web browser to enable our systems to recognize your browser and tell us how and when pages in our Sites are visited and by how many people. Navigating Care cookies do not collect personal information, and we do not combine information collected through cookies with other personal information to tell us who you are or what your email address is.

Your internet browser may direct you on how to prevent your browser from accepting new cookies, how to command the browser to tell you when you receive a new cookie, or how to fully disable cookies. We strongly recommend that you leave the cookies activated, because cookies enable you to take advantage of some of the Services’ most attractive features.

Minors.

The Services are not directed to children under 18, and we do not knowingly collect or sell personal information from children.  However, if requested by your healthcare provider, minor patients, parents or guardians may elect to establish a portal account, and, in doing so, expressly consent to Navigating Care utilizing such information as set forth in this Privacy Policy and the Terms of Use.  If you learn that your child has provided us with personal information without your consent, you may contact us as set forth below.  If we learn that we have collected any personal information in violation of applicable law, we will promptly take steps to delete such information and terminate the child’s account.

Changes.

Navigating Care reserves the right to change or update this Privacy Policy at any time by revising this Privacy Policy and noting the date at the top. Changes to the Privacy Policy will take effect immediately unless otherwise noted. Your continued access of the Services constitutes your agreement to this Privacy Policy and any updates or revisions.

Contact.

If you would like to make changes to your personal health information, please contact your healthcare provider directly.  If you have any questions regarding this Privacy Policy or your dealings at this Sites, please contact Navigating Care at:

Attn: Privacy Officer

Re: Privacy Policy

1008 Western Avenue Suite 206

Seattle, Washington 98104

support@navigatingcare.com

Insurance/Employer Member Privacy Policy

What this Privacy Policy Covers.

This Privacy Policy covers the personal information collected from you when you are on the Sites and when you use the Services and Navigating Care’s treatment of such personal information. Also, this Privacy Policy covers Navigating Care’s treatment of personal information that Navigating Care’s business partners, insurance companies, employers and healthcare providers may share with Navigating Care. This Privacy Policy does not apply to the practices of companies that Navigating Care does not own or control, or to individuals that Navigating Care does not employ or manage.

Navigating Care receives information from your employer health plan or insurance health plan, or their third party administrator (collectively used herein as “health plan”) in order to provide our Services to you.  Information we receive enables us to communicate with your health plan, confirm your eligibility to receive our Services, provide our Services, and perform analysis and research on the Services that we provide.  Our use of your personal information is controlled by the Health Insurance Portability and Accountability Act of 1996 and its implementing regulations (“HIPAA”) as well as our contracts with your health plan.

HIPAA Notice of Privacy Practices.

To access your health plan’s HIPAA Notice of Privacy Practices please visit their website directly.

Personal Information Collected and How We Use It.

In order to provide users with a friendly, customized, and efficient experience, we collect personal information of several types and we collect personal information received from your health plan, and sometimes your health care provider, in order to provide Services to you including but not limited to care management, member engagement, educational materials, health tracker, and other services.  We collect personal information from your device or browser, and directly from you.  We may use personal information we collect in order to provide you with our Services, to address your questions, comments or requests, to develop and analyze our products and Services, to personalize your experience with our Services, comply with our legal and contractual obligations, and protect our rights, property, and safety (or the rights, property and safety of others).  We have collected the following categories of information within the last twelve months.

A) Information You Provide to Us:

We may receive and store information you enter on the Sites or otherwise provide to us through the Services, including information that we receive as a result of our back-office integration with your health plan or a clinical system.

  1. Registration. In order for you to use certain features of the Services, you may be required to complete a registration form which may ask for personal information.
  2. Health Records. We work with your health plan to provide you the Services.  Your health plan and healthcare providers may share personal information about you and your treatment with us, in order for us to provide you with the Services, and we share with your health plan and healthcare provider information that you input into the Sites (e.g., secure messaging).  We recognize the sensitivity of your personal information and we will protect any information provided by your health plan to us as required by HIPAA and other applicable federal and state laws.  As a user of Navigating Care, you can access and manage your health records and monitor and record your health information and disease symptoms and/or side effects. All of the health record pages on Navigating Care use Secure Sockets Layer (SSL) encryption to protect your personal information. Examples of the types of information stored in your Navigating Care health records may include (this is not an exclusive list):
    • General demographic personal information including, but not limited to, your name, address, date of birth, gender and contact information
    • Diagnosis
    • Treatments including surgeries, radiation treatments, chemotherapy, complementary or alternative medicines
    • Lab results and clinical notes
    • Prescription medications, dietary supplements, herbal remedies, or other medications
    • Contact information for your health plan or where applicable healthcare providers
    • Health Tracker information, including self-reported details about your general health and wellbeing, as well as self-reported disease symptoms and/or side effects of treatment
    • Medical appointment dates, times and physician information
    • Secure messaging with cancer support specialists.
  1. Your Communications with Us.  We collect personal information from you such as email address, date of birth, zip code, phone number, or mailing address when you request information about our Services, sign up for communications, request customer or technical support, apply for a job or otherwise communicate with us.
  2. Surveys.  We may contact you to participate in surveys.  If you decide to participate, you may be asked to provide certain information which may include personal information.

B) Automatic Information:

We may receive and store certain types of information whenever you interact with the Sites or Services. Navigating Care may automatically receive and record certain “traffic data” on our server logs from your browser including your Internet Protocol (IP) address, geo-location, search history, browsing history, the uniform resource locator (URL), the website you linked from, Navigating Care cookie information, and the page you requested.

In addition, we may automatically collect data regarding your use of our Services, such as the types of content you interact with and the frequency and duration of your activities.  We may combine your information with information that other people provide when they use our Services.  We may also use third party service providers to collect information regarding visitor behavior and visitor demographics on our Services.

C) E-mail and SMS Communications:

We may communicate with you via email and text messaging (SMS), for example for registration purposes, to provide educational materials, and to notify you when you receive a secure message, or when there are updates or information relevant to you within our Sites or Services.  We may also send out emails with news or promotions. If you do not want to receive e-mail or other mail from us, please notify us by e-mail at support@navigatingcancer.com and include sufficient information for us to identify your account.

D) Information from Other Sources:

In order for us to develop a more personalized service offering, we may receive information about you from other sources and add it to our account information.

Sharing and Use of Information.

We do not sell any personally identifiable information to anyone without your consent, and within the last twelve months we have shared your information consistent with the statements below. We will not share your personal information (described above) except in the following circumstances:

A) Consent:

Navigating Care may disclose personal information when you have provided consent to do so.

B) Consistent with HIPAA:

Navigating Care may use and disclose personal information if it is required to do so by law, when it is permitted to do so consistent with HIPAA, or if Navigating Care has a good faith belief that such action is necessary to conform to applicable laws or comply with any legal, regulatory or similar requirement or investigation, to protect or defend the rights or property of Navigating Care or another user or to enforce Navigating Care’s Terms of Use.

C) To Provide Our Services:

Navigating Care may use and disclose personal information in order to provide our Services to you and your health plan.

D) Business Transfers:

Navigating Care may transfer your personal information to any successor to all or substantially all of its business or assets that concern the Services.

E) Government Entities/Security:

We may share personal information in response to a court order, subpoena, search warrant, law or regulation. We may also use personal information to comply with our legal, regulatory, security and risk management obligations, including defending legal claims.  We may cooperate with law enforcement authorities in investigating and prosecuting activities that are illegal, violate our rules, or may be harmful to other visitors.  We may share personal information, to address fraud, security or other technical issues.  We may also share personal information to protect against harm to Navigating Care or other third parties.

F) Service Providers:

We may share your personal information with our third-party service providers.  The categories of service providers to whom we entrust personal information include IT and related services; information and services; IP tracking services; customer service providers; and vendors to support the provision of the Services.

G) International Data Transfers:

You agree that all information processed by us may be transferred, processed, and stored anywhere in the world, including but not limited to, the United States or other countries, which may have data protection laws that are different from the laws where you live.  We have taken appropriate safeguards to require that your personal information will remain protected and require our third-party service providers and partners to have appropriate safeguards as well.

H) Information You Share with Third Parties:

You should be aware that by providing third parties with your login information, name (User ID) and password, you may inadvertently enable unauthorized persons to review, modify or delete your health records. If you provide a third party with your user credentials, Navigating Care cannot monitor their use of the Site or Services.

Our Site may direct you to third party websites or information, including but not limited to education resources.  If you are re-directed to a third party website, please note that the website is governed by the third party privacy policy and terms and conditions, which may not be protected by HIPAA and may use tracking technologies.  Usage and viewing of these sites are optional.  We suggest you review all third party privacy and security policies before proceeding.

Aggregation of De-identified Information and Statistics.

Navigating Care may de-identify your personal information, including your healthcare information.  Navigating Care and its partners may use and disclose de-identified and or aggregated information gathered from your records and your usage of the Sites and related statistics.   If we are de-identifying personal healthcare information then, such de-identification will be in compliance with HIPAA requirements and such de-identified information will not include personally identifiable information relating to users such as name, email address, or address, but may include categories such as gender, height, weight, postal code, and medical information (e.g., diagnosis and stage of illness). We will not attempt to re-identify the de-identified information, except we may attempt to re-identify the information solely for the purpose of determining whether our de-identification processes satisfy legal requirements.  Aggregated information is information from multiple users that cannot be “re-identified,” or associated with any individual user or account.  This de-identified data may also include data extracted on an anonymous basis from the health care information we receive from your health plan or care providers once you have agreed to the use of our Services.  We will require any of our partners that receive de-identified data from us to agree to not re-identify the data.

Security.

Your Navigating Care account information is protected by a password for your privacy and security. You are responsible to protect against unauthorized access to your account and to your computer by logging off once you have finished using a shared computer, and to your mobile phone by enabling your device’s security features.

We aim to not collect Social Security Numbers (“SSNs”).  To the extent that we do, it is our policy to protect the confidentiality of the SSNs that we receive or collect in the course of business. We secure the confidentiality of SSNs through various means, including physical, technical, and administrative safeguards that are designed to protect against unauthorized access. It is our policy to limit access to SSNs to that which is lawful, and to prohibit unlawful disclosure of SSNs.

“Do Not Track.”  Do Not Track (“DNT”) is a preference you can set in your web browser to let the websites you visit know that you do not want them collecting data about you. At this time, this Site does not respond to DNT or similar signals.

Third Party Sites.

The Services may contain links to other websites, and other websites may reference or link to our website or other Services.  These other websites are not controlled by us.  We encourage our users to read the privacy policies of each website and application with which they interact.  We do not endorse, screen or approve and are not responsible for the privacy practices or content of such other websites or applications.  Visiting these other websites or applications is at your own risk.

Cookies.

Cookies are alphanumeric identifiers that we may transfer to your computer’s hard drive through your Web browser to enable our systems to recognize your browser and tell us how and when pages in our Sites are visited and by how many people. Navigating Care cookies do not collect personal information, and we do not combine information collected through cookies with other personal information to tell us who you are or what your email address is.

Your internet browser may direct you on how to prevent your browser from accepting new cookies, how to command the browser to tell you when you receive a new cookie, or how to fully disable cookies. We strongly recommend that you leave the cookies activated, because cookies enable you to take advantage of some of the Services’ most attractive features.

Minors.

The Services are not directed to children under 18, and we do not knowingly collect or sell personal information from children.  However, if requested by your health plan, minors, parents or guardians may elect to establish an account, and, in doing so, expressly consent to Navigating Care utilizing such information as set forth in this Privacy Policy and the Terms of Use.  If you learn that your child has provided us with personal information without your consent, you may contact us as set forth below.  If we learn that we have collected any personal information in violation of applicable law, we will promptly take steps to delete such information and terminate the child’s account.

Changes.

Navigating Care reserves the right to change or update this Privacy Policy at any time by revising this Privacy Policy and noting the date at the top. Changes to the Privacy Policy will take effect immediately unless otherwise noted. Your continued access of the Services constitutes your agreement to this Privacy Policy and any updates or revisions.

Spouse And Dependent Authorization.

Before you enroll in any of the available health and wellness programs, we would like to provide you with some information about the health information we may ask for from you, how and why we use it, and how we protect it.  You are not required to participate in any of these health and wellness programs.  Participation is completely voluntary.   However, if you choose to participate, you may receive incentives and/or information on services to help you manage your health.  If you choose not to participate, you may not receive program incentives, if any, offered by your health plan for participation in such health and wellness programs.

What information do we obtain?

  • Our health risk assessment (HRA) asks questions about your health status and conditions, health-related activities and behaviors.
  • Our condition management programs, including, but not limited to, cancer care management programs ask questions about your health status and conditions, health-related activities and behaviors.

How do we use your information?

  • Information provided to us as part of an HRA, may be used to identify services that may be relevant to you, including those health or wellness coaching services or condition management services noted above.
  • Information provided to us as part of the condition management programs may be used to help us provide you with feedback and educational information about your lifestyle and condition, to help you in your journey to better manage your health.

How do we share and protect your information?

  • The health information you give us as part of a health and wellness program is generally not shared with your spouse’s/parent’s employer, although we may share certain information (e.g., the amount of incentives earned), as necessary where their employer or their designated third party vendor is administering incentive awards. We will share information with our wellness coaches, nurses, and doctors, whom are involved in administering your wellness and condition management programs and health plan. We only share information with our vendors and subcontractors in accordance with applicable laws, including HIPAA, as necessary to administer your wellness and condition management programs or health plan, and anyone who receives information from us for purposes of providing you services is required to abide by the same confidentiality requirements.
  • We take reasonable precautions to protect data and to avoid data breaches, including maintaining physical, technical, and administrative safeguards. Such safeguards may include, for example, firewalls, encryption, identity management, and intrusion prevention/detection to prevent improper access, use, and disclosure of your data in our networks. In the event of a data breach involving information you provide in connection with the health or wellness program, we will notify you within the time periods required by applicable laws, including HIPAA.

Contact.

If you would like to make changes to your personal health information, please contact your health plan directly.  If you have any questions regarding this Privacy Policy or your dealings at this Sites, please contact Navigating Care at:

Attn: Privacy Officer

Re: Privacy Policy

1008 Western Avenue Suite 206

Seattle, Washington 98104

support@navigatingcare.com

State Specific Privacy Notice.

This State Specific Privacy Notice applies to residents of the following states:  California, Colorado, Connecticut, Utah, or Virginia.  This State Specific Privacy Notice is in addition to our Privacy Policy and applies depending on the types of Navigating Care Services you use and the state in which you live.  You have the right to know what kinds of personal information Navigating Cancer collects, how we obtain and use that information, and our business purposes for that collection.

In the last twelve (12) months, we may have collected the following categories of personal information and have used, disclosed or shared it for the business purposes described in the below table.

Category of Personal Information Examples
Personal demographic information A real name, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, or other similar identifiers.
Personal information categories A name, signature, Social Security number, physical characteristics or description, address, telephone number, insurance policy number, employer, medical information, or health insurance information.
Protected classification characteristics Age, race, color, ancestry, national origin, citizenship, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), veteran or military status, genetic information (including familial genetic information).
Sensitive personal data categories/Medical information Government -issued identification number, account login credentials, precise geolocation information, genetic data, racial or ethnic origin, biometrics data, health data, mental or physical health condition or diagnosis, data concerning sex life or sexual orientation.
Internet and/or network activity Browsing history, search history, information on a user’s interaction with a website, application, or advertisement.
Geolocation data Physical location.
Inferences drawn from other personal information Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.

We collect and share this information for business purposes with the following categories of organizations: service providers, health plans, employers (if permissible under the law, including HIPAA), clinics/health care providers, vendors/sub-contractors, insurance carriers, and other third parties at your request.  We do not share any personal information for advertising purposes, and we do not sell your personal information.  We will retain this personal information consistent with our internal policies and procedures and our need to maintain this data to provide Services or as required by law.  Collection from data sources may occur online, in person, via paper or other electronic means, and may occur automatically where state law permits such profiling absent an explicit request to opt-out.

Users have the right to (a) know what personal information we collect and retain about you in the last 12 months, (b) request correction of inaccurate personal information that we may have retained, (c) request access or a copy your personal information, and (d) request deletion of your personal information (subject to any conflicting requirements under HIPAA).

You may submit requests by contacting support@navigatingcancer.com.  We may request identity verification before processing your requests (e.g., ensuring that your information matches the identifying information that we have within our system) and we will not process your request without sufficient information to reasonably verify your identity, or the identity of your authorized agent and their authority to submit this request.

If you have made a request to know, correct, receive, or delete your personal information and believe your request was denied, you can exercise your right to appeal the results of your request by contacting our privacy support team via support@navigatingcancer.com. If your appeal is unsuccessful and depending upon the state where you live, you may have the right to raise a concern or lodge a complaint with your state attorney general.

We only process your sensitive personal data in order to provide Services or products to you.  For residents living in Colorado or Virginia, your acceptance of this Privacy Policy constitutes your opt-in consent to our processing of your sensitive personal data.

Personal Information does not include:

  • De-identified or aggregated member/patient information
  • Publicly available information from government records
  • Health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data
  • Personal Information covered by other privacy laws, including: The Fair Credit Reporting Act (FCRA), the Gramm-Leach-Bliley Act (GLBA), the California Financial Information Privacy Act (FIPA), and the Driver’s Privacy Protection Act of 1994 (to the extent the information is excluded from the state laws).

We collect your personal information for one or more of the following business purposes:

  • To communicate with you, including responding to an email or particular request from you
  • To personalize Services for you, including providing you with information that we believe will be beneficial for you.
  • To process an application as requested by you, your healthcare provider, or health plan
  • To administer surveys and assessments
  • To perform analytics and to improve our products and Services
  • To comply with applicable laws, regulations, and legal processes
  • To protect your health, safety, or welfare (or that of a third party)
  • To protect our rights, the rights of related third parties, or take appropriate legal action
  • To keep a record of our transactions and communications
  • To detect and protect against security incidents
  • To enhance our software, including identifying and repairing errors.
  • As otherwise necessary or useful for us to conduct our business, so long as such use is permitted by law

Special Notice for California Residents:

California residents may be entitled to the following privacy rights under California law:

A) The right to know about personal information collected, disclosed or sold.  You have the right to request that we disclose what personal information we collect, use, disclose and sell.  Please note that we describe these practices above in our Privacy Policy.

B) The right to request deletion of personal information.  You, or your authorized agent, have the right to request that we delete the Personal Information that we have collected about you.  Subject to HIPAA, other laws, and our legal obligations (including contractual obligations) we may deny your request.  There may be exceptions under California law that may allow Navigating Care to maintain and use your personal information notwithstanding your request for deletion.  We will inform you of our reasons for denying your request.

C) The right to opt-out of the sale of personal information.  Under California law, you have the right to opt-out of the sale of personal information; however, Navigating Care does not sell your personal information.

D) The right to non-discrimination for the exercise of a consumer’s privacy rights.  You have the right to not receive discriminatory treatment by Navigating Care for the exercise of your privacy rights conferred by California law.  Please note that if you exercise certain rights you may not be able to use or access all of Navigating Care’s Services.

E) The California “Shine the Light” law permits users who are California residents to request and obtain from us once a year, free of charge, a list of the third parties to whom we have disclosed your personal information (if any) for their direct marketing purposes in the prior calendar year, as well as the type of personal information disclosed to those parties.