Skip Navigation

California Privacy Policy

Last Updated: December 23, 2021

Knight Health Holdings, LLC, and/or its affiliates and related companies (“ScionHealth”, “us” or “we”) takes your privacy seriously. We want you to know how we collect, use, share, and protect your personal data.

Assistance For The Disabled

Alternative formats of this Privacy Statement are available to individuals with a disability. Please contact Compliance@kindred.com for assistance.

This Privacy Policy explains:

  1. How we collect the personal information of California consumers
  2. How we share the personal information of California consumers
  3. California privacy rights

Scope:

This California Privacy Policy (“Policy”) only applies to the personal information of residents of the U.S. state of California in their capacity as consumers (“California consumers”). “Consumer” does not include ScionHealth’s employees, job applicants, owners, directors, officers, medical staff members, or contract workers (collectively, “HR individuals”), or the emergency contacts of HR individuals or the dependents or spouses who receive ScionHealth benefits by virtue of their relationship to an HR individual in their capacities as HR individuals or emergency contacts, dependents, or spouses. “Consumer” also does not include employees or other agents of a business engaged in a transaction with ScionHealth in their capacities as employees or agents of that business.

For purposes of this Policy, “personal information” means information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household. “Personal information” does not include protected health information, as defined by HIPAA.

This Policy applies to all personal information of California consumers collected, disclosed for business purposes, or sold by ScionHealth, regardless of whether the personal information is collected, disclosed or sold through ScionHealth’s website.

1. How We Collect The Personal Information Of California consumers

Categories Of Personal Information Collected In The Last 12 Months

Sources Of That Personal Information

Business Purposes And Commercial Purposes For Collecting That Personal Information

Identifiers, including: real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, social security number, phone number, cell phone number, social media account information, credit card information, and account name.The California consumer himself or herself. In limited situations, ScionHealth may collect this information about a California consumer from a relative, power of attorney, attorney-in fact, or other authorized representative acting in the interests of or on behalf of a California consumer. Automated technologies in our website, including: cookies, web beacons and log files when a consumer visits our website(s). Additionally we also employ Google Analytics and Facebook Pixels to collect certain demographics and online behaviors.
  • Auditing related to a current interaction with the consumer and concurrent transactions, including, but not limited to, counting impressions to unique visitors, verifying  positioning and quality of impressions, and auditing compliance with the law.
  • Detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible for that activity.
  • Debugging to identify and repair errors that impair existing intended functionality.
  • Short-term, transient use.
  • Performing services, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing advertising or marketing services, and providing analytic services.
  • Undertaking internal research for technological development and demonstration.
  • Undertaking activities to verify or maintain the quality or safety of a service or device that is owned, manufactured, manufactured for, or controlled by ScionHealth, and to improve, upgrade, or enhance the service or device that is owned, manufactured, manufactured for, or controlled by ScionHealth.
  • Product and service training, for example, by providing training and information on using, servicing, selling, and displaying ScionHealth’s products and services.
  • Communications about promotions, for example, by communicating about special events, sweepstakes, promotions and surveys.
  • Facilitating communications, for example, by collecting and organizing contact information, establishing means of communications, and communicating with current and prospective customers, including regarding questions and feedback.
  • Evaluating a consumer for potential admission into a healthcare facility or responding to a consumer’s request for information relating to potential admission into a healthcare facility for him/herself or someone for whom the consumer is seeking information.
  • Responding to consumer comments or concerns posted on social media platforms, ScionHealth’s website or other outlets relating to ScionHealth or a ScionHealth-operated facility.
  • Enhance and personalize the site, to communicate with consumers via email and to understand a consumer’s preferences and patterns.
  • To conduct market research and analysis.
  • To contact you with service messages about our services or those of our affiliates.
Categories described in Cal. Civ. Code § 1798.80(e) (except those already listed in “Identifiers” above), including: medical information, insurance policy information, and health insurance information. The sources listed for “Identifiers,” except for:
  • Automated technologies in our website.
The purposes listed for “Identifiers,” except for:
  • Debugging to identify and repair errors that impair existing intended functionality.
  • Undertaking activities to verify or maintain the quality or safety of a service or device that is owned, manufactured, manufactured for, or controlled by ScionHealth, and to improve, upgrade, or enhance the service or device that is owned, manufactured, manufactured for, or controlled by ScionHealth.
  • Product and service training, for example, by providing training and information on using, servicing, selling, and displaying ScionHealth’s products and services.
  • Communications about promotions, for example, by communicating about special events, sweepstakes, promotions and surveys.
  • Responding to consumer comments or concerns posted on social media platforms, ScionHealth’s website or other outlets relating to ScionHealth or a ScionHealth-operated facility.
  • Enhance and personalize the site, to communicate with consumers via email and to understand a consumer’s preferences and patterns.
  • To conduct market research and analysis.
  • To contact you with service messages about our services or those of our affiliates.
  • [insert purposes in “Identifiers” that are not used, and revise the above-listed purposes as necessary]
Characteristics of protected classifications under California or federal law, including: race, religious creed, color, national origin, ancestry, physical or mental disability, medical condition, genetic information, marital status, sex, gender identity, age, sexual orientation, and military and veteran status.The sources listed for “Identifiers,” except for: Automated technologies in our website.
  • Auditing related to a current interaction with the consumer and concurrent transactions, including, but not limited to, counting impressions to unique visitors, verifying positioning and quality of impressions, and auditing compliance with the law.
  • Detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible for that activity.
  • Debugging to identify and repair errors that impair existing intended functionality.
  • Short-term, transient use.
  • Performing services, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing advertising or marketing services, and providing analytic services.
  • Undertaking internal research for technological development and demonstration.
  • Undertaking activities to verify or maintain the quality or safety of a service or device that is owned, manufactured, manufactured for, or controlled by ScionHealth, and to improve, upgrade, or enhance the service or device that is owned, manufactured, manufactured for, or controlled by ScionHealth.
  • Facilitating communications, for example, by collecting and organizing contact information, establishing means of communications, and communicating with current and prospective customers, including regarding questions and feedback.
  • Enhance and personalize the site, to communicate with consumers via email and to understand a consumer’s preferences and patterns.
Internet or other electronic network activity information, including: browsing history, search history, and information regarding interaction with an internet website, application or advertisement, browser information, cookies, web beacons, log files, and other online behaviors.The sources listed for “Identifiers.”The purposes listed for “Identifiers,” except for:
  • Evaluating a consumer for potential admission into a healthcare facility or responding to a consumer’s request for information relating to potential admission into a healthcare facility for him/herself or someone for whom the consumer is seeking information.

 

Professional or employment-related information, including: employment status, employment location, name of employer, whether the employer provides health insurance.The sources listed for “Identifiers,” except for: Automated technologies in our website.The purposes listed for “Identifiers.”
Profile information, including: attitudes collected from open-ended comments left by users on ScionHealth website; purchasing patterns.The sources listed for “Identifiers.”The purposes listed for “Identifiers,” except for:
  • Detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible for that activity.
  • Debugging to identify and repair errors that impair existing intended functionality.
  • Evaluating a consumer for potential admission into a healthcare facility or responding to a consumer’s request for information relating to potential admission into a healthcare facility for him/herself or someone for whom the consumer is seeking information.
Commercial information, including: products and services purchased; product registration data; purchase, service, and installation dates.The sources listed for “Identifiers.”The purposes listed for “Identifiers.”

2. How We Share The Personal Information Of California consumers

Categories Of Personal Information Collected In The Last 12 Months Categories Of Third Parties With Which ScionHealth Shared That Personal Information

Identifiers

Categories described in Cal. Civ. Code § 1798.80(e)

Characteristics of protected classifications under California or federal law

Professional or employment- related information

ScionHealth discloses personal information to government agencies, law enforcement, and other parties as required by law and as necessary to protect the rights, property, or safety of ScionHealth, its subsidiaries or affiliates, employees, customers, and users. ScionHealth may also disclose personal information to other healthcare entities, insurance companies, or other payor sources in order to verify insurance benefits or process payment for medical services. ScionHealth may also share personal information of prospective patients for the purposes of locating appropriate healthcare services for a consumer.

Internet or other electronic network activity information

Profile information test

ScionHealth discloses personal information to government agencies, law enforcement, and other parties as required by law and as necessary to protect the rights, property, or safety of ScionHealth, its subsidiaries or affiliates, employees, customers, and users.
Commercial informationScionHealth discloses personal information to government agencies, law enforcement, and other parties as required by law and as necessary to protect the rights, property, or safety of ScionHealth, its subsidiaries or affiliates, employees, customers, and users. ScionHealth may also share personal information of prospective patients for the purposes of locating appropriate healthcare services for a consumer.

Purposes of Disclosure: ScionHealth discloses all categories of personal information listed above for business purposes or for commercial purposes.

Sale of Personal Information: In the last 12 months, ScionHealth has NOT sold California consumers’ personal information, and it will not sell California consumers’ personal information. ScionHealth does not sell the personal information of minors under 16 years of age.

3. Your California Privacy Rights and How To Exercise Them

a. Your California Privacy Rights

  • Right to Know: California consumers have the right to submit a verifiable request to know what personal information ScionHealth collects, uses, discloses, and sells.
  • Right To Delete: California consumers have the right to submit a verifiable request for deletion of their personal information that ScionHealth has collected or maintains.
  • Right to Opt Out of Sale: California consumers have the right to opt out of the sale of their personal information. California consumers under the age of 16 must opt in to the sale of their personal information, or their parent or guardian must opt in on their behalf. As noted above, ScionHealth did not sell California consumers’ personal information during the past 12 months.

b. How to Exercise Your Rights

ScionHealth will respond to requests in accordance with applicable law if it can verify the identity of the individual submitting the request. California consumers can exercise their rights to know and to delete in the following ways:

  • Complete the online request form available here.
  • Contact 1-800-359-7412

c. How We Will Verify Your Request:

The processes that we follow to verify your identity when you make a request to know or a request to delete are described below. The relevant process depends on how and why the request is submitted.

i. Requests Through Your Password-Protected Account:

If you created a password-protected account with us before the date of your request, we will rely on the fact that your request has been submitted through your account as verification of your identity. We will require that you re- authenticate yourself before we disclose your personal information in response to a request to know and before we delete your personal information in response to a request to delete.

You are responsible for protecting the security of your log-in credentials for your account. Please do not share your log- in credentials with anyone. If we suspect fraudulent or malicious activity on or from your account, we will not respond to a request to know or a request to delete until we have been able to confirm, through further verification procedures, that you made the request.

ii. Requests Other Than Through A Password-Protected Account:

If you submit a request by any means other than through a password-protected account that you created before the date of your request, the verification process that we follow will depend on the nature of your request as described below:

  1. Requests To Know Categories Of Personal Information: We will match at least two data points that you provide with your request to know, or in response to our request for verification information, against information about you we already have in our records and that we have determined to be reliable for purposes of verifying your identity. Examples of relevant data points include your mobile phone number, your zip code, or information about products or services that you have purchased from us.
  2. Requests To Know Specific Pieces Of Personal Information: We will match at least three data points that you provide with your request to know, or in response to our request for verification information, against information that we already have about you in our records and that we have determined to be reliable for purposes of verifying your identity. In addition, we will require you to sign a declaration under penalty of perjury that you are the California consumer whose personal information is the subject of the request.
  3. Requests To Delete Personal Information: Our process for verifying your identity will depend on the sensitivity (as determined by ScionHealth) of the personal information that you ask us to delete. For less sensitive personal information, we will require a match of two data points as described in Point No. 1, above. For more sensitive personal information, we will require a match of three data points and a signed declaration as described in Point No. 2, above.

We have implemented the following additional procedures when verifying the identity of requestors:

  1. If we cannot verify your identity based on the processes described above, we may ask you for additional verification information. If we do so, we will permanently delete the verification information that you provide promptly after we have completed the verification process. We will not use that information for any purpose other than verification.
  2. If we cannot verify your identity to a sufficient level of certainty to respond to your request, we will let you know promptly and explain why we cannot verify your identity.

d.  Authorized Agents

You may designate an authorized agent to exercise your right to know or your right to delete by submitting to us a completed “Authorized Agent Designation” form. You can obtain the designation form by contacting us at compliance@kindred.com.

If an authorized agent submits a request to know or a request to delete on your behalf, the authorized agent must submit with the request either (a) a power of attorney that is valid under California law, or (b) a document signed by you that authorizes the authorized agent to submit the request on your behalf. In addition, we may ask you to follow the applicable process described above for verifying your identity.

e.  ScionHealth’s Non-Discrimination Policy

California consumers have the right not to be subject to discriminatory treatment by ScionHealth for exercising their privacy rights under the California Consumer Privacy Act, and ScionHealth will not discriminate on that basis. However, ScionHealth may charge a California consumer a different price or rate or provide a different level or quality of goods or services if the difference is reasonably related to the value provided to the California consumer by the consumer’s personal information. If ScionHealth does so, it will provide consumers with any legally required notice.

For More Information

For questions or concerns about ScionHealth’s privacy policies and practices, please contact us at Compliance@kindred.com.