This Notice applies to the Onlife public websites, member portal and mobile applications only. It does not apply when Onlife is acting as a third party partner and providing services on behalf of our client’s health and wellness platforms (a “Client Platform”). If you are a user of a Client Platform, please refer to the Client Platform’s Notice of Privacy Practices for information about that Client Platform’s use and disclosure of personally identifiable information.
An Individual is any person visiting the public sections of our websites.
An Eligible Individual is an Individual who is eligible to participate in ONLIFE’s products or services.
A Registered User (User) is any Eligible Individual that has registered and is authorized to enter the authenticated, secure sections of the ONLIFE member portal and mobile applications.
An Employer is the organization that offers the ONLIFE services as part of its benefits to the Eligible Individual.
An Insurer is the organization that the ONLIFE Eligible Individual’s Employer contracts with to provide health benefits to certain Eligible Individuals of the Employer’s employee group health benefit plan.
Eligible Individuals must register to access the secure areas of ONLIFE. ONLIFE employs physical, administrative, and technical safeguards that reasonably protect Protected Health Information (PHI), as that term is defined by the Health Insurance Portability & Accountability Act of 1996 (HIPAA 45 C.F.R. § 160 &164), contained on our site from inappropriate access. Before an Eligible Individual can access web-based services, the Eligible Individuals must first register to obtain site access.
Do not send e-mail containing personal information to ONLIFE. ONLIFE cannot secure personal information sent by e-mail because such information can be accessed by other Internet users. If you send ONLIFE a question by e-mail, ONLIFE’s use or disclosure of that information will be limited to the minimum necessary for responding to your question.
Information Collected During Registration
Eligible Individuals can access our web site to utilize the products and services offered by ONLIFE. Before gaining access to these services ONLIFE may ask for personal information (such as date of birth, identification number, social security number, name, address with zip code, telephone number and e-mail address) to verify appropriate usage. ONLIFE, its employees or affiliates will not have access to the password that you create. If you receive a notification by mail and did not register to access the services available on our web site, please contact ONLIFE immediately at support@OnlifeHealth.com.
Statistical Data on Website Usage: ONLIFE continually strives to enhance the features and services we offer. In an effort to determine the effectiveness and functionality of our web site, we monitor aggregated data regarding the use of our web site. For instance, we may track the number of visits to a certain page; direct links from other web sites; and frequency of usage for independent services. Although we reserve the right to share this information as indicated above, this statistical data does not contain any personal information that could disclose the user’s identity.
Genetic Information: ONLIFE does not collect or aggregate genetic information (including family medical history) or create genetic profiles.
Disclosure of Nonpublic Personal Information, including PHI
We restrict access to nonpublic personal information, including PHI. Personal information and PHI may be shared with other entities (i.e. vendors) that assist ONLIFE in providing services to Eligible Individuals. Information is also provided to nonaffiliated third parties as required or allowed by federal and state law. ONLIFE maintains physical, technical, and administrative safeguards that comply with federal regulations to reasonably protect nonpublic personal information.
Disclosures to Eligible Individuals: ONLIFE discloses nonpublic personal information, including PHI, to Eligible Individuals through the ONLIFE Portal. This information is disclosed directly to the Eligible Individuals or their designated representative. Information on Eligible Individual’s HIPAA member rights are available to authenticated Eligible Individuals at https://member.onlifehealth.com/MembersRights. To ensure that PHI is disclosed to the appropriate Eligible Individuals, ONLIFE has implemented the following safeguards:
An Eligible Individual based registration process requires each Eligible Individual to create a unique user name and password.
ONLIFE must receive a written request before access will be granted to another individual, including spouses and dependents over 18 years of age (exception for access to minor dependent information).
Disclosure to Employers: ONLIFE cannot disclose any member information, including PHI and PII contained in the Health Assessment, or in any of the coaching interactions that are documented within the Onlife Health Coaching platform, directly to the Employer without the Eligible Individual’s express permission. Only aggregate data, based on the entire employee population, can be passed back to the employer.
An example of aggregate data would be the percentage of smokers vs non-smokers, or the percentage of employees that are eligible for an exercise incentive.
Disclosure to Health Benefit Plans: If your wellness benefits are provided through a health insurance plan, Onlife shares your nonpublic personal information, including PHI, to the health Insurance plan as necessary for the health insurance plan to administer its health plan. Onlife limits the information to the amount of information reasonably necessary for the health plan to perform its function for the health plan. In addition, the health plan and Onlife have executed a Business Associate Agreement under the Health Insurance Portability and Accountability Act of 1996 that governs the sharing of PHI among the parties.
Disclosure to Other Users for Team Challenges: If you elect to participate in a Team Challenge, some of your personal information such as your name, email address, and progress in the challenge will be shared with other members enrolled in the challenge. Information regarding your progress in the challenge could contain Protected Health Information depending on the nature of the challenge. ONLIFE will only disclose your progress information to other challenge participants. Your team’s total progress may be shared with other teams for the purposes of the Challenge. ONLIFE may also share your name and email address with members of your prior teams for the purposes of inviting you into new Team Challenges.
Disclosure to Third Parties for TPO: ONLIFE may release PHI to third parties for treatment, payment and healthcare operations (TPO) as allowable under the Health Information Portability and Accountability Act (HIPAA).
Disclosure of Aggregate Information: ONLIFE may disclose aggregate information to third parties. This may contain health information; however, it is not associated to a specific individual. For example, we might inform third parties regarding the number of users of our web site and the activities they conduct while on our site. Depending on the circumstances, ONLIFE may or may not charge third parties for this aggregate information. ONLIFE requires parties with whom aggregate information is shared to agree that they will not attempt to make this information personally identifiable, such as by combining it with other databases.
Retention of Information Collected
The nonpublic personal information collected and maintained from this web site will be retained for seven (7) years from the date of its creation, for the amount of time required by applicable law, for the amount of time required by an contract regarding the information, or the date when it was last in effect, whichever is later.
If you are a California Resident, but not a member of an Insurer that has a contract with ONLIFE, you may have additional rights under California law. ONLIFE’s California Consumer Privacy Act Privacy Notice can be found here. If you are not sure if your Insurer has a contract with Onlife, please contact us using the contact information below.
A “cookie” is a mechanism that permits a web server to send small pieces of information or text through your browser to be stored on your hard drive. This information or text allows the server to identify frequent visitors of individual web sites. ONLIFE may place a cookie on your computer that will allow us to identify users so that we may enhance their experience on our web site. Our cookies are not used to track your activity on any site other than ONLIFE’S websites nor will they be utilized to send unsolicited e-mail or provide us with the your personally identifiable information.
Direct Access to Other Sites
ONLIFE has in place reasonable administrative, physical, and technical controls to safeguard and secure the information we collect online. Information provided to the site is protected against unauthorized use by Secure Socket Layer (SSL) security features.
ONLIFE uses reasonable measures to protect Eligible Individuals’ information that is stored within our database. We urge you to keep your username, password and other account access information in a safe place and not to divulge it to anyone. You are responsible for any unauthorized use of the site resulting from your failure to secure your username, password, and other account access information. You should also remember to sign off your account and close your browser window when you have finished your visit. Despite our efforts to protect your nonpublic personal information, including PHI, there is always some risk that an unauthorized third party may illegally gain access to systems or that transmissions of your information over the Internet may be intercepted. If you believe someone has accessed your information without authorization, please contact ONLIFE immediately at support@OnlifeHealth.com.
Opt Out of Registration/Correcting/Updating Personal Information
If the Personally Identifiable Information (PII) of an Eligible Individual of our services changes ONLIFE will endeavor to provide a way to correct or update that Eligible User’s personal data from our registration files. To correct or update personal information, contact Onlife at support@OnlifeHealth.com or call Onlife Participant Services at 877-709-0201
Opt Out of Registration
If an Eligible Individual chooses to opt-out of registration or no longer wants to use the services offered by ONLIFE, they may opt-out of their program by contacting Participant Services at 877-709-0201.