PRIVACY POLICY
Effective as of January 1, 2020
Last updated: September 2020
Introduction
Apria Healthcare LLC and its affiliates (“Apria,” “we,” “our,” or “us”) respects the privacy of your information. This Privacy Policy is designed to assist you in understanding how we collect, use and safeguard the information you provide to us in using our website apria.com and the websites that link to this Privacy Policy (collectively, the “Site”) and the services provided through our Site (the “Services”).
We will use and share any personal health information governed by HIPAA and HITECH (each defined herein) that we collect from or about you in accordance with our HIPAA Notice of Privacy Practices, which offers you certain choices with respect to the use and sharing of that personal information.
From time to time, we may change this Privacy Policy. If we do, we will post an amended version on this webpage. Please review this Privacy Policy periodically.
Collecting and Using Information
Personally Identifiable Information We Collect Online
We may collect Personally Identifiable Information from you through your use of the Site and Services. “Personally Identifiable Information” is individually identifiable information about an individual consumer that we collect online and that we maintain in an accessible form. We collect the following types of Personally Identifiable Information:
Information You Provide
We may collect the following Personally Identifiable Information that you voluntarily provide to us:
- Customer Account. If you create an account for any of our Services, you will provide us with your phone number, email address, and password. When you log-in to your account, you will provide us with your email address and password.
- Check a Delivery Time. When you use our Site to obtain your estimated time of delivery, you will provide us with the patient’s name, date of birth, customer ID, and delivery address.
- Continuous Sleep Resupply Program. When you enroll in this program on our Site, you will provide us with your name, email address, physical address, and any other Personally Identifiable Information that you may voluntarily provide.
- Preventative Maintenance Check for Your Oxygen Concentrator. When you schedule a Preventative Maintenance Check for Your Oxygen Concentrator on our Site, you will provide us with your name, email address, physical address, and phone number along with the patient’s name, ID, and any other Personally Identifiable Information that you may voluntarily provide.
- Schedule an Oxygen Tank Delivery. When you schedule an Oxygen Tank Delivery on our Site, you will provide us with your name, email address, physical address, and phone number along with the patient’s name, ID, and any other Personally Identifiable Information that you may voluntarily provide.
- Schedule an Equipment Return. When you schedule an Equipment Return on our Site, you will provide us with your name, email address, physical address, and phone number along with the patient’s name, ID, and any other Personally Identifiable Information that you may voluntarily provide.
- ApriaLink Registration. If you are a healthcare provider or an employee of a healthcare provider and you submit a Physician/Prescriber Registration Form, you will provide us with your name, email address, company name, physical address, and National Provider Identifier (NPI) number. When you submit a Non-Physician/Prescriber Registration Form, you will provide us with your name, email address, company name, and physical address.
- Careers. When you apply for a job, you will create a profile and provide us with your name, email address, telephone number, physical address, and other identifiers such as licenses and certifications and any other Personally Identifiable Information that you may voluntarily provide.
- Billing Inquiry. When you submit a question about billing on our Site, you will provide us with your name, email address, phone number, patient account number, and any other Personally Identifiable Information that you may voluntarily provide.
- Dispute Resolution. When you submit an Opt-out Arbitration Form on our Site, you will provide us with your name and email address along with the patient’s name, ID, physical address, and any other Personally Identifiable Information that you may voluntarily provide.
- Patient Satisfaction. When you submit a Patient Satisfaction form on our Site, you may provide us with name, email address, physical address, phone number, patient name, and any other Personally Identifiable Information that you may voluntarily provide.
- Apria Pharmacy. When you submit an inquiry to Apria Pharmacy on our Site, you will provide us with your relationship to the patient, email address, physical address, phone number, the patient’s name and ID, and any other Personally Identifiable Information that you may voluntarily provide.
- Chat with Us. When you interact with our Live Chat, you may provide us with Personal Information, such as your name, email address, and phone number.
- Additional Information. When you submit information on the Site, send an email from the Site, place an order, enter a contest or sweepstakes, respond to a survey or communication, submit an inquiry such as email, or participate in another Site function or feature, you may provide us with other Personally Identifiable Information.
Information as You Navigate Our Site
We automatically collect certain Personally Identifiable Information through your use of the Site and Services, such as the following:
- Usage Information. We collect information automatically through your use of the Site and Services, such as which of the pages on the Site you access, the frequency of access, and what you click on while on the Site.
- Device Information. We collect information about the device you are using, such as hardware model, operating system, application version number, and browser.
- Mobile Device Information. In addition to the Device Information listed above, when you access our Site via a browser on your mobile device, we collect and aggregate information about whether you are accessing the Site via a mobile device or tablet, device type, and carrier.
- Location Information. We collect location information from Site visitors on a city-regional basis.
Third-Party Information
In some cases, we may receive certain Personally Identifiable Information from you about a third party. For example, when you email a job on our Careers page to a friend, you may provide the name and email address of a third party. If you submit any Personally Identifiable Information about another individual to us, you are responsible for making sure that you have the authority to do so and to allow us to use their Personally Identifiable Information in accordance with this Privacy Policy.
How We Use Your Personally Identifiable Information
We use the Personally Identifiable Information we collect to provide the Services to you, to maintain and improve our Services and Site, and to protect our legal rights and the rights of others. In addition, we may use the Personally Identifiable Information we collect to:
- Personalize your Site experience and to allow us to deliver the type of content and product offerings in which you may be most interested;
- Process your transactions and communicate with you regarding your order;
- Confirm your order;
- Deliver the products and Services that you purchase or rent on our Site;
- Prevent fraud and bill you for your purchases;
- Contact you regarding our products and services that we feel may be of interest to you;
- Administer a contest, promotion, survey, or other Site feature;
- Communicate with you about our Site or Services or to inform you of any changes to our Site or Services;
- Provide support; and
- Comply with applicable law.
How We Share Your Personally Identifiable Information
We may share the information that we collect about you in the following ways:
- With service providers who perform data or Site-related services on our behalf (e.g., email, hosting, maintenance, backup, analysis, etc.);
- To the extent that we are required to do so by law;
- In connection with any legal proceedings or prospective legal proceedings;
- To establish, exercise, or defend our legal rights, including providing information to others for the purposes of fraud prevention;
- With any person who we reasonably believe may apply to a court or other competent authority for disclosure of that Personally Identifiable Information where, in our reasonable opinion, such court or authority would be reasonably likely to order disclosure of that Personal Information;
- With any other person or entity as part of any business or asset sale; and
- With any other person or entity where you consent to the disclosure.
Where appropriate, we will limit sharing of your information in accordance with the choices you have provided us in response to our HIPAA Notice of Privacy Practices.
Cookies and Other Tracking Technologies
How We Use Cookies
Like many other companies, we use cookies and other tracking technologies (such as pixels and web beacons) (collectively, “Cookies”). “Cookies” are small files of information that are stored by your web browser software on your computer hard drive, mobile or other devices (e.g., smartphones or tablets).
We use Cookies to:
- Understand and save your preferences for future visits, allowing us to customize the Site and Services to your individual needs;
- Compile aggregate data about Site traffic and Site interactions to resolve issues and offer better Site experiences and tools in the future; and
- Recognize when you return to the Site.
We set some Cookies ourselves and others are set by other entities. Most of the Cookies we set ourselves are required for the Site and Services to function properly. We use Cookies set by other entities to provide us with useful information to help us improve our Site and Services, to conduct advertising, and to analyze the effectiveness of advertising.
How You Can Opt-Out of Cookies
Browser Settings
Cookies can be blocked by changing your Internet browser settings to refuse all or some Cookies. If you choose to block all Cookies (including essential Cookies) you may not be able to access all or parts of the Site.
You can find out more about Cookies and how to manage them by visiting www.AboutCookies.org or www.AllAboutCookies.org.
Advertising Industry Resources
You can understand which entities have currently enabled Cookies for your browser or mobile device and how to opt-out of some of those Cookies by accessing the Network Advertising Initiative’s website or the Digital Advertising Alliance’s website. For more information on mobile specific opt-out choices, visit the Network Advertising Initiative’s Mobile Choices website.
Please note that these opt-out mechanisms are specific to the device or browser on which they are exercised. Therefore, you will need to opt out on every browser and device that you use.
Third Party Processors
To ensure that your Personally Identifiable Information receives an adequate level of protection, we have put in place appropriate procedures with the service providers we share it with to ensure that it is treated consistent with applicable data security and privacy laws. For example, we use payment providers to process your credit card transactions. Specifically, if you create an e-pay account for any of our Services, such as paying a bill, you will be directed to a third-party payment processor where you will provide your username and password in addition to your account number and date of birth. We do not collect or receive the information provided to payment processors.
Additionally, if you are a referring physician and register for our electronic certificate of medical necessity form service, you will be directed to a third-party service provider where you will provide your name and credit card information when you register for an electronic certificate of medical necessity form.
“Do Not Track” Signals
Some internet browsers incorporate a “Do Not Track” feature that signals to websites you visit that you do not want to have your online activity tracked. Given that there is not a uniform way that browsers communicate the “Do Not Track” signal, the Site does not currently interpret, respond to or alter its practices when it receives “Do Not Track” signals.
Choices About Your Personally Identifiable Information
You may use your account to access, correct, or view certain Personally Identifiable Information we have collected and which is associated with your account. To review or request changes to any of your Personal Information, please contact us at privacy@apria.com.
Security
We maintain commercially reasonable security measures to protect the Personally Identifiable Information we collect and store from loss, misuse, destruction, or unauthorized access. However, no security measure or modality of data transmission over the Internet is 100% secure. Although we strive to use commercially acceptable means to protect your Personally Identifiable Information, we cannot guarantee absolute security.
Third Party Links
The Site may contain links that will let you leave the Site and access another website, including websites operated by our affiliates and websites operated by unrelated third parties. Linked websites are not under our control. This Privacy Policy applies solely to Personally Identifiable Information that is acquired by us on this Site. We accept no responsibility or liability for these other websites.
Children’s Privacy
The Site is not intended, directed at, nor targeted to children under 13 years of age. We do not use this Site to knowingly collect, use, disclose, or solicit personal information from or market to anyone under 13. If you believe that we have received information from a child or other person protected under such laws, please notify us immediately at privacy@apria.com and we will take reasonable steps to remove such information from our databases.
International Users
By visiting our Site and providing us with data, you acknowledge and agree that we may use the data collected in the course of our relationship for the purposes identified in this Privacy Policy or in our other communications with you, including the transmission of information outside your resident jurisdiction. In addition, such data may be stored on servers located in the United States or elsewhere. By providing us with your data, you consent to the transfer of such data and storage of such data within the United States, and you waive any rights to control or maintain the integrity of such data afforded by national laws or international treaties. You may not provide any Personally Identifiable Information if our use or disclosure of that information as described in this Privacy Policy would violate any laws or regulations of jurisdictions outside of the United States.
HIPAA
Apria maintains a separate HIPAA Notice of Privacy Practices.
Notice to California Residents
The California Consumer Privacy Act (CCPA) requires that certain businesses provide California residents with a privacy policy that contains a comprehensive description of their online and offline practices regarding the collection, use, disclosure, and sale of personal information and of the rights of California residents regarding their personal information. However, the CCPA contains important limitations that are relevant to Apria.
First, the CCPA does not apply to protected health information that is collected by a covered entity governed by the privacy, security, and breach notification rules issued by the United States Department of Health and Human Services established pursuant to the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the Health Information Technology for Economic and Clinical Health Act (HITECH).
Second, the CCPA does not apply to a covered entity governed by HIPAA, to the extent the provider or covered entity maintains patient information in the same manner as medical information or protected health information.
Because we are subject to HIPAA and HITECH, and maintain information, protected health information, and patient information according to their requirements, the personal information we collect is exempt from the CCPA. Your rights with respect to our use and sharing of that information are governed by our HIPAA Notice of Privacy Practices.
Shine the Light Law
We do not disclose personal information obtained through our Site or Services to third parties for their direct marketing purposes. Accordingly, we have no obligations under California Civil Code § 1798.83.
How to Contact Us
To contact us for questions or concerns about our privacy policies or practices please contact us via any of the following methods:
By phone: 1-888-492-7742
By email: privacy@apria.com