Heritage Valley

Privacy Policy

Patient Payment Manager

Change Healthcare provides Patient Payment Manager services ("Patient Payment Manager," "we," or "our"), which is a web-based tool used by health care providers to give patients ("Subscribers," "you," or "your") easy-to-use online access to their account in order to make payments to providers or obtain answers to frequently asked billing questions regarding their providers services. 

By accessing Patient Payment Manager services, you agree to accept Patient Payment Manager's Terms of Use. By accepting Patient Payment Manager's Terms of Use, which incorporates this Privacy Policy, you expressly consent to the use and disclosure of personally identifiable information provided to Patient Payment Manager as outlined in this Privacy Policy. 

Because Patient Payment Manager provides this service to you and your provider, we ask you to provide the personal information that your provider's office needs to respond to your questions and requests.  We will not disclose the information we collect in ways that are different from those outlined in this Privacy Policy, except where we believe in good faith that the law requires it or you have consented to the disclosure. If you wish to request additional information about Patient Payment Manager prior to registering, you are required to provide contact information so that we can contact you about our services.

Registration

  • Subscriber Registration.
    • At your option and with your consent, your provider may enroll you in Patient Payment Manager services, which requires the collection of your contact information.  Your Provider may send you invitations to register for Patient Payment Manager. If you no longer wish to receive these invitations, you may request that your Provider no longer send you invitations. You must authorize the Provider to have access to your medical information, which consists of sending a message to the Provider whereby the provider accepts you as a patient in Patient Payment Manager.

  • Business Partner Website.
    • If you have previously provided contact information to a related Patient Payment Manager product ("Business Partner Website") and consented to its disclosure, your contact information will appear pre-filled in the Patient Payment Manager Website.   

Collection of Information

  •  Log Files.
    • Patient Payment Manager collects and stores the following information:  (1) the Internet protocol (IP) address of the computer you are using, (2) the name of the domain and host from which you access the Internet, (3) the browser software you use and your operating system, (4) the date and time you access the service, and (5) the Internet address of the Website from which you directly linked to Patient Payment Manager. Patient Payment Manager uses this log file information to analyze trends, administer the service, and monitor service traffic and usage patterns for internal security purposes and to make the Patient Payment Manager services more useful.

  • Subscriber Medical Information.
    • Provider-Patient Communications.
      You have the ability within Patient Payment Manager to send messages to your Provider. Providers may assign provider-designated users or authorized members of a provider group (collectively "Provider") to receive your messages on the provider's behalf.  Patient Payment Manager may record and maintain these communications, but we will not edit the content of these communications.  If you would like to change information in your account, you can send a message to your Provider stating the change you think is needed or you may update your account directly.      

    • Health Information. 
      Your Provider may supply Patient Payment Manager with information contained in your medical and/or patient files for the purpose of updating your Patient Payment Manager information. The sharing of this information is at the option of your Provider and based upon your consent.

    • Credit Card and Health Plan Information.
      If you wish to make an online payment to your provider, you must provide your credit card or checking account information from your financial institution on the Account Information Web page.  

Use and Disclosure of Information

In addition to the uses and disclosures of information outlined above, your information may also be used as described below. 

  • Use of Subscriber Information.
    • Use by Patient Payment Manager.
      Patient Payment Manager may use your information in the following ways: (1) surveying you on Patient Payment Manager services and responding to customer service requests, (2) providing information required by law, (3) providing contact, billing, and health information to your Provider, (4) using your provider and/or health plan information to customize your experience or to show these logos on our Web pages, (5) improving our products and services, (6) accomplishing administrative tasks, (7) analyzing and improving our Website, including troubleshooting, (8) resolving disputes, (9) enforcing agreements, including our Website Terms & Conditions, and (10) performing services requested by your Provider in accordance with the requirements of the Health Insurance Portability and Accountability Act of 1996 ("HIPAA") and any applicable business associate agreement we have with your Provider.

    • Audit Trail.
      Patient Payment Manager maintains an audit trail to keep track of persons who have viewed your Patient Payment Manager information, including your health record, and whether any changes have been made to such information.

  • Disclosure of Subscriber Information.
    • Patient Account Manager.
      If you permit another individual to manage your account ("Patient Account Manager"), the Patient Account Manager will be able to view and make changes to your information in Patient Payment Manager.

    • Patient Payment Manager Business Partners.
      Patient Payment Manager works with many business partners to provide services to consumers. It is Patient Payment Manager's policy to ask companies with whom we do business to support the same Privacy Policy we do. When you sign up for Patient Payment Manager services, we will share information only as necessary for business partners to provide these services. These parties are not allowed to use personally identifiable information except for the purpose of providing these services.

    • Third Party External Links.
      Patient Payment Manager may provide links to third party Websites within our system. However, Patient Payment Manager exercises no authority over linked Websites, and these linked Websites have separate and independent privacy policies that are outside the control of Patient Payment Manager.  We structure the Patient Payment Manager service so that no personal or health information goes in the search string or URL when you move from the Patient Payment Manager service to a linked Website. 

    • Aggregate Data.
      Patient Payment Manager may use de-identified anonymous data that is taken from the personal information you provide and combine it with other anonymous data to create what is referred to as "aggregate data" that may be disclosed to third parties. Aggregate data is information that describes the habits, usage patterns, and/or demographics of users as a group but does not reveal the identity of particular users.  Patient Payment Manager may use aggregate data within Patient Payment Manager to understand the needs of our community of users and determine what kinds of programs and services we can help providers offer to Subscribers. Aggregate de-identified data may be provided or sold to third parties.

    • Locator Information
      Locator information is your name, electronic messaging address, physical address, and/or other data that enables someone to personally identify you. Patient Payment Manager and your Internet Access Provider may use Locator Information as necessary to enforce Patient Payment Manager's Terms of Use.

    • Business Transfers.
      Patient Payment Manager may share collected information in the event of a business transfer, such as a sale, merger, acquisition, or reorganization.  If a business transfer occurs, the successor company will acquire the information Patient Payment Manager has collected, and the terms of this Privacy Policy would survive the transfer. 

    • Deactivation.
      If you no longer wish to allow your Provider to view your information, you will need to contact your Provider to relay this information (Deactivation). Once you deactivate your Provider, the Provider will no longer be able to view updates to your health record. To discontinue enrollment from Patient Payment Manager services, you will need to contact your Provider, so the Provider can disenroll you from our services.

Storage and Maintenance of Information

With the exception of information collected using cookies, Patient Payment Manager stores and maintains all electronic communications sent via Patient Payment Manager, the content of all visits, your health record, contact information, financial information, and all attachments and/or files uploaded or posted to Patient Payment Manager for a period of at least ten (10) years.  Such information will be transferred to and retained in our servers. 

Security

Patient Payment Manager takes all reasonable measures to secure your data on our servers in our data center. Our data center is both physically and electronically secured. Our servers are protected behind the Internet using a firewall, which is a hardware and software system that blocks access by unauthorized parties. As a key provider of services and technology to the healthcare industry, Change Healthcare has implemented programs to address privacy and security rules promulgated pursuant to the HIPAA. 

Cookies

By agreeing to this Privacy Policy, you also agree to the use of cookies as described hereafter in more detail.  A "cookie" is a small text file that Patient Payment Manager transfers to your computer's hard drive in order to personalize our service for you and to collect aggregate, non-personal information regarding service usage by all of our users.  Each computer is assigned a different cookie that contains a random, unique number. The cookie does not collect personally identifiable information. Patient Payment Manager uses four different types of cookies: (i) a "session cookie," with random identifiers for the user's browser, which is required to track a user session, for example, and which expires shortly after the session ends; (ii) an "application cookie" that uses an authenticated user ID which is sent back to the browser when the user submits a log-in and which enables the server to verify if the user is valid; (iii) if you turn on the "remember my user ID" functionality, a permanent one (1) year cookie which is placed on the browser to remember your ID and has the user name on it, and which also gets sent to the web server log files; and (iv) a "persistent" cookie, used to track unique visits to the Patient Payment Manager Website, as well as how the user arrived at the Patient Payment Manager Website and the type of user. So that users aren't counted twice, this cookie can "persist" anywhere from six (6) months to two (2) years. The persistent cookie is managed by Google Analytics and is, by design, anonymous.

Your browser software can be set to warn you of cookies or reject all cookies. Most browsers offer instructions on how to reset the browser to reject cookies in the "Help" section of the toolbar. If you reject our session cookies and/or application cookies, you will not be able to use the Patient Payment Manager Website.  Since sponsors or partners of Patient Payment Manager may use their own cookies, when you click on a hypertext link to their Website or service, you should carefully review the privacy policy of other Websites you link to from our service.

Do Not Track

We currently do not have the technical capability to honor do not track requests from browsers. At this time, Patient Payment Manager does not participate in any third party ad networks or use any third party cookies beyond those that may be required from our third party vendors and contractors to provide the Patient Payment Manager Website to you.

Privacy Protections

Please be aware that your information will circulate through the Internet and, as such, while Patient Payment Manager employs security measures to ensure the protection of your personal data, it may not be possible to absolutely prevent the unauthorized access to such data. In order to protect your privacy, you should never share your sign-in name or password and always sign out when you are finished using the service.

Privacy Policy Question

If you have questions regarding this Privacy Notice, please contact us via email at chiefprivacyofficer@ChangeHealthcare.com (please include "Change Healthcare Web Site Privacy Notice" in the subject line), or via US Mail at: Change Healthcare, Privacy Office (Attn: Change Healthcare Web Site Privacy Notice), 5995 Windward Parkway, 5th Floor, Alpharetta, GA 30005.

Changes to Privacy Policy

Patient Payment Manager reserves the right to change the terms of this Privacy Policy at any time by posting those changes on our service so that you are always aware of our processes related to collection, use, and disclosure of information. We urge you to check here for any updates to this Privacy Policy from time to time.

Top of Page