Privacy Policy

Welcome to the Internet Privacy & Security Statement (“Privacy & Security Statement”) of Reach EAPSM (hereinafter defined as “Reach EAP”) The purpose of this Privacy & Security Statement is to summarize and disclose all information collecting and disseminating practices of Reach EAP concerning its web site, www.allonehealth.com (“Public Pages”). This Policy governs the participation for use of these sites and/or services, and all versions of these sites and/or services. This Policy is effective immediately and you accept this policy when accessing this site and you also accept the accompanying Terms of Use. We may amend this Policy at any time by posting the amended terms on this site. Any such amendment shall take effect when such amendment is sent to you by email or posted on this site. This Privacy Statement is effective as of January 29, 2009 and was last updated on February 7, 2014. However, Reach EAP reserves the right to change this Privacy & Security Statement as necessary and without notice to users of this site. This Privacy & Security Statement is not intended to and does not imply any contractual or other legal rights or remedies to or from Reach EAP, its affiliates, subsidiaries, assigns, agents or any other party. 1. Security Features a. Public Pages Secure connections are supported on the current server supporting this site. Visitors are urged to review the privacy/security statements of any links that visitors may access from this site, as such terms may be different and are not the legal responsibility of Reach EAP, as more fully described in the disclaimer language that will be displayed for users prior to entering these links. b. Self Service There is a self-service portal for members and group administrators of Reach EAP that requires a Log-In (User I.D. and password). Secure connections are supported on the current server supporting this site. Visitors are urged to review the privacy/security statements of any links that visitors may access from this site, as such terms may be different and are not the legal responsibility of Reach EAP, as more fully described in the disclaimer language that will be displayed for users prior to entering these links. In addition to these security features, after a designated amount of time of non-use, member or group administrator will be logged out of blue solutions and be required to log back in to continue session. 2. Collection of Personal Information a. Public Pages Reach EAP will not be tracking personal data. The only data recorded will be the volume of visits as tracked by IP address and pages accessed. Reach EAP will be creating and placing non-expiring cookies on the systems of visitors to this site. In addition, utilization statistics for all traffic on our public pages is being collected by a third party. b. Self Service Reach EAP will not be tracking personal data, and thus, no “cookies” will be placed on the hard-drives of visitors to stop personal data. However, Reach EAP’s server will track session information and “cookies” containing this session information will be placed on the hard drive of visitors. 3. Use of Data Collected from Input Forms a. Public Pages The current site does have a limited ability to input personal information onto data input forms for contact information purposes. Data entered consists of name, company name, address and phone number. This information is solely for contact purposes. b. Self Service Reach EAP Self Service does have an ability to input personal information into data input forms. Data must be entered by member or group administrator to verify identity and authority of user and that information will include, but is not limited to, group number, member number, member name, primary care physician ("PCP") or any treating physician information, email address, phone number, date of birth, claim numbers, referral numbers and any and all changes to this information. Prior to entering such data, users should carefully review this statement and Reach EAP’s description of its limited security feature. Use of this information by Reach EAP is solely for customer service purposes. c. Occupational Health The secure portal tracks utilization statistics for the client services site, however, no personal or private data is tracked. d. Careers The careers link does have the ability to input personal information onto data input forms. Data must be entered by job applicants and will include their name, address, telephone number, email address, resume, gender and ethnicity. Prior to entering such data, users should carefully review this statement and Reach EAP’s description of its limited security feature. Use of this information is solely for employment purposes. 4. Disclosure of Data Reach EAP will not sell, trade or disclose data to non-affiliated third parties for any purpose other than Reach EAP’s operations. 5. Logging and Tracking Reach EAP will not be logging or tracking personal data. Reach EAP will be collecting certain activity including, but not limited to, successful and failed log-in attempts as well as usage statistics for all functional components. The only other data recorded will be the volume of visits as tracked by IP address and pages accessed. 6. Collection of Personal Data From Children Children under the age of 18 can access our site as guests. Reach EAP will not knowingly collect or use any personal information from individuals under the age of eighteen without the consent of a parent or guardian, or provide any personally identifying information collected from children, regardless of its source, to any third party for any purpose. If a visitor submits information to the web site through the registration process that indicates the visitor is a child, the child’s parent or guardian will be alerted to the child’s registration and will be provided instructions on how the parent or guardian can delete the child’s registration, if so desired. No information collected through the site from visitors that identify themselves, as children will knowingly be used for any direct marketing or promotional purposes. Reach EAP does not require a child to disclose more information than is reasonably necessary to participate in an activity. 7. Parental Access A parent can contact our Privacy & Security Office to access, change or delete the personal information that we have collected from his or her child by sending an email to privacy@allonehealth.com. Please include the child’s membership number, name, and the parent’s email address so that we can better assist you with your inquiry or request. Reach EAP takes steps to verify the identity of anyone requesting information about a child and to ensure that the person is in fact the child’s parent or legal guardian. We may amend our privacy policy at any time. We will provide parent’s notice by email of any material changes in the collection, use or disclosure practices to which you had previously agreed. 8. Privacy/Security Breaches Reach EAP is concerned about the privacy and security of this site and its visitors. Because the privacy and security of this site cannot be fully protected from breaches, Reach EAP has established an address for visitors to report breaches and suspected breaches of the privacy and security of this site. Visitors should report any such breaches at abuse@allonehealth.com. 9. Questions/Concerns If you have any comments, questions or concerns regarding Reach EAP’s privacy policy and or practices, please send an email to privacy@allonehealth.com, or contact us at 1-866-262-5867. 10. Ownership Reach EAP is an AllOne Health Company (CTC).