×

Privacy Policy

Your Information. Your Rights. Our Responsibilities.
Empower Health Services, LLC (EHS) is committed to protecting the privacy of your health information. EHS has policies and safeguards in place to protect your information. We are required by law to maintain the privacy and security of your protected health information and to provide you with this Notice of Privacy Practices (Notice). This Notice describes how medical information about you may be used and disclosed and how you can get access to this information. Please review it carefully.

How is your health information collected?
The confidential health information that we collect while providing Health and Wellness Screenings and/or Immunization Services is called “Protected Health Information” or “PHI.” PHI is collected by a variety of methods:

  • Your activity with Empower.Health – Information about you can be collected when completing the following:
    • health questionnaire
    • engaging in challenges, rewards, and incentives
    • registering for a service to be performed on our secure online portal
  • Through specimen collection and processing – Information about you can be collected when you visit a sponsored Empower Health Screening Event or visit a Laboratory Patient Service Center.
  • Health Provider Form – Information about you can be collected based on data provided on a completed Health Provider Form, filled out by you and your Primary Care Physician.
  • Activity trackers – In addition to the health information we collect directly from you, with your permission, we may also collect step count, sleep, and exercise data from your activity tracking device. We do this by connecting to your activity tracker app and requesting access to this data. You may choose to grant or deny us access to your data at any time. Contact us at [email protected] for feature recommendations and feedback.
  • Biometric data for authentication – To enhance security, your biometric data, such as facial recognition or fingerprints, may be used when logging into our services at your own discretion. This information is used only for identity verification during login and is not stored or administered by Empower Health Services beyond the immediate authentication process. No biometric data is retained by our systems.

We utilize this data to provide you with the following features and services depending on the program you or your sponsoring organization requests from us:

  • To track your progress toward your fitness goals
  • To provide you with personalized health and fitness recommendations
  • To send you rewards for completing certain fitness goals

We do not share your step count, sleep, and exercise data with any third parties without your consent. You can choose to opt out of data collection at any time in your activity tracker app.

Please note that we may be required to disclose your step count, sleep, and exercise data to law enforcement or other government officials if they have a valid warrant or other legal process. We may also disclose your data if we believe it is necessary to protect your safety or the safety of others.

Data Retention and Deletion

  • Data Retention – Data older than five years will be stored in a backup, and this backup will be securely phased out and deleted to comply with data retention as defined in our Information Security Policy. We comply with applicable data protection laws such as CCPA, which grant users specific rights regarding their data retention and deletion. This retention period allows us to provide accurate and consistent services, track your health progress over time, and meet certain legal and regulatory obligations.
  • Data Deletion – You can easily delete data collected through your activity tracker within the mobile application. You can have EHS delete data collected utilizing our services, please contact us at [email protected].

How is your health information used?
We may use or disclose your PHI for treatment, payment, or health care operations. As an example, we may provide you with your health screening results, or use your PHI to collect payment or verify your insurance.

In addition, we would use your PHI for our health care operations, including, but not limited to, evaluating and improving the quality of our services. We routinely use your PHI for these purposes without any special permission. Except as otherwise described in this Notice, we can only share your PHI with your approval when you sign a valid authorization. You may cancel such authorization at any time unless we have already acted in reliance on it. We do NOT use or disclose your PHI for marketing purposes and we do NOT sell PHI.

How is your health information secured?
We have appropriate legal, organizational and technical security measures in place to prevent your Personal Data from being accidentally lost, used or accessed in an unauthorized way, improperly altered or disclosed. We also limit access to your Personal Data to employees and contractors where applicable. We have put in place procedures to deal with any suspected Personal Data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

How else can we use or share your health information?
We are allowed or required to share your PHI in other ways – usually in ways that contribute to the public good, such as public health and research. We must meet many conditions in the law before we can share your information for these purposes. For more information see: www.hhs.gov/ocr/privacy/hipaa/understanding/consumers/index.html. By way of example, we can share information about you without your authorization if state or federal laws require it, in response to a court or administrative order, or in response to a subpoena, or through our contracts with business associates acting on our behalf – but if we do so, we require our business associates to take all necessary steps to protect your privacy, except as required by law.

Your Rights:
You have the following rights regarding the use and disclosure of your PHI:

  • You may request that we restrict the use or disclosure of your PHI in writing. You can also decide to end a restriction at any time.
  • You may request that we amend your records if you think they are incorrect or incomplete. If we agree, we will amend the record.
  • If you have paid out of pocket, in full, for your screening or immunization, you may request that we restrict certain PHI from disclosure to health plans.
  • You may ask for an electronic copy or paper copy of the PHI we have about you by submitting a written request. We may charge a fee for copying and require payment in advance.
  • You may receive an accounting of the disclosures we have made of your PHI in the past six years from the date of your request, other than those for treatment, payment, or health care operations, disclosures required by law, or disclosures for which we had your authorization.
  • If a breach of your unsecured PHI occurs, you will receive a written notification of the details of the breach at the address we have on file.
  • You can ask us to contact you in a specific way (for example, home or office phone) or to send mail to a different address. We will say “yes” to all reasonable requests.
  • You can ask for a paper copy of this Notice at any time, even if you have agreed to receive it electronically.

To contact us in the future:
If you wish to obtain or see a copy of your PHI, see an accounting of any disclosures we have made, wish to ask to amend your PHI, wish to revoke your authorization, or have questions or would like to make any other permissible requests related to your PHI, please contact the EHS Privacy Officer at 1-866-367-6974.

The privacy of your PHI is important to us. If you believe that your privacy has not been protected, if you believe there has been a breach of the security of your PHI, or if you wish to have additional information, please contact EHS at 1-866-367-6974. You can also file a complaint with the U.S. Department of Health and Human Services Office for Civil Rights by sending a letter to 200 Independence Avenue, S.W., Washington, D.C. 20201, or visiting www.hhs.gov/ocr/privacy/hipaa/complaints/. You will not be retaliated against for filing a complaint.

Changes to the Terms of this Notice
EHS reserves the right to change the terms of this Notice, and the changes will apply to all PHI we may have about you. The new Notice will be available upon request and on our website at empowerhealthservices.com/privacypolicy.

Updated on December 18, 2024

Copyright ©2025 all rights reserved; Privacy Policy