Mass General Brigham Health Plan ("MGBHP") MGB Health Plan Member Mobile App (“MGB Health Plan Member”)

Application Privacy Policy (“iOS”)

This Application Privacy Policy, along with the MGB Health Plan Member Terms of Use will tell you what information we collect through MGB Health Plan Member and how it is used. By using MGB Health Plan Member, you agree to acceptance of this Application Privacy Policy and our Member Privacy Practices. Please read the following carefully before using MGB Health Plan Member.

In hosting MGB Health Plan Member for download, Apple (through the App Store) may have access to a limited amount of the user’s information, provided directly by the user (including but not limited to name, email, IP address, and the app downloaded). However, Apple does not collect such information for or on behalf of MGBHP, and it will not be subject to our Member Privacy Practices or this Application Privacy Policy. By using MGB Health Plan Member, you acknowledge that information provided to Apple by the user (and not by MGB Health Plan Member or by MGBHP) does not constitute “Protected Health Information” under the Health Insurance Portability & Accountability Act and related regulations (collectively referred to as “HIPAA”).

Except as set forth in the previous paragraph, information that you may provide to us in connection with the use of MGB Health Plan Member is considered “Protected Health Information” as defined under HIPAA and is subject to our Member Privacy Practices.

Your Consent

By using MGB Health Plan Member, you consent to the collection, use and sharing of information as described in this Application Privacy Policy.

Information Collection and Use

Use of Third-Party Services; Information Collected Though Interaction with MGB Health Plan Member

Information We Collect

You will be asked to provide personal information during the MGB Health Plan Member registration process, during the MGB Health Plan Member login process, or when providing feedback to us about your experiences using MGB Health Plan Member. The personal information you are asked to provide may include a name, alias, postal address, online identifier, email address, characteristics of protected classifications under state or federal law, commercial information, professional or employment-related information, and other similar identifiers. The information required is noted on each specific form or registration page. Additional questions might be included to help us improve the services we offer. Any information collected through the MGB Health Plan Member is not stored on the application but will go to back-office systems in the same manner that information from paper forms, submissions, and phone calls to customer care are currently handled. At no time will MGBHP sell, rent, loan, trade, or lease any information collected on MGB Health Plan Member. However, please note that we may need to use this information within the MGBHP family of affiliate companies or with a third-party to perform administrative, technical, or other functions that help us provide services to you. We seek to hold third-parties to the same privacy practices and protections as MGBHP. MGBHP retains the personal information you provide for as long as necessary to fulfill the purposes for which MGBHP collects it, such as to provide you with the services you have requested, and for the purpose of satisfying any legal, accounting, contractual, or reporting requirements that apply to us.

Biometric Login

Enabling biometric login allows you to use your fingerprint, facial, or other physical character recognition instead of your username and password to access and use the MGB Health Plan Member if your device is equipped with biometric login functionality. In order to use biometric login to access and use the MGB Health Plan Member, you need to first enable Biometric login functionality on the device. BY SPECIFICALLY ENABLING BIOMETRIC LOGIN TO MGB HEALTH PLAN MEMBER, YOU ARE ALLOWING AND AUTHORIZING ANYONE WHOSE BIOMETRIC IDENTIFICATION IS STORED ON YOUR DEVICE TO ACCESS MGB HEALTH PLAN MEMBER, VIEW YOUR MGB HEALTH PLAN MEMBER INFORMATION, AND MAKE TRANSACTIONS ON MGB HEALTH PLAN MEMBER. ACCORDINGLY, YOU WILL BE RESPONSIBLE FOR SUCH TRANSACTIONS EVEN IF YOU DID NOT MAKE THEM, OR EVEN KNOW ABOUT THEM. THEREFORE, IT IS STRONGLY RECOMMENDED THAT YOU NOT ENABLE BIOMETRIC LOGIN FOR MGB HEALTH PLAN MEMBER IF ANYONE OTHER THAN YOU HAS A BIOMETRIC LOGIN STORED ON YOUR DEVICE. BY AGREEING TO THESE TERMS AND ENABLING BIOMETRIC LOGIN FOR MGB HEALTH PLAN MEMBER, YOU ARE AUTHORIZING ANYONE WITH BIOMETRIC DATA STORED ON YOUR DEVICE TO ACCESS THE MGB HEALTH PLAN MEMBER, VIEW INFORMATION ACCESSIBLE THROUGH THE MGB HEALTH PLAN MEMBER AND MAKE ACCOUNT TRANSACTIONS ON YOUR BEHALF, FOR WHICH YOU WILL BE LEGALLY RESPONSIBLE, AND REPRESENTING TO US THAT ANY SUCH PERSON HAS PROPER AUTHORITY TO MAKE SUCH TRANSACTIONS ON YOUR BEHALF. Note that we do not have access to your biometric data. For more information on how the device manufacturer or operating system provider uses and stores biometric data, refer to those companies’ privacy policies and/or security guidelines. Biometric technology is provided by such manufacturers and providers, and accordingly we are not responsible for any malfunctions or errors.

How We Use This Information

MGBHP uses the information you provide to operate MGB Health Plan Member and provide the MGB Health Plan Member service to you. MGBHP may also use certain personal information, including your email address, to provide communications, information and materials to you related to MGB Health Plan Member and/or other programs and services available through MGBHP and certain MGBHP affiliates, and certain information and surveys, including member satisfaction surveys relating to your use of services provided by MGBHP and certain MGBHP affiliates. MGBHP may also share such information with third-party service providers whose services and/or materials are accessible through MGB Health Plan Member to enable such third parties to provide those services and materials to you.

Data Security

MGBHP seeks to prevent unauthorized access to your personal information by use of security technologies to protect the integrity and privacy of any personal information you provide.

Although we endeavor to protect your personal information, MGBHP cannot and does not warrant the security of any information you transmit to us through MGB Health Plan Member, and you do so at your own risk. We use industry standard physical, technical and administrative security measures and safeguards to protect the confidentiality and security of your personal information. However, because mobile applications and the internet are not 100% secure, we cannot guarantee, ensure, or warrant the security of any information you transmit to us. There is no guarantee that information you transmit to us will not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards. It is your responsibility to protect the security of your login information and the devices used to access MGB Health Plan Member.

Depending on the manner in which you use MGB Health Plan Member, your information may be discarded or archived.

Login/Passwords

Some sections of MGB Health Plan Member require login identifiers and/or passwords. You are responsible for taking reasonable steps to ensure that no unauthorized person has access to your password or account login information. It is your sole responsibility to control the use of login information and passwords, to authorize, monitor and control access to and use of your account and password and to inform MGBHP promptly of any need to deactivate a password.

No Information from Children Under Age 13

MGB Health Plan Member is not intended for children under 13 years of age. We do not knowingly collect, use, or disclose personal information from children under 13. If you are under the age of 13, please do not attempt to register with us at MassGeneralBrighamHealthPlan.org or provide any personal information about yourself to us. If we learn that we have collected personal information from a child under the age of 13, we will promptly delete that information. If you believe we have collected personal information from a child under the age of 13, please contact us.

Legal Proceedings

We will share personal information with third-party companies, organizations, or individuals outside of MGBHP and its affiliates if we have a good-faith belief that access, use, preservation, or disclosure of the information is reasonably necessary to:

Transfer in the Event of Sale or Change of Control

If the ownership of all or substantially all of our business changes or we otherwise transfer assets relating to our business or MGB Health Plan Member to a third-party, such as by merger, acquisition, bankruptcy proceeding, or otherwise, we may transfer or sell your personal information to the new owner. In such a case, unless permitted otherwise by applicable law, your information would remain subject to the promises made in this Application Privacy Policy unless you agree differently.

If you use MGB Health Plan Member and provide us with information, you understand and agree that your information may be transferred to and stored on servers located outside your resident jurisdiction and, to the extent you are a resident of a country other than the United States, that you consent to the transfer of such data to the United States for processing by us in accordance with this Application Privacy Policy.

Changes to This Policy

MGBHP reserves the right to change or update this Application Privacy Policy from time to time without notice, so please review it periodically to keep informed of any changes.

If you have questions or comments regarding this Application Privacy Policy or about how we collect, use or protect your personal information, please contact us at 1-844-556-2925 or massgeneralbrighamhealthplan.ethicspoint.com.


Last Updated: January 1, 2023