PRODUCTS PRIVACY NOTICE FOR CONSUMERS
Effective: September 1, 2021
Revised: June 16, 2023
This Medicx Products Privacy Notice describes how we collect, transfer, and use data in connection with the planning, tailored advertising (audience segments), measurement, and analytics products that we make available to our advertiser clients, agency clients, media owners, publishers, and other clients.
We may update this notice from time to time to reflect changes in our products or practices, or for other operational, legal or regulatory reasons. Please re-visit this notice regularly to stay informed. The date at the top of this notice indicates when it was last updated.
WHAT WE DO
Medicx leverages software, data and analytics to help health brands communicate more effectively with consumers. To do this, we have developed planning insights, tailored advertising (audience segments) and marketing measurement solutions which respect your privacy rights.
AUDIENCE SOLUTIONS (TAILORED ADVERTISING)
Relevant health communications enable consumers to make more informed choices about their health care. The most effective way for delivering relevant communications to the right consumers starts with a deep understanding of the intended audience. Medicx does this by using innovative software, proprietary data, patented technology, and analytics to understand the prevalence characteristics of a hyperlocal geographic area – including age, gender, social determinants of health, lifestyles, attitudes, media preferences, and other demographics of a hyperlocal area – most relevant to certain health conditions. To perform these analytics, we may receive de-identified demographic and consumer information (collected in hyperlocal, offline, non-digital environments by our partners); Medicx does not store or retain any individually identifiable demographic and consumer information.
Medicx and our partners use this understanding of the demographic characteristics of certain population segments to create unique audiences for target marketing, also known as Audience Segments. Medicx Audience Segments can be used by health brands to deliver tailored advertising to relevant consumers via digital, social audio, and TV advertisements.
To make Medicx Audience Segments available for Tailored Advertising in digital environments, we may ask our partners to identify devices or browsers of users with specific demographic and consumer attributes, and the users of these identified devices or browsers may receive Tailored Advertising in their web browsers, within mobile and social applications, and on connected TVs with streaming services, satellite and cable services.
MEASUREMENT AND ANALYTIC SOLUTIONS
Medicx measurement and analytics solutions help healthcare marketers answer critical marketing and business questions. For example, what is the lifestyle or psychographic profile of our audience segments, are the marketer’s communications reaching the right audience? Also, what impact do these communications have on patient and prescriber behavior?
To measure the impact of health marketing, we connect media exposure data to de-identified longitudinal health data. We report only de-identified and aggregated insights to our customers; we never report person/individual – or device-level information.
We receive hashed identifiers that have received client advertising, as well as associated campaign metadata (i.e., information related to what ad was shown, on what web property or app, on what device, and when), from an identity resolution partner or directly from a media owner. We are not able to associate these identifiers with any personally identified or device-Identified Information (as those terms are defined in the Network Advertising Initiative (“NAI”) Code of Conduct for its members). We retain these hashed identifiers for a maximum of 1 year from last contracted use, at which point the user-level data is aggregated for long-term storage.
All information received by Medicx for its measurement services is certified by Expert Determination to satisfy the Privacy Rule’s de-identification standard under the Health Insurance Portability and Accountability Act (“HIPAA”). This de-identified health information, as it is no longer considered protected health information, may be legally used and disclosed by Medicx and its partners.
OUR MARKETING DATA PARTNERS
Medicx partners with reputable companies who collect and manage personal information for various purposes, including digital advertising, identity management, and database marketing.
TAILORED ADVERTISING AND YOUR RIGHTS
You may opt out of personalized advertising and cross-device linking in web browsers by visiting http://optout.aboutads.info. To help preserve the choices that you make in the DAA’s WebChoices page, you can install the DAA’s “Protect My Choices” extension that is available at aboutads.info/PMC.
For more information about tailored advertising and cross-device linking, please visit the Network Advertising Initiative (“NAI”) website. We comply and adhere to the NAI’s Code of Conduct for those clients who request us to do so. We do adhere to the DAA’s Self-Regulatory Principles for Online Behavioral Advertising by providing you enhanced notice, transparency and control of our digital marketing practices.
Medicx is not a covered entity however we do operate and handle health data as a covered entity would and is certified by Expert Determination to satisfy the Privacy Rule’s de-identification standard under the Health Insurance Portability and Accountability Act (“HIPAA”). This de-identified health information, as it is no longer considered protected health information, may be legally used and disclosed by Medicx and its partners.
Under the CCPA, California consumers have the right, subject to certain limitations, to:
Request to know what personal information a business collects, stores, shares, and sells about them (“right to know”);
Request to delete the personal information that a business has on file about them (“right to delete”); and
Request to opt-out of the sale of their personal information (“right to opt-out”).
Unless you have interacted with a Medicx employee on a one-to-one basis or have chosen to engage with us by providing identifiable personal information through our website or other digital means, we do not have any identifiable personal information about you and will not have any reasonable method by which we can verify your request to know or request to delete due to our privacy-by-design approach to maintaining browser and device information. As noted above, if you would like to opt out of being included in Medicx advertising and measurement products, you may do so through our Marketing Data Partner, LiveRamp. https://liveramp.com/opt_out
Washington, Virginia, Utah, Connecticut Residents
Washington’s My Health, My Data Act (MHMDA), Virginia, and other states noted have no impact on our provision of micro-neighborhood data for targeted advertising.
From the outset, it is critical to note that Medicx does not collect or maintain or include in micro-neighborhood data any personally identifiable health data. Rather, the data is entirely composed of aggregated and deidentified elements in a manner designed to prevent re-identification. Our deidentification process has been certified to comply with the deidentification requirements of HIPAA, which, in our reading of the MHMDA, renders the database outside the scope of the Act, which, as you know, specifically exempts “Information that is deidentified in accordance with the requirements for deidentification set forth in 45 C.F.R. Part 10 164” and data derived from such data. (MHMDA Section 12.).
Therefore, the MHMDA and other states noted will not have any material impact on Medicx Health’s services or require any substantial changes to our practices.