- Health Information Technology
EU-U.S. Privacy Shield Framework: Active
Swiss-U.S. Privacy Shield Framework: Active
Purpose of Data Collection
Change Healthcare’s Privacy Shield certification covers processing occurring within Change Healthcare’s Enterprise Imaging (EI) business unit. EI may view, hold and process personal information about EEA customers, EEA business partners and their workers for the provision, implementation and support of health care information technology and related services to health care institutions and companies in the EEA. This may include the processing of information provided by EEA customers about providers and patients to Change Healthcare for the purposes of fulfilling Change Healthcare’s contractual obligations to its EEA customers. Change Healthcare may also process HR Personal Information, including, without limitation, names, contact information, titles, pictures, IP addresses, user IDs, compensation, benefits information, etc. about Change Healthcare EEA based Workers. Change Healthcare collects, uses or discloses HR Personal Information for the following purposes: (a) payroll, compensation, and benefits administration including stock administration; (b) business travel and employee relocation administration; (c) Change Healthcare Worker management and discipline; (d) Change Healthcare Worker appraisal, training, and development; (e) Change Healthcare facility, security and health, and safety management; (f) staff recruitment and hiring; (g) tracking the engagement of Change Healthcare outside service workers (including consultants and other non-employees); (h) Change Healthcare Worker identification; (i) reimbursement of Change Healthcare Worker expenses; (j) compliance and risk management; (k) business communication with Change Healthcare Workers; (l) internal technical and operational support; and (m) compliance with applicable legal requirements. HR Personal Information is disclosed to third parties that assist Change Healthcare in executing the above business purposes, including those assisting in talent management, benefits management, compensation, and facility/information security.
HR and Non-HR Data
Change Healthcare’s Privacy Shield certification covers processing of Customer Personal Data, of Human Resources Personal Data, and of Marketing Personal Data. Change Healthcare processes Customer Personal Data within Change Healthcare’s Enterprise Imaging (EI) business unit. EI may view, hold and process Customer Personal Data about EEA, Swiss and United Kingdom customers, Vendors and their workers for the provision, implementation and support of health care information technology and related services to health care institutions and companies. This may include the processing of information provided by EEA, Swiss and United Kingdom Customers about providers and patients to Change Healthcare for the purposes of fulfilling Change Healthcare’s contractual obligations to its customers. Change Healthcare also collects, uses or discloses HR Personal Data of Workers located in the EEA and the United Kingdom for the following purposes: (a) workplace management, training, employee development, performance appraisal and discipline; (b) recruitment, compensation, mobility and benefits administration; (c) payroll, tax and reimbursement; (d) facility, security and health, and safety management; (e) workforce productivity and employee engagement; (f) business operations including archiving, disaster recovery, business continuity, business and data analytics, directory services and communications; (g) tracking and monitoring employee usage of systems, tools and applications (such monitoring will take place only in justified cases and in compliance with applicable law); (h) technical and operational troubleshooting and support; (i) compliance testing, compliance monitoring, security testing, security monitoring, e-discovery and risk management; (j) government reporting. HR Personal Data is disclosed to third parties that assist Change Healthcare in executing these business purposes, including those assisting in talent management, benefits management, benchmarking, compensation, and facility/information security. Finally, Change Healthcare's goal is to provide its EEA, Swiss and United Kingdom Customers with a personalized Internet experience and an Internet-based online information and communication service that delivers the information, resources and services that are most relevant and helpful. In order to achieve these goals, Change Healthcare collects and processes Marketing Personal Data from users during visits to its websites and, in particular, during a user's visits to ChangeHealthcare.com. Change Healthcare's collection and use of Marketing Personal Data varies based on the website services requested by the users and the users' choice of privacy options within the relevant website services available to users in the EEA, Switzerland and the United Kingdom. Users are directed to the applicable Privacy Notice for further details.
Questions or Complaints?
If you have a question or complaint regarding the covered data, please contact Change Healthcare Technologies, LLC at:
Alpharetta, Georgia 30005
Privacy Shield organizations must respond within 45 days of receiving a complaint.
If you have not received a timely or satisfactory response from Change Healthcare Technologies, LLC to your question or complaint, please contact the independent recourse mechanism listed below
NON-HR RECOURSE MECHANISM
Appropriate statutory body with jurisdiction to investigate any claims against Change Healthcare Technologies, LLC regarding possible unfair or deceptive practices and violations of laws or regulations covering privacy Federal Trade Commission