Privacy Policy

VyaHealth is committed to protecting your privacy and ensuring the security of your Personal Information. VyaHealth will not sell, rent, or trade your Personal Information. VyaHealth will only transfer your Personal Information, with your expressed consent, to third parties to assist in verifying your identity or community eligibility, and as required for the prevention of fraud. VyaHealth has built rigorous security and privacy requirements into our technology from inception to safeguard your Personal Information. We are an ethical steward of your Personal Information and are always committed to supporting the following principles:

  • Control: You maintain full control over your Personal Information.
  • Consent: Your consent governs the sharing or transmission of your Personal Information.
  • Transparency: You can review all authorized applications and the specific Personal Information shared via your My Account portal.
  • Revocation: You can revoke access to your Personal Information for any authorized application at any time.
  • Credential Management: You can destroy your Vyahealth credentials and disallow further use of any associated Personal Information at any time.

VyaHealth Privacy Policy

This Privacy Policy outlines how VyaHealth (“we,” “our,” or “us”) collects, uses, shares, and protects your personal information when you use our mobile application (“App”) and website (collectively referred to as the “Service”).

This Privacy Policy expressly affirms VyaHealth’s operations as patient-directed access under the HIPAA Privacy Rule (45 C.F.R. Section 164.524) and the 21st Century Cures Act, consistent with federal prohibitions on information blocking.

We respect your concerns about privacy, and value our relationship with each of our users, it is for this reason that VyaHealth will never sell, rent, or trade your Personal Information, and why we take measures to safeguard your Personal Information as we work to become the premier health management data platform. By using the Service, you consent to the data practices described in this policy.

Information We Collect

We collect information to provide you with the best experience. We collect information from and about you in connection with your use of the Services. Some of this information may be considered “Personal Information” which is information that identifies you or your device, or is reasonably associated with you. The categories of Personal Information we may collect will vary depending on the nature of the Service you choose. We also collect, use, and disclose aggregated or de-identified information that does not reasonably identify you or your device, and is not considered Personal Information.

Information you provide. We collect information you provide to us, including:

  1. Verification Information: When you create an account with VyaHealth, you provide us with Personal Information that may include your name, date of birth, social security number and/or other government issued identification numbers, email address, phone number, mailing address, and certain biometric data. All documentation to be collected should be provided either through the MyVya360 app or VyaHealth website portal.
  2. Your correspondence and feedback about our Services. We collect information you provide when you contact us directly or provide feedback, comments, or suggestions on our Services directly to us.
  3. Vendor and Partner Information. If you are a vendor, service provider, or business partner of VyaHealth, we may collect information about you and the services you provide, including you or your employees’ business contact information and other information you or your employees provide to us as part of the services you may provide and/or our agreement with you.
  4. Demographic or Other information. We also collect information that relates to or is capable of being associated with you, such as age, gender, and any other information you choose to provide.
  5. Health related information: We collect information you provide through the app, website or by connecting to your electronic medical records. This includes, but not limited to: 1) basic demographics to determine your background, identity, and socio-economic status; this enables us to provide personalized health insights and recommendations that are relevant for your background. 2) health behaviors to identify lifestyle and health related risk factors that are relevant for your health, including weight and height, blood pressure, symptoms, allergies, alcohol, smoking, and physical activity; this enables us to tailor lifestyle recommendations to your health status. 3) medication tracking to help you organize your medication information and receive notifications about medications you have been prescribed. 4) health history, this includes your personal health history (procedures, diagnoses, treatments, etc.) and family health history; this allows us to organize your health history information for ease of sharing with family members or medical providers as relevant to your health.

Information we deriveor collect automatically

We may derive additional information or draw inferences about you based on the information we have collected from you directly, passively, or through third parties. When using our Services we may automatically collect or receive certain information associated with you or your network device(s), such as your computer or mobile devices. This includes information about your use of our Services and your preferences. Such information may be automatically collected through device-based tracking technologies such as cookies, pixels, tags, beacons, scripts, or other technologies. The information we automatically collect may also include geolocation information, such as information that identifies the approximate location of your device and your IP address, which may be used to estimate your approximate location to tailor health recommendations relevant to your area. We generate health recommendations and scores, this includes specific recommendations to help improve and maintain good health, based on the information we derive, collect automatically, or that you provided in the health assessment and profile.

Information from our partners

We acquire information from other trusted sources. These business partners might include companies, such as your mobile phone carriers, certain government agencies, licensing bodies, etc. We may also collect information about you from other sources, including service providers, data licensors and aggregators, marketing companies, programming distributors, and public databases.

Information you provide through social media

If you connect to us through a social media platform or navigate to a social media platform from one of our sites, the social media platform will collect your information separately from us. You should review the social media platforms’ privacy policies for details on their data use and to understand how they are using your information and your rights in relation to such information.

How we may use your information and why

Subject to permitted use and disclosure in compliance with HIPAA, VyaHealth will not sell, rent, or trade your Personal Information. VyaHealth will only transfer your Personal Information at your request, and with your consent, for use by third parties to verify your identity or community eligibility, or as required for the prevention of fraud or otherwise permitted by law. You may choose to share your personal information with family members or other trusted people. This sharing is controlled by you. Once the information is shared, the recipient may use or disclose it in ways that VyaHealth cannot control. You accept that risk when choosing to share.

We may use information to provide you with our Services. We may use the information collected from or about you to authenticate your identity when you create a VyaHealth account, as well as to provide you with customer support and account updates. We may use this information to verify your identity with VyaHealth partners and vendors, to perform our contractual obligations with you, or to ensure that our Services function properly.

VyaHealth operates solely as a user-mediated access tool, not as a covered entity or data intermediary under network Purpose-of-Use frameworks.

To the extent permitted by applicable privacy legislation, VyaHealth may share limited information with authorized public health agencies or healthcare providers to meet legal health-reporting obligations. Any such disclosure is minimal and used only for lawful public health or safety purposes. If disclosure is ever legally required, a high legal threshold must first be met, and any disclosure is limited to what the law specially demands. Users are notified when possible. In order to better serve our users, and to facilitate the health data tracking and management process VyaHealth may,  to the extent permitted by applicable law, share a limited set of Personal Information as requested by a clinic or hospital, healthcare provider, or other health related organizations. The reporting may result in the transfer of User Personal Information between VyaHealth and the designated party. Personal Information transferred as part of this function will be in service of identity verification and health data transfer into the VyaHealth app for full visibility and management by the user. Your use of VyaHealth for health data transfer and management in the VyaHealth app constitutes your consent for the use of your Personal Information in identity verification and health information exchange between VyaHealth and the originating organization.

Reporting functions are executed only upon explicit user request, user consent, or as otherwise required by law.

We may use information to perform our contracts with you. If VyaHealth enters into a contract with you, including in instances where you may be a vendor or service provider to VyaHealth or our business partner, we may use your information to fulfill our contractual obligations related to vendor or service agreements.

We may use information for marketing purposes. We may use your information to send promotional messages and newsletters via the app or email, or otherwise alert you to products or Services we think might be of interest to you. You may unsubscribe from receiving marketing communications from us at any time by logging in to your account and navigating to “My Preferences” to manage your subscriptions. Please note, if you are using VyaHealth Services in connection with a state or federal government agency, or in association with Electronic Prescriptions for Controlled Substance Services, we will not use any Personal Information provided as part of your verification for any type of marketing or promotional purposes related to VyaHealth without your consent, or unless you otherwise use your VyaHealth credential for any VyaHealth customer who is not a state or federal government agency customer, or otherwise opt-in to receiving marketing communications from VyaHealth.

We may use information to improve our Services. We may use your information to monitor, enhance, and improve the operation, delivery, and general accessibility of our Services. This may also include conducting internal research and development of our Services. Note that we do not:

  • Act as a medical professional or provide clinical services.
  • Prescribe medication or treatment.
  • Share your personal information with third parties for marketing purposes without your consent.

We may use information to maintain the safety and security of our Services. We may use your information to protect the rights and property of VyaHealth, and to comply with our legal obligations including without limitation to detect, investigate, and prevent fraud and other illegal activities and to enforce our agreements.

We may use information as otherwise permitted by law. We may use your information to resolve disputes, enforce our agreements, and as otherwise permitted or required by law.

We may use your Biometric Information. We may use your Biometric Information to verify your identity as well as to detect and help prevent fraud. We also may use the information in other ways with your consent, such as when you choose to use a Service or participate in a program we may offer jointly with another entity. We will never sell, rent, or trade your Biometric Information.

Who we share your information with and why

VyaHealth will not sell, rent, or trade your Personal Information. VyaHealth will only transfer your Personal Information at your request, and with your consent, for use by third parties to verify your identity or community eligibility, or as required for the prevention of fraud or otherwise permitted by law.

We may share your Personal Information with entities necessary to validate your VyaHealth Account and provide our Services to you. In order to verify your identity, we may provide your Personal Information to third parties such as healthcare organizations, government agencies, or other trusted and reliable sources of information. Our provision of your Personal Information to the foregoing parties is solely to verify your identity and facilitate transfer of your individual health data into the VyaHealth app. We follow the most advanced protocols to ensure the highest levels of data protection and security whereby the Personal Information you provide to us will only be transmitted using industry standard encryption tools, designed to protect such information from unauthorized access.

We may share your information in connection with a corporate transaction. We may disclose or transfer your information as part of, or during negotiations for, any purchase, sale, lease, merger, or any other type of acquisition, disposal, or financing involving our brands.

We may share information with third parties who perform services on our behalf. We may share your information with unaffiliated companies or individuals we hire or work with that provide us with professional advice, business support, or perform services on our behalf, including customer support, web hosting, information technology, payment processing, direct mail and email distribution, and administration, and analytics services. These Service Providers are allowed to use your information to help us provide our Services and not for any other purpose.

We may share information as needed in order to comply with legal processes, to protect ourselves, or improve our Services. For example, we will share information when it is necessary for us to comply with applicable law or legal process, to respond to legal claims, to prevent fraud, or to protect our rights or the property or personal safety of our users, employees, or the public. We also use third party service providers to track and analyze website usage and volume statistical information to administer our Website and constantly improve its quality.

Any denial or restriction of access by third-party vendors or EHR systems will be documented internally and, where appropriate, reported to regulatory authorities under the Information Blocking Rule.

We may share information as required with the United States federal government and certain state governments. VyaHealth does not provide any government with direct and unfettered access to our user’s data, and we do not provide any government with our encryption keys or the ability to break our encryption. We may share certain Personal Information associated with a VyaHealth account with government entities where we reasonably believe that account may be engaging in fraud. If a government entity requires additional information related to a VyaHealth account, whether related to a suspected instance of fraud or otherwise, it must follow applicable legal processes. The entity must serve us with a subpoena, warrant, or present other legally compelling justification for the additional information associated with the account, the request must be targeted and specific in nature. Our legal and compliance teams review all requests to ensure they are valid, reject those that are not valid, and only provide the minimum data specified in the subpoena or similar court order.

Your Choices

You have choices about how we use your information, including how your Personal Information is shared.

  1. Close your VyaHealth Account. You may close your VyaHealth account at any time. By choosing to close your VyaHealth account you are directing VyaHealth to deactivate your identity credential and to purge the associated data from active use in our databases. Please note, however, that VyaHealth does retain account history (e.g., events, logins, and transactions) as well as verification history (e.g., community, vaccine, or identity details including documentation and data elements used for verification) for up to five (5) years for legal compliance.
  2. Please Note: Use of your VyaHealth credential to verify your identity and track health data will be stopped in the event you delete your VyaHealth account. 
  • Deleting your data and biometric Information. Users who have created an account and uploaded images (e.g. scans), and who consented to the collection of the associated Biometric Information, may request the deletion of both the image and Biometric Information by submitting a request through the VyaHealth “Privacy” setting in your account. Deletion of the image and associated Biometric Information may take up to seven (7) days and will not impact the validity of your credential or verified status. VyaHealth reserves the right to retain this information for up to three (3) years in order  to comply with our legal obligations or to help prevent fraud.
  • Opt out from receiving marketing emails. To stop receiving our promotional emails, follow the instructions in any marketing email you get from us. When applicable, you can also change your preferences in your account. Even if you opt out of getting marketing emails, we are permitted to send you transactional messages. For example, we may still contact you about your use of our Services or any changes to our policies or Terms of Service.
  • Change or update the information you have given us. If you have created a VyaHealth account, then you can correct or delete certain information or update your verification information by logging into your account and following the instructions or by contacting the support team at admin@vyahealth.com.
  • Ad Choices. We, our affiliates, and any associated third parties may collect information on our Services to help alert you to products and Services that may be relevant to your interests. This is known as interest-based advertising. We rely on third parties who collect information on the Services to provide opt-outs or other controls to you. For more information on how to opt-out of receiving interest-based advertising on desktop and mobile websites, learn more here.

Updating and correcting your information.

We believe that you should have the ability to access and edit the Personal Information you provide us. You may change any of your Personal Information by logging into your account and accessing the “My Account” section of the site. You may update your Personal Information by sending us an email at admin@vyahealth.com.  Please indicate your name, address and email address, and what information you would like to update when you contact us. We encourage you to promptly update your Personal Information if it changes. You may also ask to have the information on your account deleted or removed from active use in our databases; however, we may retain certain information if required by law or by certain credential providers, contractual obligation, or for internal use by VyaHealth in the prevention of fraud.

Privacy policies of third parties

This Privacy Policy solely governs the collection, use, and disclosure of information by VyaHealth and our Services. It does not apply to any third-party websites or services that may be accessible through www.vyahealth.com. Each third-party site has its own privacy policies and practices for data collection and usage. We encourage you to review these policies before engaging with such sites. VyaHealth is not responsible for the practices of any third parties.

Protecting your information

We use the most technologically advanced security measures. VyaHealth adheres to industry-recognized certifications such as SOC 2 and/or HITRUST for data security and maintains an incident-response plan consistent with HHS and FTC breach-notification standards. We are fully committed to protecting your information. We employ advanced security measures to protect your Personal Information.  We have adopted technical, administrative, and physical security procedures to help protect your information from loss, misuse, unauthorized access, and alteration. While we strive for 100% security, no data transmission or storage can be guaranteed to be entirely secure. To safeguard the sensitive information on VyaHealth, we implement security measures such as encryption, firewalls, and intrusion detection and prevention systems. In addition, the following are examples of security measures that are used to safeguard all types of Personal Information we maintain about our consumers:

  • Identification and Classification: Procedures for the identification and classification of Personal Information and implementation of safeguards appropriate to the sensitivity of the information;
  • Access Control: Strict verification protocols designed to verify a business need before access to Personal Information is granted, and procedures for the periodic review of access permissions;
  • Access Termination: Procedures for termination of access to Personal Information designed to revoke access to the information by terminated personnel or when there is no longer a business need for access;
  • Personnel Security: Personnel security controls designed to mitigate risks associated with  human error, theft, fraud or misuse of facilities; and
  • Physical Security: Physical and environmental security procedures designed to prevent unauthorized access, damage or interference to business premises and information.

Data Retention

Personal Information will be retained until we have fulfilled our legal, contractual and policy obligations. 

VyaHealth retains your Personal Information as long as necessary to fulfill our legal, contractual, and policy obligations. We may retain your information even after you close your account for up to five (5) years to comply with applicable laws and for internal purposes, including fraud prevention and government auditing. You may request deletion of certain Personal Information by contacting admin@vyahealth.com We will acknowledge all requests but reserve the right to retain information related to high-risk transactions for fraud prevention and audit purposes. VyaHealth adheres to the National Archives guidelines for data retention when dealing with government agencies. We use industry-standard encryption methods to protect your Personal Information while it is stored, and we apply industry-recognized methods for secure data destruction.

Children’s Privacy

We do not knowingly collect information from minors. Minors under the age of 18 may not use the Website or app. VyaHealth Website and Services are not intended for minors, and we do not actively seek to collect information from them. We do not knowingly collect Personal Information from anyone under the age of 18, and no part of the Website is designed to attract anyone under the age of 18. Because we do not intentionally collect any information from children under the age of 18, we also do not knowingly distribute such information to third parties. If you have reason to believe that a child under 18 years of age has provided us with information, please contact us at admin@vyahealth.com and we will immediately delete such information, subject to and in compliance with applicable law.

 Additional Information if you are located outside the United States

This Website is hosted in the United States. If you are a User accessing our Website from Europe, Australia, Asia, or any other region outside of the United States with laws or regulations governing personal data collection, use, and disclosure, that differ from law in the United States, you are transferring your Personal Information to the United States which may not have the same data protection protections as other regions. By providing your information to VyaHealth or visiting the Website, you consent to the transfer of your information to the United States for processing and maintenance in accordance with Privacy Policy and our Terms of Service. You also consent to the application of Delaware law and controlling U.S. Federal law in all matters concerning your use of the Website and VyaHealth Service.

Changes to our privacy policy

This Privacy Policy may be periodically updated. This Privacy Policy may be updated periodically to reflect new VyaHealth features or changes in our Personal Information practices. Any significant changes will be highlighted at the top of this Privacy Policy, along with the date of the most recent update. We encourage you to review this policy regularly.

Contact Us

Whether you’re a new or loyal customer, marketer, publisher, media member or job seeker, we’d like to stay connected and want to hear from you! We value our relationship with you and welcome any questions or comments regarding this Privacy Policy. For inquiries or support, please contact our Member Support team at admin@vyahealth.com. VyaHealth is committed to principles of open, non-discriminatory data access. The company does not condition data sharing on affiliation with any specific clinic, provider, EHR network or vendor.