Privacy policy

Priority Health respects your privacy and is committed to protecting it through our compliance with this policy. This policy describes the types of information we may collect from you or that you may provide when you visit the website (our "Website") and our practices for collecting, using, maintaining, protecting, and disclosing that information

Please read this policy carefully to understand our policies and practices regarding your information and how we will treat it. If you do not agree with our policies and practices, your choice is not to use our Website. By accessing or using this Website, you agree to this privacy policy. This policy may change from time to time (see Changes to Our Privacy Policy). Your continued use of this Website after we make changes is deemed to be acceptance of those changes, so please check the policy periodically for updates.

Learn more about Interoperability and Priority Health

The Centers for Medicare & Medicaid Services (CMS) put forth new rules that create a more consistent framework for interoperability and shifted responsibility of your health care data to you as the member and owner of that data. Part of these changes include a simplified and consistent mechanism for applications (apps) to be able to ask you to allow their app to access your data. This rule requires Priority Health to implement and maintain a secure but "open" Application Programming Interface (API) for developers to create apps that can help you access your health care data and to help health care systems exchange information in an interoperable format when you allow them to do so. The information includes claims and encounter information for as long as Priority Health maintains it in its records. This access is for any member who has a Medicaid, including MIChild, Healthy Michigan Plan and Children's Special Health Care Services (CSHCS) plan, Medicare Advantage plan, or purchased a Qualified Health Plan (QHP) on the Federally-Facilitated exchanges through Priority Health. Priority Health has partnered with 1UpHealth to enable this capability. Members can request this information using one of the approved third-party applications (app).

CMS rules on interoperability limit what health insurance companies can do to stop apps from asking you to access your health data. This shift in responsibility for protecting your data means that you as the member have more control over who can access your health care data and you have more responsibility to protect your health care data. Priority Health believes it is important to provide you with educational resources concerning the privacy and security of your protected health information (PHI) in the context of disclosures of your information to third-party apps.

Steps you may take to protect your privacy and security

You should feel comfortable asking whether the third-party app has a Privacy Policy and/or Terms of Service. In some instances, the app's privacy and security language may be in the app's Terms of Service and not a separate Privacy Policy. If the app does not have a Privacy Policy, you should evaluate the possible risks in moving forward with the app.

You can consider the questions noted below when reviewing the Privacy Policy. If the app's Privacy Policy does not clearly answer the below questions, you should reconsider using the app to access your health information. Health information is very sensitive, and you should be careful to choose apps with strong privacy and security standards to protect it.

  • What health data will be collected?
  • Will non-health data be collected from my device (ex: my location or any Internet search information)?
  • Will my data be stored in a deidentified or anonymized form (ex: someone would not know the data was about me)?
  • Will my data be stored or accessed outside the United States?
  • How will the app use my data?
  • What are the secondary uses of my data?
  • Will my data be disclosed to third parties (other companies) by the app for any purposes (ex: research and advertisement)?
  • Will this app sell my data to third parties for any reason?
  • Will this app share my data for any reason? If so, with whom and for what purpose?
  • How can I limit this app's use, disclosure, or sale of my data?
  • What security measures will be used to protect my data?
  • How will I be notified if there are any security concerns or any data breaches?
  • What impact could sharing my data with this app have on others, such as my family members?
  • How can I access my data and correct inaccuracies in the data retrieved by this app? (Note that correcting inaccuracies in data collected by the app will not affect inaccuracies in the source of the data.)
  • Does this app have a process for collecting and responding to user complaints?
  • Does this app allow its customers to see user complaints and how they were resolved? Or does this app provide a question-and-answer forum?
  • How do I terminate the app's access to my data if I no longer want to use the app or if I no longer want this app to have access to my health information? How difficult will it be to terminate access?
  • What is the app's policy for deleting my data from the company's records once I terminate access? Is it more than just deleting the app from my device?
  • How will this app inform me of changes in its privacy practices?

Some members, particularly members who are covered by Qualified Health Plans (QHPs) on the Federally-facilitated Exchanges (FFEs), may be part of an enrollment group where they share the same health plan as multiple members of their tax household.

Information will only be shared per HIPAA guidelines, meaning that unless you are a minor, Protected Health Information (PHI) cannot be shared without a release. If you prefer that we do not share any information with anyone else on the plan you have the ability to set up security questions which would need to be answered in order to access the account.

The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) enforces the HIPAA Privacy, Security, and Breach Notification rules along with the Patient Safety Act and Rule. The HIPAA Privacy Rule covers health plans, health care clearinghouses, and health care providers who conduct certain financial and administrative transactions electronically. Priority Health is subject to HIPAA.

Learn more about rights under HIPAA and who is obligated to follow HIPAA.

You can also read more about HIPAA FAQs for individuals.

Most third-party apps will not be covered by HIPAA because they are not affiliated with entities governed by the HIPAA Privacy Rule. Third-party apps likely fall under the Federal Trade Commission (FTC)'s jurisdiction and the protections provided by the FTC Act. Among other things, the FTC Act protects against deceptive acts (e.g., if an app shares personal data without permission, despite having a privacy policy stating that it will not do so).

Learn more from the FTC about mobile app privacy and security.

You should keep in mind that once health information leaves Priority Health that there is a potential that the information released may be disclosed (released/shared) by the recipient (the third-party app) and that it may no longer be protected by HIPAA.

If a you believe your data with the third-party has been used inappropriately or breached you can submit complaints to the Office for Civil Rights or to the Federal Trade Commission (FTC).

Learn more from the FTC about mobile app privacy and security.

The privacy team can be reached by emailing or by calling the privacy hotline at 616.486.4113.

Summary of our practices

We collect the following information:

  • Personal information that you provide us on a voluntary basis.
  • Information that your browser routinely shares with websites.

We use and disclose the information we collect for the following purposes:

  • To create and maintain your account.
  • To provide you information about products and services that you request or that we think may interest you.
  • To help us improve our Website, understand its users and their preferences, and to market our services.
  • To protect our business interests or the rights of others, when required by law, to cooperate with law enforcement, or in connection with the sale or merger of all or part of our business.

The Site uses the following tracking technologies:

  • Cookies and other similar technology track movement across our website and keep track of our users and their preferences.

Other details about our practices:

  • Although the Website may contain links to other websites, this policy applies only to websites owned and operated by Priority Health.
  • We use your personal information only for the purposes for which it is collected and consistent with this policy, and we retain your information only as long as permitted by applicable law.
  • We may update this policy from time to time, but we will allow you to opt in to any material changes in how we use your previously collected personal information.

How we collect and use your personal information

  • Your member account registration collects information such as your name, date of birth, member ID number and other contract information. We use it to verify that you have access to the personal, health and billing information your member account displays.
  • Our Secure Message form asks for your name, email address, phone number, mailing address and other information. We use it to reply to you when answering your questions or comments.
  • Our Web Feedback form saves your email address IF you enter your email address in the form. We use it to reply to your questions and comments.
  • Claims we get from doctors, hospitals, pharmacies and other health care professionals to pay for your health care give us information about your health. We use this information:
    • To track whether doctors are making sure you get all the preventive care you need.
    • To let you know that you might be due for preventive care, such as a mammogram or cholesterol test.
    • To see if you are having more than one health problem at a time and may need the help of a care manager.
    • To show employers if conditions like diabetes are costing them more than average. This information is shared as a percentage of all employees ("20% have diabetes"), NOT as a list of individual employees ("Jane Doe and John Smith have diabetes").
  • The online personal health planner and health risk assessment that you can access at WebMD® when you are logged in to your member account on this website collects information you voluntarily provide about your physical condition and health and family history. Our medical department may use the health information to help us determine if you have a health condition that we can help you manage. Note: When you register your member account on our website, you also accept the WebMD® privacy policy and their terms and conditions of use.
  • The Cost Estimator tool collects information about what health procedures you search for and what providers you choose. This lets us determine if you have earned a reward for choosing a lower-cost provider when we get a claim for one of the reward-eligible medical and surgical procedures.
  • Lead Ads are advertisements served by third parties on our behalf across the Internet and to provide analytics services. These third parties, including Facebook, may use cookies, web beacons, and other technologies to collect information about your use of the Applications and other websites and software applications, including your IP address, web browser, pages viewed, time spent on pages, links clicked, and conversion information. This information may be used by us and these third parties to analyze and track data, determine the popularity of certain content, deliver advertising and content targeted to your interests in our services and other websites and software applications, and better understand your online activity. We do not sell Lead Ad-generated data under any circumstances . This privacy policy does not apply to, and we are not responsible for, third party cookies, web beacons, or other tracking technologies and we encourage you to check the privacy policies of these third parties to learn more about their privacy practices.

Cookie policy and other tracking technology

As is commonly done on websites, as you navigate through and interact with our Website, we may use automatic data collection technologies to collect certain information about your equipment, browsing actions, and patterns, including:

  • Details of your visits to our Website, including traffic data, location data, logs, and other communication data and the resources that you access and use on the Website.
  • Information about your computer and internet connection, including your IP address, operating system, and browser type.

The information we collect automatically is only statistical data and does not include personal information, but we may maintain it or associate it with personal information we collect in other ways or receive from third parties. It helps us to improve our Website and to deliver a better and more personalized service, including by enabling us to:

  • Estimate our audience size and usage patterns.
  • Store information about your preferences, allowing us to customize our Website according to your individual interests.
  • Speed up your searches.
  • Recognize you when you return to our Website.

Some of the technology we use for this automatic collection of data may include browser cookies and Flash cookies. Browser cookies are files with a small amount of data that is commonly used as an anonymous unique identifier. These are sent to your browser from the website that you visit and are stored on your computer's hard drive.

If you do not wish to allow browser cookies, please disable cookies by changing your browser settings before continuing to use this Website. Please be aware that some of the Website's functions or features may not work properly without cookies.

Certain features of our Website may also use local stored objects (or Flash cookies) to collect and store information about your preferences and navigation to, from, and on our Website. Flash cookies are not managed by the same browser settings as are used for browser cookies. For information about managing your privacy and security settings for Flash cookies, see Choices About How We Use and Disclose Your Information.

Pages of our Website and our e-mails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit the Company, for example, to count users who have visited those pages or opened an email and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).

In addition to our tracking technology, we collaborate with various third-party service providers who also use cookies to help us optimize our Website, understand more about the visitors to our Website, or place advertisements for our services on sites and applications operated by others (also called interest-based advertising). For example, we use Google Analytics to provide us with demographic information about our visitors and to help us analyze how people use our website.

Disclosure of your information

We may disclose aggregated information about our users, and information that does not identify any individual, without restriction.

We may disclose personal information that we collect or you provide as described in this privacy policy:

  • To our subsidiaries and affiliates.
  • To contractors, service providers, and other third parties we use to support our business and who are bound by contractual obligations to keep personal information confidential and use it only for the purposes for which we disclose it to them.
  • To a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of Priority Health's assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by Priority Health about our Website users is among the assets transferred.
  • To fulfill the purpose for which you provide it.
  • For any other purpose disclosed by us when you provide the information.
  • With your consent.

We may also disclose your personal information:

  • To comply with any court order, law, or legal process, including to respond to any government or regulatory request.
  • To enforce or apply our terms of use and other agreements, including for billing and collection purposes.
  • If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of Priority Health, our customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.

Choices about how we use and disclose your information

We strive to provide you with choices regarding the personal information you provide to us. We have created mechanisms to provide you with the following control over your information:

  • Tracking technologies. You can set your browser to refuse all or some browser cookies, or to alert you when cookies are being sent. To learn how you can manage your Flash cookie settings, visit the Flash player settings page on Adobe's website. If you disable or refuse cookies, please note that some parts of this site may then be inaccessible or not function properly.
  • Interest-based advertising. We do not control third parties' collection or use of your information to serve interest-based advertising. However these third parties may provide you with ways to choose not to have your information collected or used in this way. You can opt out of receiving targeted ads from members of the Network Advertising Initiative ("NAI") on the NAI's website.

Accessing and correcting your information

You can review and change your personal information by logging into the Website and visiting your account profile page. You may also send us an email at to request access to, correct or delete any personal information that you have provided to us. We may not be able to delete your personal information except by also deleting your user account. We may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect.


Our Website is not directed at children under the age of 13 and we will not knowingly collect information about children under the age of 13. If you are under the age of 13, please do not submit your personal information. If you are a parent who believes that we have collected information about a child under age 13, please contact us as detailed below and we will be happy to delete the information.

Your California privacy rights

For California residents: We may share your personal information with affiliated third parties, some of which do not share the Priority Health name, for their direct marketing purposes. These categories of affiliate are considered unaffiliated parties under California law, you may request information about our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please send an email to Please include your name and email address in such request.

California law may also provide you with additional rights regarding our use of your personal information. To learn more about your California privacy rights, visit California's "Shine the Light" law (Civil Code Section § 1798.83) permits users of our Website that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please send an email to

Rights with respect to your personal health information

You'll find all the details of how we protect your personal health information in our Notice of Privacy Practices.

You can ask us to share your information

Priority Health members can give us permission to discuss or provide information about their health, their plan and their billing and payments with people they name. They can also cancel that permission. Here's how:

  • To name someone who can act for you: You can give someone the power to make decisions for you and agree to medical expenses, pay bills on your behalf, and do everything you are able to do with your health and financial information. You use a Power of Attorney form or an Appointment of Representative form to give someone that power. Call Customer Service at the number on your membership card to let us know that you have appointed a representative or given a Power of Attorney to someone and learn how to send us a copy of the signed form.
  • To name someone who can see your information, but cannot act for you:

Data security

We have implemented measures designed to secure your personal information from accidental loss and from unauthorized access, use, alteration, and disclosure. The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password for access to certain parts of our Website, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.

Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your personal information, we cannot guarantee the security of your personal information transmitted to our Website. Any transmission of personal information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Website.

Data retention

We retain your account information as long as you have an account with us. We typically retain your personal information related to marketing activities for as long as you accept marketing communications from us. We will securely delete such data in accordance with, and to the extent permitted by applicable law, upon request. For personal information that we collect and process for other purposes, we typically retain such personal information for no longer than for the period necessary to fulfill the purposes outlined in this Privacy Notice and as otherwise specified in applicable record retention policies and procedures. We may retain your personal information even after you have unsubscribed from our communications or closed your account if reasonably necessary to comply with our legal obligations (including law enforcement requests), meet regulatory requirements, resolve disputes, maintain security, prevent fraud and abuse, or enforce our terms and conditions. We will retain de-personalized information after we have otherwise deleted your personal information.

Cross border transfers of information

Any information you provide to us through the use of the Website may be stored, processed, transferred among, and accessed from the United States and other countries which may not guarantee the same level of protection of personal information as the one in which you reside. However, we will handle your personal information in accordance with this Privacy Notice regardless of where your personal information is kept. Regarding transfers from the European Economic Area ("EEA") to the United States, we rely on the derogations for transfers which are necessary to perform the transaction with you. Where required by law, you may request a copy of the suitable mechanisms we have in place by contacting us as detailed below. If you reside in other non-US jurisdictions outside the EEA, your use of the Website or provision of any personal information constitutes your consent for the transfer of such data to the United States for the purposes identified above. If you have questions about cross-border transfers, please contact us as detailed below.


At this time the Website does not recognize automated browser signals regarding tracking mechanisms, which may include “do not track” instructions. However, you can change your privacy preferences regarding the use of cookies and similar technologies through your browser or mobile device.

Third party sites

The Website may contain links to other websites. We are not responsible for the privacy practices or content of any linked sites. We encourage our users to be aware when they leave our Website and to read the privacy statements of each website to which we may link that may collect personal information.

Changes to our privacy policy

It is our policy to post any changes we make to our privacy policy on this page. If we make material changes to how we treat our users' personal information, we will notify you. The date the privacy policy was last revised is identified at the top of the page. You are responsible for ensuring we have an up-to-date active and deliverable email address for you, and for periodically visiting our Website and this privacy policy to check for any changes.

Contact us

If you have any questions or complaints about our privacy practices or this policy, contact the Priority Health Compliance Department.


Mailing address:

Priority Health
MS 3230
1231 East Beltline NE
Grand Rapids, MI 49525


Last modified: June 2021