Privacy practices

Our use and disclosure of an individual's personal information is limited as required by state and federal law. We do not sell or rent personal information about visitors to this site or employees who use the site. This Web site has security measures in place to help protect against the loss, misuse, or alteration of information under our control. These measures include encryption of data using the Secure Socket Layer (SSL) system over the Internet.

Web site visitor data

Kaiser Permanente routinely gathers data on Web site activity, such as how many people visit the site, the pages they visit, where they come from, how long they stay on the site, etc. The data is collected on an aggregate, anonymous basis, which means that no personal identifiable information is associated with the data. This data helps us improve site content and overall usage. The information is not shared with other organizations for their independent use.

Collecting and using personal information

Except as disclosed in this Privacy Statement, we do not collect any identifiable information about visitors to this site or our customers who use this site. The policies, sources, and uses of information are outlined below: 

1. Web logs
   We maintain standard Web logs that record data about all visitors and customers who use this site and we store this information for a while. These logs may contain the Internet domain from which you access the site (such as aol.com, abc.org, etc.); the IP address which is automatically assigned to your computer when you get on the Internet (a static IP address may be identifiable as being connected to you, while a dynamic address is usually not identifiable); the type of browser and operating system you use; the date and time you visited the site; the pages you viewed on the site; the address of the Web site you linked from, if any. If you sign on to this Web site to use its secured features, our Web logs will also contain an individual identifier and show the services you have accessed.

   All Web logs are stored securely, and may only be accessed by Kaiser Permanente employees or designees on a need-to-know basis for a specific purpose. Kaiser Permanente uses Web log information to help us design our site, to identify popular features, to resolve user, hardware, and software problems, and to make the site more useful to visitors.

    

2. Internet cookies
   We may place Internet "cookies" on the computer hard drives of visitors to this Kaiser Permanente Web site. Information we obtain from cookies helps us to tailor our site to be more helpful and efficient for our visitors. The cookie consists of a unique identifier that does not contain personal information about you. This web site uses "session" cookies.

   A session cookie is temporary, and expires after you end a session and close your Web browser. We use session cookies to help customize your experience on our site, maintain your signed-on status as you navigate through our features, and to track your "click path" through our Web pages.

   You may have software on your computer that will allow you to decline or deactivate Internet cookies, but if you do so, some features of this site may not work properly for you. For instructions on how to remove cookies from your hard drive, go to your browser's Web site for detailed instructions. In addition, further information regarding cookies may be available on other Web sites or from your Internet service provider.

    

3. Evaluation and research
   We will periodically ask users to complete surveys asking about their experiences with features of the Web site. Our surveys may ask visitors for demographic information such as age, gender, and education, but will not request that users provide personally identifiable information. We use survey information for research and quality improvement purposes, including helping Kaiser Permanente to improve information and services offered through the Web site. In addition, users giving feedback may be individually contacted for follow-up due to concerns raised during the course of such evaluation. Demographic information and Web log data may be stored for future research and evaluation.


4. Messages and transactions
   Comments or questions sent to us using e-mail or mail forms will be shared with Kaiser Permanente staff who are most able to address your concerns. We will archive your messages once we have made our best effort to provide you with a complete and satisfactory response.

   Some of our services such as HR Employee Self Service interact directly with other Kaiser Permanente data systems. Data about your transaction may be stored in these systems, and available to people who test and support these systems.

    

5. Disclosures
   We may disclose personal information to any person performing audit, legal, operational, or other services for us. We will use information which does not identify the individual for these activities whenever feasible. Information disclosed to vendors or contractors for operational purposes may not be re-disclosed to others by such a vendor or contractor.

   We may disclose personal information when required to do so by a subpoena, court order, or search warrant. We may disclose personal information as we deem it appropriate to protect the safety of an individual or for an investigation related to public safety or to report an activity that appears to be in violation of law. We may disclose personal information to protect the security and reliability of this site and to take precautions against liability.

    

6. California Consumer Privacy Act of 2018: Notice to Covered Individuals ("CCPA Notice")

   Background

   Kaiser Permanente (“KP”) is committed to complying with all privacy laws. The state of California enacted the California Consumer Privacy Act of 2018 (the CCPA), as amended by the California Privacy Rights Act, to give consumers certain rights with respect to their personal information collected by businesses, including the right to know what personal information is being collected about them. The CCPA requires a business to inform Covered Individuals of the categories of personal information collected and the purposes for which those categories of personal information are used. For purposes of this notice, the CCPA applies only to the following KP entities: (i) The Permanente Medical Group (“TPMG”) or (ii) Southern California Permanente Medical Group (“SCPMG”). A “Covered Individual” under CCPA refers to a natural person who is acting as a job applicant to, an employee of, owner of, director of, officer of, medical staff member of, or contractor of TPMG or SCPMG.

   This CCPA Notice is being provided to inform Covered Individuals of the rights they have regarding the personal information collected about them, the categories of personal information KP may collect, and the purposes for which KP collects that information.

    

   Rights Under the CCPA

   Covered Individuals have the right to the request the following:

   • The categories of personal information collected about them, the categories of the sources from which that information was collected, the business purpose for that collection, the types of third parties with whom the information is disclosed, and the information collected about them;
   • The correction of inaccurate personal information (Note: most personal data can be updated directly by employees on HRconnect); and
   • The deletion of personal information collected about them.
   
   

   Categories of Personal Information Collected
   The relevant categories of personal information about Covered Individuals that KP may collect include:

   • Names
   • Contact information (address, phone, email address)
   • Unique personal identifiers (e.g., Social Security number)
   • Information about your financial accounts and health insurance
   • Information necessary to run drug and health screening or provide workers compensation insurance and care
   • Information about your educational, professional, and employment history
   • Information about internet browsing history on KP assets
   
   

   Purposes of Personal Information Collected About Covered Individuals

   KP’s businesses with obligations under the CCPA collect personal information about Covered Individuals solely for Human Resources (HR) related functions including employer communications, payroll, taxes, benefits, recruitment, relocation, policy administration, and personnel records. This includes personal information directly provided to KP businesses covered under the CCPA by you or by a vendor contracted to provide HR services to employees (for example, retirement administration, life insurance, dental insurance, etc.). KP’s businesses with obligations under the CCPA disclose personal information of Covered Individuals to third parties necessary to carry out these HR related functions.

    

   When the personal information collected is necessary to fulfill one or more HR services for which it was collected, requests to delete personal information may not be able to be fulfilled. For example, personal information may not be able to be deleted if the personal information is required to perform a contract, comply with a legal obligation, or perform an action that the individual seeking deletion has themselves requested.

    

   If you have any questions or concerns, you can contact us or call 833-945-2456.

Revisions to the Privacy Statement

We may revise this Privacy Statement from time to time as we add new features or as laws change that may affect our services. If we make material changes to our Privacy Statement, we will post notice of this on our Web site. Any revised Privacy Statement will apply both to information we already have about you at the time of the change, and any personal information created or received after the change takes effect. We include a version number on this Privacy Statement consisting of the date (year, month, and day) it was last revised. We encourage you to periodically reread this Privacy Statement, to see if there have been any changes to our policies that may affect you.

Last updated: January 31, 2023