IBM, my new employer, uses CVS Caremark as the prescription insurance
  provider. Since the other option when one signs up is no insurance, I
  signed up.

  I shop occasionally at CVS, but it is rarely a pleasant experience.
  Most of their stores remind me of old run down K-Marts. They're dirty,
  terminally understaffed, and what staff there is seemed to have had the
  life sucked out of them. While I'm sure there are shiny locations and
  energetic staff, I haven't encountered either in a long time.

  My scripts are consistently cheaper with this plan even when I fill
  them at other pharmacies. A win for me, no doubt.

  Today my postal mail included a CVS Caremark envelope. I opened it up,
  expecting a benefits statement.

  Instead I learned that I was opted in to CVS's data mining program,
  ExtraCare. Thus we're introduced to the creepy. You can tell that it is
  creepy because there's no privacy statement at all in the accompanying
  letter (oh, they sent me unsolicited cards). However, if one reads the
  very last sentence of the letter, in a paragraph in smaller text than
  everything else including the footnotes, one will see that:

    Once you use this card at your local CVS/pharmacy or online,
    information about your purchases will be maintained by CVS retail.

  How creepy is that? What purchases & to what extent? How do they
  protect my data? By the way, there are 16 references to "save",
  "savings, "discount", and associated words in the letter.

  Oh, and they offer no easy way to get more information about the
  privacy implications or un-opt-in. They're not open until Monday at
  08:30 ET and the web site is bereft of data.

  Apparently even calling the 888 number for more information grants CVS
  rights under this letter. The rights they claim are to tie your data to
  the ExtraCare account you didn't ask for. Classy.

  I'll update as I learn more.
    __________________________________________________________________

  My original entry is here: [1]Creepy Employer Sponsored Marketing. It
  posted Sat, 14 Feb 2015 22:33:27 +0000.
  Filed under: personal, privacy, HIPAA, PHI,

References

  1. https://www.prjorgensen.com/2015/02/14/creepy-employer-sponsored-marketing/

You are viewing proxied material from sdf.org. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.