Hi, we’re CHESS Health, the company that makes and supports the CHESS® Platform for Addiction Management, including eIntervention and eRecovery, and, specifically, the Connections App™ for patients referred to treatment and/or in recovery from addiction. In this Privacy Policy, the company will be referred to as “CHESS”.

Depending on whether you’re already in treatment for/recovery from addiction or whether you’ve only been referred to treatment, your use of the Connections App will differ significantly. As a result, the Privacy Policy differs for each situation.

If you’re using, or will be using, the Connections App while in treatment for and/or recovery from addiction, then read this…

At CHESS, we don’t sell or give the CHESS Platform or the Connections App to patients and individuals directly; you’re getting the Connections App through a healthcare provider or treatment center or other type of organization that has a contract with us. This other organization is identified by the Provider Code value you’ve been told to enter into the Connections App in order to create an account. Throughout the rest of this document, this other organization who is enabling your use of the Connections App and who will know almost everything about how you use it and almost all the data you enter into it, will be referred to as the “Provider” or “your Provider”.

If you’re like most people, you want your personal information protected, perhaps especially your clinical information and the details of your recovery from addiction.

Please read this Privacy Policy closely and, if you have any more questions after reading this, please contact us at CHESS (info@chess.health) or discuss with your Provider.

This Privacy Policy will describe the following:

  • The data about you that will be captured and stored in the CHESS Platform
  • Who has access to this data
  • Who else might get access to the data
  • What other patients might know about you or find out about you
  • Optional capture of location data
  • Optional notifications outside of the App
  • Where your data is stored
  • How we protect and secure your data
  • How long data is stored
  • What to do if you want your identifiable data erased or deleted
  • Our policy regarding children
  • Your consent
  • How you can contact us

Very important… If you use the Connections App, then we assume you’re giving us consent to store your data in the CHESS Platform, to give access to this data to your Provider, and you consent to everything in the Privacy Policy. You will also have to accept our End User License Agreement (EULA) before you can start using the App. We will update the Privacy Policy from time to time; you can always read it on our website or from within the App (under Settings).

The data about you that will be captured and stored in the CHESS Platform

In the course of your creating an account, your use of the Connections App, and the Provider’s use of the entire CHESS Platform, personally identifiable information (“PII”) about you will be captured and stored in the CHESS Platform.

The PII that may be stored through your interactions with the Connections App and through the use of the CHESS Platform by your Provider includes, without limitation, your name, username, alias name, email address, physical address, IP address, gender, birthdate, telephone numbers, photographs, date of birth, names of personal contacts, medical information (health plan name, health plan identifier, level of care, primary substance of abuse, mental illness, current treatment facility, comorbidity, whether you are receiving medication-assisted therapy (MAT), whether you are pregnant), employment status, income range, the names of high risk locations you may enter, recovery goals, recovery tasks, answers to survey questions, social wall posts and comments, and the content of all messages, both individual and group messages, you might send using the Connections App to other patients, to counselors, coaches, or other authorized users of the CHESS Platform, including messages, text messages, or emails you might send to CHESS Health or its employees.

The Connections App and the CHESS Platform may also collect certain information automatically, including, without limitation, the type of mobile device you use, your mobile devices unique device ID, the IP address of your mobile device, your mobile operating system, the type of mobile Internet browsers you use, and information about the way you use the CHESS Platform (“Automatically Collected Information”).

Some of the data you enter and some of the data about you will be stripped of any detail (e.g., name, birthdate, etc.) that could identify you (hence called “De-identified Data”). This deidentified data is stored with de-identified data from lots of other patients so that your Provider and other Providers can compare data about large populations to learn about addiction treatment outcomes and other useful analytics. No one performing this analysis will ever know what data in this large population is yours.

Who has access to this data

Your Provider has access to all of the PII. CHESS, which operates and supports the CHESS Platform for the Provider, has access to all the PII and the Automatically Collected Information.

Your Provider and other Providers can perform analytics and benchmarking on the de-identified data described above.

Who else might get access to the data

CHESS may disclose your data to other organizations when (1) required to by law, such as to comply with a subpoena, or similar legal process; or (2) when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.

Also, CHESS may use outside, trusted individuals and companies to help us deliver the CHESS Platform and related services who, in this capacity, may have access to your data.

What other patients might know about you or find out about you

Your provider is also giving the Connections App to other patients. If you are not careful, these patients may be able to identify you through your use of the Connections App. Read carefully…

  • When you first access the Connections App, you will be prompted to set up an alias name, so that your real name will not be visible in the App.
  • You pick your alias name.
  • The CHESS Platform allows your Provider to assign patients to a ‘Team’ – any patients in your team will see your alias name, any details you share about yourself on your ‘Wall’, and they will see whatever photograph, if any, you choose for your profile.
  • The CHESS Platform allows your Provider to assign patients to a ‘Group’ to participate in online discussions through messages. All patients in your group will be able to see your alias name and they will see your profile photograph.
  • Any messages you send to an individual in your Group or to the entire Group will be identified by your alias and your profile picture.

CHESS and your Provider cannot promise that another patient also using the Connections App will not know your identity.

Optional capture of location data

The Connections App has an optional feature, High-risk Locations, which enables you to input an address or specific location that you think could trigger you to relapse. If you set a High-risk Location and then you go near the location with your phone, the Connections App is designed to warn you that you are near this location and offer you support options to avoid relapse. This is an optional feature and it only works if you set your phone to share your location with the Connections App.

Even if you are using the High-risk Location feature and you have set your phone to share your location with the App, the CHESS Platform does not track, collect or store your location or the precise location of your mobile device. If you are using the feature, then the CHESS Platform will store the names you give the high-risk locations entered and it will store when you go near a high-risk location. Your Provider will not know the names of these locations.

Optional notifications outside of the App

The Connections App has an optional capability to push notifications to the home screen of your mobile device. This feature is optional. To be enabled, you must first allow notifications from Connections on your mobile device. At any time, notifications can be turned off through the settings within the Connections App and/or through the settings on your mobile device.

If enabled, a push notification is a message that pops up on a mobile device and can be sent at any time, even when you are not using the app. If you opt to allow push notifications from the Connections App, you will receive notifications such as, reminders, schedules, message alerts, but never anything detailed or specific. Please be aware that these notifications will indicate that they are from the Connections App and may appear on your home lock screen where others can see.

Where your data is stored

CHESS stores your data on secure Amazon Web Services (“AWS”) servers. You can learn more about AWS and how it helps us protect your information here: https://aws.amazon.com/compliance/hipaacompliance/.

How we protect and secure your data

We are committed to safeguarding the confidentiality of your data. We provide physical, electronic, and procedural safeguards to protect information we process and maintain. For example, we limit access to this information to authorized employees and contractors who need to know that information in order to operate, develop or improve the CHESS Platform. In addition, the CHESS Platform employs a variety of technical safeguards to protect the confidentiality, integrity, and availability of your data including encryption of the data in transit and at rest and other industry best practices. Please be aware that, although we strive to provide reasonable security for information we process and maintain, no security system can prevent all potential security breaches.

How long data is stored

Your data will be stored in the CHESS Platform as long as your Provider remains a customer of CHESS.

What to do if you want your identifiable data erased or deleted

If you have stopped using the Connections App and have deleted the app from all mobile devices, and want to be sure your identifiable data is cleared from all databases, you can reach out to your Provider to get your identifiable data erased or deleted from the CHESS Platform.

Our policy regarding children

The Connections App and the CHESS Platform is not for patients under the age of thirteen. If a parent or guardian becomes aware that his or her child has entered their own personal data into the Connections App or somehow been given an account by a Provider, please contact us at support@chess.health.

Your consent

As stated earlier, your use of the CHESS Platform is an acknowledgement that you understand and consent to this Privacy Policy. CHESS may modify this Privacy Policy at any time effective upon its posting. Your continued use of the CHESS Platform constitutes your acceptance of this Privacy Policy and any updates.

You will also have to accept our End User License Agreement (EULA) before you can create an account and start using the App. Read it carefully too.

How you can contact us

If you have any questions regarding the Privacy Policy, please contact us at support@chess.health.

If you’re using, or will be using, the Connections App in conjunction with a referral to treatment, read this…

At CHESS, we don’t sell or give the CHESS Platform or the Connections App to patients and individuals directly; you’re getting the Connections App through a healthcare provider or treatment center or other type of organization that has a contract with us to use our eIntervention solution. This is the organization that, with your permission, sent you a text message with a link to download the Connections App. Throughout the rest of this document, this other organization who is enabling your use of the Connections App will be referred to as the “Provider” or “your Provider”.

If you’re like most people, you want your personal information protected, perhaps especially your clinical information and the details of your addiction.

Please read this Privacy Policy closely and, if you have any more questions after reading this, please contact us at CHESS or discuss with your Provider (our contact information is below).

This Privacy Policy will describe the following:

  • The data about you that will be captured and stored in the CHESS Platform
  • Who has access to this data
  • Who else might get access to the data
  • What other patients might know about you or find out about you
  • No capture of location data
  • Optional notifications outside of the App
  • Where your data is stored
  • How we protect and secure your data
  • How long data is stored
  • What to do if you want your identifiable data erased or deleted
  • Our policy regarding children
  • Your consent
  • How you can contact us

Very important… If you use the Connections App, then we assume you’re giving us consent to store your data in the CHESS Platform, to give access to this data to your Provider, and you consent to everything in the Privacy Policy. You will also have to accept our End User License Agreement (EULA) before you can create an account and start using the App. We will update the Privacy Policy from time to time; you can always read it on our website or from within the App (under Settings).

The data about you that will be captured and stored in the CHESS Platform

In the course of your creating an account, your use of the Connections App, and the Provider’s use of the entire CHESS Platform, personally identifiable information (“PII”) about you will be captured and stored in the CHESS Platform.

The PII that may be stored through your interactions with the Connections App and through the use of the CHESS Platform by your Provider includes, without limitation, your name, physical address, gender, birthdate, telephone numbers, primary substance of abuse, mental illness, the services for which you’ve been referred, the providers to whom you’ve been referred, the videos you’ve watched, the ratings you gave to videos, and the content of all messages you might send using the Connections App to your Provider and to the providers to whom you’ve been referred.

The Connections App and the CHESS Platform may also collect certain information automatically, including, without limitation, the type of mobile device you use, your mobile devices unique device ID, the IP address of your mobile device, your mobile operating system, the type of mobile Internet browsers you use, and information about the way you use the CHESS Platform (“Automatically Collected Information”).

Some of the data you enter and some of the data about you will be stripped of any detail (e.g., name, birthdate, etc.) that could identify you (hence called “De-identified Data”). This deidentified data is stored with de-identified data from lots of other patients so that your Provider and other Providers can compare data about large populations to learn about referral outcomes and other useful analytics. No one performing this analysis will ever know what data in this large population is yours.

Who has access to this data

Your Provider has access to all of the PII that they enter and any messages they receive from you. If you consent to an electronic referral being sent to other providers, then these other providers will receive the PII associated with the referral and will be able to message you through the Connections App.

CHESS, which operates and supports the CHESS Platform for the Provider, has access to all the PII and the Automatically Collected Information.

Your Provider and other Providers can perform analytics and benchmarking on the de-identified data described above.

Who else might get access to the data

Other than enabling referral data sharing among providers, CHESS may disclose your data to other organizations when (1) required to by law, such as to comply with a subpoena, or similar legal process; or (2) when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.

Also, CHESS may use outside, trusted individuals and companies to help us deliver the CHESS Platform and related services who, in this capacity, may have access to your data.

What other patients might know about you or find out about you

If you’re using the Connections App related to a referral to treatment, then you will not engage with other patients/individuals through the app and other patients/individuals will not learn anything about you.

No capture of location data

If you’re using the Connections App related to a referral to treatment, then there is no use of location data and the Connections App will not know of or capture location data.

Optional notifications outside of the App

The Connections App has an optional capability to push notifications to the home screen of your mobile device when you receive a new message. This feature is optional. To be enabled, you must first allow notifications from Connections on your mobile device. At any time, notifications can be turned off through the settings within the Connections App and/or through the settings on your mobile device.

If enabled, a push notification is a message that pops up on a mobile device and can be sent at any time, even when you are not using the app. If you opt to allow push notifications from the Connections App, you will receive notifications such as, reminders, schedules, message alerts, but never anything detailed or specific. Please be aware that these notifications will indicate that they are from the Connections App and may appear on your home lock screen where others can see.

Where your data is stored

CHESS stores your data on secure Amazon Web Services (“AWS”) servers. You can learn more about AWS and how it helps us protect your information here: https://aws.amazon.com/compliance/hipaacompliance/.

How we protect and secure your data

We are committed to safeguarding the confidentiality of your data. We provide physical, electronic, and procedural safeguards to protect information we process and maintain. For example, we limit access to this information to authorized employees and contractors who need to know that information in order to operate, develop or improve the CHESS Platform. In addition, the CHESS Platform employs a variety of technical safeguards to protect the confidentiality, integrity, and availability of your data including encryption of the data in transit and at rest and other industry best practices. Please be aware that, although we strive to provide reasonable security for information we process and maintain, no security system can prevent all potential security breaches.

How long data is stored

Your data will be stored in the CHESS Platform as long as your Provider remains a customer of CHESS.

What to do if you want your identifiable data erased or deleted

If you have stopped using the Connections App and have deleted the app from all mobile devices, and want to be sure your identifiable data is cleared from all databases, you can reach out to your Provider to get your identifiable data erased or deleted from the CHESS Platform.

Our policy regarding children

The Connections App and the CHESS Platform is not for patients under the age of thirteen. If a parent or guardian becomes aware that his or her child has entered their own personal data into the Connections App or somehow been given an account by a Provider, please contact us at support@chess.health.

Your consent

As stated earlier, your use of the CHESS Platform is an acknowledgement that you understand and consent to this Privacy Policy. CHESS may modify this Privacy Policy at any time effective upon its posting. Your continued use of the CHESS Platform constitutes your acceptance of this Privacy Policy and any updates.

You will also have to accept our End User License Agreement (EULA) before you can create an account and start using the App. Read it carefully too.

How you can contact us

If you have any questions regarding the Privacy Policy, please contact us at support@chess.health.