Consumer Health Data Privacy Policy
Last updated: April 11, 2026
Effective Date: April 11, 2026
About This Policy
This Consumer Health Data Privacy Policy supplements our general Privacy Policy and applies specifically to health-related information collected through the BenefitsUSA eligibility screener. It is provided in accordance with the Washington My Health My Data Act and similar state privacy laws.
What Is Consumer Health Data?
Consumer health data includes information that identifies or could reasonably be linked to your physical or mental health condition. In the context of our screener, this includes:
- Disability or health condition status
- Pregnancy status
- Current health insurance coverage
- Receipt of Medicaid, Medicare, or SSI
- Veteran status (as it relates to VA healthcare eligibility)
How We Collect Health Data
We collect health-related information only when you voluntarily provide it during the eligibility screening process. You must affirmatively consent before we collect any health-related information in Step 3 of the screener. You are not required to answer health-related questions to use BenefitsUSA.
Categories of Sources
We collect consumer health data directly from you through the BenefitsUSA eligibility screener. We do not collect health data from third-party sources.
Categories of Third Parties
If you opt in to receive assistance, your health-related screening data may be shared with: (1) Licensed health insurance brokers and agents, (2) Licensed disability attorneys and advocates, (3) Infrastructure service providers: Vercel Inc. (website hosting) and Supabase Inc. (data storage), who process data under data protection agreements.
How We Use Health Data
Health data you provide is used solely to:
- Determine which government benefit programs you may qualify for
- Generate your personalized eligibility results
- Improve the accuracy of our screening tool (using anonymized, aggregated data only)
What We Do Not Do With Your Health Data
- We do not sell your health data to any third party
- We do not share your health data with employers, insurers, or government agencies without your explicit consent
- We do not use your health data for targeted advertising
- We do not share health data with data brokers
- We do not share health data with law enforcement without a valid legal process
When We May Share Health Data
We may share your health data only in these limited circumstances:
- With licensed specialists (health insurance brokers, disability attorneys) if you explicitly opt in to receive their assistance
- With our service providers (Vercel for hosting, Supabase for data storage) under data protection agreements requiring them to protect your data
- In response to a valid court order or legal process β but we will provide only the minimum data required and will notify you where permitted by law
How Long We Keep Health Data
Health data submitted through the screener is retained in an aggregated, anonymized form for service improvement. Individual screening records are retained for up to 24 months for operational purposes. You may request deletion of your data at any time by contacting us.
Your Rights
Depending on your state of residence, you may have the right to:
- Access the health data we hold about you
- Correct inaccurate health data
- Delete your health data
- Withdraw consent for health data collection
- Obtain a copy of your health data in a portable format
- Know whether your health data has been shared and with whom
To exercise these rights, contact us at help@benefitsusa.org. We will respond within 45 days.
Security
Health data is transmitted over encrypted HTTPS connections and stored on SOC 2 compliant infrastructure (Supabase). Access to individual screening data is strictly limited to authorized personnel.
Contact Us
Questions about this policy? Contact us at help@benefitsusa.org.