Contents

Overview

Solstice Accrue ("we," "us," or "our") is committed to protecting the privacy and security of the personal and health information we process. This Privacy Policy describes how we collect, use, disclose, and safeguard information when you use our accumulator bridge services.

Solstice Accrue operates as a service provider to employers, third-party administrators (TPAs), and healthcare entities. We process Protected Health Information (PHI) as a Business Associate under the Health Insurance Portability and Accountability Act (HIPAA).

Our Commitment

We process only the minimum necessary information required to provide accumulator credit services. We never sell personal or health information. We maintain HIPAA-compliant security controls at all times.

Information We Collect

Transaction Data

When processing transparent pharmacy transactions, we collect:

Account Information

For employers and partners using our services:

Technical Data

We automatically collect:

How We Use Information

We use the information we collect to:

Information Sharing

We share information only as necessary to provide our services:

Recipient Purpose Data Shared
TPAs / Carriers Accumulator credit processing EDI claims with transaction details
Employers Reporting and administration Aggregated and member-level reports
Clearinghouses Claim submission EDI transaction data
Service Providers Infrastructure and operations As needed under BAA

We do not sell, rent, or trade personal or health information. We do not share information for marketing purposes.

HIPAA Compliance

Solstice Accrue operates as a Business Associate under HIPAA. We maintain comprehensive safeguards to protect Protected Health Information (PHI):

Administrative Safeguards

Physical Safeguards

Technical Safeguards

Business Associate Agreements

We execute Business Associate Agreements (BAAs) with all covered entities and subcontractors who access PHI. Contact us at [email protected] to request a BAA.

Data Security

We implement industry-leading security measures to protect your information:

Data Retention

We retain information for the minimum period necessary to provide services and comply with legal obligations:

Data Type Retention Period Reason
Transaction Records 7 years HIPAA / ERISA compliance
EDI Claims 7 years Audit trail requirements
Accumulator Data Plan year + 2 years Dispute resolution
Audit Logs 7 years HIPAA requirements
Account Data Duration of relationship + 3 years Business records

Upon request, we will delete or de-identify information that is no longer required, subject to legal retention requirements.

Your Rights

HIPAA Rights

Individuals have rights under HIPAA regarding their PHI, including:

Note: As a Business Associate, many of these requests should be directed to your employer or health plan (the Covered Entity). We will assist Covered Entities in responding to individual requests.

California Privacy Rights

California residents have additional rights under the CCPA/CPRA, including:

Exercising Your Rights

To exercise any of these rights, contact us at:

We will respond to verified requests within 30 days (or as required by applicable law).

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new policy on this page and updating the "Effective Date." For significant changes affecting how we use PHI, we will provide notice to our partners and, where required, obtain consent.

Contact Us

If you have questions about this Privacy Policy or our privacy practices, please contact us:

Privacy Inquiries

Email: [email protected]

Website: solsticeaccrue.com

Solstice Quantum Computing
A Solstice Accrue Division

For HIPAA-related complaints, you may also contact the U.S. Department of Health and Human Services Office for Civil Rights.