Updated July 8, 2020

At WPS we take our customers' privacy seriously and understand that visitors of our website need to be in control of their personally identifiable information (name, email address, postal address, etc.). As subcontractor for the Centers of Medicare & Medicaid Services (CMS), WPS follows all applicable federal Privacy regulations in accordance with our contract.

Data Collection, Use and Disclosure

WPS will not gather personally identifiable information (PII) about you unless you specifically and knowingly provide this information to us. Information gathered and/or collected will be used to fulfill requirements as a CMS contractor and retained only as long as needed or as mandated. Personally identifiable information is any information about an individual maintained by WPS with respect to, but not limited to, education, financial transactions, medical history and criminal or employment and information that can be used to distinguish or trace an individual’s identity (e.g. name, Social Security number, date and place of birth, mother’s maiden name, biometric) etc. including any other personal information linked or linkable to an individual. WPS will collect specific PII from you when you enroll in the GHA portal, to establish your account and to properly authenticate you for access to the portal. Sections 1842, 1862 (b) and 1874 of Title XVIII of the Social Security Act (the Act) (42 United States Code (U.S.C.) 1395u, 1395y (b) and 1395kk gives CMS the authority to collect and use personal information for the Medicare program. As a subcontractor to CMS, we use this data to verify who is authorized to obtain this personal information.  The use of this portal is totally voluntary, but failure to provide this information will limit our ability to provide any information to you. 

When you browse through any website, certain information about your visit may be collected. WPS uses a web analytics program to collect information automatically and continuously. WPS uses this information to measure the number of visitors to its sites and to distinguish between new and returning visitors to help make the site more useful. However, no personally identifiable information (PII) is collected. 

WPS performs analyses of user behavior in order to measure customer interest in the various areas of our site. The reports are only available to limited staff that require this information in order to perform their job. In addition, WPS also reports website inquiries as official written inquiries as required by CMS regulations in the Internet-Only Manual (IOM) Publication 100-09, Chapter 6, Section 30.3.

WPS also uses online surveys to collect opinions and feedback from a random sample of visitors. This survey does not collect PII. Participation in the survey is voluntary. If you decline to participate, you will still have access to the identical information and resources on WPS' provider websites as those who do decide to take the survey. Answers to the survey help us to improve our provider websites to make them easier for you to use. 

How WPS Uses Cookies

The Office of Management and Budget Memo M-10-22, Guidance for Online Use of Web Measurement and Customization Technologies  allows Federal agencies to use session and persistent cookies. As a subcontractor to one of those agencies -- the Centers for Medicare & Medicaid Services (CMS) - WPS is permitted to utilize the same technology.

When you visit a website, its server may generate a piece of text known as a "cookie" to place on your computer. The cookie allows the server to "remember" specific information about your visit while you are connected. The cookie makes it easier for you to use the dynamic features of web pages. Requests to send cookies from WPS' web pages are designed to collect information about your browser session only; they do not collect personal information about you. Note that regardless of the particular uses for cookies on our website, we will not share any cookie information with any third parties.

There are two types of cookies: "Temporary session cookies" (single session) and "persistent cookies" (multi-session). Temporary session cookies will last only as long as your browser is open. Once you close your browser, the temporary session cookie will disappear. Persistent cookies are stored on your computer for longer periods.

How WPS uses temporary session cookies

WPS uses temporary session cookies for technical purposes such as improving navigation through our site. These cookies let WPS servers know that you are continuing to visit its site. The temporary cookie is not permanently stored on your computer. The cookie and the information about your visit are automatically deleted shortly after you close your browser to end the session. The OMB Memo 10-22 Guidance defines WPS' use of session cookies as "Usage Tier 1 -- Single Session." The policy says, "This tier encompasses any use of single session web measurement and customization technologies." 

How WPS uses persistent cookies

WPS uses persistent cookies to help recognize new and returning visitors to WPS' provider websites. Persistent cookies remain on your computer between visits to the provider websites until they expire. WPS does not use this technology to identify you or any other individual site visitor.

WPS' feedback survey tool uses persistent cookies to block repeated invitations to take the Results survey. WPS also uses persistent cookies to enable its Web analytics program to measure how new and returning visitors use its provider websites over time. 

The OMB Memo 10-22 Guidance defines WPS' use of persistent cookies as "Usage Tier 2 -- Multi-session without Personally Identifiable Information (PII)." The policy says, "This tier encompasses any use of multi-session web measurement and customization technologies when no PII is collected."

How to "opt out" or disable cookies

If you do not wish to have temporary or persistent cookies placed on your computer, you may disable them using your browser. If you decide to "opt out" of cookies, you will still have access to all information and resources the WPS provider websites provide.

You can remove any cookies that have been created in the cookie folder of the most popular Internet browsers. Simply click the "Help" function on your browser and enter "cookies" to search for information on how to remove all or individual cookies.

Protecting Information

WPS is committed to ensuring that our customer's information is properly collected, used and maintained. We will not disclose, give, sell or transfer any personally identifiable information that you provide through our website to third parties except in response to a valid subpoena, warrant, or court order or as otherwise required by law.

WPS will protect any personal information you share with us in compliance with the Federal Privacy Act of 1974, 5 U.S.C. Section 522a, Health Insurance Portability and Accountability Act of 1996 (HIPAA), and CMS Contract requirements. For example, WPS will only allow its employees or contractors to access your personal information if they need such information to perform their job. Additionally, WPS will require any employee or contractor who accesses your personal information to comply with all CMS information privacy and security requirements including, but not limited to signing confidentiality agreements and completing annual information privacy and security training. 

Access, Amendment, Maintenance & Disposal

WPS retains the data from the web analytics tool and feedback survey results only as long as required by law or needed to support the WPS provider websites.

Personal information entered for the WPS GHA Portal will be maintained on the "My Profile" profile page after access has been granted in the portal. WPS requires you to use a username and password to access the WPS GHA Portal. You are responsible for keeping your password secure. 

Personal information may be corrected by you on this page after you have signed into the WPS GHA Portal. To obtain a copy of PII you provided us, or if you need additional help updating or correcting your information, please Contact Us. In the event that a date of birth during e-signature was entered incorrectly, you must disable your current account and create a new one. 

WPS will maintain and dispose of your personal information in accordance with CMS' record retention policies and requirements.

Privacy Policy Changes

If we decide to change our privacy policy for the WPS GHA Portal, we will post those changes here so that you will always know what information we collect, how we may use that information and whether we will disclose that information to anyone.

Contacting the WPS Medicare Privacy Official

WPS has a designated Medicare Privacy Official who is available to answer privacy questions or for reporting privacy issues. You may contact the Medicare Privacy Official by calling the phone number or by writing to the following address: 

WPS Government Health Administrators 
Attention: Mary Evans, Medicare Privacy Official 
1717 W. Broadway 
Madison, WI 53713 
(608) 977-5504 

Email

Electronic mail is not necessarily secure so we do not recommend sending confidential or personal information via email.

If you send us an email with questions or comments, we may use your personally identifiable information to respond to your questions or comments, and we may save your questions or comments for future reference.

Site security

For site security purposes and to ensure that this service remains available to all users, WPS uses software programs to monitor traffic to identify unauthorized attempts to upload or change information or otherwise cause damage. In the event of authorized law enforcement investigations, and pursuant to any required legal process, information from these sources may be used to help identify an individual.