• (954) 662-3575

English

Facebook-f X-twitter Linkedin-in Rocketchat

Privacy Policy

Effective Date: June 17, 2025 (Last Updated)

Introduction:

MaliCare Insurance Agency (“MaliCare,” “we,” “us,” or “our”) is a licensed insurance agency (NPN 21552442) located at 11670 Strand Way, Hollywood, FL 33026. We operate in multiple U.S. states (including California, Florida, Arizona, Massachusetts, Illinois, Washington, Pennsylvania, and others) providing health and life insurance brokerage services. We value your privacy and provide this Privacy Policy as a clear and conspicuous notice of our information practices, in accordance with state and federal privacy laws. This Policy describes what personal information we collect through our website and services, how we use and share it, and the rights you have regarding your information. It is intended for U.S. residents and complies with applicable laws such as the California Consumer Privacy Act (as amended by the CPRA), relevant state insurance privacy regulations, the Health Insurance Portability and Accountability Act (HIPAA) where applicable, guidance from the Centers for Medicare & Medicaid Services (CMS), and standards required by advertising platforms (e.g. Google Analytics and Facebook). We use plain and professional English to make our practices clear, while maintaining legal accuracy.


Please read this Privacy Policy carefully. By using our website or services, you consent to the practices described here. If you do not agree with any part of this Policy, please refrain from using the site. For any questions or requests concerning your personal information, you may contact us using the information in the “Contact Us” section below.

Personal Information We Collect

We collect personally identifiable information (PII) that you voluntarily provide to us, as well as certain information automatically through your use of our site. The types of personal information we collect include:

 

  • Contact Identifiers: Name, email address, telephone number, and physical address. These identifiers allow us to identify and communicate with you . For example, when you request an insurance quote or submit an inquiry, we ask for your first and last name, phone number, email, and state of residence.

  • Insurance Inquiry Details: Information related to your insurance needs and eligibility. This may include your general health status (e.g. whether you use tobacco or a general indication of health conditions) and estimated household income range. We collect this information to provide appropriate health or life insurance quotes and advice. We do not request detailed medical records or specific health diagnoses through our website, and we ask that you not submit such sensitive health information via online forms. (See Health Information and HIPAA below for more on how we handle health-related data.)

  • Service Preferences: The type of insurance product or service you are interested in (e.g. health insurance, life insurance, personal or business lines), and any messages or notes you choose to include when contacting us. This helps us direct your request to the appropriate specialist on our team.

  • Website Usage Data: When you visit our site, we automatically collect certain technical information about your device and browsing activity. This includes your IP address, browser type, device identifiers, pages viewed, how you arrived at our site, and timestamps. We (or third-party analytics providers) collect this data using cookies, pixels, and similar tracking technologies . This internet or network activity information does not directly identify you by name, but it may be linked to your device or profile and is used for analytics and advertising purposes (see Cookies and Tracking Technologies below).

 

Information We Do Not Collect: We do not collect certain sensitive information through our website. For example, our online forms do not ask for Social Security numbers, driver’s license or ID numbers, financial account or credit card numbers, or any precise medical records. We also do not process payments through our site, and we do not utilize any online “Agent of Record” (AOR) transfer forms that would require you to provide login credentials or policy numbers. MaliCare’s website is intended to collect only the information necessary to provide our brokerage services and respond to your inquiries .

Sources of Information: The personal information we collect comes primarily directly from you – for instance, when you fill out a form on our website, call or email us, or otherwise communicate with us to obtain information or services . We may also receive personal information from third parties in the context of providing our services. For example, if you are enrolling in an insurance plan through us, we might receive information from insurance carriers or healthcare partners needed to complete your application . Additionally, as noted, we gather technical data through cookies and tracking tools integrated into our site when you interact with our online content.

Children’s Privacy: Our services are intended for adults and not directed to children under 13. We do not knowingly collect personal information from anyone under the age of 13. If you are a parent or guardian and believe your child has provided personal information on our site, please contact us so we can remove the data. (Note: Certain insurance products like life insurance may involve information about beneficiaries/minors; such information is only collected from the adult policyholder and used as necessary for the service, in compliance with applicable laws.)

How We Use Personal Information

We use the personal information we collect for the following business purposes and objectives, in accordance with applicable law :

  • Providing Requested Services: We use your information to fulfill your requests and inquiries – for example, to provide insurance quotes, advise you on policy options, assist with applications/enrollments, or service your insurance policies. The information you provide about your health status and household income is used to identify suitable insurance products (such as health plans or life insurance coverage) and obtain rate quotes or eligibility information on your behalf. We only collect, use, and disclose personal information as necessary to carry out these authorized functions .

  • Communication: We use your contact details (email, phone, address) to communicate with you about your quotes, applications, and policies. This includes sending you information you requested, answering your questions, scheduling consultations, and sending service-related messages or confirmations. We may also send you updates such as newsletters, reminders about enrollment deadlines, or information on relevant products, but you may opt out of marketing communications as described below. We will not send you marketing text messages or make marketing calls without any required consent, and you can opt out at any time.

  • Business Operations and Compliance: We may use your information for our internal business operations and legal compliance. This includes maintaining records of transactions and communications, detecting or preventing fraud, complying with licensing and regulatory requirements (such as insurance recordkeeping rules), and responding to lawful requests from authorities. For instance, as an insurance agency we must maintain certain client records and may need to use your information to meet obligations under state insurance laws or CMS rules. We will also use and retain your information as needed to exercise or defend legal claims, to perform auditing and analytics, or as otherwise required by law or regulation .

  • Improving our Website and Services: We use data about how users interact with our website (such as pages visited, time on site, and form interactions) to improve our online services and marketing efforts. This helps us diagnose technical issues, optimize user experience, and design content that is more useful to our audience. We may also analyze aggregated or de-identified data to gain insights into trends and performance of our campaigns (for example, seeing which insurance topics generate the most interest). Any analytics are done in accordance with applicable privacy laws and advertising platform policies.

  • Advertising and Retargeting: We may use certain data (primarily cookie identifiers and site usage information) to serve you targeted advertisements for our services on third-party platforms such as Facebook or Google. For example, if you visit our site, the Facebook Pixel may note your visit so that we can later show you a MaliCare advertisement on Facebook that is relevant to your interests. This practice, known as retargeting, uses cookies and similar technologies to collect identifying information about users for advertising purposes . We do not use sensitive personal details (such as health conditions or income) for targeted advertising. Advertising data is typically limited to demographic or interest categories and your interactions with our site. You can opt out of many tracking-based ads as described in the Cookies and Tracking section below.

We will only use your personal information for the purposes described above or as otherwise disclosed to you at the time of collection. If we need to use your information for a materially different purpose, we will obtain your consent or provide you with notice as required by law.

Cookies and Tracking Technologies

Like most websites, MaliCare’s site uses cookies and similar tracking technologies to provide and improve our services, and to support our advertising efforts. Here is an overview of our use of these technologies:

  • Cookies: A cookie is a small text file placed on your device when you visit a website. We use first-party cookies for essential site functionality (for example, to remember your preferences as you navigate our site). We also use cookies for analytics and advertising as described below. You can control or delete cookies through your browser settings at any time; however, note that disabling cookies may affect certain site features (such as interactive forms).

  • Google Analytics: We have integrated Google Analytics on our website to understand how users find and use our site. Google Analytics uses cookies and similar identifiers to collect information about website traffic and visitor behavior. This may include data such as your IP address, pages visited, time spent on pages, and interactions with our site. We use these insights to improve site content and usability. Google Analytics provides reports to us in aggregate form; we do not receive individual identities from this, though Google may process personal data for its analytics purposes. (For more details on how Google collects and processes data, see Google’s Privacy Policy.) If you wish to opt out of Google Analytics tracking, Google provides a browser add-on for opting out, or you can adjust your browser’s Do Not Track settings.

  • Facebook Pixel: Our site utilizes the Facebook Pixel (Meta Pixel) for advertising analytics and retargeting. The Pixel triggers when you take certain actions on our site (for example, visiting a specific page or submitting a lead form) and reports this information to Facebook. This allows us to create anonymized “Custom Audiences” for our Facebook ads – for instance, to show follow-up insurance offers on Facebook to people who have already visited our website. The Facebook Pixel may collect information such as your IP address, device ID, and browsing behavior on our site. Facebook uses this information to match you with your Facebook profile (if you have one) and serve our ads. Important: This data use is subject to Facebook’s user data policy. We do not see your individual Facebook profile information; we only receive aggregate ad performance reports. You can control whether Facebook uses your data for ads in your Facebook privacy settings.

  • Other Tracking Technologies: We may use other third-party tools and scripts, such as CRM (Customer Relationship Management) software or marketing automation tools, that set cookies or track user events on our site (for example, when you submit a form, our CRM may record that interaction). These tools help us manage our client relationships and measure the effectiveness of our outreach. Any third-party tool we use is contractually required to handle user data in compliance with privacy laws and only for our specified purposes.

  • Advertising Cookies: As noted, we may participate in advertising networks (such as Google Ads or Facebook Ads) that use cookies and pixels to deliver personalized ads. These cookies remember that you visited our site and help us advertise to you on other sites. They also track ad performance (e.g., if you clicked an ad and then filled out our form). We will provide opt-out choices as required by law for such “sale” or “sharing” of data (see Your Privacy Rights below for how to opt out of targeted advertising).

Your Choices for Cookies: You can manage cookies and trackers in several ways:

  • Most web browsers allow you to refuse new cookies, delete existing cookies, or alert you when cookies are being sent. Please consult your browser’s help documentation for instructions.

  • To opt out of Google Analytics, you can install the Google Analytics Opt-out Browser Add-on which prevents Analytics from collecting data on your visits.

  • For interest-based advertising cookies, you can use industry opt-out tools such as the NAI’s opt-out page or DAA’s WebChoices tool to globally opt out of targeted ads from participating networks.

  • California residents can enable the Global Privacy Control (GPC) or similar signals in their browsers; we will treat such signals as a valid request to opt out of the “sharing” of personal information for targeted advertising, as required by California law.

  • Note that even if you opt out of cookies or targeted ads, you may still see generic advertisements from us (not tailored to your preferences) and certain functional cookies will still be used for site operations.

How We Share and Disclose Information

Like most websites, MaliCare’s site uses cookies and similar tracking technologies to provide and improve our services, and to support our advertising efforts. Here is an overview of our use of these technologies:

  • Cookies: A cookie is a small text file placed on your device when you visit a website. We use first-party cookies for essential site functionality (for example, to remember your preferences as you navigate our site). We also use cookies for analytics and advertising as described below. You can control or delete cookies through your browser settings at any time; however, note that disabling cookies may affect certain site features (such as interactive forms).

  • Google Analytics: We have integrated Google Analytics on our website to understand how users find and use our site. Google Analytics uses cookies and similar identifiers to collect information about website traffic and visitor behavior. This may include data such as your IP address, pages visited, time spent on pages, and interactions with our site. We use these insights to improve site content and usability. Google Analytics provides reports to us in aggregate form; we do not receive individual identities from this, though Google may process personal data for its analytics purposes. (For more details on how Google collects and processes data, see Google’s Privacy Policy.) If you wish to opt out of Google Analytics tracking, Google provides a browser add-on for opting out, or you can adjust your browser’s Do Not Track settings.

  • Facebook Pixel: Our site utilizes the Facebook Pixel (Meta Pixel) for advertising analytics and retargeting. The Pixel triggers when you take certain actions on our site (for example, visiting a specific page or submitting a lead form) and reports this information to Facebook. This allows us to create anonymized “Custom Audiences” for our Facebook ads – for instance, to show follow-up insurance offers on Facebook to people who have already visited our website. The Facebook Pixel may collect information such as your IP address, device ID, and browsing behavior on our site. Facebook uses this information to match you with your Facebook profile (if you have one) and serve our ads. Important: This data use is subject to Facebook’s user data policy. We do not see your individual Facebook profile information; we only receive aggregate ad performance reports. You can control whether Facebook uses your data for ads in your Facebook privacy settings.

  • Other Tracking Technologies: We may use other third-party tools and scripts, such as CRM (Customer Relationship Management) software or marketing automation tools, that set cookies or track user events on our site (for example, when you submit a form, our CRM may record that interaction). These tools help us manage our client relationships and measure the effectiveness of our outreach. Any third-party tool we use is contractually required to handle user data in compliance with privacy laws and only for our specified purposes.

  • Advertising Cookies: As noted, we may participate in advertising networks (such as Google Ads or Facebook Ads) that use cookies and pixels to deliver personalized ads. These cookies remember that you visited our site and help us advertise to you on other sites. They also track ad performance (e.g., if you clicked an ad and then filled out our form). We will provide opt-out choices as required by law for such “sale” or “sharing” of data (see Your Privacy Rights below for how to opt out of targeted advertising).

Your Choices for Cookies: You can manage cookies and trackers in several ways:

  • Most web browsers allow you to refuse new cookies, delete existing cookies, or alert you when cookies are being sent. Please consult your browser’s help documentation for instructions.

  • To opt out of Google Analytics, you can install the Google Analytics Opt-out Browser Add-on which prevents Analytics from collecting data on your visits.

  • For interest-based advertising cookies, you can use industry opt-out tools such as the NAI’s opt-out page or DAA’s WebChoices tool to globally opt out of targeted ads from participating networks.

  • California residents can enable the Global Privacy Control (GPC) or similar signals in their browsers; we will treat such signals as a valid request to opt out of the “sharing” of personal information for targeted advertising, as required by California law.

  • Note that even if you opt out of cookies or targeted ads, you may still see generic advertisements from us (not tailored to your preferences) and certain functional cookies will still be used for site operations.

How We Use Personal Information

We understand the importance of keeping your personal information private. We do not sell your personal information to third parties for profit , and we do not share your information with unrelated third parties for their own direct marketing purposes without your consent. However, in the normal course of business and as necessary to provide our services, we may disclose your personal information to the following categories of recipients:

 

  • Insurance Carriers and Partners: As an insurance broker/agent, we work with various insurance carriers, underwriters, and wholesale brokers to obtain quotes and coverage for you. If you request an insurance quote or apply for coverage through us, we will share the necessary information with relevant insurance companies or administrators to process that quote or application. For example, if you ask us for a health insurance quote, we might securely transmit your provided data (such as age, zip code, health status, income) to the insurance carrier’s quoting system to retrieve rates. We disclose only what is needed and only with your authorization (implied by your request). The carriers will use your information solely for underwriting or enrollment and are themselves subject to privacy regulations (such as HIPAA for health plans or state privacy laws for insurers).

  • Service Providers (Processors): We employ trusted third-party companies to support our operations and they may process personal information on our behalf. These include, for instance: our web hosting provider, email service provider, customer relationship management (CRM) platform, lead management or form processing software, cloud storage or database providers, and analytics or advertising service companies (like Google and Facebook as described). We share information with these service providers only to the extent necessary for them to perform services for us – such as hosting our website, storing form submissions, sending out emails you requested, or analyzing site performance. All service providers are contractually obligated to protect your information, keep it confidential, and use it only for the purposes we specify . They are not permitted to use your data for their own unrelated purposes.

  • Regulators and Legal Disclosure: We may disclose personal information to government agencies, regulators (such as state Departments of Insurance), law enforcement, or other parties as required by law or legal process. For example, we might be required to provide information in response to a subpoena, court order, or regulatory examination. We will also disclose information if we believe it is necessary to prevent fraud, to enforce our site terms, or to protect the rights, property, or safety of our company, our customers, or others (consistent with applicable laws). We limit such disclosures to what is permitted or required by law .

  • Business Transfers: In the unlikely event that MaliCare Insurance Agency undergoes a business transition such as a merger, acquisition, or sale of assets, personal information may be transferred to the successor organization as part of that transaction. If that happens, we will ensure the new owner continues to be bound by privacy safeguards consistent with this Policy, or we will notify you and obtain consent if required by law.

  • With Your Consent: In any other situations not covered above, we will explicitly ask for your consent before sharing your personal information. For instance, if we ever wanted to feature a customer testimonial with your name on our site, we would only do so with your permission.

 

When we disclose personal information for a business purpose, we enter into a contract that describes the purpose and requires the recipient to keep the information confidential and not use it for any purpose except performing the contract. We do not disclose your information to third parties for them to independently market their products to you, unless you have separately engaged with those third parties (for example, if we refer you to a partner and you directly provide information to them, that interaction is governed by their privacy policy).

No Sale of Personal Information: MaliCare does not sell personal information to data brokers or third parties for monetary consideration. We also do not “share” personal information with third parties for cross-context behavioral advertising in exchange for anything of value, as defined under California law, except insofar as the use of advertising cookies/pixels might be deemed a “sharing.” If our use of advertising pixels is considered a sharing of your info, you have the right to opt out as described below in Your Privacy Rights. But aside from that potential scenario, we have not sold or shared personal information about consumers in the past 12 months

Your Privacy Rights and Choices

Depending on your state of residence and the laws that apply, you may have certain rights regarding your personal information. MaliCare is committed to honoring your rights and has processes in place to enable you to exercise them. This section describes the rights available to consumers, with special details for California residents as required by the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA). If you reside in a state with other privacy laws (such as Colorado, Connecticut, Virginia, Utah, etc.), you may have similar rights to access or delete personal data; we extend comparable privileges to you as well, to the extent required by applicable law.

Rights for California Residents (CCPA/CPRA)

If you are a resident of California, you have specific rights over your personal information under the CCPA/CPRA. These include:

 

  • Right to Know: You have the right to request that we disclose the personal information we have collected about you in the 12-month period preceding your request. You may ask for information such as the categories of personal information we collected, the sources of that information, the business or commercial purpose for collecting it, and the categories of third parties with whom we shared or disclosed the information . You may also request the specific pieces of personal information we have collected about you.

  • Right to Delete: You have the right to request deletion of personal information we have collected from you and retained, subject to certain exceptions . Once we receive and confirm a verifiable deletion request, we will delete (and direct our service providers to delete) your personal information from our records, unless an applicable legal exception applies. For example, we may retain information needed to complete a transaction you requested, to comply with a legal obligation, or other purposes allowed by law (the CCPA/CPRA outlines exceptions such as retaining data for fraud prevention, legal compliance, internal uses, etc.). We will inform you if any such exception applies to your request.

  • Right to Correct: You have the right to request that we correct any inaccurate personal information we maintain about you . If you believe any of your information is incorrect or outdated (for instance, if you want to update your contact information), you may request a correction. Upon verifying the validity of the request, we will correct the information as you direct, or if appropriate, we may delete the inaccurate information and replace it with the corrected data.

  • Right to Opt-Out of Sale or Sharing: You have the right to opt out of the sale of your personal information, or the sharing of your personal information for cross-context behavioral advertising purposes . Note: As stated above, MaliCare does not sell personal data for monetary value. We also do not share personal data for targeted advertising except in the context of using third-party advertising cookies/pixels. If you wish to opt out of such tracking-based information sharing, you may do so by utilizing the cookie preference tools described in the Cookies section (such as using the GPC signal or contacting us to opt out). If in the future we were to engage in any activity deemed a “sale” of personal data, we will provide a clear “Do Not Sell or Share My Personal Information” link on our website to facilitate opt-outs.

  • Right to Limit Use of Sensitive Personal Information: If we collect sensitive personal information (as defined by California law) about you, you have the right to limit our use or disclosure of that sensitive information to only what is necessary to perform the services or provide the goods you requested, or other purposes expressly authorized by law . Sensitive personal information may include data like precise geolocation, social security number, or health information. In our case, the only sensitive information we might collect is health-related (general health status) or financial (household income). We use such information solely for assisting you with insurance services (an explicitly permitted purpose) and do not use or disclose it for secondary purposes. Therefore, we believe our use of sensitive data is already limited to what is allowed. Nonetheless, if you are a California resident and you prefer we further restrict use of any sensitive personal info you provided, you can contact us to request that. We will honor applicable requests to limit use/disclosure of sensitive info.

  • Right to Non-Discrimination: We will not discriminate against you for exercising any of your privacy rights . This means we will not deny you services, charge you a different price, or provide a different level of quality of services because you exercised your rights under CCPA/CPRA. The law permits businesses to offer certain financial incentives that might be tied to personal data (for example, a discount program in exchange for data), but we currently do not offer such programs. If we ever do, we will provide details and obtain opt-in consent as required. In all cases, your choice to exercise privacy rights will not affect the service we provide you.

 

Submitting Requests: If you are a California resident (or authorized agent) and wish to exercise your Right to Know, Delete, Correct, or Opt-Out, you may submit a request to us through any of the contact methods listed in the Contact Us section below. For opt-out of sale/sharing, you may also use the cookie and browser-based methods described earlier, which we will treat as legitimate opt-out requests. When you submit a request, please indicate that you are a California consumer exercising your CCPA/CPRA rights and specify the request type (access, deletion, correction, etc.). Verification: For your protection, we will need to verify your identity before fulfilling certain requests (such as access, deletion, or correction requests) . This may involve asking you to provide additional information or confirm details we already have on file (for example, verifying your name, email, phone number, or recent transaction with us) . We will only use the information you provide for verification to process your request. If you have authorized someone else to make a request on your behalf, we will require proof of that authorization (e.g. a written permission or power of attorney) and will still verify your identity with you directly if required by law.

Response Time: We endeavor to respond to consumer requests within 45 days of receipt. If we need more time (up to an additional 45 days), we will inform you of the reason and extension in writing . Our response will typically be delivered electronically (unless you request another format) and, where applicable, will cover the 12-month period preceding the request. For access requests, we will provide the information required by law (which may be provided in summary form if allowed). For deletion requests, we will confirm the deletion or explain any denial (and basis for refusal). For correction requests, we will confirm that we have corrected the information as directed or explain why we cannot. Any disclosures we provide will be for free, up to twice per 12-month period as allowed; if you make additional requests, we will not charge you unless permitted by law and after providing an estimate of any fees.

Rights for Residents of Other States

Privacy laws in other states (such as the Colorado Privacy Act, Virginia’s Consumer Data Protection Act, Connecticut’s Data Privacy Act, Utah’s Consumer Privacy Act, and emerging laws in states like Florida, Texas, etc.) may provide similar rights to their residents, such as the right to access personal data, delete personal data, or opt out of certain data processing. If you are a resident of a U.S. state that grants you specific privacy rights by law, we will honor your request to exercise those rights in accordance with applicable state requirements.


For example, some states provide a right to obtain a copy of personal data we hold about you, or to opt out of targeted advertising. We extend such rights to you as required. The process to make a request is the same: please contact us with your request and proof of residency in that state. We will verify and respond in accordance with the relevant law. If any state’s law allows for an appeal process when we decline a request, we will provide instructions on how to appeal our decision.


Additionally, under certain state laws (such as Nevada’s privacy law), consumers may have the right to opt out of the sale of certain personal information. MaliCare does not sell personal data as noted, but Nevada residents who wish to inquire about this can contact us.


Financial/Insurance Privacy Notices: Separately from online privacy rights, as an insurance consumer you may have rights under the federal Gramm-Leach-Bliley Act (GLBA) and state insurance privacy laws. MaliCare provides initial and annual privacy notices to its customers as required under those laws, describing how we safeguard your “nonpublic personal information” and how you can opt out of certain data sharing with third parties. If you become a policy customer, you will receive a copy of our GLBA Insurance Privacy Notice (which may overlap with this Policy). The GLBA and state insurance privacy regulations generally give you the right to opt out of our sharing of your information with non-affiliated third parties for purposes not related to servicing your policy. However, MaliCare does not share your information with non-affiliates for marketing unrelated products, except as needed to carry out insurance transactions you request. Thus, the default we provide is the maximum privacy protection under those regulations. We furnish this website Privacy Policy in conjunction with those notices to keep you fully informed of our practices.


(Note: Personal information that is protected under certain sector-specific laws – for example, information subject to HIPAA or GLBA – may be exempt from some state privacy laws like CCPA . This means if a piece of information is classified as, say, protected health information or financial information under those regimes, the consumer rights under CCPA might not apply to it. Regardless, MaliCare is committed to protecting all personal information in line with all applicable laws.)

Health Information and HIPAA

Because MaliCare operates in the health insurance sector, we want to address how we handle any health-related information. However, it is important to clarify that our website is not intended to collect Protected Health Information (PHI) as defined by HIPAA (the Health Insurance Portability and Accountability Act). PHI generally refers to individually identifiable health information that is created or received by a healthcare provider, health plan, or similar entity and relates to a patient’s medical condition, treatment, or payment. MaliCare is an insurance agency, not a healthcare provider, and we do not provide treatment or process medical claims.


When you use our website, we may ask for a general indication of your health status (for example, asking whether you have certain chronic conditions or whether you use tobacco) solely for the purpose of determining insurance product eligibility or pricing. This information, while personal, is not coming from your medical provider nor is it used to provide medical care; thus it typically is not considered PHI under HIPAA. In fact, personal data collected in an insurance context is often governed by other privacy laws (like state insurance privacy laws or GLBA) and is exempt from HIPAA’s scope and CCPA’s scope when applicable . For instance, if you provide medical information on an insurance application, that information may be protected under state insurance laws and the federal GLBA, rather than HIPAA, because we are acting as an insurance agent, not a healthcare provider.


That said, we treat all health-related information with a high level of confidentiality and security. If in the course of assisting you we do come into possession of any health information that would be considered PHI (for example, if we help you with a Medicare plan and you provide us a list of prescriptions or doctors, or if an insurer sends us part of your medical underwriting data), we will handle that information in accordance with HIPAA’s principles of privacy and security. We have business associate agreements in place when required (e.g., with any carrier or vendor where needed) to ensure protection of PHI. We do not use any such information for any purpose other than to serve you in your insurance needs or as required by law. We also will provide you with any additional Notice of Privacy Practices required under HIPAA if our role necessitates it in a given transaction (for example, some health plans may require that we give you a HIPAA notice when assisting with enrollment).


In summary, while our website itself does not collect PHI or require you to provide detailed medical history, any personal health information that we may handle offline or through further interactions is safeguarded. We comply with applicable health privacy laws, including HIPAA where it applies, and we will not disclose any health-related information about you except as permitted or required by those laws (for example, with your consent, or to the insurer or healthcare program you are applying to, or for fraud prevention, etc.). If you have questions about how we handle health information in any specific case, please contact us for more information.

Data Security Measures

MaliCare Insurance Agency takes the security of your personal information seriously. We have implemented a combination of administrative, technical, and physical security measures to protect your personal data from unauthorized access, use, alteration, and destruction. These measures are designed to be consistent with industry standards and with the requirements of applicable laws such as the NAIC Insurance Data Security Model Law (as adopted in various states) and state-specific regulations like the Massachusetts data security regulations .

Our security program includes, for example:

 

  • Encryption: We use encryption protocols to protect personal information transmitted through our website. When you fill out forms on our site, the data is sent over a secure HTTPS connection. Sensitive data stored in our systems or with our cloud service providers is encrypted at rest where appropriate. Certain sensitive fields (such as health or financial details, if any) are additionally encrypted or tokenized in our databases. Massachusetts regulations, for instance, require encryption of personal data in transit and on portable devices, and we adhere to those standards .

  • Access Controls: Within our organization, personal information is accessible only to those personnel who need it to perform their job duties (for example, our licensed agents handling your quote or policy service, or our support staff assisting with technical issues). We employ authentication controls (strong passwords, multi-factor authentication where feasible) to prevent unauthorized access to systems containing personal data. Our service providers are also contractually obligated to implement strong access controls.

  • Employee Training and Policies: We maintain internal policies and conduct regular training for our staff on the importance of confidentiality and privacy. All employees and contractors are required to follow our code of conduct which includes safeguarding personal information. We limit physical and electronic access to confidential data and ensure that documents or files containing personal information are stored securely.

  • Network and System Security: We use firewalls, intrusion detection systems, and up-to-date security software to guard our network and website against external threats. Our website is maintained on a secure platform with regular security updates. We monitor for any suspicious activities or vulnerabilities and take action to mitigate risks. Where applicable, we follow guidelines from regulators and industry standards (for instance, we align with CMS’s security requirements for agents/brokers handling marketplace consumer data). We only collect and retain the minimum necessary data to reduce risk, in line with the principle that personal information should only be used or disclosed as needed for our functions .

  • Incident Response and Notification: Despite our precautions, no website or internet transmission is completely secure. In the unlikely event of a data breach or security incident involving your personal information, we have an incident response plan to promptly address and contain the issue. We will investigate and notify affected individuals and authorities as required by law. For example, many states (including Florida, Massachusetts, Illinois, Pennsylvania, and others where we do business) have data breach notification laws, and the insurance regulations (like the Pennsylvania Insurance Data Security Act effective 2023) require notification to state regulators in certain cases. We comply fully with these requirements.

 

By implementing these safeguards, we aim to ensure the confidentiality, integrity, and availability of your personal information . However, it’s also important that you take steps to protect yourself online. Make sure not to send sensitive information (like social security numbers or medical details) to us via unsecure channels such as standard email. If we ever provide you with login credentials or secure portals to upload documents, keep those credentials confidential. If you suspect any unauthorized access to your data related to MaliCare, please inform us immediately so we can investigate.

Third-Party Links and Services

Our website may contain links to third-party websites or integrate third-party services (such as scheduling tools, educational resources, or social media plugins). If you follow a link to a site that we do not control, this Privacy Policy will not apply to that third-party site. We encourage you to review the privacy policies of any external sites you visit. MaliCare is not responsible for the privacy practices or content of websites we do not operate.


One example of third-party integration is if we provide a link to a government website like HealthCare.gov or an insurance carrier’s online enrollment portal for your convenience. Those sites have their own privacy and security policies (for instance, see the privacy policy on HealthCare.gov for how the federal marketplace handles data). When using such third-party services, your information is governed by their rules in addition to any relationship you have with us.


We also maintain a presence on social media (e.g., a company Facebook or LinkedIn page). If you choose to engage with us on those platforms, any information you submit there (such as comments or messages) is also subject to those platforms’ privacy terms.

Advertising Platform Standards Compliance

Because we use online advertising tools (like Facebook and Google), we comply with those platforms’ requirements for data use and transparency. Both Facebook (Meta) and Google require businesses that use their advertising services (such as the Facebook Pixel or Google Ads) to have a clear privacy policy disclosing this usage. We hereby affirm:

  • We disclose our use of tracking and advertising cookies (as done above) in compliance with Facebook’s policies and Google’s policies. Users are informed that their data may be collected and used for targeted advertising purposes .

  • We honor any choice or consent requirements. For example, Facebook’s terms might require that we obtain consent for collecting data via the Pixel in certain jurisdictions. While U.S. law (except perhaps California) doesn’t require prior consent for cookies, we still provide you the ability to opt out of these tracking technologies.

  • We do not upload or otherwise share any sensitive personal information to advertising platforms in violation of their rules. For instance, we will not use medical information or other sensitive identifiers in custom ad targeting without proper consent and adherence to platform policies. We use hashed customer data for custom audiences only in compliance with platform terms.

  • If you reach our site via a Google ad or Facebook ad, and you wish to know more about how those platforms handle your data, please refer to Google’s and Meta’s privacy centers. We ensure that any data sharing with these platforms is done securely and only as needed for measurement and ad delivery. We also respect the Digital Advertising Alliance principles and other self-regulatory guidelines for interest-based advertising.

By aligning with these advertising platform standards, we aim to maintain ethical marketing practices and respect user privacy choices across all channels.

International Users

Our services are intended for U.S. residents, and we do not actively target or solicit personal information from individuals outside the United States. Our site is not geared to comply with international privacy laws such as the EU General Data Protection Regulation (GDPR) or others, as we focus only on U.S. insurance markets. If you are visiting our site from outside the U.S., please be aware that any information you provide will be transferred to and processed in the United States under U.S. privacy standards. By using our site, you acknowledge and consent to this. If you do not want your data handled as described in this Policy, please refrain from using the site.

Updates to This Privacy Policy

We may update or revise this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or other circumstances. When we make changes, we will update the “Last Updated” date at the top of the Policy. If changes are significant, we may also provide a more prominent notice (such as a banner on our website or a direct notification). We encourage you to review this Policy periodically to stay informed about how we are protecting your information.


Your continued use of our website or services after any modifications to the Privacy Policy will constitute your acknowledgment of the changes and agreement to abide by the updated Policy. If we seek to use your personal information for a new purpose not originally disclosed to you, we will endeavor to obtain your consent if required by law.

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our handling of your personal information, please contact us using the details below. We are committed to resolving any privacy issues and supporting you in exercising your rights.

MaliCare Insurance Agency

Attn: Privacy Officer

11670 Strand Way

Hollywood, FL 33026, USA

Email: info@malicareagency.com (Please include “Privacy Inquiry” in the subject line)

Toll-Free Phone: (888) 807-6088

Website: www.malicareagency.com (you may also reach out through any contact forms on our site)

When you contact us, please provide your name and contact information and a detailed description of your request or question. For requests to access, delete, or correct your data, we may need to verify your identity for security purposes (as described earlier). We will respond to legitimate inquiries as promptly as possible, generally within 30 days or as required by law.

Thank you for trusting MaliCare Insurance Agency with your insurance needs and your personal information. We are dedicated to protecting your privacy and providing you with a secure and professional service experience.

Sources:

  • California Consumer Privacy Act / California Privacy Rights Act – Consumer Rights

  • Rice Insurance Services – CCPA Privacy Notice (example of no sale of personal information)

  • CMS Marketplace Registered Agent/Broker Agreement – Privacy/Security Standards (collection/use limits)

  • Massachusetts 201 CMR 17.00 – Data Security Regulation (safeguards requirement)

  • TermsFeed – Use of Facebook Pixel and retargeting (privacy policy requirement)

  • Allstate Health Solutions – Privacy Statement (categories of personal info and usage)

  • Rice Insurance Services – CCPA Notice (categories of collection and disclosure)