Online security

strawberry

Protecting your privacy

Sign on confidently — kp.org is secure.

Kaiser Permanente is committed to maintaining the security and confidentiality of your personal information. We use procedural, physical, and electronic security methods designed to prevent people who aren't authorized from getting access to your information.

Below is an overview of how Kaiser Permanente protects your information. We've also put together some great tips on how you can prevent identity theft:

What's SSL?

From the moment your account information leaves your computer to the time it enters Kaiser Permanente's system, it's encrypted — or translated into a secret code — using Secure Sockets Layer (SSL). SSL is a standard communication method that's built into most commercial browsers to keep sensitive data secure as it's transmitted over the Internet.

Check your SSL

How do you know SSL is working? Look for a padlock icon in the lower right-hand corner of your browser window. Or check for "https" at the beginning of the website's address. The "s" means "secured" and that the website uses encryption.

Also, check the SSL security certificate by double-clicking the padlock icon. Be sure that the URL on the certificate matches the URL of the page you are viewing.

How we protect your information

Keeping your personal information secure and confidential is one of our most important responsibilities. We do this by:

  • following secure user sign on identification and authentication rules and practices
  • providing high-level encryption for secure transmissions
  • maintaining secure firewalls, or integrated security systems that protect computer networks
  • using software that protects against computer viruses and phishing, or phony e-mails designed to trick you into giving out private information about yourself
  • updating our security technology
  • monitoring our site continuously
  • restricting access to your membership data and accounts
  • providing e-mail system security
  • training our employees to use online security methods

What if something suspicious happens?

What do we do if we suspect unauthorized online activity? We add extra security measures designed to safeguard your identity and your accounts.

For example, if our systems detect suspicious online behavior, we may restrict your account access and prevent you from doing certain transactions until you offer additional proof of your identity. That way, we know it's really you checking out your online records.

What if I'm using my work computer?

Your employers may have the right to read e-mail you send and receive from your work computer. They may also have the right to use a keylogger software program that records your keystrokes on that computer. So be cautious before using your office computer to view your online records.

Our code of conduct

Every individual and organization that works for or on behalf of Kaiser Permanente must follow our code of conduct. This code guides our daily work and helps us meet Kaiser Permanente's high ethical standards, which include complying with:

  • federal, state and local laws and regulations
  • the requirements of the Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security Rules
  • federal health care program requirements
  • licensing requirements
  • accreditation standards
  • the requirements of the Center for Medicare and Medicaid Services (CMS)
  • other federal and state contracts