Privacy, Compliance, Terms of Use, and Regulatory Policies

Click below to review:

Evolent Health LLC (which is referred to in this Privacy Policy as the “Evolent”, “us,” “we” or “our”) recognizes that the privacy of your personal information is important. This Privacy Policy is intended to inform you, a visitor to the Evolent website, of our policies and practices regarding the collection, use, and disclosure of any Personal Information (defined below) the Evolent website collects or receives. This policy does not apply to information collected through other means (e.g., telephone, postal mail). Evolent will not use Personal Information provided through your use of our website except as set forth in this Privacy Policy.

COLLECTION OF INFORMATION

Personal Information. “Personal Information” is information that identifies you and may include your name, address, email address, telephone or fax number, company name, IP address, any content you post in your resume or CV, and any other information you may provide to us that identifies you.

Sources of Personal Information. We collect and may use Personal Information that you provide on the Evolent website and may combine such Personal Information to information we have already collected from you from other offline sources (e.g., telephone, fax, postal mail) in order to provide you with Evolent products and services and to improve the products and services we provide.

Information Collected Automatically. When you visit the Evolent website, we automatically collect and analyze certain information about your computer. This information includes, but may not be limited to, the IP address used to connect your computer to the Internet, information about your browser type and language, the date and time you are accessing the website, the content of any undeleted cookies that your browser previously accepted from us, and the referring website address.

Cookies and other Technologies. We use various technologies to collect information about your and your organization’s activities on the Evolent website.

Cookies. When you visit the Evolent website, we may assign your computer one or more “cookies.” A cookie is a small text file that contains information that can later be read by us to facilitate your access to the site and personalize your online experience Through the use of a cookie, we may automatically collect information about your online activity on the Evolent website, such as the web pages you visit, the links you click, and the searches you conduct. Most browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies by visiting the Help portion of your browser’s toolbar. If you choose to decline cookies, please note that you may not be able to sign in or use some of the interactive features offered on the Evolent website.
Other technologies. We may use standard Internet technology, such as web beacons (also called clear GIFs or pixel tags) and other similar technologies, to deliver or communicate with cookies and track your use of the Evolent website. We also may include web beacons in e-mail messages or newsletters to determine whether messages have been opened and acted upon. The information we obtain in this manner enables us to customize the services we offer and measure the overall effectiveness of our online content, advertising campaigns, and the products and services offered through the site.

Information Collected by Third Parties.Third parties, such as vendors, advertising entities, and business partners, may use cookies and other technologies (such as web beacons) to collect information about your online activities. The purposes for collecting this information includes: to measure usage of Evolent websites; to analyze, modify, and personalize advertising content on Evolent websites; and to provide ads about goods and services we hope will be of interest to you. We do not have access to or control over cookies or other features these third parties may use, and the information practices of these third parties are not covered by this Privacy Policy. Some of these third parties may be third-party network advertisers that offer you the option of not having this information collected. For more information about these some of these third parties, you may wish to visit http://www.networkadvertising.org.

USE AND DISCLOSURE OF PERSONAL INFORMATION

Uses by Evolent. We use the Personal Information collected through the Evolent website for statistical and analytical purposes, for improving the website, and for marketing purposes. Specifically, we use this information to provide you Evolent services and products, send you further information regarding Evolent, and to better collect information that allows us to analyze and improve the features and performance of our website and our other products and services. Unless you affirmatively elect not to receive (“opt out”) communications from us, Personal Information we collect from you may be used to respond to inquiries you submit to us; facilitate your access to Evolent resources and materials; send you general informative announcements, electronic newsletters, and marketing-related emails about us or our products; and aid us in serving you better. At the bottom of every newsletter or general informative email we send you, you will be given the opportunity to opt out or unsubscribe from future email communications.

Disclosure. We may share your Personal Information with third parties who perform functions or services on our behalf as outlined in this Privacy Policy and as otherwise permitted by law. In the event we share Personal Information with third parties, we take reasonable measures to ensure such parties observe the relevant portions of the Privacy Policy, restrict the use and retention of the information to the purposes and timeframe of such outsourcing, and take other measures to require the observance of the relevant portions of the Privacy Policy.

We may also share aggregate or anonymous information with third parties, including advertisers, investors and partners. This information does not contain any Personal Information and is used to develop content and services.

We may disclose any information we deem necessary, in our sole discretion, to comply with any applicable law, regulation, court order, subpoena, legal process, or government regulation. We may work with law enforcement officials in investigating activities that are illegal or that violate Evolent’s rules.

INFORMATION SECURITY

Evolent has implemented technical and organizational security measures to help protect against unauthorized access to or unauthorized alteration, disclosure or destruction of Personal Information. We review our systems regularly to help ensure that the security and integrity of Personal Information in our possession is not compromised. Unfortunately, no data transmission over the Internet can be guaranteed to be entirely secure, and we do not assume any liability for any damage suffered by you caused by the interception, alteration, or misuse of information during transmission that is outside of our reasonable control.

Within Evolent, we restrict access to Personal Information to employees, contractors, and agents who need to know that information in order to operate, develop, or improve our programs and services. As described above, we subject our third party contractors and agents to controls to help ensure that they apply suitable protections to any Personal Information they access or receive from us.

CHILDREN

The Evolent website contains business-related content and is specifically aimed at and designed for use by adults. We do not knowingly solicit or collect Personal Information from or about individuals under the age of 13 years. Please contact us if you believe we have collected Personal Information from a child under the age of 13 through this website. If we discover that we have received Personal Information from an individual whom we believe to be under the age of 13 in some other manner, we will delete such information from our systems.

OUR PRIVACY COMMITMENT TO EMPLOYMENT APPLICANTS

We collect information, including personal contact information, education and work history in order to process and consider your application.
We will not sell your application information to unaffiliated third parties for marketing purposes.
The information on your application may be shared with background check services and our affiliates and used for certain regulatory, compliance and legal purposes.

SOCIAL MEDIA

Evolent maintains profiles and/or pages on various social media services, including Facebook and Twitter.
If you choose to “Like” Evolent on Facebook, “Follow” Evolent on Twitter, or take any other similar action on another social media site, you are providing your consent to receive information updates, including solicitations, from us.
To stop receiving this information from Evolent on a social media site, you must follow the procedure established by the site. For example, on Facebook, you must click “Unlike” Evolent’s page, and on Twitter, you must click “Unfollow” on Evolent's profile.

COMMENTS AND COMPLAINTS

Evolent’s Privacy Officer is responsible for implementing and overseeing the administration of the Privacy Policy. To contact Evolent's Privacy Officer or report concerns associated with this Privacy Policy, please call 1-855-387-4427 or visit http://www.mycompliancereport.com. You may also send a letter to:

Privacy Officer, Legal
Evolent
1812 N Moore St
Suite 1705
Arlington, Virginia 22209

We will make reasonable efforts to address the concerns of any individual who objects to the use of his or her Personal Information.

CHANGES TO THIS POLICY

If Evolent changes the Privacy Policy, we will post the revised Privacy Policy here, with an updated revision date. If Evolent makes significant changes to the Privacy Policy, we may also notify you by other means, such as sending an email or posting a notice on our external website.

Revised December 14, 2023

I. INTRODUCTION

This Corporate Social Responsibility Policy (“the CSR Policy”) has been framed by Evolent Health International Private Limited (EHI) in accordance with the Section 135, Schedule VII of the Companies Act, 2013 and CSR Rules issued by the Ministry of Corporate Affairs as amended from time to time.

Unless the context otherwise requires, the definitions mentioned in the CSR rules and Companies Act 2013, shall apply to this CSR Policy.

II. CSR POLICY & PHILOSOPHY

Evolent is committed to operate and grow its business in a socially responsible way with a vision to be a responsible corporate citizen. Evolent has taken up various Corporate Social Responsibility (CSR) initiatives earlier and will continue to do so in future as per the provision provided under this CSR Policy.

Constitution of a Corporate Social Responsibility Committee of the Board and formulation of a Corporate Social Responsibility Policy has become mandatory and applicable to Evolent under the Companies Act, 2013. Accordingly, our Company has formulated this CSR Policy which encompasses its philosophy and guides its sustained efforts for undertaking and supporting socially useful programs.

III. CSR VISION

Evolent Health in the USA aims at changing the health of the nation by changing the way health care is delivered. In an extension of that corporate mission, EHI’s Corporate social responsibility aims at bringing a positive change in the society in which it operates and improving the environment through initiatives taken under this policy.

IV. DEFINITIONS

In this Policy, unless the context otherwise requires:

“Act” shall mean the Companies Act, 2013 including any modifications, amendments or re-enactment thereof.
“Administrative Overheads” shall mean overheads including expenses for ‘general management and administration’ for CSR and exclude expenses directly incurred for the designing, implementation, monitoring, and evaluation of a particular Corporate Social Responsibility project or programme undertaken by the Company.
“Rules” shall mean the Companies (Corporate Social Responsibility) Rules, 2014, including any modifications, amendments or re-enactment thereof.
“Financial Year” shall mean the period beginning from 1st April of every year to 31st March of the succeeding year.
“Net Profits” shall mean the net profits of the Company as defined under the Act and the Rules based on which a specific percentage for CSR expenditure has to be calculated.
“Company/Evolent/EHI” shall mean Evolent Health International Private Limited
“Group Companies” shall mean holding, subsidiaries and associates of the Company.
“Agency” or “Agencies” shall mean any entity established under an Act of Parliament or a State legislature or any section 8 company, registered public trust or a registered society, and
1. registered under section 12A and 80 G of the Income Tax Act, 1961 established by the company, either singly or along with any other company or
2. registered under section 12A and 80G of the Income Tax Act, 1961, and having an established track record of at least three years in undertaking similar activities or
3. established by the Central Government or State Government;
“Board” shall mean the Board of Directors of the Company.
“Approved Budget” shall mean the total budget as approved by the Board of the Company, which is to be spent or utilized for CSR activities.
“Annual Plan” shall mean the annual planned CSR expenditure for the year.
“CSR Committee” shall mean the Corporate Social Responsibility Committee as constituted by the Board of Directors of the Company in accordance with the Act and the Rules made thereunder, comprising of two or more Directors.
“CSR Officer” shall mean a person engaged by the Company to assist the CSR Committee to implement the CSR activities envisaged under the Policy.
“CSR Policy” shall mean this Corporate Social Responsibility Policy of the Company, which covers the yearly activities undertaken by the Company under the policy and the CSR Expenditure thereon.
“CSR Activities” shall mean and include Projects or programs relating to activities areas or subjects specified in Schedule VII to the Act; or Projects or programs relating to activities undertaken by the board of directors of the Company (Board) in pursuance of recommendations of the Committee of the Board as per the CSR Policy of the Company under subjects specified in Schedule VII of the Act.
“CSR Expenditure” shall mean all CSR expenditure as recommended by the CSR Committee and approved by Board of Directors including the following;
1. Contributions to CSR activities which shall be implemented and / or executed by the Company.
2. Contributions to CSR activities which shall be implemented through any Trust / Society / Section 8 Companies / Agencies established / registered to carry on the CSR activities as defined under the Rules.
3. Contribution to the Corpus of a Trust / Society / Section 8 Companies etc., as long as they are created exclusively for undertaking CSR activities or where the corpus is created exclusively for the purpose directly relatable to a subject covered in Schedule VII of the Act.
4. Any other contributions covered under Schedule VII to the Act.
5. any Administrative Overhead expenditure, not exceeding 5% of total CSR expenditure of the company in any given financial year.
6. any expenditure towards creation or acquisition of Capital assets
“Employee” shall mean a person who employs, whether directly or through any person, or on his behalf or on behalf of any person, one or more employees in his establishment and where the establishment is carried on by any department of the Central Government or the State Government, the authority specified, by the head of such department, in this behalf or where no authority, is so specified the head of the department and in relation to an establishment carried on by a local authority, the chief executive of that authority, and includes,— (i) in relation to an establishment which is a factory, the occupier of the factory as defined in clause (n) of section 2 of the Factories Act, 1948 and, where a person has been named as a manager of the factory under clause (f) of sub-section (1) of section 7 of the said Act, the person so named; (ii) in relation to any other establishment, the person who, or the authority which, has ultimate control over the affairs of the establishment and where the said affairs is entrusted to a manager or managing director, such manager or managing director; (iii) contractor; and (iv) legal representative of a deceased employer;

Words and expressions used and not defined in the Policy shall have the same meanings respectively assigned to them in the Act and / or Rules.

V. CONSTITUTION OF CSR COMMITTEE

In terms of section 135 of the Companies Act, 2013 and the Rules made thereunder, Board of Directors of the Company at its meeting held on March 18, 2021 has constituted a CSR Committee and the following are its members;

Sr. no.	Name	Status	Designation
1	Mr. Nitin Deshpande	Chairman	Director
2	Mr. Nikhil Damle	Member	Director

The CSR Committee to, inter alia, carry out the following functions;

To formulate and recommend to the Board, a Corporate Social Responsibility Policy which shall indicate the activities to be undertaken by the Company as specified in Schedule VII of the Companies Act, 2013 and the rules made thereunder.
To recommend the amount of expenditure to be incurred on the CSR activities.
To monitor the implementation by instituting a transparent monitoring mechanism for implementation of the CSR projects or programs or activities undertaken by the company under this CSR Policy.
To carry out any other function as mandated by the Board from time to time and / or enforced by any statutory notification, amendment or modification, as may be applicable, necessary or appropriate for performance of its duties.

VI. CSR ACTIVITIES AND CSR PROGRAMS

Pursuant to Schedule VII of the Companies Act, 2013, the CSR Committee has approved the following activities as “CSR Activities” to be undertaken under the CSR policy of the Company. The Board of Directors has reviewed the said activities and express its consent to the Committee to pursue the said activities under CSR policy of the Company under section 135 of the Companies Act, 2014, Schedule VII and other applicable rules, regulations, notifications etc., issued/to be issued from time to time.

Approved CSR Activities:

(a) Eradicating hunger, poverty and malnutrition, providing emergency medical care, preventive health care, sanitization and safe drinking water.

(b) Promoting education to underprivileged children, supporting socially backward people and helping the differently abled people.

(c) Ensuring environmental sustainability, ecological balance, protection of flora and fauna, animal welfare, agroforestry and conservation of natural resources.

(d) Training to promote nationally recognized sports.

(e) Promoting gender equality, empowering women, setting up homes and hostels for women and orphans; setting up old age homes, day care centres and such other facilities for senior citizens and measures for reducing inequalities faced by socially and economically backward groups.

(f) Contribution to the Prime Minister's National Relief Fund or Prime Minister’s Citizen Assistance and Relief in Emergency Situations Fund (PM CARES Fund) or any other fund set up by the Central or State Government for socio economic development and relief and welfare of the schedule caste, tribes, other backward classes, minorities and women.

(g) Contributions or funds provided to technology incubators located within academic institutions which are approved by the Central Government

(h) Rural development projects

(i) Slum area development

(j) Disaster management, including relief, rehabilitation, and reconstruction activities

(k) Other programmes/ projects relating to the above-mentioned activities and/or activities permitted as part of CSR under the Act.

VII. IMPLEMENTATION

This CSR Policy shall be implemented from the Financial year 2020-2021. The CSR Committee shall, based on the net profits every year, identify the CSR activities including the focus areas, annual budget, planned expenditure and implementation schedule etc. for ensuring appropriate implementation as per the Act. The CSR activities will be carried out / implemented, directly or indirectly through NGO / Agencies identified, established / registered to carry on the CSR activities as defined under the Rules.

VIII. EXPENDITURE NOT COVERED OR RECOGNISED

In terms of the Rules, the following contributions shall not be considered as CSR Expenditure;

(a) Contributions of any amount towards activities undertaken in pursuance of the normal course of business of the Company.

(b) Contributions of any amount, whether directly or indirectly, to any political party or any person associated with a political party.

(c) Amount spent, significantly for the benefit of Employees of the Company or, its Subsidiaries and Associates and their families.

(d) Expenses incurred by the Company for the fulfilment of any other statutory obligations under any law in force in India (such as labour laws, land acquisition act etc.)

(e) Expenses incurred by the Company for one off events such as marathons / awards / charitable contribution / advertisement / sponsorships of TV programs etc. for deriving marketing benefits for its products or services

(f) Any CSR activity undertaken by the Company outside India (except for the training of the Indian sports personnel representing any State or Union territory at the national level or India at International level);

(g) Other contributions / expenses not recognized under the Act / Rules as amended or modified, from time to time.

IX. FUNDING AND ALLOCATION

The Company is required to statutorily spend certain amount towards CSR activities, the details of the funding and allocation of the said expenditure for the CSR activities shall be as follows-

(a) The Company shall, in every financial year, contribute a statutory minimum limit of at least 2% of the average net profits made during the immediate three preceding financial years for the CSR Expenditure.

(b) In the absence of Net Profits in any financial year, the Company endeavours to spend such feasible amount as it may decide.

(c) The CSR Committee shall prepare its annual planned expenditure, for a financial year, for the CSR activities including the CSR approved activities and manner of implementation etc., and submit the same for approval of the Board

(d) The Company shall endeavour to spend the entire amount of statutory minimum contribution limit in a financial year. In the event, the Company is unable to spend such amount in any given financial year, the Board shall specify the reasons for the same in its report to the shareholders in terms of Section 134(3)(o) of the Act.

(e) In case of any surplus remaining out of the CSR activities, it shall not form part of the business profit of a company and shall be ploughed back into the same CSR project or shall be transferred to the Unspent CSR Account and spent in pursuance of CSR policy and annual action plan of the company or transfer such surplus amount to a Fund specified by the Authorities under Schedule VII, within a period of six months of the expiry of the financial year.

(f) In the event the Company spends an amount in excess of requirement provided, such excess amount may be set off against the requirement to spend up to immediate succeeding three financial years subject to the excess amount available for set off shall not include the surplus arising out of the CSR activities, if any, and the Board of the company shall pass a resolution to that effect.

X. MONITORING MECHANISM

The CSR Committee of the Company will coordinate / review the implementation of CSR activities at various areas and report to the Board. The CSR Committee shall meet at least once in a year to monitor the implementation of CSR Plan and its activities. The Committee shall ensure that the CSR Policy, as amended from time to time, is displayed on the company’s website.

The CSR Committee shall place before the Board, a draft annual report on CSR activities as per the specified format, in a board meeting to be held in first quarter of the following year for Board’s review and finalization. The Board shall include in its report to the shareholders, the annual report on CSR activities as per the format specified under the Rules.

XI. REPORTING FORMAT

Periodic reporting on the CSR activities, execution modalities, implementation schedules etc., to the CSR Committee shall be in the following format which may be amended by the CSR Committee from time to time.

XII. DETAILS OF CSR CONTRIBUTIONS MADE BY EHI DURING THE FINANCIAL YEARS

Financial Year	CSR Project or Activity Identified	Sector in which the Project is covered.	Projects or Programs (1) Local area or other (2) Specify the State and district where projects or programs was undertaken.	Amount outlay (budget) project or programs wise.	Amount spent on the projects or programs Sub-heads: (1) Direct expenditure on projects or programs. (2) Overheads.	Cumulative expenditure up to the reporting period.	Amount spent: Direct or through implementing agency
FY 2021 - 22	Pune Platform for COVID-19 Response (PPCR)	(I) Promoting health care including preventive health care	Pune, Maharashtra, India	602,744	602,744	602,744	Direct & through implementing agency
FY 2021 - 22	Project Green Periods	(IV) Ensuring environmental sustainability, ecological balance, protection of flora and fauna and conservation of natural resources	Pune, Maharashtra, India	200,000	200,000	802,744	Direct & through implementing agency
FY 2021 - 22	Tara Sofosh – Institute for specially abled children	(II) Promoting education to the under privileged children, supporting socially backward people, and helping the differently abled people.	Pune, Maharashtra, India	38,472	38,472	841,216	Direct
FY 2021 - 22	Green Earth Project – Plantation of 100 Trees	(IV) Ensuring environmental sustainability, ecological balance, protection of flora and fauna and conservation of natural resources	Pune, Maharashtra, India	500,000	500,000	1,341,216	Direct & through implementing agency
FY 2021 - 22	Distribution of Books for School children	(II) Promoting education to the under privileged children, supporting socially backward people, and helping the differently abled people.	Pune, Maharashtra, India	399,252	399,252	1,740,468	Direct
FY 2021 - 22	Contribution to Sunderji’s Institute of Special School	(II) Promoting education to the under privileged children, supporting socially backward people, and helping the differently abled people.	Pune, Maharashtra, India	81,000	81,000	1,821,468	Direct

FY 2022 - 23	MH 14 Animal Hospital - Earth Charitable foundation	(IV) Ensuring environmental sustainability, ecological balance, protection of flora and fauna, animal welfare, agroforestry and conservation of natural resources	Pune, Maharashtra, India	400,000	400,000	400,000	Direct
FY 2022 - 23	Door Step School Foundation	(II) Promoting education to underprivileged children, supporting socially backward people and helping the differently abled people.	Pune, Maharashtra, India	612,480	612,480	1,012,480	Direct
FY 2022 - 23	Matoshri Orphanage Dighi	(II) Promoting education to underprivileged children, supporting socially backward people and helping the differently abled people.	Pune, Maharashtra, India	8,000	8,000	1,020,480	Direct
FY 2022 - 23	Divyang- Vikas Foot Project - Rotary club of Pune Metro Charitable Trust	(I) Eradicating hunger, poverty, and malnutrition, providing emergency medical care, preventive health care, sanitization, and safe drinking water.	Pune, Maharashtra, India	250,000	250,000	1,270,480	Direct
FY 2022 - 23	Mahatma Gandhi English School - Jeevan Mitra Educational Society	(II) Promoting education to underprivileged children, supporting socially backward people and helping the differently abled people.	Pune, Maharashtra, India	158,125	158,125	1,428,605	Direct
FY 2022 - 23	FPAI - Family Planning Association	(III) Promoting gender equality, empowering women, setting up homes and hostels for women and orphans; setting up old age homes, day care centres and such other facilities for senior citizens and measures for reducing inequalities faced by socially and economically backward groups.	Pune, Maharashtra, India	1,900,000	1,900,000	3,328,605	Direct

FY 2023 - 24	Tree Plantation in August 2023	Schedule VII, item (3) Ensuring environmental sustainability, ecological balance, protection of flora and fauna	Pune, Maharashtra, India	95,000	95,000	95,000	Direct & through implementing agency
FY 2023 - 24	Donation to Manavya for Gokul Project (Health Benefit for Orphans and HIV Positive kids)	Schedule VII, item (2) Promoting education to underprivileged children, supporting socially backward people and helping the differently abled people	Pune, Maharashtra, India	203,242	203,242	298,242	Direct
FY 2023 - 24	MadhurBhav Old Age Home Visit (In collaboration with Team Pune BRG)	Schedule VII, item (5) Setting up old age homes, day care centres and such other facilities for senior citizens	Pune, Maharashtra, India	260,000	260,000	558,242	Direct
FY 2023 - 24	Blood Donation Drive in Pune Office	Schedule VII, item (1) Providing emergency medical care, preventive health care	Pune, Maharashtra, India	0	0	558,242	Direct & through implementing agency
FY 2023 - 24	Mahatma Gandhi School students visit to Evolent Health International office (Awareness about IT environment and company structure to students)	Schedule VII, item (2) Promoting education to underprivileged children	Pune, Maharashtra, India	0	0	558,242	Direct
FY 2023 - 24	Grain Kit Donation for 150 Families in the Village	Schedule VII, item (1) Eradicating hunger, poverty and malnutrition	Rural Maharashtra, India	547,092	547,092	1,105,334	Through implementing agency
FY 2023 - 24	Donation to Shikshanganga	Schedule VII, item (2) Promoting education to underprivileged children	Pune, Maharashtra, India	550,000	550,000	1,655,334	Direct
FY 2023 - 24	Donation to Real Life and Real People	Schedule VII, item (2) Supporting socially backward people	Pune, Maharashtra, India	932,000	932,000	2,587,334	Direct
FY 2023 - 24	Maher – Old Age Home/Orphanage	Schedule VII, item (5) Setting up homes for orphans; Setting up old age homes, day care centres and such other facilities for senior citizens	Pune, Maharashtra, India	374,850	374,850	2,962,184	Direct
FY 2023 - 24	Smile Foundation	Schedule VII, item (2) Promoting education to underprivileged children	Rural Maharashtra, India	500,000	500,000	3,462,184	Direct
FY 2023 - 24	Krantijyoti Savitribai Phule School	Schedule VII, item (2) Promoting education to underprivileged children	Pune, Maharashtra, India	1,107,645	1,107,645	4,569,829	Direct
FY 2023 - 24	Red Cross Society	Schedule VII, item (2) Helping the differently abled people.	Pune, Maharashtra, India	500,000	500,000	5,069,829	Direct

INTRODUCTION

Evolent is committed to ensuring the security of the public, patients, physicians, and other clinical and administrative staff by protecting their information. The Evolent security team acknowledges the valuable role that independent security researchers play in Internet security. This policy is intended to give security researchers clear guidelines for conducting vulnerability discovery activities and to convey our preferences in how to submit discovered vulnerabilities to us. This policy describes what systems and types of research are covered under this policy, how to send us vulnerability reports, and how long we ask security researchers to wait before publicly disclosing vulnerabilities.

We encourage you to contact us to report potential vulnerabilities in our systems. Please review these terms before you test and/or report a vulnerability.

AUTHORIZATION

If you make a good faith effort to comply with this policy during your security research, we will consider your research to be authorized. We will work with you to understand and resolve the issue quickly, and Evolent Health will not recommend or pursue legal action related to your research. As a policy, Evolent does not offer compensation for reported issues.

GUIDELINES

Under this policy, “research” means activities in which you:

Notify us as soon as possible after you discover a real or potential security issue
Make every effort to avoid privacy violations, degradation of user experience, disruption to production systems, and destruction or manipulation of data.
Only use exploits to the extent necessary to confirm a vulnerability’s presence. Do not use an exploit to compromise or exfiltrate data, establish persistent command line access, or use the exploit to pivot to other systems.
Provide us a reasonable amount of time to resolve the issue before you disclose it publicly.
Do not submit a high volume of low-quality reports.

Once you’ve established that a vulnerability exists or encounter any sensitive data (including personally identifiable information, financial information, or proprietary information or trade secrets of any party), you must stop your test, notify us immediately, and not disclose this data to anyone else.

TEST METHODS

The following test methods are not authorized:

Network denial of service (DoS or DDoS) tests or other tests that impair access to or damage a system or data (e.g., Spam, Brute Force)
Physical testing (e.g., office access, open doors, tailgating), social engineering (e.g., phishing, vishing), or any other non-technical vulnerability testing
Destroying or corrupting, or attempting to destroy or corrupt, data or information
Violating any laws or breaching any agreements to discover vulnerabilities

SCOPE

Websites owned or managed by Evolent including, evolent.com and other partnerships/acquisitions.

The following types of findings are authorized for submission:

Authentication bypass
Cross-site request forgery
Cross-site scripting (XSS)
Potential for information disclosure
Remote code execution

The following types of findings are not authorized for submission:

Bugs that only affect legacy or unsupported browsers, plugins, or operating systems
Insecure cookie settings for non-sensitive cookies
Previously submitted bugs
Self-cross-site scripting
Vulnerabilities that apply only to you or your own account
Web server banner disclosure issues

REPORTING A VULNERABILITY

Information submitted under this policy will be used for defensive purposes only – to mitigate or remediate vulnerabilities. If your findings include newly discovered vulnerabilities that affect all users of a product or service and not solely Evolent Health, we may share your report with the Cybersecurity and Infrastructure Security Agency, where it will be handled under their coordinated vulnerability disclosure process. We will not share your name or contact information without express permission.

We accept vulnerability reports via security@evolent.com Reports may be submitted anonymously. If you share contact information, we will acknowledge receipt of your report within 3 business days.

WHAT WE WOULD LIKE TO SEE FROM YOU

In order to help us triage and prioritize submissions, we recommend that your reports:

Describe the location the vulnerability was discovered and the potential impact of exploitation.

Offer a detailed description of the steps needed to reproduce the vulnerability (proof of concept scripts or screenshots are helpful)
Please list any pertinent applications, programs or tools used to in the discovery
Please state date and time testing took place

WHAT YOU CAN EXPECT FROM US

When you choose to share your contact information with us, we commit to coordinating with you as openly and as quickly as possible.

Within 3 business days, we will acknowledge that your report has been received.
To the best of our ability, we will confirm the existence of the vulnerability to you and be as transparent as possible about what steps we are taking during the remediation process, including on issues or challenges that may delay resolution.
We will maintain an open dialogue to discuss issues.
We do not offer bug bounties or compensation for reported issues.

QUESTIONS

Questions regarding this policy may be sent to security@evolent.com. We also invite you to contact us with suggestions for improving this policy.

Privacy Notice

For a copy of our Privacy Notice, email privacy@evolent.com.

ESM - Notice of Privacy Practices

Evolent Surgical Management
Notice of Privacy Practices
Updated: June 2025

THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN OBTAIN ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.

This Notice describes the privacy practices of Evolent Surgical Management (ESM, we, or us), which is a brand name used by Evolent Specialty Services, Inc. (ESS). Importantly, ESM is only one corporate component of ESS, which is a wholly owned subsidiary of Evolent Health LLC. This Notice only applies to ESM.

This Notice will explain the type of information we gather about you, with whom that information may be shared, and the safeguards we have in place to protect that information.

We understand that your health information is personal and we are committed to protecting your privacy. You have the right to the confidentiality of your Protected Health Information (PHI) and the right to approve or refuse the release of specific information, except when required by law. PHI is information, including demographic data, that relates to your past, present, or future physical or mental health or condition, the provision of health care to you, or the past, present, or future payment for the provision of health care to you and that identifies you.

If the practices described herein meet your expectations, there is nothing you need to do. This Notice describes your rights to request additional restrictions on our use and disclosure of your PHI. If you have any questions about this Notice, please contact our Privacy Officer at the address or telephone number at the end of this Notice.

WHO WILL FOLLOW THIS NOTICE

This Notice describes ESM’s practices regarding the use of your PHI. All employees of ESM shall follow the terms of this Notice.

OUR PLEDGE REGARDING PROTECTED HEALTH INFORMATION

Protecting the privacy of your PHI is important to us. This Notice applies to your PHI maintained by ESM, whether this information was generated by ESM or received from another health care provider. Your personal health care provider may have different policies or notices regarding PHI about you that is created or maintained by that health care provider.

This notice will tell you about the ways in which we may use and disclose your PHI. It also describes your rights regarding the use and disclosure of your PHI. If a use or disclosure of PHI described in this Notice is prohibited or materially limited by state law, it is our intent to meet the requirements of the more stringent law.

We are required by law to:

Maintain the privacy of your PHI;
Provide you with notice of our legal duties and privacy practices with respect to PHI;
Notify you of any breach of unsecured PHI; and
Follow the terms of the Notice that is currently in effect.

HOW WE MAY USE AND DISCLOSURE YOUR PROTECTED HEALTH INFORMATION

The following categories describe different ways that we may use and disclose PHI without your authorization, unless authorization is otherwise required by state law. We will make certain disclosures of your PHI as and when required or otherwise authorized by law, and in these instances we will limit the use or disclosure to the amount of PHI necessary to comply with and/or serve the purposes of the relevant federal, state, or local laws or ordinances, or the legitimate needs of responsible, authorized agencies in fulfilling their purposes. For each category of uses or disclosures we will describe the permitted use of your information and present some examples. Not every use or disclosure in a category will be listed.

At Your Request. We may disclose information when requested by you. This disclosure at your request may require your written authorization.

For Treatment. We may disclose PHI about you to doctors, nurses, technicians, or other health care professionals who are involved in your medical treatment. Other health care professionals may also share PHI about you in order to coordinate and manage your treatment. We also may disclose PHI about you to authorized individuals and/or entities outside of ESM who may be involved in your medical care. For example, we may discuss your PHI with your surgeon to determine the correct type and size of implantable device for you.

For Payment. We may use and disclose PHI about you to determine your insurance benefits, to submit charges to you or your insurance company for the care and services you receive, and to facilitate payment for the services provided to you. For example, your insurance company may need to know about the surgery you received in order to provide payment for the surgery. We may also use and disclose PHI about you to confirm prior approval has been granted by your insurer or to determine whether your insurance will otherwise cover the treatment.

For Health Care Operations. We may use and disclose PHI about you for other health care operations. Health care operations include all the functions of ESM necessary to run the business and to provide services to you. For example, we may use PHI in connection with quality assurance review and improvement activities. As another example, we may share your PHI with individuals in patient relations to resolve any complaints that you may have and to ensure patient satisfaction.

Business Associates. We may disclose your PHI to our Business Associates to carry out treatment, payment or health care operations. For example, we may disclose PHI about you to a company who bills insurance companies on our behalf to enable that company to help us obtain payment for services we provide.

De-Identified Data and Limited Data Sets. We may use or disclose your PHI to create de-identified information or to create Limited Data Sets of PHI. 45 C.F.R. Sections 164.514(b) and(c) contain the implementation specifications that we follow to meet the de-identification standard.

To Avert a Serious Threat to Health or Safety. We may use and disclose your PHI when necessary to prevent a serious threat to your health and safety or to the health and safety of the general public. Any disclosure would only be to someone able to help prevent the threat.

Public Health Risks. We may disclose PHI about you for public health activities. These activities generally include the following:

to prevent or control disease, injury or disability;
to report child abuse or neglect;
to report reactions to medications or problems with products;
to notify people of recalls of products they may be using;
to notify a person who may have been exposed to a disease or may be at risk for contracting or spreading a disease or condition; and
to notify the appropriate government authority if we believe a patient has been the victim of abuse, neglect or domestic violence.

Health Oversight Activities. We may disclose PHI to a health oversight agency for activities authorized by law. These oversight activities include, for example, audits, investigations, inspections, and licensure. These activities are necessary for the government to monitor the health care system, government programs, and compliance with civil rights laws.

Judicial or Administrative Proceedings. We may share your PHI in the course of a legal proceeding before a court or administrative tribunal in response to a legal request or order. For example, we may disclose your PHI in response to a Judge's Order for certain health information about you. We may also disclose PHI about you in response to a subpoena, discovery request, or other lawful process by someone else involved in the dispute, but only if efforts have been made to tell you about the request (which may include written notice to you) or to obtain an order protecting the information requested.

Law Enforcement Purposes. We may share your PHI with the police or other law enforcement officials as required or permitted by law. For example, we may disclose PHI about you to comply with laws that require the reporting of certain kinds of wounds or other physical injuries.

Military and Veterans. If you are a member of the armed forces, we may release PHI about you as required by military command authorities. We may also release PHI about foreign military personnel to the appropriate foreign military authority.

Decedents. We may share PHI with a coroner or medical examiner as authorized by law.
Organ and Tissue Procurement. If you are an organ donor, we may release PHI about you to organizations that handle organ procurement.

Research. We may use and disclose your PHI for research purposes in certain limited circumstances. We must obtain your written authorization to use your PHI for research purposes except when our use or disclosure was approved by an Institutional Review Board or a Privacy Board.

Workers' Compensation. We may share your PHI as permitted or required by state law relating to workers' compensation claims.

National Security. We may release PHI about you to authorized federal officials for national security and intelligence activities. We may share your PHI with the police or other law enforcement officials as required or permitted by law. For example, we may disclose PHI about you to comply with laws that require the reporting of certain kinds of wounds or other physical injuries.

Inmates. If you are an inmate of a correctional institution or under the custody of a law enforcement official, we may release PHI about you to the correctional institution or law enforcement official. This release would be necessary (1) for the institution to provide you with health care; (2) to protect your health and safety or the health and safety of others; or (3) for the safety and security of the correctional institution.

As Otherwise Required By Law. We may use and disclose your PHI when required to do so by any other federal, state or local law not specifically referenced above. For example, we are required to disclose PHI to the Secretary of the United States Department of Health and Human Services when requested by the Secretary to review our compliance with HIPAA.

YOU MAY OBJECT TO CERTAIN USES AND DISCLOSURES OF YOUR MEDICAL INFORMATION

You can prevent us from using or disclosing your PHI in the circumstances listed below. To prevent us from using or disclosing your PHI in any or all of these circumstances, please send a written objection to our Privacy Officer to both the mailing address and the e-mail address below. Unless you object in writing, we may use or disclose your PHI in the following circumstances:

Individuals Involved in Your Care or Payment for Your Care. We may disclose your PHI to a family member, relative, friend, or others you identify who are involved in your care or payment for your care.

Disaster Relief. We may disclose your PHI to a public or private entity that is authorized by law to assist in disaster relief efforts.

Fundraising Activities. We may use or disclose your PHI to contact you for fundraising activities. You have the right to opt out of receiving fundraising communications. If you receive a fundraising communication, it will tell you how to opt out.

USES AND DISCLOSURES REQUIRING YOUR WRITTEN AUTHORIZATION

All other uses and disclosures of your PHI other than those described above require your written permission. Examples of uses and disclosures of PHI that require your authorization include, but are not limited to, most uses and disclosures of psychotherapy notes, uses and disclosures for marketing purposes, and disclosures that constitute a sale of PHI. If you provide us permission to use or disclose PHI about you, you may revoke that permission, in writing, at any time. If you revoke your permission, we will no longer use or disclose PHI about you under your written authorization. You understand that we are unable to take back any disclosures we have already made with your permission, and that we are required to retain our records of the services that we provided to you.

Marketing. We must obtain your written permission prior to using your PHI for marketing purposes. However, we may communicate with you about products or services related to your treatment, case management, care coordination, or alternative treatments without your permission, but only if we do not receive financial remuneration from a third party in exchange for making those communications.

YOUR RIGHTS REGARDING YOUR PROTECTED HEALTH INFORMATION

You have the following rights regarding PHI we maintain about you:

Right to Inspect and Copy. You have the right to inspect and copy PHI that may be used to make decisions about your care. If any of this PHI is maintained by us electronically, you may request an electronic copy. To inspect and copy PHI that may be used to make decisions about you, you must submit your request in writing to our Privacy Officer at both the mailing address and the e-mail address below. If you request a copy of the information, we may charge a fee for the cost of copying, mailing or other supplies associated with your request.

We may deny your request to inspect and copy in certain very limited circumstances. If you are denied access to PHI, you may request that the denial be reviewed. Another health care professional chosen by ESM will review your request and the denial. The person conducting the review will not be the person who denied your request. We will comply with the outcome of the review.

Right to Amend. If you feel that PHI we have created about you is incorrect or incomplete, you may ask us to amend the information. You have the right to request an amendment for as long as the information is kept. To request an amendment, your request must be made in writing and submitted to our Privacy Officer at the address below. In addition, you must provide the reason for amendment.

We may deny your request for an amendment if it is not in writing or does not include a reason to support the request. In addition, we may deny your request if you ask us to amend information that:

Was not created by us, unless the person or entity that created the information is no longer available to make the amendment;
Is not part of the PHI kept by ESM;
Is not part of the information which you would be permitted to inspect and copy; or
Is accurate and complete.

If we deny your request, we will tell you in writing the reasons for the denial and describe your right to provide a written statement disagreeing with the denial. If we accept your request to amend the information, we will make reasonable efforts to inform others of the amendment, including persons you name who have received information about you and must be notified of the amendment.

Right to an Accounting of Disclosures. You have the right to request an "Accounting of Disclosures" of your PHI. An Accounting of Disclosures is a list of disclosures we have made of your PHI not relating to treatment, payment, health care operations, information provided to you or disclosures that you authorized, or for other authorized purposes described above.

To request an Accounting of Disclosures, you must submit your request in writing to our Privacy Officer. You must state the time period for which you would like an Accounting but such time period must be within the last six (6) years. One Accounting request within a twelve (12) month period will be free of charge. For additional Accountings, we may charge you a reasonable, cost-based fee if requested within twelve (12) months. We will notify you of the cost involved and you may choose to withdraw or modify your request before any costs are incurred.

Right to Request Restrictions. You have the right to request a restriction or limitation on the PHI we use or disclose about you for treatment, payment, health care operations, notification to individuals involved in your care, disaster relief, and death notification purposes. We are not required to agree to your request. If we do agree, we will comply with your request unless doing so would affect your care.

If you pay for a service or health care item out-of-pocket in full, you can ask us not to share that information for the purpose of payment or our operations with your insurer. We will honor this request unless a law requires us to share that information.

To request restrictions, you must make your request in writing to our Privacy Officer at the address below. In your request, you must tell us (1) what information you want to limit; (2) whether you want to limit our use, disclosure or both; and (3) to whom you want the limit to apply.

Right to Request How We Communicate With You. You have the right to request that we communicate with you in a certain way or at a certain location. For example, you can ask that we only contact you at work or by mail. To request confidential communications, you must make your request in writing to our Privacy Officer. We will not ask you the reason for your request. We will accommodate all reasonable requests. Your request must specify how or where you wish to be contacted.

Right to a Paper Copy of This Notice. You have the right to a paper copy of this notice at any time. Even if you have agreed to receive this notice electronically, you are still entitled to a paper copy of this notice. To obtain a paper copy of this notice, please request one in writing from our Privacy Officer at the address below. You may also obtain a copy of this notice on our website: evolent.com/esm-privacy-practices.

Right to Choose Someone to Act for You. You have the right to choose someone to act for you. If you have given someone medical power of attorney or if someone is your legal guardian, that person can exercise your rights and make choices about your health information. We will make sure the person has this authority and can act for you before we take any action.

CHANGES TO THIS NOTICE
We reserve the right to change the terms of this Notice at any time. If we make changes to this Notice, we will post an announcement that the Notice has been changed and post a copy of the updated Notice on our website. The Notice will contain the effective date in the upper left-hand corner. These changes will apply to all information we have about you.

COMPLAINTS – CONTACT US

If you believe your privacy rights have been violated, you may file a complaint with ESM directly or with the Secretary of the Department of Health and Human Services. All complaints must be submitted in writing. You will not be retaliated against for filing a complaint.

Mailing address:
Evolent Surgical Management
Privacy Officer
1812 N Moore St., Suite 1705
Arlington, VA 22209

Email:
Privacy@evolent.com

Secretary, Health and Human Services
U.S. Department of Health & Human Services, Office of Civil Rights
200 Independence Avenue, S.W.
Washington, D.C. 20201
1-877-696-6775

The privacy of your health information is extremely important to us. Please contact us with any concerns or complaints that you may have.

Patient Rights & Responsibilities

For a copy of our Patient Rights and Responsibilities document, email our Quality Management Department or call them at 888-999-7713. You can also download the Patient Rights and Responsibilities.

Connecticut Criteria

To access clinical review criteria utilized for ConnectiCare Commercial Member requests in Connecticut, access ConnectiCare Medical Management Pharmacy Policies and ConnectiCare Medical Management Medical Policy.

To access clinical review criteria utilized for Emblem Commercial Member requests in Connecticut, access Emblem Health Medical Policies.

Clinical Criteria for Health Utilization Management Decisions

Evolent applies nationally recognized clinical criteria and standards of care to medical necessity reviews. As available, CMS National and Local Coverage Determination Criteria and Medicare Guidance and CMS recognized Compendia are utilized for Medicare Advantage service requests. Health Plan specific clinical policies and nationally recognized oncology and cardiology consensus guidelines and compendia may also be applied for Medicare, Medicaid and Commercial member reviews.

Clinical criteria utilized to issue an authorization are available upon request by contacting the Evolent Health Utilization Department at:

Evolent
1812 N Moore St
Suite 1705
Arlington, Virginia 22209

Medical Policies

Please note that the following policies are posted for reference only. Based on the member’s benefit coverage, Evolent policies may be utilized for determinations. Health Plan policy or State mandated policy may be used before Evolent policy based on the Health Plan. Medicare determinations will follow the clinical criteria set forth by CMS using National Coverage Determinations (NCD), Local Coverage Determinations (LCD), CMS Guidance documents or the five Compendia approved by CMS for cancer drugs. The policy versions posted may not apply to all health plans. At any time, you may request the specific clinical criteria used in a determination decision.

Evolent Clinical Guidelines are comprehensive and inclusive of various procedural applications for each service type. Our guidelines may be used to supplement Medicare criteria when such criteria is not fully established. When Medicare criteria is determined to not be fully established, we only reference the relevant portion of the corresponding Evolent Clinical Guideline that is applicable to the specific service or item requested in order to determine medical necessity.

Oncology | Radiation Oncology | Cardiology

Please direct any questions to MedicalPolicyTeam@evolent.com

Affirmative Statement

Evolent’s policy states that utilization review decisions are based only on medical necessity, appropriateness of care and service and the existence of coverage. There are no rewards, bonuses or incentives for practitioners or other individuals for issuing denials or approvals of coverage, service or care. There are no financial incentives for utilization management decision makers to encourage decisions that would result in underutilization or over-utilization. All medical necessity determinations are based upon nationally recognized standards of care and clinical guidelines and are not influenced by financial or in-kind incentives.

ARKANSAS AUTHORIZATION REQUIREMENTS AND CLINICAL CRITERIA

A. Prior Authorization of Non-Urgent Healthcare Service (A.C.A. 23-99-1105)

Evolent (formerly National Imaging Associates, Inc.) acting on behalf of the Health Plan must make an authorization or non-authorization determination and notify the subscriber (member) and provider of the determination/decision within 2 business days of obtaining all information needed to make the determination.

B. Prior Authorization of Urgent Healthcare Service (A.C.A. 23-99-1106)

Evolent acting on behalf of the Health Plan must make an expedited authorization or adverse determination on an urgent request and notify the subscriber(member) and provider of the determination no later than 1 business day after receipt of all information needed to complete the review.

C. Retrospective Denial (A.C.A. 23-99-1108)

Evolent may not revoke (cancel), limit, condition, or restrict an authorization for a period of 45 business days from the date the provider received the authorization.
Any correspondence, contact, or other action by Evolent that disclaims, denies, or attempts to disclaim, or attempts to deny payment for services that have been authorized within the 45-day period is void.

D. Written Clinical Criteria

Any written clinical criteria can be found on RadMD and on the Arkansas Clinical Guidelines page. Per AR SB 318 (ACA 23-99-1104) statistics are made readily available regarding prior authorization approvals and denials.

DELAWARE AUTHORIZATION REQUIREMENTS AND CLINICAL CRITERIA

A. Prior Authorization of Non-Urgent Healthcare Service (HB 381)

Evolent (formerly National Imaging Associates, Inc.) acting on behalf of the Health Plan must make an authorization or non-authorization determination and notify the subscriber (member) and provider of the non-electronic determination/decision within 8 business days of receipt of preauthorization request that contains all necessary information not to exceed 15 calendar days.
Evolent acting on behalf of the Health Plan must make an authorization or non-authorization determination and notify the subscriber (member) and provider of the electronic determination/decision within 5 business days of receipt of the complete electronic request not to exceed 15 calendar days.
Preauthorization for a health care service shall be valid for a reasonable and customary period of time for the service but no less than 60 days from the date that the provider receives the preauthorization, subject to confirmation of continued coverage and eligibility.
Any written clinical criteria can be found on RadMD.

Services requiring preauthorization for Delaware Health Plans:

CT scan of: head/brain/sinus/soft tissue of the neck/ chest (non coronary)/ pelvis/cervical spine/lumbar spine/ thoracic spine/lower extremity/abdomen/heart/heart congenital studies, noncoronary arteries

CT angiography of: chest/pelvis/upper extremity/lower extremity/ abdomen/pelvis/abdominal arteries

MRI of: the face/neck/brain/cervical spine/lumbar spine/thoracic spine/upper joint extremity/lower extremity/hip/abdomen/heart/breast¹

MRA of: head/neck/chest (excluding myocardium)/spinal canal/pelvis/upper extremity/lower extremity/abdomen

PET scan of: heart/brain PET PET Scan with concurrently acquired CT for attenuation correction and anatomic, localization. PET imaging whole body, melanoma for non-covered indications/ PET imaging, any site, not otherwise specified/ PET imaging, initial diagnosis of breast cancer and/or surgical planning for breast cancer

Diagnostic CT colonoscopy (virtual colonoscopy, CT colonography)

Coronary Artery Ca Score, Heart Scan, Ultrafast CT Heart, Electron Beam CT

CTA coronary arteries (CCTA)

MR Spectroscopy

Myocardial Perfusion Imaging – Nuclear Cardiology Study

Low Dose CT For Lung Cancer Screening

Mandatory notification required for stress Echocardiography

¹Breast MRI does not require preauthorization for Exchange members

ILLINOIS PRIOR AUTHORIZATION OF HEALTHCARE SERVICES AND CLINICAL CRITERIA

(compliance with Illinois 215 ILCS 200/25 & 200/30)

Evolent (formerly National Imaging Associates, Inc.) acting on behalf of the Health Plan must complete an authorization determination and notify the subscriber (member) and provider of the determination/decision for non-urgent requests within 5 calendar days after receipt of a preauthorization request that contains all necessary information, but not to exceed 15 calendar days after receipt of the request.
Evolent acting on behalf of the Health Plan must complete an authorization determination and notify the subscriber (member) and provider of the determination/decision for urgent requests within 48 hours after receipt of a preauthorization request that contains all necessary information, but not to exceed 72 hours after receipt of the request.
Any written clinical criteria can be found on RadMD. Illinois prior authorization state reports are also available.

Services requiring preauthorization for Illinois Health Plans:

Radiology / Cardiac:

CT scan of: head/brain/sinus/soft tissue of the neck/chest (non coronary)/ pelvis/cervical spine/lumbar spine/thoracic spine/lower extremity/abdomen/heart/heart congenital studies, noncoronary arteries
CT angiography of: chest/pelvis/upper extremity/lower extremity/ abdomen/pelvis/abdominal arteries
MRI of: the face/neck/brain/cervical spine/lumbar spine/ thoracic spine/upper joint extremity/lower extremity/hip/abdomen/heart/breast¹
MRA of: head/neck/ chest (excluding myocardium)/ spinal canal/pelvis/upper extremity/lower extremity/abdomen
PET scan of: heart/brain; PET Scan with concurrently acquired CT for attenuation correction and anatomic, localization. PET imaging whole body, melanoma for non-covered indications/ PET imaging, any site, not otherwise specified/ PET imaging, initial diagnosis of breast cancer and/or surgical planning for breast cancer
Diagnostic CT colonoscopy (virtual colonoscopy, CT colonography)
Coronary Artery Ca Score, Heart Scan, Ultrafast CT Heart, Electron Beam CT
CTA coronary arteries (CCTA)
MR Spectroscopy
Myocardial Perfusion Imaging – Nuclear Cardiology Study
Stress Echocardiography
Echocardiography (TTE/TEE)
Low Dose CT For Lung Cancer Screening
MUGA Scan

Physical Medicine:

Physical Therapy
Occupational Therapy
Speech Therapy

Interventional Pain Medicine:

Sacroiliac Joint Injection
Cervical/Thoracic Interlaminar Epidural
Cervical/Thoracic Transforaminal Epidural
Lumbar/Sacral Interlaminar Epidural
Lumbar/Sacral Transforaminal Epidural
Cervical/Thoracic Facet Joint Block
Lumbar/Sacral Facet Joint Block
Cervical/Thoracic Facet Joint Radiofrequency Neurolysis
Lumbar/Sacral Facet Joint Radiofrequency Neurolysis

¹Breast MRI does not require preauthorization for Exchange members

KENTUCKY AUTHORIZATION REQUIREMENTS

To access the utilization management procedures and preauthorization list for Humana health plan, access https://www.humana.com/provider/medical-resources/authorizations-referrals/preauthorization-lists

MARYLAND CLINICAL REVIEW CRITERIA

For medical requests: One or more of the following evidence-based, nationally accepted, licensed, clinical decision support criteria sets is chosen for use to ensure consistent, appropriate decision-making regarding care and services:

a. Centers for Medicaid and Medicare Services (CMS) National Coverage Determinations (NCD): Home - Centers for Medicare & Medicaid Services | CMS

b. CMS Local Coverage Determinations (LCD): Home - Centers for Medicare & Medicaid Services | CMS

c. Level of Care for Alcohol and Drug Treatment Referral (LOCADTR) 3.0 for Level of Care (LOC) Determination for Substance Use Disorder (SUD): Level of Care for Alcohol and Drug Treatment Referral 3.0 Manual

d. MCG (Formerly Milliman Care Guidelines): Care Guidelines for Evidence-Based Medicine | MCG Health

e. MCG Inpatient and Surgical Care: Inpatient Surgical Care & Case Management Guidelines | MCG Health

f. MCG Ambulatory Care: Ambulatory Care Guidelines for the Most Appropriate Care | MCG Health

g. MCG Behavioral Health/Chemical Dependency: Behavioral Healthcare Guidelines from MCG Health

h. InterQual® Care Planning Criteria: InterQual®

i. InterQual® Level of Care Criteria: InterQual®

j. InterQual® Behavioral Health/Chemical Dependency: InterQual®

k. Evolent Medical Policies: Regulatory, Compliance and Privacy Policies

l. American Society of Addiction Medicine: ASAM Clinical Guidelines

MARYLAND CLINICAL REVIEW CRITERIA – SPECIALTY

Based on the member’s benefit coverage, Evolent policies may be utilized for determinations. Health Plan policy or State mandated policy may be used before Evolent policy based on the Health Plan. The policy versions posted may not apply to all health plans. The following policies are posted for reference only.

When applicable, any written clinical criteria for advanced imaging, cardiology, musculoskeletal surgery (MSK), interventional pain management (IPM), radiation oncology, and physical medicine can be found on RadMD. For the following specialties, please click on the following links:

Oncology | Radiation Oncology | Cardiology

MASSACHUSETTS STANDARD IMAGING PRIOR AUTHORIZATION FORMS

Chapter 176O Section 25 of the Massachusetts General Laws requires that health insurance carriers use standard prior authorization forms when reviewing requests for certain imaging services.

Based on the work of the Mass Collaborative, an organization of health plans, provider organizations and professional associations, standard prior authorization request forms have been developed and approved by the Massachusetts Division of Insurance (DOI). These forms will be accepted by all health plans.

Effective November 1^st Evolent, (formerly National Imaging Associates, Inc.) will begin accepting the following imaging prior authorization forms approved by the DOI. Completed forms can be faxed to Evolent at 1-888-656-6648. Providers can also continue to submit prior authorization requests through the Evolent Call Center and RadMD.

This change applies to members in Fully Insured Massachusetts plans including PPO, POS and HMO.

Cardiac Imaging

CT/CTA/MRI/MRA

PET-PET CT

MASSACHUSETTS AUTHORIZATION REQUIREMENTS AND CLINICAL CRITERIA

A. Prior Authorization of Non-Urgent Healthcare Service

Evolent (formerly National Imaging Associates, Inc.) acting on behalf of the Health Plan must make an authorization or non-authorization determination and notify the subscriber (member) and provider of the determination/decision within two (2) business days of obtaining all information needed to make the determination. The rendering provider must be notified of the decision by telephone within twenty-four (24) hours thereafter.

B. Prior Authorization of Urgent Healthcare Service

Evolent acting on behalf of the Health Plan must make an expedited authorization or adverse determination on an urgent request and notify the subscriber (member) and provider of the determination no later than seventy-two (72) hours of receipt of request.

NEW MEXICO AUTHORIZATION REQUIREMENTS AND CLINICAL CRITERIA

A. Prior Authorization of Non-Urgent Healthcare Service (NMAC 13.10.31.8)

Evolent (formerly National Imaging Associates, Inc.) acting on behalf of the Health Plan must make an authorization or non-authorization determination within the below timeframes:

NM ST § 59A-22B-5

7 business days upon receipt of necessary information otherwise it is deemed approved.
24 calendar hours from request for expedited cases otherwise deemed approved.
Any written clinical criteria can be found on RadMD.

For Presbyterian Health Plan, Inc and Presbyterian Insurance Company, Inc. only:

Presbyterian utilizes the Uniform Prior Authorization Form pursuant to the New Mexico Administrative Code (NMAC) 13.10.31.10. The form may be found here.

RBM/Cardiac Services requiring preauthorization for all New Mexico Health Plans:

CT angiography of: chest/pelvis/upper extremity/lower extremity/abdomen/pelvis/abdominal arteries

MRI of: the face/neck/brain/cervical spine/lumbar spine/thoracic spine/upper joint extremity/lower extremity/hip/abdomen/heart/breast¹

MRA of: head/neck/chest (excluding myocardium)/spinal canal/pelvis/upper extremity/lower extremity/abdomen

PET scan of: heart/brain PET PET Scan with concurrently acquired CT for attenuation correction and anatomic, localization. PET imaging whole body, melanoma for non-covered indications/PET imaging, any site, not otherwise specified/PET imaging, initial diagnosis of breast cancer and/or surgical planning for breast cancer

Diagnostic CT colonoscopy (virtual colonoscopy, CT colonography)

Coronary Artery Ca Score, Heart Scan, Ultrafast CT Heart, Electron Beam CT

CTA coronary arteries (CCTA)

MR Spectroscopy

Myocardial Perfusion Imaging – Nuclear Cardiology Study

Low Dose CT For Lung Cancer Screening

Stress Echocardiography

MSK Services requiring preauthorization for Presbyterian Health Plan:

Spine Surgery (Lumbar and Cervical)

Therapy Services requiring preauthorization for Western Sky Health Plan:

Physical Therapy, Speech Therapy, and Occupational Therapy

¹Breast MRI does not require preauthorization for Exchange members