Health Data Analytics Institute, LLC Privacy Policy for healthpicture.com
Last Updated on July 24, 2020
Overview
Your access to, and use of, the Health Data Analytics Institute, Inc. (the “Company”) website, healthpicture.com, and the information, community, products and services that we provide to you and other users through this website portal provided by us in connection with our products and services (collectively, the “Services”) is subject to the Terms of Service and this Privacy Policy.
When it comes to the release of your health information, you have certain rights. For medical treatments covered by Medicare, you may access and review your own health records at an online website portal called “Blue Button”. This portal is designed for patients to download their own health information in a variety of formats, such as text and PDF. You may also provide consent for other individuals or companies to access this information in electronic form using a Blue Button Access App. If you provide consent for us to access your information through Blue Button, this Privacy Policy describes how we will use, collect, and protect your private health and other information we collect, either for our own use or on behalf of third parties, and explains how you can access and request modification or deletion of certain information that we may store about you. This Privacy Policy is incorporated and made part of the Terms of Service.
_______________________________________________________________________
Medical Disclaimer: The information on our Services is not intended or implied to be a substitute for professional medical advice, diagnosis or treatment. All content, including text, graphics, images and information, contained on or available through the Services is for general information purposes only. The Company makes no representation and assumes no responsibility for the accuracy of information contained on or available through the Services, and such information is subject to change without notice. You are encouraged to confirm any information obtained from or through the Services with other sources such as your physician, and review all information regarding any medical condition or treatment with your physician. NEVER DISREGARD PROFESSIONAL MEDICAL ADVICE OR DELAY SEEKING MEDICAL TREATMENT BECAUSE OF SOMETHING YOU HAVE READ ON OR ACCESSED THROUGH THIS WEBSITE. IF YOU ARE EXPERIENCING A MEDICAL EMERGENCY PLEASE CALL YOUR HEALTH CARE PROVIDER OR 911.
The Company does not recommend, endorse or make any representation about the efficacy, appropriateness or suitability of any specific products, procedures, treatments, services, opinions, health care providers, health insurers, plans or other information that may be contained on or available through or in connection with the Services. THE COMPANY IS NOT RESPONSIBLE NOR LIABLE FOR ANY ADVICE, COURSE OF TREATMENT, DIAGNOSIS OR ANY OTHER INFORMATION, SERVICES OR PRODUCTS THAT YOU OBTAIN THROUGH OR IN CONNECTION WITH THIS SERVICE.
Your Acceptance of This Privacy Policy and Changes to It
By accessing, viewing or otherwise using any Service, you consent to the collection and use of your information by the Company in accordance with this Privacy Policy. If you do not agree to this Privacy Policy, you may not use the Service. You represent and warrant that you have permission to share any information you elect to provide through the Services, you consent to such information being shared as described in this Policy.
Company reserves the right to change, modify, add or remove portions of this Privacy Policy at any time, without prior notice. Changes take effect on the date that appears on the revised Privacy Policy. Accordingly, if your account is active and you have subscribed to e-mail notifications, we will notify you of any material change to the Privacy Policy as determined by the Company’s Privacy officer. If you use the Services following a change in this Privacy Policy, we will ask you to accept the new Privacy Policy before allowing use of the Service. Your acceptance will indicate your agreement to be bound by the changes.
What information do we collect?
We collect personally identifiable information which may include your medical records (“Personal Information”) and other non-individually identifiable information from you when you create an account, respond to any communication such as e-mail, or otherwise use the Services in any manner. Such Personal Information may include certain of your protected health information (“PHI”) as that term is defined under Health Insurance Portability and Accountability Act of 1996 and the Health Information Technology for Economic and Clinical Health Act of 2009 (HITECH). We may also collect your Personal Information on behalf of third parties, such as your health care provider, persons or organizations that you authorize, as described below.
In order to use our Services, you will be required to provide Personal Information. For example, when registering as a user on the Service, we ask you for your name, e-mail address. We may also ask for additional personal information such as mailing address, phone number, your sex, and date of birth if not provided from Blue Button.
We collect and use mobile device identifiers, IP addresses and session identifiers to analyze trends, to administer the Company Services, to track user activities, to infer user interests, and to otherwise learn about individual users and market segments. We also collect and store certain other non-identifiable information, which is collected passively using various technologies, and cannot presently be used to specifically identify you.
Some of the Personal Information received by the Company in connection with providing the Services is subject to privacy and security laws and regulations including the Health Insurance Portability and Accountability Act of 1996 (HIPAA) that govern the use and disclosure of certain individually identifiable health-related Personal Information (“Protected Health Information”).
For more information about our HIPAA-compliant activities, please contact [email protected].
We use “cookies” to enhance your experience and gather information about visitors and visits to the Services to help us understand your preferences based on previous or current activities. We also use cookies to help us compile aggregate data about Services traffic and Services interaction so that we can offer better experiences and tools in the future. We may contract with third-party service providers to assist us in better understanding our visitors and users. If you are using our platform on a computer, you can change your browser settings to set your cookie preferences. If you are accessing our platform from a mobile device, you can change your permissions and settings on your mobile device.
Our Company Services currently do not respond to “Do Not Track” (DNT) signals.
Safeguarding Your Personal Information and Protected Health Information
We cannot guarantee the absolute security of any Personal Information submitted to or otherwise collected during your use of the Services, but the Company takes every reasonable effort to protect your Personal Information. The Company follows generally accepted industry security standards to safeguard and help prevent unauthorized access and maintain data security of Personal Information.
We are also subject to HIPAA because we act as a healthcare clearinghouse, which means we receive Protected Health Information from one source in one format and convert it into another format for use by a different source. HIPAA requires us and healthcare providers, who receive and use your Protected Health Information to implement certain measures to safeguard the confidentiality, integrity, and availability of your Protected Health Information. Healthcare providers who access your Personal Information through the Service agree to handle Protected Health Information in compliance with HIPAA.
Further we encrypt your Protected Health Information when it is stored with our outside cloud computing services provider, who we require to comply with HIPAA to protect the security and privacy of your information. It will also be encrypted when transmitted electronically. However, no commercial method of information transfer over the Internet or electronic data storage is known to be 100% secure.
What Personal Information Do We Use?
We will only share elements of your individual Protected Health Information with entities that you have expressly authorized to acquire it as the primary service of the app (“Approved Third Parties”). These Approved Third Parties may include, without limitation, your healthcare providers or others who are involved in your care.
We may use the Personal Information and other data we collect from you when you register, access, view or use the Services, to communicate with you about access to your medical records. We may send you an email, to verify your username and password when you create an account. We will communicate with you in response to your inquiries, to provide the services you request and to manage your account. We may send you requests on behalf of Approved Third Parties if they wish to access your Protected Health Information. We may send you notices when your records have been accessed, uploaded, or amended by Approved Third Parties. We will communicate with you by email or telephone, according to your account preferences.
We will also send you strictly service-related announcements on rare occasions when it is necessary to do so. For instance, if our Services are temporarily suspended for maintenance, we might send you an email. Generally, you may not opt-out of these communications, which are not promotional in nature
What Information do We Share, and with Whom do we Share it?
We will not rent or sell your Personal Information or Protected Health Information with other people or non-affiliated companies. We share your Personal Information, which might include your Protected Health Information, with the following people in the following ways:
- With Your Consent: We will ask for your consent if we wish to share your information with anyone in a materially different way than discussed in this Privacy Policy
- With Approved Third Parties: With your consent, we may share, transfer or otherwise disclose certain of your Personal Information to your advocates/caregivers, your health care providers, in order to perform the Services, in connection with treatment, payment, or healthcare operations purposes, and for other purposes permitted or required by law.
- Business Transfers: We may choose to sell our company or certain of our assets. In these types of transactions, customer information, including Personal Information about customers, is typically one of the business assets that are transferred but any data that is transferred will be subject to this Privacy Policy. If your personal information is part of such a transaction, you hereby consent to such transfer provided that the transferee agrees to abide by this Privacy Policy with respect to your Personal Information in our possession. We will notify you if such an event occurs. You can always request that we remove your Personal Information as described below.
- Protection of the Company and Other People: We may release Personal Information when we believe in good faith that release is necessary to comply with the law; enforce or apply our conditions of use and other agreements; or protect the rights, property, or safety of the Company, our employees, our users, or others. If necessary, we will make all legally required disclosures of any breach of the security, confidentiality, or integrity of your Personal Information (including your Protected Health Information). To the extent permitted by applicable laws, we will make such disclosures to you as quickly as we can but consistent with the legitimate needs of law enforcement or our need to conduct a thorough investigation.
- Anonymized Information: We may create Anonymized Information from the information that you share with us, including any Personal Information, and use such Anonymized Information without restriction. We may, for example, use the De-identified Information ourselves for research and development purposes.
ActiveUS 180446150v.1