Last Updated on July 24, 2020
Your access to, and use of, the Health Data Analytics Institute, Inc. (the “Company”) website, healthpicture.com
The information on our Services is not intended or implied to be a substitute for professional medical advice, diagnosis or treatment. All content, including text, graphics, images and information, contained on or available through the Services is for general information purposes only. The Company makes no representation and assumes no responsibility for the accuracy of information contained on or available through the Services, and such information is subject to change without notice. You are encouraged to confirm any information obtained from or through the Services with other sources such as your physician, and review all information regarding any medical condition or treatment with your physician. NEVER DISREGARD PROFESSIONAL MEDICAL ADVICE OR DELAY SEEKING MEDICAL TREATMENT BECAUSE OF SOMETHING YOU HAVE READ ON OR ACCESSED THROUGH THIS WEBSITE. IF YOU ARE EXPERIENCING A MEDICAL EMERGENCY PLEASE CALL YOUR HEALTH CARE PROVIDER OR 911.
The Company does not recommend, endorse or make any representation about the efficacy, appropriateness or suitability of any specific products, procedures, treatments, services, opinions, health care providers, health insurers, plans or other information that may be contained on or available through or in connection with the Services. THE COMPANY IS NOT RESPONSIBLE NOR LIABLE FOR ANY ADVICE, COURSE OF TREATMENT, DIAGNOSIS OR ANY OTHER INFORMATION, SERVICES OR PRODUCTS THAT YOU OBTAIN THROUGH OR IN CONNECTION WITH THIS SERVICE.
What information do we collect?
We collect personally identifiable information which may include your medical records (“Personal Information”) and other non-individually identifiable information from you when you create an account, respond to any communication such as e-mail, or otherwise use the Services in any manner. Such Personal Information may include certain of your protected health information (“PHI”) as that term is defined under Health Insurance Portability and Accountability Act of 1996 and the Health Information Technology for Economic and Clinical Health Act of 2009 (HITECH). We may also collect your Personal Information on behalf of third parties, such as your health care provider, persons or organizations that you authorize, as described below.
In order to use our Services, you will be required to provide Personal Information. For example, when registering as a user on the Service, we ask you for your name, e-mail address. We may also ask for additional personal information such as mailing address, phone number, your sex, and date of birth if not provided from Blue Button.
We collect and use mobile device identifiers, IP addresses and session identifiers to analyze trends, to administer the Company Services, to track user activities, to infer user interests, and to otherwise learn about individual users and market segments. We also collect and store certain other non-identifiable information, which is collected passively using various technologies, and cannot presently be used to specifically identify you.
Some of the Personal Information received by the Company in connection with providing the Services is subject to privacy and security laws and regulations including the Health Insurance Portability and Accountability Act of 1996 (HIPAA) that govern the use and disclosure of certain individually identifiable health-related Personal Information (“Protected Health Information”).
For more information about our HIPAA-compliant activities, please contact [email protected]
Our Company Services currently do not respond to “Do Not Track” (DNT) signals.
Safeguarding Your Personal Information and Protected Health Information
We cannot guarantee the absolute security of any Personal Information submitted to or otherwise collected during your use of the Services, but the Company takes every reasonable effort to protect your Personal Information. The Company follows generally accepted industry security standards to safeguard and help prevent unauthorized access and maintain data security of Personal Information.
We are also subject to HIPAA because we act as a healthcare clearinghouse, which means we receive Protected Health Information from one source in one format and convert it into another format for use by a different source. HIPAA requires us and healthcare providers, who receive and use your Protected Health Information to implement certain measures to safeguard the confidentiality, integrity, and availability of your Protected Health Information. Healthcare providers who access your Personal Information through the Service agree to handle Protected Health Information in compliance with HIPAA.
Further we encrypt your Protected Health Information when it is stored with our outside cloud computing services provider, who we require to comply with HIPAA to protect the security and privacy of your information. It will also be encrypted when transmitted electronically. However, no commercial method of information transfer over the Internet or electronic data storage is known to be 100% secure.
What Personal Information Do We Use?
We will only share elements of your individual Protected Health Information with entities that you have expressly authorized to acquire it as the primary service of the app (“Approved Third Parties”). These Approved Third Parties may include, without limitation, your healthcare providers or others who are involved in your care.
We may use the Personal Information and other data we collect from you when you register, access, view or use the Services, to communicate with you about access to your medical records. We may send you an email, to verify your username and password when you create an account. We will communicate with you in response to your inquiries, to provide the services you request and to manage your account. We may send you requests on behalf of Approved Third Parties if they wish to access your Protected Health Information. We may send you notices when your records have been accessed, uploaded, or amended by Approved Third Parties. We will communicate with you by email or telephone, according to your account preferences.
We will also send you strictly service-related announcements on rare occasions when it is necessary to do so. For instance, if our Services are temporarily suspended for maintenance, we might send you an email. Generally, you may not opt-out of these communications, which are not promotional in nature
What Information do We Share, and with Whom do we Share it?
We will not rent or sell your Personal Information or Protected Health Information with other people or non-affiliated companies. We share your Personal Information, which might include your Protected Health Information, with the following people in the following ways:
Retention of Your Personal Information
- With Approved Third Parties: With your consent, we may share, transfer or otherwise disclose certain of your Personal Information to your advocates/caregivers, your health care providers, in order to perform the Services, in connection with treatment, payment, or healthcare operations purposes, and for other purposes permitted or required by law.
- Protection of the Company and Other People: We may release Personal Information when we believe in good faith that release is necessary to comply with the law; enforce or apply our conditions of use and other agreements; or protect the rights, property, or safety of the Company, our employees, our users, or others. If necessary, we will make all legally required disclosures of any breach of the security, confidentiality, or integrity of your Personal Information (including your Protected Health Information). To the extent permitted by applicable laws, we will make such disclosures to you as quickly as we can but consistent with the legitimate needs of law enforcement or our need to conduct a thorough investigation.
- Anonymized Information: We may create Anonymized Information from the information that you share with us, including any Personal Information, and use such Anonymized Information without restriction. We may, for example, use the De-identified Information ourselves for research and development purposes.
We will store your Personal Information for as long as we believe is necessary or appropriate (i) to carry out the purpose(s) for which we collected it, or (ii) to comply with applicable laws, contracts, or other rules or regulations, which may extend beyond the termination of our relationship with you. Unless otherwise set forth in the applicable Terms of Service or a separate agreement with you governing the applicable Services, if you cease using such Service, we may retain or destroy, at our discretion, all Personal Information and non-personally identifiable information we collect through your use of such Service. In addition to requesting us to delete your Personal Information in the application itself, you may also contact us at [email protected]
Use from Outside the United States
You understand and agree that if you are using the Services from a country outside the United States and provide Personal Information to the Company, you will be authorizing and consenting to the transfer of Personal Information about yourself to the United States. You understand that the privacy laws of the United States may be different from and not as comprehensive or protective as those in your country, and you agree that the transfer of your Personal Information to the United States occurs with your consent. Personal Information collected on the Company Service may be stored and processed in the United States or abroad.
Correcting and Updating Your Personal Information
You can request that we correct or update your Personal Information associated with your user account by contacting us by e-mail [email protected]
or you may access your user settings and update it yourself. You may also request an accounting of disclosures of your Protected Health Information. It may take us up to 60 days to process your request. If we cannot respond to your request within that time, we will provide you with a reason why, and we may request another 30 days to respond. At this time, we cannot correct or update your Protected Health Information—please contact your health care provider or insurer.
To “opt-out” of (1) any consents previously given to us, (2) receiving communications from us, or (3) having Personal Information disclosed to third parties, send an e-mail to [email protected]
or alternatively you may revoke access via your account on the healthpicture.com website.
Privacy and Third Party Links
Your California Rights
The Company Service is intended only for use by adults, either for themselves or on behalf of their minor children. We do not knowingly collect information directly from children under the age of thirteen. If you have reason to believe that a child under the age of 13 has provided Personal Information to us through the Company Service, please contact us, and we will to delete that information from our databases.
We welcome your questions, comments, and concerns about the Services. Please send us any and all feedback pertaining to the Services to [email protected]