The Purpose of this Privacy Policy
This privacy policy only applies to our visitors use and access of the website, www.nethealth.com. This policy does not and is not intended to apply to our customers use and access of our various software products and services. The purpose of this policy is to inform you about the types of information we gather about you when you visit our website and how we may use that information.
The Information We Collect
Personal Information
At various places throughout our website (such as general inquiries, requests to schedule a demo, mailing list sign up, etc.) we may request that you supply us with certain personal information such as your name, address, email address, affiliate organization, or phone number. We may collect personal information when you voluntarily submit it to us through email, our online forms and questionnaires. If you do elect to give us the personal information requested, we will collect and retain that information.
Our website also uses the technologies of a third-party partner to help us recognize your device and understand how you use our site(s) so that we can improve our services to reflect your interests and serve you advertisements about the products and/or services that are likely to be of more interest to you. Specifically, information about your activity on our site(s) may be collected to enable us to: measure and analyze traffic and browsing activity on our site(s); show advertisements for our products and/or services to you on third-party sites.
We may also share certain data, such as hashed email derived from emails or other online identifiers collected on our site(s) with our advertising partner. This allows our partner to recognize and deliver to you ads across devices and browsers. To read more about the technologies used by our partner and their cross device capabilities please refer to this Privacy Notice.
Non-Personal Information
When you visit our website, we may also collect “non-personal information,” meaning information that by itself, cannot identify you. Non-personal information may include technical information such as your IP address, browser type, etc. Non-personal information may also include information that you provide us through use of our website.
What We Use & How We Use It
We use the personal information you provide to us to communicate with you. Communications serve a variety of purposes: informational, promotional, marketing, solicitations, or announcements. If you send an email, submit an inquiry, or request a demo, we may use your personal information to respond to your question, or inquiry. We use non-personal information you provide us to better understand our website demographics, analyze how our website is being used, improve content, products and services, and for marketing purposes.
We use cookies to ensure that we give you the best experience on our website. We also use cookies to show you advertising that is relevant to you. Cookies collect non-personally identifiable information about your activities on this and other web sites to, among other things, provide you targeted advertising based upon your interests. For example, based on cookies collected during your interactions with our website, we may advertise to you on other websites via third-party vendors, including Google. If you wish to not have this information used for the purpose of serving you targeted ads, you may opt-out. Specifically, you can opt out of Google’s use of cookies by visiting www.google.com/settings/ads.
You may also decline to have personal data collected via third party tracking technologies by navigating to the settings feature in your browser and declining all third-party cookies or declining third party cookies from specific sites, or, for mobile, limiting ad tracking or resetting the advertiser identifier via the privacy settings on your mobile device. Our advertising partner may use non-cookie technologies that may not be impacted by browser settings that block cookies. Your browser may not permit you to block such technologies. For this reason, you can use third-party tools to decline the collection and use of information for the purpose of serving you interest based advertising.
Mailing List
If you elect to join our mailing list, we will use your name and email address to send Net Health news and information to you. If you wish to opt-out of receiving these communications you may do so at any time by following the unsubscribe instructions within the emails you receive.
Links to Other Sites
Please note that our website may contain links to other parties’ websites for which we have no control over the privacy practices or the content thereof. We encourage you to be aware when you leave our site and to read the privacy policies of each and every website that collects personally identifiable information.
Legal Disclosure
We reserve the right to disclose your personally identifiable information as required by law, court order or other government or law enforcement authority; to enforce our rights, or when we have a good faith belief that the information is necessary to protect the rights of others.
Our Commitment to Data Security
Net Health is committed to the security of the personal information you provide to us. As such, we follow generally accepted industry standards to protect the personal information submitted to us. Please keep in mind that perfect security does not exist, and there is always some risk when transmitting information electronically.
Changes to This Policy
We reserve the right to change and update this privacy policy at any time. Updates and changes will be posted here as soon as they go into effect. We encourage you to periodically review this policy for the latest changes and/or updates.
How to Contact Us
Should you have questions or concerns about this privacy policy, or you would like to contact one of our Security or Privacy Officials, please email us at security@nethealth.com.
Introduction
Casamba, Inc. has adopted this Privacy-Official Policy to comply with the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), as amended by the HITECH Act of 2009 (ARRA Title XIII). We also recognize our responsibility to protect individually identifiable health information under the regulations implementing HIPAA, other federal and state laws protecting the confidentiality of personal information, and under general, professional ethics.
This policy governs the designation and duties of a HIPAA Privacy-Official for Name of Entity or Facility. All personnel of Casamba, Inc. must comply with this policy. Demonstrated competence in the requirements of this policy is an important part of the responsibilities of every member of the workforce.
Officers, agents, employees, contractors, temporary workers, and volunteers must read, understand, and comply with this policy.
Assumptions
❑ Casamba, Inc. hereby recognizes its status as a Business Associate under the definitions contained in the HIPAA regulations.
❑ Casamba, Inc. must comply with HIPAA and the HIPAA implementing regulations concerning the designation of a Privacy-Official, in accordance with the requirements at § 164.530(a).
Policy
- • It is the Policy of Casamba, Inc. to designate and maintain at all times an active HIPAA Privacy-Official.
- • The HIPAA Privacy-Official’s general responsibilities are to:
- 1. Oversee all HIPAA-related compliance activities, including the development, implementation and maintenance of appropriate privacy and security-related policies and procedures.
- 2. Conduct various risk-analyses, as needed or required.
- 3. Manage breach notification investigations, determinations, and responses, including breach notifications.
- 4. Develop or obtain appropriate privacy or security training for all workforce members, as appropriate.
The HIPAA Privacy-Official’s potential duties may include:
1. Ensure compliance with privacy practices and consistent application of sanctions for failure to comply we privacy policies for all individuals in the organization's workforce, extended workforce, and for all business associates, in cooperation with human resources, the information security officer, administration, and legal counsel as applicable.
2. Maintain an accurate inventory of (1) all individuals who have access to confidential information, including PHI, and (2) all uses and disclosures of confidential information by any person or entity.
3. Administer patient requests under HIPAA Patient Rights.
4. Administer the process for receiving, documenting, tracking, investigating, and taking action on all complaints concerning the organization's privacy policies and procedures in coordination and collaboration with other similar functions and, when necessary legal counsel.
5. Cooperate with HHS and its Office for Civil Rights, other legal entities, and organization officers in any compliance reviews or investigations.
6. Work with appropriate technical personnel to protect confidential information from unauthorized use or disclosure.
7. Develop specific policies and procedures mandated by HIPAA.
8. Develop additional relevant policies, such as policies governing the inclusion of confidential data in emails, and access to confidential data by telecommuters.
9. Draft and disseminate the privacy notice required by the Privacy Rule.
10. Determine when consent or authorization is required for uses or disclosures of PHI, and draft forms as necessary.
11. Review all contracts under which access to confidential data is given to outside entities, bring those contracts into compliance with the Privacy Rule, and ensure that confidential data is adequately protected when such access is granted.
12. Ensure that all policies procedures and notices are flexible enough to respond to new technologies and legal requirements, or if they are not, amend as necessary.
13. Ensure that future initiatives are structured in such a way as to ensure patient privacy.
14. Conduct periodic privacy audits and take remedial actions as necessary.
15. Oversee employee training in the areas of information privacy and security.
16. Deter retaliation against individuals who seek to enforce their own privacy rights or those of others.
17. Remain up-to-date and advise on new technologies to protect data privacy.
18. Remain up-to-date on laws rules and regulations regarding data privacy, and update the practices, policies, and procedures as necessary.
19. Track pending legislation regarding data privacy and if appropriate, seek to favorably influence that legislation.
20. Anticipate patient or consumer concerns about our use of their confidential information, and develop policies and procedures to respond to those concerns and questions.
21. Evaluate privacy implications of online, web-based applications.
22. Monitor data collected by or posted on our website(s) for privacy concerns.
23. Serve as liaison to the government agencies, industry groups and privacy activists in all matters relating to our privacy practices.
Data We Collect:
The mobile application will record the location of the device operating the mobile application when starting and ending a visit in order to track and comply with EVV (electronic visit verification).