The Information We Collect
At various places throughout our website (such as general inquiries, requests to schedule a demo, mailing list sign up, etc.) we may request that you supply us with certain personal information such as your name, address, email address, affiliate organization, or phone number. You will always know when we are collecting personal information because we only collect personal information when you voluntarily submit it to us through email, our online forms and questionnaires. If you do elect to give us the personal information requested, we will collect and retain that information.
When you visit our website, we may also collect “non-personal information,” meaning information that by itself, cannot identify you. Non-personal information may include technical information such as your IP address, browser type, etc. Non-personal information may also include information that you provide us through use of our website.
What We Use & How We Use It
We use the personal information you provide to us to communicate with you. Communications serve a variety of purposes: informational, promotional, marketing, solicitations, or announcements. If you send an email, submit an inquiry, or request a demo, we may use your personal information to respond to your question, or inquiry. We use non-personal information you provide us to better understand our website demographics, analyze how our website is being used, improve content, products and services, and for marketing purposes.
If you elect to join our mailing list, we will use your name and email address to send Net Health news and information to you. If you wish to opt-out of receiving these communications you may do so at any time by following the unsubscribe instructions within the emails you receive.
Links to Other Sites
Please note that our website may contain links to other parties’ websites for which we have no control over the privacy practices or the content thereof. We encourage you to be aware when you leave our site and to read the privacy policies of each and every website that collects personally identifiable information.
We reserve the right to disclose your personally identifiable information as required by law, court order or other government or law enforcement authority; to enforce our rights, or when we have a good faith belief that the information is necessary to protect the rights of others.
Our Commitment to Data Security
Net Health is committed to the security of the personal information you provide to us. As such, we follow generally accepted industry standards to protect the personal information submitted to us. Please keep in mind that perfect security does not exist, and there is always some risk when transmitting information electronically.
Changes to This Policy
How to Contact Us
Casamba, Inc. has adopted this Privacy-Official Policy to comply with the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), as amended by the HITECH Act of 2009 (ARRA Title XIII). We also recognize our responsibility to protect individually identifiable health information under the regulations implementing HIPAA, other federal and state laws protecting the confidentiality of personal information, and under general, professional ethics.
This policy governs the designation and duties of a HIPAA Privacy-Official for Name of Entity or Facility. All personnel of Casamba, Inc. must comply with this policy. Demonstrated competence in the requirements of this policy is an important part of the responsibilities of every member of the workforce.
Officers, agents, employees, contractors, temporary workers, and volunteers must read, understand, and comply with this policy.
❑ Casamba, Inc. hereby recognizes its status as a Business Associate under the definitions contained in the HIPAA regulations.
❑ Casamba, Inc. must comply with HIPAA and the HIPAA implementing regulations concerning the designation of a Privacy-Official, in accordance with the requirements at § 164.530(a).
- • It is the Policy of Casamba, Inc. to designate and maintain at all times an active HIPAA Privacy-Official.
- • The HIPAA Privacy-Official’s general responsibilities are to:
- 1. Oversee all HIPAA-related compliance activities, including the development, implementation and maintenance of appropriate privacy and security-related policies and procedures.
- 2. Conduct various risk-analyses, as needed or required.
- 3. Manage breach notification investigations, determinations, and responses, including breach notifications.
- 4. Develop or obtain appropriate privacy or security training for all workforce members, as appropriate.
The HIPAA Privacy-Official’s potential duties may include:
1. Ensure compliance with privacy practices and consistent application of sanctions for failure to comply we privacy policies for all individuals in the organization's workforce, extended workforce, and for all business associates, in cooperation with human resources, the information security officer, administration, and legal counsel as applicable.
2. Maintain an accurate inventory of (1) all individuals who have access to confidential information, including PHI, and (2) all uses and disclosures of confidential information by any person or entity.
3. Administer patient requests under HIPAA Patient Rights.
4. Administer the process for receiving, documenting, tracking, investigating, and taking action on all complaints concerning the organization's privacy policies and procedures in coordination and collaboration with other similar functions and, when necessary legal counsel.
5. Cooperate with HHS and its Office for Civil Rights, other legal entities, and organization officers in any compliance reviews or investigations.
6. Work with appropriate technical personnel to protect confidential information from unauthorized use or disclosure.
7. Develop specific policies and procedures mandated by HIPAA.
8. Develop additional relevant policies, such as policies governing the inclusion of confidential data in emails, and access to confidential data by telecommuters.
9. Draft and disseminate the privacy notice required by the Privacy Rule.
10. Determine when consent or authorization is required for uses or disclosures of PHI, and draft forms as necessary.
11. Review all contracts under which access to confidential data is given to outside entities, bring those contracts into compliance with the Privacy Rule, and ensure that confidential data is adequately protected when such access is granted.
12. Ensure that all policies procedures and notices are flexible enough to respond to new technologies and legal requirements, or if they are not, amend as necessary.
13. Ensure that future initiatives are structured in such a way as to ensure patient privacy.
14. Conduct periodic privacy audits and take remedial actions as necessary.
15. Oversee employee training in the areas of information privacy and security.
16. Deter retaliation against individuals who seek to enforce their own privacy rights or those of others.
17. Remain up-to-date and advise on new technologies to protect data privacy.
18. Remain up-to-date on laws rules and regulations regarding data privacy, and update the practices, policies, and procedures as necessary.
19. Track pending legislation regarding data privacy and if appropriate, seek to favorably influence that legislation.
20. Anticipate patient or consumer concerns about our use of their confidential information, and develop policies and procedures to respond to those concerns and questions.
21. Evaluate privacy implications of online, web-based applications.
22. Monitor data collected by or posted on our website(s) for privacy concerns.
23. Serve as liaison to the government agencies, industry groups and privacy activists in all matters relating to our privacy practices.
Data We Collect:
The mobile application will record the location of the device operating the mobile application when starting and ending a visit in order to track and comply with EVV (electronic visit verification).