LAST MODIFIED: AUGUST 7, 2020
INFORMATION COLLECTION AND USE
Under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), we must take measures to protect the privacy of the PHI that we receive from Health Service Providers. HIPAA provides specific protections for the privacy and security of PHI and restricts how PHI is used and disclosed. We may only use and disclose your PHI in compliance with HIPAA and the agreements that we have in place with Health Service Providers and others. CedrusMed is only responsible for providing HIPAA compliant storage of data.
CedrusMed collects Personal Information when you register with CedrusMed or when you use CedrusMed’s Software. When registering with CedrusMed, we ask you to provide us with your name or company’s name, address, e-mail address, phone number, and other related information that CedrusMed may ask of you from time to time, and you may submit additional information and comments through the Software.
We may use your contact information to send you information about the Software or our other services we may provide to you. It is always your choice whether or not to provide us with such information. If you choose not to provide the requested information you may not be able to use certain features or functions of the Software or services. Whenever you visit our website, CedrusMed also receives and records information on our server logs from your browser, including your IP address, CedrusMed’s cookie information, and the pages you request, and relates it to the Personal Information you provide.
CedrusMed collects and uses Personal Information you provide for the following purposes:
- Registration: When you register for the Software, we collect your Personal Information as part of the registration process, including but not limited to your name or company’s name, address, and location.
- Self-Reported Health-Related Information: We collect the information that you enter during use of the Software.
- Provider or Device-Reported Health-Related Information: We collect the information about you that is submitted with your permission by your health care provider or health monitoring device during the course of using the Software, such as information regarding your health activities and/or medical condition, including information that is protected under the HIPAA privacy and security regulations.
- Email: If you communicate with us via email, then we will collect your email address.
- Automatically Tracked Health-Related Information: We may use automated tracking methods such as cookies and connected accelerometers, to collect information regarding your behaviors relative to the Software.
- Demographic Information: We may also collect demographic information, such as age, gender and geographic location, as part of your profile in the Software.
- Surveys and User Research: From time to time, we may send you survey question or contact you with questions related to your experience to provide us with feedback on our Software. We collect any responses that you provide. Participation in surveys or research tasks is elective and does not necessarily impact your access to the Software.
CedrusMed will not process your information in a way that is incompatible with the purposes for which it has been collected or subsequently authorized by you. To the extent necessary for those purposes, CedrusMed will take reasonable steps to ensure that personal data is reliable for its intended use, accurate, complete, and current.
You may dis-enroll from the Software at any time by emailing us at firstname.lastname@example.org.
INFORMATION SHARING AND DISCLOSURE
CedrusMed does not rent, sell, or share your Personal Information with other people or nonaffiliated companies, except to provide products or services you have requested, when we have your authorization to share such information, or when we provide the information to companies or consultants working on behalf of or with us under confidentiality agreements. These companies and consultants do not have any independent right to share your Personal Information.
We may be required to disclose your Personal Information in response to a legal process, for example, in response to a court order or a subpoena to comply with its applicable legal and regulatory reporting requirements. We also may disclose your Personal Information in response to a law enforcement agency’s request, or where we believe it is necessary to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of our End User License Agreement, or to verify or enforce compliance with the policies governing our products and services and with applicable laws, or as otherwise required or permitted by law or consistent with legal requirements. In addition, we may transfer your Personal Information to an entity or individual that acquires, buys, or merges with CedrusMed, or our other business units.
THIRD-PARTY INTEGRATED SERVICES
We may implement certain third-party content on the Software or integrate other third-party offerings into the Software. Any information collected through such integrated technologies would be collected directly by these third parties for use by such third parties and other authorized parties, subject to the privacy practices and policies of such third parties.
CONFIDENTIALITY AND SECURITY
We have taken reasonable and necessary steps to ensure that all Personal Information collected will remain secure and in its original form, i.e., free from any alteration. We have put in place appropriate physical, electronic, and administrative procedures in an effort to safeguard and help prevent unauthorized access, maintain data security, and correctly use the Personal Information that we collect.
CedrusMed is not responsible for and will not be a party to any transactions between you and a third-party provider of products, information or services. CedrusMed does not monitor such interactions to ensure the confidentiality of your Personal Information. Any separate charges, data records or obligations you incur in your dealings with third parties linked to or in conjunction with CedrusMed’s Software are solely your responsibility.
ACCESSING, CHANGING, AND DELETING YOUR INFORMATION
You may request access, changes, or deletions to your Personal Information and request information about our collection, use and disclosure of such information by contacting us at email@example.com. We use best efforts to keep our records as accurate and complete as possible. You can help us maintain the accuracy of your information by notifying us of any changes to your Personal Information as soon as possible. Your rights to access, change, or delete your Personal Information are not absolute. We may deny you such rights when required by law or if the request would likely reveal Personal Information about a third party.
Termination: CedrusMed reserves the right to decide, at its sole discretion, to no longer offer you the Software. If CedrusMed decides to terminate your account, CedrusMed will either return or permanently destroy any copies it maintains of your Personal Information in accordance with its obligations under applicable law.
QUESTIONS AND SUGGESTIONS
If you have questions or suggestions, or wish to correct your personal information, please email CedrusMed at firstname.lastname@example.org.