1.1 This Policy is issued by PRACTICESUITE on behalf of itself, its subsidiaries and its affiliates (including any entity lawfully trading under the PracticeSuite brand) (together, “Company”, “we”, “us” and “our”) develops and operates an online healthcare platform for healthcare service providers to manage their services and engage with their patients, hereafter referred to as the ‘PracticeSuite Platform Services’.
2. COLLECTED AND RECEIVED DATA
2.1 WHAT INFORMATION DO WE COLLECT ABOUT YOU AND WHY?
- We may collect information about you directly from you and from third parties, as well as automatically through your use of our Site or Services
2.1.1 Information We Collect Directly from You.
Users may browse the informational areas of the Site without registering with. However, registration is required to use the Services. Once a Healthcare Provider has registered with us and subscribed to our Services, the Healthcare Provider can then invite Patients to use the Services. After receiving an invite, the Patient would then need to register for a PracticeSuite account to use the Services.
2.1.2 Healthcare Provider Registration
To register, Healthcare Providers must provide certain information about themselves and their practices including: the Healthcare Provider’s name, date of birth, gender, address, email, mobile and work phone; the Healthcare Provider’s practice name, address, phone number and fax number; and a user id and password. We may also collect certain optional information, including: middle name or initial, bank account or other payment information and other contact details, picture and communication preferences.
2.1.3 Information We Collect From Healthcare Providers.
Certain features and Services are available to patients because their Healthcare Providers use our Services. Healthcare Providers may provide patient names and e-mail addresses to us so we may communicate with patients on their behalf about the availability of certain Services.
2.1.4 Information We Collect Automatically.
2.2 HOW WE USE YOUR INFORMATION
We use the information that we gather about you for the following purposes:
2.2.1 To provide our Services.
2.2.2 To communicate with you about your use of our Services, to respond to your inquiries, to provide technical support and assistance and for other customer service purposes.
2.2.3 To communicate with you regarding the availability of Services on behalf of your Healthcare Provider, otherwise, we do not market to Patients.
2.2.4 To send you reminders and other information related to your care on behalf of your Healthcare Provider.
2.2.5 To tailor the content and information that we may send or display, to offer location customization, and personalized help and instructions, and to otherwise personalize your experiences while using the Site or our Services.
2.2.6 To send offers and other promotional communications to Healthcare Providers.
2.2.7 To display advertising on our Site.
2.2.8 To better understand how users’ access and use our Services, both on an aggregated and individualized basis, in order to improve our Site and Services and respond to user desires and preferences, and for other research and analytical purposes.
2.3 HOW WE SHARE YOUR INFORMATION
We may share the information that we collect about you, including personally identifiable information, as follows:
2.3.1 Healthcare Providers:
As a Patient, your information will be shared with Healthcare Providers as directed and consented to by you. Our Services make your Assessments and related information available to your Healthcare Provider. We will not make information available to Healthcare Providers other than those with whom you have requested that we share your Assessments. This Policy does not address how Healthcare Providers will use and disclose information obtained using PracticeSuite. If you would like this information, you should ask your Healthcare Provider directly for a copy of his/her Notice of Privacy Practices.
2.3.2 Service Providers.
We may disclose the information we collect from you to third party vendors, service providers, contractors or agents who perform functions on our behalf.
2.3.3 Business Transfers:
If we are acquired by or merged with another company, if substantially all of our assets are transferred to another company, or if we are a part of a bankruptcy proceeding, we may transfer the information we have collected from you to the other Company.
2.3.4 In Response to Legal Process:
We will disclose your Personal Information when we think it is necessary to investigate or prevent actual or expected fraud, criminal activity, injury or damage to us or others or when otherwise required by statute, regulation, subpoena, court order, or other law, or if necessary to protect the rights, property, or safety or us, our employees, or others.
2.3.5 To Protect Us and Others:
2.3.6. Aggregate and De-Identified Information:
We may share aggregate or de-identified information about users with third parties for marketing, advertising, research or similar purposes.
3.0 PATIENT HEALTH INFORMATION
The privacy and security of Patients’ individually identifiable health information provided to PracticeSuite in connection with Services may be protected by federal law (HIPAA, the HITECH Act, and their regulations) and state privacy laws, because PracticeSuite provides Services to Health Care Providers. This health information is “protected health information” (“PHI”). PHI may be used and disclosed by PracticeSuite as necessary to provide Services, for our own management and operations, to meet our legal obligations, and for any other purpose for which Patients have given consent. We may share PHI with third parties for these purposes in compliance with applicable laws
4.0 How we use “Cookies”
- During your visit to our website, so-called “cookies” are saved to your computer. These “cookies” are small computer files, necessary to provide functionality and track user’s activity: register information about user’s navigation on our website (e.g. loaded pages, date, time of day and length of visit etc) which we can access during your next visit in order to adapt the website to your personal requirements and optimize loading times. We also use this information to enter your data into inquiry forms so that you do not need to fill them again.
4.1 What cookies do we use and why:
- Essential. These cookies are necessary in order to enable certain base features, such as identifying certain user and remembering that user have logged into his Account. These cookies may store unique user authentication key and are required by the service to operate correctly. Although cookies do not store your password directly, user authentication key is as a password substitute. Please be aware that you shall not let others to copy your cookies.
- Functionality. These cookies are used to remember some choices that users make (i.e. search parameters or language settings) and to make your use of our site and services more tailored.
- Performance and analytics. These cookies collect information on how users operate with our site and services and help us to improve them. Users can disable cookies by changing their Internet browser settings. However, if you instruct your Internet browser to not accept essential cookies, our site and service may not work properly or may not work at all.
5. Do Not Track Signals
- We don’t support Do Not Track (“DNT”). Do Not Track is a preference you can set in your web browser to inform websites that you do not want to be tracked. You can enable or disable Do Not Track by visiting the Preferences or Settings page of your web browser.
5.1 Right to erasure (“Right to be forgotten”).
- You are eligible to delete certain Data from our site and services.
- If you choose to delete your Data, it will become unavailable and will be completely deleted in 60 days upon your delete request.
- Please, be aware, that sometimes we have to store some Data for a longer period of time either due to technical limitations or to comply with the law.
6.0 Children’s Information
- Our Services are not intended for use by or directed to children under 18 years of age. If you are under 18 years old or otherwise have not attained the age of majority in your state of residence, you must have your parent or other legal representative’s permission to use the Services. If we learn that we have received any Personal Information directly from a child under age 18 without first receiving his or her parent’s verified consent, we will use that Personal Information only to respond directly to that child (or his or her parent or legal guardian) to inform the child that he or she cannot use the Services. We will then subsequently delete that child’s Personal Information
- If you are under 18 years old, you will not be granted access to PRACTICESUITE’s patient portals as per company policy.
7.0 Links to Other Sites
8.0 We Protect Your Personal Information
- The security of Personal Information is very important to us. We use safeguards beyond industry best practices to protect against unauthorized use, disclosure, alteration or destruction of the Personal Information we collect and maintain. You should keep in mind, however, that no data transmitted over the internet is 100% secure. As a result, while we strive to protect your Personal Information, we cannot guarantee or warrant 100% security of any information you transmit to or from our Services.
9.0 Note to International Visitors
9.1. Your California Rights
- California Civil Code Section 1798.83 gives California residents the rights to request certain information regarding our disclosure of their Personal Information to third parties for those third parties’ direct marketing purposes. You may request information regarding the disclosure of your Personal Information to third parties for those third parties’ direct marketing purposes by emailing firstname.lastname@example.org or writing us to the address in the contacting us section below. Please indicate “California Rights” in the subject or attention line of your communication.