|
|
|
| |
|
Privacy
|
| Privacy
is our top priority at MedeFile. Users
of our web site learn about health,
perhaps for themselves, perhaps on behalf
of someone else. At MedeFile, we understand
that health is a very personal, private
subject and we want you to feel as comfortable
as possible visiting our web site and
using its services. This Privacy Policy
will tell you what information we collect,
how we protect it and what choices you
have about how that information is used.
We urge you to read our Privacy Policy
so that you will understand both our
commitment to you and your privacy and
how you can participate in that commitment.
|
| |
| Personal
Information We Collect |
We
collect information in three distinct
areas:
(1) Registration
(2) Member Profile
(3) The Digital
Health Profile.
We also collect information
that you voluntarily provide to us through
responses to surveys, questionnaires
and through your use of information
storage facilities on our sites. MedeFile
is a service that allows you to view
personal health information on a voluntary
basis on servers maintained by MedeFile
or on its behalf. MedeFile is structured
to allow access only by means of a sophisticated
security system, including a USB token,
and the use of advanced security services.
Whenever you submit or modify your information
in MedeFile, we will send such information
over the Internet using Secure Socket
Layer, ("SSL") encryption
technology. The information you submit
to MedeFile will be stored on a secure
separate server as an additional security
precaution. However, we do not warrant
or represent that the information you
submit to MedeFile will be protected
against, loss, misuse or alteration
by third parties.
We may also collect information about
you and your use of our site through
the use of Cookies. "Cookies" are small
computer files that we transfer to your
computer's hard drive which allow us
to know how often someone visits our
site and the activities they conduct
while on our site. This information
helps us dynamically generate advertising
and content on web pages specifically
designed for you and also allows us
to statistically monitor how many people
are using our site and for what purposes.
Sponsors and advertisers may also use
Cookies when you select their advertisement;
we are unable to control their use of
Cookies or how they manage the information
they gather. |
| |
|
| Disclosure
of Your Information |
Except
as set forth in this paragraph, MedeFile
will not disclose to unaffiliated companies
any information it gathers from you
which could be used to identify or contact
you ("Personal Information"). Any Personal
Information provided to entities affiliated
with MedeFile will be treated in accordance
with the terms of this Privacy Policy,
unless you are otherwise notified. In
the following limited circumstances
we will consider, and may release, Personal
Information to third parties: (1) to
comply with valid legal requirements
such as a law, regulation, search warrant,
subpoena or court order; or (2) in special
cases, such as a physical threat to
you or others. We also provide Personal
Information to our vendors and suppliers
where it is necessary for them to provide
us with products and services related
to better operation and maintenance
of our web site ("Vendors"). We will
attempt to require that each of these
Vendors not further use or disclose
your Personal Information for any purpose
other than providing us or you with
products and services. Of course, we
cannot guarantee their compliance with
these restrictions.
MedeFile may provide information about
you that does not allow you to be identified
or contacted ("Aggregate Information")
to third parties. For example, we might
inform third parties regarding the number
of users of our site and the activities
they conduct while on our site.
Except as provided in the first paragraph
of this section, MedeFile will not disclose
to unaffiliated companies any Personal
Information that you store in MedeFile.
The MedeFile service is a powerful storage
tool that we hope you will use. However,
please note that you are responsible
for taking all reasonable steps to ensure
that no unauthorized person shall have
access to your MedeFile password or
account. It is your sole responsibility
to (1) control the dissemination and
use of activation codes and passwords;
(2) authorize, monitor and control access
to and use of your MedeFile account
and password; (3) promptly inform MedeFile
of any need to deactivate a password.
You grant MedeFile and all other persons
or entities involved in the operation
of the MedeFile web site and its services
the right to receive, transmit, monitor,
retrieve, store and use your Personal
Information, including information which
may be privileged and confidential under
applicable state and federal laws, in
connection with the operation of MedeFile.
MedeFile cannot and does not assume
any responsibility or liability for
any information you submit to MedeFile
or your or any third parties' use or
misuse of information transmitted or
received using MedeFile. |
| |
|
| How
MedeFile Handles Privacy Internally
|
| MedeFile
wants your personal information to remain
as secure as reasonably possible. This
is why we have a two-tier system at
MedeFile that combines leading technical
safeguards and a code of conduct for
those employees that are permitted to
access our customers' personal information.
On the technical side, MedeFile uses
SSL to help ensure the integrity and
privacy of the Personal Information
you provide to us via the Internet.
As an additional security measure, your
Personal Information is also kept physically
separate on a separate server where
your password is encrypted and stored
on a database. On the personnel side,
only authorized MedeFile employees are
permitted to access your personal information.
All MedeFile employees must abide by
our Privacy Policy and those who violate
our Privacy Policy are subject to disciplinary
action, up to and including termination.
Access by authorized personnel is controlled
by two-factor authentication (i.e.,
a token and a thumbprint). |
| |
|
| Your
Privacy Choices |
When
you complete Registration or your Member
Profile, you may be given the option
of receiving recurring informational/promotional
emails from MedeFile and/or third parties.
You may choose not to receive these
emails when you provide the information
or by changing your preferences within
your Member Profile at any time. We
ask for contact information (such as
name and email address) if you wish
to subscribe to various newsletters.
You can remove your subscription from such
newsletters very easily. When you have
received a newsletter you wish to stop,
click on the "reply" button in your
mail program, then type in the word
"UNSUBSCRIBE" in the "Subject" field
and send. MedeFile Customer Service
will unsubscribe you from that newsletter
in two to three business days.
MEDEFILE WILL NEVER SEND EMAIL REQUESTING
FOR YOUR PASSWORD, OR ANY OTHER PERSONAL
INFORMATION. DO NOT RESPOND TO ANY EMAIL
YOU MAY RECEIVE REQUESTING ANY PERSONAL
INFORMATION FROM YOU. Any such email
request should be regarded as phony
and should be reported to our offices
as soon as possible.
This privacy statement applies only
to the MedeFile web site. The MedeFile
site does contain links to other sites.
Please be aware that MedeFile is not
responsible for the privacy practices
of other such sites. We encourage you
to read the privacy statements of each
and every web site that collects personal
information from you. |
| |
|
| Updating
Your Personal Information and Contacting
MedeFile |
| You
can always contact us in order to (1)
delete your Personal Information from
our systems, (2) update the Personal
Information that you have provided to
us, and (3) change your preferences
with respect to marketing contacts,
by emailing us at [email protected].
MedeFile may change this Privacy Policy
at any time by posting revisions to
our web site. Your use of the site constitutes
acceptance of the provisions of this
Privacy Policy and your continued usage
after such changes are posted constitutes
acceptance of each revised Privacy Policy.
If you do not agree to the terms of
this Privacy Policy or any revised policy,
please exit the site immediately. |
| |
| HIPAA
Readiness |
MedeFile
has made a corporate commitment to be
HIPAA compliant and is compliant to
stage two of HIPAA. MedeFile will also
assist our customers in becoming compliant.
We realize that privacy and security
are critical to our business as well
as our customers. Our HIPAA industry
activities include: |
| |
|
|
| |
|
tracking and
participating in the regulatory
process. |
| |
|
responding
to proposed rules. |
| |
|
working with
industry groups to educate our
staff and others. |
| |
|
providing
testimony at public hearings.
|
| |
|
developing
educational tools for providers.
|
| |
|
developing
implementation guides for us all.
|
|
We
have developed a corporate infrastructure
poised to implement the final regulations
by providing staff education and awareness
programs, designating a corporate HIPAA
compliance team, and conducting business
and impact analyses.
The key to privacy and security is our
MedeFile corporate core values that
require a commitment to excellence and
service with integrity, ethics and respect
to the community. |
|
|
|
|
