Effective Date: March 17, 2016
- Definitions. This policy uses the following definitions:
- "Business Associate Agreement" means a formal written contract between IHH and a Covered Entity requiring IHH to comply with certain standards related to handling PHI received from that Covered Entity in accordance with HIPAA.
- "Covered Entity" or "Provider" means each patient's health care provider that must comply with HIPAA.
- "Protected Health Information" or "PHI" includes all "individually identifiable health information" that is created, transmitted or maintained in any form or medium by IHH on behalf of a Covered Entity. Individually identifiable health information is any information that can be used to identify an individual and that was created, used, or disclosed in (a) the course of providing a health care service such as diagnosis or treatment, or (b) in relation to the payment for the provision of health care services.
- "HIPAA" means the Health Insurance Portability and Accountability Act of 1996 and the regulations issued thereunder, and the Health Information Technology for Economic and Clinical Health Act and the regulations issued thereunder.
- Use of the Sites. By using the Sites, you acknowledge and agree that IHH is not providing health care services to or on behalf of you or your Provider through your use. Regardless of whether you are the patient or a Provider, you acknowledge and agree that the Sites serve only as a supplement to each Provider’s care and you should not rely on the accuracy, delivery or receipt of any information transmitted or attempted to be transmitted by or through the Sites, including PHI, for any purpose including without limitation, the purpose of communicating medical conditions or making medical judgments or diagnoses. You agree to verify all information provided through the Sites with your Provider or patient to verify its accuracy and completeness and use a method of communication other than the Sites whenever there is an urgent need for delivery or receipt. You further agree to allow IHH or its designees to remotely monitor your use of the Sites and collect operational data and usage regarding the Sites to assist in the development and improvement of the Sites.
- Use of PHI. IHH may use PHI for our management, administration, data aggregation and legal obligations to the extent such use is permitted or required by the Business Associate Agreement and applicable law. IHH may use or disclose PHI on behalf of, or to provide services to, Covered Entities for purposes of fulfilling IHH’s obligations to such Covered Entities, if such use or disclosure of PHI is permitted or required by the Business Associate Agreement and would not violate HIPAA.
In the event that PHI must be disclosed to a subcontractor or agent, IHH will ensure that the subcontractor or agent agrees to abide by the same restrictions and conditions that apply to IHH under the Business Associate Agreement with respect to PHI, including the implementation of reasonable and appropriate safeguards.
IHH may also use PHI to report violations of law to appropriate federal and state authorities.
- Mitigation of Harm. In the event of a use or disclosure of PHI that is in violation of the requirements of the Business Associate Agreement, IHH will mitigate the effect resulting from the violation in accordance with HIPAA and the Business Associate Agreement.
- Access to PHI. As provided in the Business Associate Agreement, IHH will make available to Covered Entities, information necessary for Covered Entity to give individuals their rights of access, amendment, and accounting in accordance with HIPAA regulations.
- Non-PHI Personal Information. IHH may distribute information or data which does not constitute PHI, including information that may personally identify you to the extent is it not PHI, to our partners so that we may better serve your needs. Such information collaboration may help with our marketing activities, such as, direct mailers, online notifications, and distribution of promotional offers. Your personal information will also help AlignFlow provide technical software support, to allow us to notify you of upgrade discounts, or other benefits that may be made available to registered users.
- Consent to Use of Data. You grant to IHH, and, if you are the patient, to your Provider a worldwide, royalty-free, irrevocable, non-exclusive right and fully sub-licensable license during your Use and for a reasonable time thereafter to use, copy, reproduce, modify, adapt, translate, archive, store, and create derivative works from any information or data which does not constitute PHI which you provide to IHH through the Sites, in any form, format, or medium, of any kind now known or later developed for the purposes of evaluating or improving the Sites. You waive any moral rights you might have with respect to any such data you provide to us. You agree that IHH may collect, retain and disclose information and data collected from you in accordance with this Policy and applicable law.
While IHH uses appropriate safeguards to protect PHI that is transmitted while using the Sites, IHH does not warrant, to the extent permitted by law, that your PHI will be transported without unauthorized interception or modification or that your data will not be accessed or otherwise compromised by unauthorized third parties.
- Accessing, Changing, or Requesting Removal of Your Information. If at any time you would like to request access to or change any PHI or other information that you have provided to IHH, feel free to contact us at [email protected]. Please include your full name, street and email address, and telephone number in any message to ensure IHH can identify all of your information that IHH collected. IHH will accommodate a request to change or remove information in accordance with applicable law.
- Cookies. The Sites may use "cookies". A cookie is a small amount of data that is transmitted to your browser by a Web server and can only be read by the server that gave it to you. The cookie does not identify you personally and you can remain anonymous unless you have otherwise provided IHH with any personal information. The cookies that IHH uses in normal operation are temporary cookies which are destroyed as soon as you leave the Sites. However if you tell us to "remember you" then we will place a permanent cookie containing an alphanumeric code in your computer to let us log you in automatically the next time you visit the Sites. If you do not wish to receive any cookies, you can set your browser to not accept cookies or to notify you when you receive a cookie, giving you a chance to decide whether or not to accept it.
- Children's Privacy. The Sites are not intended for use by children under 13 years of age. No one under age 13 may provide any personal information to or through the Sites. IHH does not knowingly collect personal information from children under 13. If you are under 13, do not use the Sites. If IHH learns that it has collected or received any personal information from a child under 13 other than in accordance with law, IHH will delete that information.
- Amendments. This Policy may be amended by IHH at any time and such changes shall be immediately effective upon posting the same at the URL indicated above or any successor URL, as applicable. If you do not agree to any amendment, your sole remedy is to cease using the Sites. If you continue to use the Sites, then you will be deemed to have accepted the amendments.
- Contact. If you have any questions or concerns about this Policy or the Sites then please contact [email protected].