Intraprise Health doing business as HIPAA One has created this privacy statement ("Statement") in order to demonstrate our commitment to customer privacy. Privacy on the HIPAA One cloud (the "Cloud") is of great importance to us. Because we gather important information from our users and customers, we have established this Privacy Policy to communicate our information gathering and dissemination practices. We reserve the right to change this Statement and will provide notification of the change at least thirty (30) business days prior to the change taking effect.
There is no reason for anyone to upload unredacted (i.e. unconcealed) electronic personal health information (ePHI) records into HIPAA One. There are a couple questions that you may take a screen shot of a patient record to illustrate compliance with a specific HIPAA citation through a configuration screen (e.g. Emergency Access or extra privacy setting configuration from your EMR/EHR software). IF YOU UPLOAD AN IMAGE THAT CONTAINS ANY ePHI RECORD IT MUST BE REDACTED (i.e. scramble, disfigure and/or delete). Therefore any portions of the image that main contain personally identifiable information must be concealed. You can adequately conceal it using any picture editor and applying a black spot over the information.
We may require users and customers who register to use the services offered on the Cloud to give us contact information, such as their name, company name, address, phone number, and e-mail address, and financial qualification and billing information, such as billing name and address, and credit card number, or ACH information. At the time you express interest in attaining additional information, or when you register for the Cloud, we may also ask for additional personal information, such as title, department name, fax number, or additional company information, such as annual revenues, number of employees, or industry. Customers can opt out of providing this additional information by not entering it when asked. Customers can update or remove their personal information at any time by logging into the HIPAA One console and editing their Personal Information therein. Customers can view their updated profile to confirm their edits have been made.
Intraprise Health uses the information that we collect to set up the Cloud for individuals and their organizations. We may also use the information to contact customers to further discuss customer interest in our company, the Cloud that we provide, and to send information regarding our company or partners, such as promotions and events. Customers may be invited to receive an email newsletter by providing an email address. Personal customer information will not be distributed or shared with third parties. Separately, customers are also asked to provide an email address when registering for the Cloud, in order to receive a username and password. We may also email information regarding updates to the Cloud or company.
Except as we explicitly state at the time we request information, or as provided for in the HIPAA One Terms of Use, we do not disclose to third parties the information you provide directly to the Cloud, as opposed to third party applications. All financial and billing information that we collect through the Cloud is used solely to check the qualifications of prospective customers and to bill for use of the services provided by the Cloud. This billing information is not used by Intraprise Health for marketing or promotional purposes. Intraprise Health uses a third-party intermediary to manage credit cards and electronic check processing. This intermediary is solely a link in the distribution chain, and is not permitted to store, retain, or use the information provided, except for the sole purpose of electronic check or credit card processing.
Individual records may at times be viewed or accessed only for the purpose of resolving a problem, support issue, or suspected violation of Terms of Use, or as may be required by law. Of course, customers are responsible for maintaining the confidentiality and security of their user registration and password.
Intraprise Health may also collect certain information from visitors to and customers of the Cloud, such as Internet addresses. This information is logged to substantiate the identity of the user, help diagnose technical problems, and to administer our Cloud in order to constantly improve the quality of the Cloud. We may also track and analyze non-identifying and aggregate usage and volume statistical information from our visitors and customers and provide such information to third parties.
When you interact with the Intraprise Health Website we strive to make that experience easy and meaningful. When you come to the Cloud or an application running on the Cloud, one of our web servers may send a cookie to your computer. Cookies are files that Web browsers place on a computer's hard drive and are used to tell us whether customers and visitors have visited the Cloud previously.
Standing alone, cookies do not identify you personally. They merely recognize your browser. Unless you choose to identify yourself with Intraprise Health, either by responding to an electronic contracting application or Pal, opening an account, or signing an Intraprise Health subscription agreement, you remain anonymous to Intraprise Health. Cookies come in two flavors: session-based cookies and persistence-based cookies. Session-based cookies exist only during an online session. They disappear from your computer when you close your browser software or turn off your computer. Persistence-based cookies remain on your computer after you've closed your browser or turned off your computer. They include such information as a unique identifier for your browser. Wherever possible, we use session-based cookies but applications on the Cloud can also set persistence-based cookies.
Intraprise Health uses session-based cookies containing encrypted information to allow the system to uniquely identify you while you are logged in. This information allows Intraprise Health to process your online transactions and requests. Session based cookies help us make sure you are who you say you are after you've logged in and are required in order to use the Cloud. Intraprise Health may use persistence-based cookies that only Intraprise Health can read and use, to identify the fact that you are an Intraprise Health customer or prior Intraprise Health Website visitor (whatever the case may be). We are especially careful about the security and confidentiality of the information stored in persistence-based cookies. For example, we do not store account numbers or passwords in persistence-based cookies. Users who disable their Web browsers' ability to accept cookies will be unable to use the Cloud.
We may from time to time engage third parties to track and analyze non-personally identifiable usage and volume statistical information from visitors to our website to help us administer our website and improve its quality. Such third parties may use cookies to help track visitor behavior. Such cookies will not be used to associate individual website visitors with any personally identifiable information. All data collected by such third parties on behalf of salesforce.com is used only to provide us with information on site usage and is not shared with any other third parties.
The Cloud and Pals may contain links to other web sites. Intraprise Health is not responsible for the privacy practices or the content of these other web sites. Customers and visitors will need to check the policy statements of these others web sites to understand their policies. Customers and visitors who access a linked site may be disclosing their private information. It is the responsibility of the user to keep such information private and confidential.
Our Cloud has security measures in place to help protect against the loss, misuse, and alteration of data under our control. When our Cloud is accessed, Secure Socket Layer (SSL) technology protects information using both server authentication and data encryption to help ensure that Data is safe, secure, and available only to you. Intraprise Health also implements an advanced security method based on dynamic data and encoded session identifications, and hosts the Cloud in a secure server environment that uses a firewall and other advanced technology to prevent interference or access from outside intruders. Finally, Intraprise Health provides unique usernames and passwords that must be entered each time a customer logs on. These safeguards help prevent unauthorized access, maintain data accuracy, achieve HIPAA Security measures and ensure the appropriate use of data.
If customers need to update or change registration information they may do so by editing the user or organization record. To update a User Profile, log on to Intraprise Health and select your applicable profile.