1. COLLECTION OF INFORMATION
We may collect the following types of information when you use the Telemedicine Services:
(a) Information you provide directly to us. For certain activities such as upon registration with the Telemedicine Services or when you subscribe to our alerts or contact us directly, we may collect some or all of the following types of information:
- Contact information such as your full name, email address, mobile phone number, and address;
- Username and password;
iii. Payment information such as your credit card number, expiration date, credit card security code, and billing address;
- PHI, including information about your diagnosis, previous treatments, general health, the names of your other health care providers and health insurance;
- Doctor or provider reviews; and
- Any other information you provide to us for purposes of the Telemedicine Services.
We may combine such information with information we already have about you.
(b) Information we collect automatically. We may collect certain information automatically when you use our Telemedicine Services such as, but not limited to, your computer’s Internet protocol (IP) address, device and advertising identifiers, browser type, operating system, Internet service provider, pages that you visit before and after using the Telemedicine Services, the date and time of your visit, information about the links you click and pages you view within the Telemedicine Services, and other standard server log information. We may also collect certain location information when you use our Telemedicine Services such as your mobile device’s GPS signal or information about nearby WiFi access points and cell towers.
We may also collect technical data to address and fix technical problems and improve our Telemedicine Services. Your device or browser settings may permit you to control the collection of this technical data. By using the Telemedicine Services, you are consenting to letting us or any party acting on our behalf collect this technical data.
(c) Information from Third-Party Services. If you access the Telemedicine Services from an advertisement on a third-party website, application, or other service (a “Third-Party Service”) we may receive information from the owner of the Third-Party Service related to you or that advertisement.
(d) Information we obtain from your health care providers and other sources. In connection with the treatment, we may collect medical records from your past, current, and future health care providers. This may include information about your diagnosis, previous treatments, general health, laboratory and pathology test results and reports, social histories, any family history of illness, and records about phone calls and emails related to your health.
(e) Other Sources. We may also receive information about you from other sources, including through third-party services and organizations. We may combine our first-party data, such as your email address or name, with third-party data from other sources and use this to contact you (e.g. through direct mail). For example, if you access Facebook, Google or Twitter through the Telemedicine Services to login to the Telemedicine Services or to share information about your experience on the Telemedicine Services with others, we may collect information from these third-party services.
2. USE OF INFORMATION
We generally use the information we collect online to:
(a) Provide and improve the Telemedicine Services;
(b) Contact you;
(c) Fulfill your requests for products, services, and information;
(d) Send you information about additional clinical services or general wellness from us or on behalf of our affiliates;
(e) Analyze the use of the Telemedicine Services and user data to understand and improve the Telemedicine Services;
(f) Conduct research using your information, which may be subject to your separate written authorization;
(h) For any other purposes disclosed to you at the time we collect your information or pursuant to your consent.
3. SHARING OF INFORMATION
We are committed to maintaining your trust, and we want you to understand when and with whom we may share the information we collect.
(a) Authorized third-party vendors and service providers. We may share your information with third-party vendors and service-providers that help us with specialized services, including billing, payment processing, providing medical advice, management and hosting of telemedicine services, customer service, email deployment, business analytics, marketing (including but not limited to advertising, attribution, deep-linking, direct mail, mobile marketing, optimization and retargeting) advertising, performance monitoring, hosting, and data processing. These third-party vendors and service providers may not use your information for purposes other than those related to the services they are providing to us. No information provided by patients during medical consultations is used for marketing purposes.
(b) Corporate affiliates. We may share your information with our affiliates.
(c) Legal purposes. We may disclose information to respond to subpoenas, court orders, legal process, law enforcement requests, legal claims or government inquiries, and to protect and defend the rights, interests, health, safety, and security of OnPoint Behavioral Health, our affiliates, patients, users, or the public. If we are legally compelled to disclose information about you to a third party, we will attempt to notify you by sending an email to the email address in our records unless doing so would violate the law or unless you have not provided your email address to us.
(d) Business Transfers. HIPAA permits organizations to transfer PHI in certain circumstances. We can transfer your information as part of a transfer of the assets of our organization, a merger, or a consolidation, or in the unlikely event of bankruptcy, if such transfer is permissible under HIPAA and the HIPAA Notice.
(e) Protected Health Information. We may transfer your PHI as described in the HIPAA Notice and permitted under HIPAA.
(f) With your consent or at your direction. We may share information for any other purposes disclosed to you at the time we collect the information or pursuant to your consent or direction.
If you choose to engage in public activities on the third party sites that we link to, you should be aware that any information you share there can be read, collected, or used by other users of these sites and forums. You should use caution in disclosing personal information while participating in these areas. We are not responsible for the information you choose to submit in public areas.
We use multiple measures to protect your PHI from loss, theft, misuse, and unauthorized access, disclosure, alteration, and destruction in accordance with the HIPAA law. We also use measures designed to protect your other information from loss, theft, misuse, and unauthorized access, disclosure, alteration, and destruction. However, you should understand that no data storage system or transmission of data over the Internet or any other public network can be guaranteed to be 100% secure.
5. YOUR CHOICES
You can exercise some control over how we use some of your information. You may request that we delete your personal information by sending us an email at firstname.lastname@example.org. We will delete such information unless we are required to maintain information in accordance with applicable law or regulations.
You may refuse or disable cookies by adjusting your web browser settings. Because each web browser is different, please consult the “Help” instructions provided by your web browser. Please note that you may need to take additional steps to refuse or disable Local Shared Objects and similar technologies. For example, Local Shared Objects can be controlled through instructions on Adobe’s Setting Manager page. If you choose to refuse, disable, or delete these technologies, some of the functionality of the Telemedicine Services may no longer be available to you.
We do not share your PHI with third parties for their direct marketing purposes.
6. THIRD-PARTY LINKS AND CONTENT
7. LIMITING DATA COLLECTION AND DO NOT TRACK
(a) Opt-Out. To opt out of interest-based advertising across browsers and devices from companies that participate in the Digital Advertising Alliance or Network Advertising Initiative opt-out programs, please visit their respective websites. You may also be able to opt out of interest-based advertising through the settings within the mobile app or your mobile device, but your opt-out choice may apply only to the browser or device you are using when you opt out, so you should opt out on each of your browsers and devices if you want to disable interest-based advertising for those browsers and devices. If you opt out, you will still receive ads but they may not be as relevant to you and your interests, and your experience on our Telemedicine Services may be degraded to some extent.
(b) Do-Not-Track Signals and Similar Mechanisms. Some web browsers transmit “do-not-track” signals to websites. Because of differences in how web browsers incorporate and activate this feature, it is not always clear whether users intend for these signals to be transmitted or whether they even are aware of them. We currently do not take action in response to these signals.
8. CROSS-BORDER USE AND INTERNATIONAL LAWS/USERS
We do not knowingly allow individuals under the age of 18 to create accounts that allow access to our Telemedicine Services.