Last Updated: January, 22, 2020
We are committed to your privacy. Introduction
Privacy is an individual's right to retain control over the collection, use, and disclosure of her/his personal information. Custodians
Custodians are health care plans, insurers, health care clearinghouses, health care providers, and other entities who transmit Personal Health Information to Medchart with your consent. Personal Information
means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer. Personal Information
Personal Information is information that identifies, relates to, describes, or could reasonably be linked or associated, directly or indirectly, with a particular consumer or household.
Personal Health Information
Personal Health Information is Personal Information relating to the past, present, or future health status of an individual that is created, collected, transmitted, or maintained (collectively, “Processed”) by Custodians. This includes health information that can be tied to an individual through identifiers such as: name; address; email address; telephone and fax numbers; social security numbers or other government issued IDs; insurance, medical record, or other account numbers; biometric identifiers; photographs or images; device identifiers; or other persistent identifiers that can reasonably be used to identify an individual. Data from which all personal identifiers have been removed, such that the information cannot reasonably be used to identify the individual, is not considered Personal Information, nor is it Personal Health Information. Capacity and Substitute Decision-Making
An individual is capable of consenting to Medchart’s Processing of Personal Health Information if the individual is able to understand the relevant information and the consequences of giving or withholding consent. Medchart presumes individual capacity unless it has reasonable grounds to believe that the individual is incapable of consenting.
An individual who is capable of consenting to Medchart’s Processing of Personal Health Information may also authorize another person – including family members, advisors, lawyers, or other health care providers - as a Personal Representative to act on her or his behalf. If the individual is incapable of making and understanding health decisions, for example if the individual is unconscious, deceased, or otherwise incapacitated, substitute decision-makers authorized by state or federal law to act as Personal Representatives may consent on her or his behalf. Substitute Decision-Maker or Personal Representative
A Personal Representative, in relation to an individual, means, unless the context requires otherwise, a person who is authorized by law as a substitute decision-maker to consent on behalf of the individual to the collection, use or disclosure of Personal Health Information about the individual. Collection, Use, and Disclosure of Personal Information
Information that you affirmatively give us or ask us to collect:
When you register for a Medchart account, we collect the Personal Information that you or your Personal Representative provide directly, including your full name, contact information (including physical and email addresses, phone and fax numbers, etc.). We also collect any other information that you provide including, without limitation, information about your health care providers, insurers, medical conditions.
At your direction and with your consent, Medchart collects medical records and Personal Health Information from Custodians.
If you have designated a Personal Representative, including an attorney or family member, you may give them access to and the ability to add additional Personal Information to your Medchart records. Information that we collect passively when you visit our website:
Medchart collects information about how and when you use our website and our service offerings, including information about the pages you visit, the content you view on our sites and in our portals, We collect information about the apps, browsers, and devices
you use to access our services, which helps us provide features like automatic product updates. The information we collect includes unique identifiers
, browser type and settings, device type and settings, operating system, mobile network information including carrier name and phone number, and application version number. We also collect information about the interaction of your apps, browsers, and devices with our services, including IP address
, crash reports, system activity, and the date, time, and referrer URL of your request.
The Site uses "cookies" to help personalize and maximize your online experience. Cookies are small amounts of data that often include unique identifiers that enable the Site to recognize you and to keep track of your preferences. These identifiers are usually alpha-numeric strings, which cannot be used to identify you without additional information. Two types of cookies may be employed during your visit to the Site:
- "Session" cookies, which are not permanently stored on your hard drive and are permanently deleted from your computer after two hours of inactivity or when you end your session, are used to help you to navigate around the site; and
Medchart uses Personal Information about you for the exclusive purposes of collecting, maintaining, and disclosing that information, including Personal Health Information, at your direction and on your behalf. If we want to use your information for any other purpose, we will seek your explicit consent to do so. Disclosure
Medchart discloses Personal Information about you, including Personal Health Information, in order to provide the service, including to collect Personal Health Records from Custodians and to facilitate the disclosure of that information to third parties on your behalf and at your direction. Medchart may also disclose Personal Information about you to third parties as required by applicable law and/or as necessary to protect our rights and the rights of third parties. Unless prohibited by law, we will notify you of any such disclosures. Retention
Medchart will retain Personal Information associated with your Medchart account for so long as it is necessary to provide our services to you. Subject to certain limitations necessary to provide our services, operate our business, and comply with applicable law, you may delete your Personal Information at any time. Privacy Principles
Medchart Processes your Personal Information in accordance with globally recognized fair information practice principles described below:
Medchart will normally obtain consent from you or your properly designated Personal Representative before Processing Personal Information about you. An individual can provide consent to the collection, use and disclosure of Personal Information about them expressly, implicitly, or through an authorized Personal Representative. When you sign up for Medchart's services, whether as an individual or an individual’s personal representative, we will ask for your express consent during the account creation process. You have the right to withdraw consent at any time, with certain exceptions. Purpose Specification
Medchart will identify the purposes for which Personal Information is Processed at or before the time the information is collected. We will not use your Personal Information for any other purpose without your express consent. Collection, Use, Disclosure, and Retention Limitations
With your consent, Medchart helps you consolidate and access your Personal Health Information on a secure online account. Specifically, we: collect copies of your official medical records from Custodians; if necessary, convert your paper records into an electronic format, and promptly and securely dispose of the paper copy; upload the electronic copy of your records onto a secure, encrypted online database; allow you to access these records on your personal password-protected Portal on our website; and allow you to authorize other users (such as your healthcare provider, family members, or lawyers) to securely access, use, and disclose your records.
Medchart collects Personal Information about you only by fair and lawful means, either from you directly or from Custodians. This information may include your name, date of birth, address, contact information, health history, records of your visits to medical service providers, and details of the care that you received. Upon enrolling in Medchart's services you agree and understand that the collection of Personal Information is for your personal record keeping purposes, including disclosure to third parties at your direction or at the direction of your Personal Representative.
Medchart will use your Personal Information only for the reasons it was collected, unless you expressly consent to our use or disclosure of that information for another reason. We will retain your Personal Information only for so long as necessary to provide the services you have requested. Medchart may share your Personal Information with our affiliates and service providers who may be involved in delivering Medchart's services, providing customer support, and conducting customer research or satisfaction surveys. These service providers are obligated by contract to protect your Personal Information, they are not permitted to use this information for any purpose except providing the service, and they are only given the information necessary to perform their designated functions. Medchart does not authorize any service providers to use or disclose your Personal Information for their own marketing or other purposes. We may also share your Personal Information with our financial, insurance, legal, accounting or other advisors that provide such professional services to us.
Your Personal Information may be processed and/or stored outside of the United States as necessary or appropriate to provide our services. No matter where your data is stored, we undertake reasonable measures to protect your Personal Information. When it is stored and/or Processed in other jurisdiction, our Processing of that data may be subject to the laws of such countries and made available to third parties under applicable law. By providing us with your information, you allow your Personal Information to be transferred outside of United States. Accuracy
Medchart will keep the Personal Information in its possession or control accurate, complete, current and relevant, based on the most recent information available to Medchart. Please be aware that we cannot modify Personal Information provided by Custodians. However, if you believe that any other Personal Information is inaccurate or incomplete, please notify us [via email or your account. Data Security
The safety and privacy of your information is our top priority, and Medchart has deployed appropriate physical, administrative, and technical measures designed to safeguard your Personal Information against theft, loss, unauthorized access, copying, modification, use, disclosure and disposal. These measures include appropriate security policies, employee training, the use of nondisclosure agreements, audits and compliance monitoring, and access controls (facility and workstation).
Medchart uses strong encryption technologies to secure your information, and monitors and upgrades our systems to reflect new technology and other developments. Access to your online profile and medical records is protected by your personal login details. We strongly encourage you to take advantage of our optional 2-factor authentication system (a verification code sent to your registered cell phone or email at time of login) to minimize the likelihood of unauthorized access in case your login details have been lost or stolen. Transparency
- Medchart may disclose Personal Information to our service providers who help us provide the service or to third parties (such as family members, lawyers, or health care providers) at your direction.
- Medchart does not sell Personal Information to anyone for any purpose
- MedChart does not knowingly collect Personal Information about minors without the express consent of their parent, guardian, or duly appointed Personal Representative.
If you would like to know more about Medchart’s policies and practices related to the management of personal information, please contact our Chief Privacy Officer via email sent to firstname.lastname@example.org
. Access to Personal Information
Except as restricted by law, MedCchart will inform you or your Personal Representative about the existence, use and disclosure of any personal information about you in our possession or control, and will provide access to that information. You may also have the right to challenge the accuracy and completeness of the information and to ask that it be amended or deleted. To ask if we are processing Personal Information about you, to learn what personal information about you that we have, and to whom we may have disclosed that information, please send an email to email@example.com
Please be sure to include your full name, address, telephone number, and email address. We may need to ask for additional information to verify your identity. Complaints and Questions
For more information about our privacy protection practices, or to raise a concern you may have about our practices, please contact: James Bateman
Chief Privacy Officer, Medchart, Inc.
215 S. Denton Tap Rd., Suite 290
Coppell, TX, 75019