Protecting your privacy on our web site
What this privacy policy covers
This privacy policy pertains to the use of the Medi-EHR web site at Medi-EHR.com. This privacy policy covers how Medi-EHR, Inc. (“Medi-EHR”, We”, “Us”, or “Our”) treats personal information that Medi-EHR collects and receives through the website Medi-EHR.com and Medi-EHR Clinical (Electronic Health Records, or EHR), Medi-EHR Billing (Practice Management), or Medi-EHR Marketing (including Medi-EHR DoctorBase), as well as the Medi-EHR Patient Portal (collectively, the “Service” or “Services”). It also describes the choices available to you regarding our use of your personal information and how you can access and update this information. Personal information is information about you that is personally identifiable like your name, address, email address or phone number. Children under 13 are not permitted to use the Service, and so this privacy policy makes no provision for children’s use of the site.
Information collection and how it is used
General Information
You do not have to give us any personal information to visit the product information portion of our web site. No personally-identifying information (such as your name, e-mail address or Social Security number) will be collected unless you choose to provide that information to us.
Medi-EHR collects personal information when you sign up for a trial or paid subscription to the Medi-EHR Service. When you sign up, we ask for your name, email address, phone number and your company’s demographic and financial information such as credit card information.
When you sign up for a paid subscription, we will ask you to enter your credit card or ACH information. This information is encrypted on computer systems that are secured in a locked cage at a data center co-location facility rented by Medi-EHR.
Medi-EHR automatically receives and records information on our server logs from your browser, including your IP address and the page you request.
Medi-EHR uses information for the following general purposes: products and services provision, billing, identification and authentication, services improvement, contact, research, and anonymous reporting.
Medi-EHR will send you strictly service-related announcements on rare occasions when it is necessary to do so. For instance, if our Service is temporarily suspended for maintenance, we might send you an email. Generally, you may not opt-out of these communications, which are not promotional in nature. If you do not wish to receive them, you have the option to deactivate your account.
If you wish to subscribe to our newsletter, we will use your name and email address to send the newsletter to you. Out of respect for your privacy, we provide you a way to unsubscribe by clicking on the link within the email.
If you’re a patient and you sign up for Medi-EHR Patient Portal and elect to use the online patient payment service, your transaction will be processed by the merchant associated with your practice or facility, and the information you provide to the merchant is subject to its privacy policy. Your credit card number and billing information will not be accessible by Medi-EHR.
IP Addresses
IP Addresses are automatically reported by your browser each time you view a web page or use our Service. Your IP address is not permanently stored in a way that is identified with your personal information.
IP addresses may be used for various purposes, including:
- To diagnose or service technology problems reported by our users or engineers that are associated with the IP addresses controlled by a specific web company or ISP.
- To estimate the total number of users visiting Medi-EHR from specific geographical regions.
Cookies and Other Tracking Technologies
A cookie is a small amount of data, which often includes an anonymous unique identifier that is sent to your browser from a web site’s computers and stored on your computer’s hard drive. We do link the information we store in cookies to personal information you submit while on our web site.
Medi-EHR uses both “session” cookies and “persistent” cookies. A session ID cookie will get removed automatically when you close your web browser. We may use session cookies to make it easier for you to navigate our web site. A persistent cookie remains on your hard drive for an extended period of time. We may also set a persistent cookie to store your passwords, so you don’t have to enter it more than once if you so choose. We have cookies on our site but the data is only collected in the aggregate. We use a third-party tracking service that uses cookies and other tracking technologies to track non-personally identifiable information about visitors to our site in the aggregate.
If you reject cookies, you may still use our web site, but your ability to use some areas of our site, such as contests or surveys, will be limited.
Web Beacons / Gifs
Medi-EHR uses software technology called clear gifs (a.k.a. Web Beacons) to help us better manage content on our web site by informing us what content is effective. These technologies are tiny graphics with a unique identifier, similar in function to cookies, and are used to track the online movements of Web users. In contrast to cookies, which are stored on a user’s computer hard drive, clear gifs are embedded invisibly on Web pages and are about the size of the period at the end of this sentence. In some cases we tie information gathered by clear gifs to our customers’ personal information; an example would be tracking emails that have been opened by recipients which allows us to measure the effectiveness of our communications and marketing campaigns.
3rd Party Tracking
The use of cookies by any tracking utility company is not covered by our privacy policy. We do not have access or control over these cookies. Tracking utility company may use session ID cookies and/or persistent cookies.
We use Local Storage, such as HTML5, to store content information and preferences. Third parties with whom we partner to provide certain features on our website or to display advertising based upon your web browsing activity also use HTML5 to collect and store information. Various browsers may offer their own management tools for removing HTML5.
Behavioral Targeting / Re-Targeting
We partner with a third party ad network to either display advertising on our web site or to manage our advertising on other sites. Our ad network partner uses cookies and Web beacons to collect non-personal information about your activities on this and other Web sites to provide you targeted advertising based upon your interests. If you wish to not have this information used for the purpose of serving you targeted ads, you may opt-out by clicking here. Please note this does not opt you out of being served advertising. You will continue to receive generic ads.
Protected Health Information
If you are a patient using the web site, please do not provide Medi-EHR with Protected Health Information (PHI). If you are a patient using Medi-EHR Clinical, Medi-EHR Billing or Medi-EHR Marketing (including Medi-EHR DoctorBase), the information you provide to us through those Services may be considered PHI and will be protected by Medi-EHR as required by federal and state laws.
Information sharing and disclosure
Medi-EHR may be required to disclose personally identifiable information or protected health information under special circumstances, such as to comply with subpoenas or when your actions violate the Medi-EHR Terms of Service.
Medi-EHR may share demographic information with business partners, such as “7% of Medi-EHR customers are in the Los Angeles region” or the like. No personally identifiable information or protected health information will ever be used without your permission (i.e., we will ask you before using a quote or testimonial).
Third party vendors, including Google, show our ads on sites on the Internet. Third party vendors, including Google, use cookies to serve ads based on a user’s prior visits to our website. Users may opt out of Google’s use of cookies by visiting the Google advertising opt-out page.
Medi-EHR does not rent, sell, or share personal information about you with other people or nonaffiliated companies for promotional purposes except to provide products or services you’ve requested or when we have your permission.
With your consent, we do share your name and email with certain partners we may work with. If you would not like your information shared with these partners, uncheck the box when asked this option or notify us via support@Medi-EHR.com.
It may be necessary to share information in order to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of Medi-EHR’s terms of use, or as otherwise required by law.
We will transfer information about you if Medi-EHR is acquired by or merged with another company. In this event, Medi-EHR will notify you by email or by putting a prominent notice on the Medi-EHR web site before information about you is transferred and becomes subject to a different privacy policy.
We use other third parties such as a chat service provider to provide customer service to you, and a credit card processing company to bill you for goods and services, an email service provider to send out emails on our behalf. When you sign up for these services, we will specify what personally identifiable information is being shared as necessary for the third party to provide that service.
Accessing, updating, or correcting your personal information
If your personally identifiable information changes, or if you no longer desire our Service, you may correct it or request deletion by contacting us by telephone or postal mail at the contact information listed below. We will respond to your request to access within a reasonable timeframe.
We will retain your information for as long as your account is active or as needed to provide you services. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
Security
The security of your personal information is important to us. When you enter sensitive information such as credit card number on our registration or order forms, we encrypt that information using secure socket layer technology (SSL).
While we follow generally accepted industry standards to protect the personally identifiable information submitted to us, both during transmission and once we receive it, no method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, while we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security. If you have any questions about security on our web site, you can contact us at support@Medi-EHR.com.
Customer testimonials, comments and reviews
We post customer testimonials, comments and reviews on our web site which may contain personal information. These testimonials are publicly available from a partner site and we post them on our policy. We do obtain the customer’s consent to post their name along with their testimonial via email prior to posting the testimonial. If you wish to update or delete your testimonial, you can contact us at support@Medi-EHR.com.
You should be aware that any personal information you submit on blogs on this site and others can be read, collected, or used by other users of these forums, and could be used to send you unsolicited messages. We are not responsible for the personal information you choose to submit in these forums. To request removal of your personal information from our blog, contact us at support@Medi-EHR.com. In some cases, we may not be able to remove your personal information, in which case we will let you know if we are unable to do so and why.
Links to other sites
If you click on a link to a third party site, you will leave this site and go to the site you selected. Because we cannot control the activities of third parties, we cannot accept responsibility for any use of your personally identifiable information by such third parties, and we cannot guarantee that they will adhere to the same privacy practices as us. We encourage you to review the privacy policies of any other service provider from whom you request services.
Referrals
If you choose to use our referral service to tell a friend about our web site, we will ask you for your friend’s name and email address. We will automatically send your friend a one-time email inviting him or her to visit the web site. Medi-EHR stores this information for the sole purpose of sending this one-time email. Your friend may contact us at support@Medi-EHR.com to request that we remove this information from our database.
Collection and Use of 3rd Party Personal Information
You may also provide personal information about other people, such as their name, email address and phone number. This information is only used for the sole purpose of completing your request or for whatever reason it may have been provided.
Social Media Widgets
Our web site includes Social Media Features, such as the Facebook Like button and Widgets, such as the Share this button or interactive mini-programs that run on our web site. These Features may collect your IP address, which page you are visiting on our web site, and may set a cookie to enable the Feature to function properly. Social Media Features and Widgets are either hosted by a third party or hosted directly on our web site. Your interactions with these Features are governed by the privacy policy of the company providing it.
Single Sign-On
You can log in to portions of our main Medi-EHR web site using sign-in services such as LinkedIn Connect or an Open ID provider. These services will authenticate your identity and provide you the option to share certain personal information with us such as your name and email address to pre-populate our sign up form. Services like LinkedIn Connect give you the option to post information about your activities on portions of our main Medi-EHR web site to your profile page to share with others within your network.
Information Related to Data Collected through the Medi-EHR Services
Information Related to Data Collected for our Clients
Medi-EHR may collect information under the direction of its Clients, and has no direct relationship with the individuals whose personal information it processes. If you are a customer of one of our Clients and would no longer like to be contacted by one of our Clients that use our Service, please contact the Client that you interact with directly. We may transfer personal information to companies that help us provide our Service. Transfers to subsequent third parties are covered by the service agreements with our Clients.
Access and Retention of Data Controlled by our Clients:
Medi-EHR has no direct relationship with the individuals whose personal information it processes. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data should direct his query to the Medi-EHR Client (the data controller). If requested to remove data we will respond within 30-60 days. If the Client is a Covered Entity under HIPAA, your rights with respect to your protected health information are governed by HIPAA as well as our Business Associate Agreement with that Client.
We will retain personal information we process on behalf of our Clients for as long as needed to provide services to our Client. Medi-EHR will retain this personal information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
Data Aggregation Services & De-identified Data
To the extent we receive protected health information from Clients that are Covered Entities under HIPAA, we may use such information to provide data aggregation services (as that term is defined by HIPAA) and to create de-identified data in accordance with 45 CFR 164.514(a)-(c) retaining any and all ownership claims relating to the de-identified data it creates from protected health information. Medi-EHR may use, during and after this agreement, all aggregate non-identifiable information and de-identified data for purposes of enhancing the Software and Service, technical support and other business purposes, all in compliance with the HIPAA Privacy Standards, including without limitation the limited data set and de-identification of information regulations.
Changes to this privacy policy
Medi-EHR may update this policy at any time for any reason. If there are any material changes to how we handle personal information we will send a notice to the contact email address specified in your company’s Medi-EHR account or by placing a prominent notice on the home page of our site prior to the change becoming effective. We encourage you to periodically review this page for the latest information on our privacy practices.
Questions
If you have questions or suggestions you can contact us at:
Medi-EHR Support – Privacy Policy
90 Washington Valley Rd
Bedminster, NJ 07921
Phone: 888-633-1367
Email: support@Medi-EHR.com