Wayspring has designated a “Privacy Officer” who is responsible for developing and implementing its privacy policies and procedures. The Privacy Officer for Wayspring serves as the contact person responsible for receiving complaints or inquiries relating to privacy issues.
There are two kinds of information that we may obtain about you: (1) Anonymous Information and (2) Personally Identifiable Information.
(i) Anonymous Information – “Anonymous Information” is data in a form that does not permit direct association with any specific individual. Anonymous Information is aggregate data that websites and applications use to administer their sites and services and the contents thereon and therein. This Anonymous Information comprises information that cannot be used to identify or contact you, and may include such information as your browser or device type or your Internet Protocol (IP) address (if not deleted, clipped or anonymized), log file information, cookie information, web beacons and similar tracking technologies. You can change your browser or device settings to prevent cookies or notify you whenever you are sent a cookie. However, if you disable or block cookies on your browser or device, the features on our Licensed Product may not work correctly. Company also collects and uses information about what features Users access and how Users use content and information included in the Licensed Product. Company may, from time to time, retain third parties to help us collect and aggregate information.
(ii) Personally Identifiable Information (PII) – In connection with the Licensed Product, we and our providers collect and/or use certain information that can be used to identify or contact you, including, without limitation, your personal information for maintaining your account (such as your user name, email address, phone number, first and last name, Site name and address (“Personally Identifiable Information“)). In addition, when you post or submit information or otherwise provide communications, comments or other materials to the Licensed Product, all such information is collected by us or our providers in order to provide the Licensed Product. By using certain features of the Licensed Product, you also will be providing additional personal information to Company, including, without limitation, your location and your usage patterns of the Licensed Product. Further, when you contact us, we may ask for your name, User ID, email address and/or other information regarding your account so we may process and respond to your request.
(iii) Anonymous Information is used internally for the administration, troubleshooting, data analysis, auditing, and research of our Licensed Product to help improve the quality, design and information provided to you. Some examples of the kinds of Anonymous Information we may collect include device identifiers, information about your usage of features of the Licensed Product and other data generated during your interactions with the Licensed Product. We may share such aggregated, non-personally identifiable information, such as demographics and general analytics regarding usage of the Licensed Product, with existing and prospective business partners, clients and advertisers. We never connect aggregate information with personally identifiable information, and none of the Anonymous Information we share will contain any information that identifies you individually.
(iv) We collect Personally Identifiable Information about users only when the user voluntarily provides such information, including patterns of application usage. We may be required to transfer or disclose Personally Identifiable Information to third parties without prior consent if required by law, such as a court-ordered subpoena, search warrant, or other court order, or if required by exigent circumstances. We also may use (and may contract with carefully selected third-party service providers to help us use) your profile information on an aggregate basis – without personal identifiers – and other usage information that is useful in developing new features and content for the Licensed Product. You understand and agree that your information and data provided by or otherwise collected or generated in connection with your use of the Licensed Product, including, without limitation, Personally Identifiable Information, is subject to the rights and licenses granted to Company herein.
(v) As Company continues to develop the Licensed Product, we may buy, merge or partner with other companies or businesses, and in so doing, acquire customer information. In such transactions, information collected through the Licensed Product may be among the transferred assets. Similarly, in the unlikely event that a portion or substantially all of our assets are sold or transferred to a third party, such information would likely be one of the transferred business assets.
(vi) Protecting the privacy of children is very important to us. The Children’s Online Privacy and Protection Act of 1998 (“COPPA“) defines a “Child” as anyone under the age of 13. We strictly adhere to COPPA. For that reason, we do not collect or maintain information obtained through the Licensed Product from those we actually know are under 13, and no part of the Licensed Product is structured to attract anyone under 13.
(vii) To the extent that you provide or transmit any information, including, but not limited to, any Personally Identifiable Information, any information that identifies any other individual (including without limitation name, email address and/or telephone number) and/or Protected Health Information (PHI) as defined for purposes of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA“), to Company or its third-party service or data providers, licensors, or distributors (“Representatives“) through the Licensed Product, you warrant that (a) you are providing or obtaining only your own information or the information of others which you are authorized to provide to third parties and/or obtain from third parties on their behalf; and (b) the use of such information by Company and its Representatives will not infringe upon or misappropriate the intellectual property rights or otherwise violate the rights of any third parties.
(viii) Use and disclosure of PHI – We may request PHI from you in order to deliver requested materials, respond to your questions, deliver a product or service, or to verify appropriate Site usage. This information is collected from your employer or health insurance plan (our client). We may collect information about your diagnosis and/or medical condition, treatment/medical history (including prescription medications), health insurance information, or other relevant information. The information we collect includes PHI, as defined by HIPAA. Any personal information that you may provide to Company will be used solely for the purpose specified by your employer or health insurance plan. We may be required to transfer or disclose PHI to third parties without prior consent if required by law, such as a court-ordered subpoena, search warrant, or other court order, or if required by exigent circumstances. We also may use (and may contract with carefully selected third-party service providers to help us use) your profile information on an aggregate basis – without personal identifiers – and other usage information that is useful in developing new features and content for the Licensed Product. You understand and agree that your information and data provided by or otherwise collected or generated in connection with your use of the Licensed Product, including, without limitation, PHI, is subject to the rights and licenses granted to Company herein.
(ix) Storage, retention, and destruction of PHI – Company takes precautions to protect its users’ personal non-public information and PHI. When users submit personal information to Company, the information is protected both online and off-line. Personal information is encrypted and is protected with encryption software that meets or exceeds industry standards, both when sent (i.e., in transit) and when stored (i.e., at rest). The computers and servers that store personally identifiable information are kept in a secure environment. Only Company employees who need the information to perform their jobs are granted access to personally identifiable information. Furthermore, all Company employees are kept up-to-date on Company security and privacy practices. PHI collected and maintained by Company will be retained in accordance with our retention policy. PHI is disposed of in a secure manner when no longer needed for the purpose for which it was obtained and used.
(x) Third parties partnered with Company must maintain physical, electronic, and procedural safeguards designed to protect personal information that comply with federal regulations. Security breaches that put PII or PHI at risk, such as an unauthorized disclosure of said sensitive information, must be reported to Company at privacy@Wayspringhealthcare.com. Please note that your email, like most non-encrypted Internet communications, may be accessed and viewed by others without your knowledge and permission while in transit to us. Therefore, please do not send email to us with personal information. Company has no way to secure personal information sent via email.
(xi) To report a privacy incident or pose questions/concerns regarding the security of your personal information, please email Company at privacy@Wayspringhealthcare.com. Please note that your email, like most non-encrypted Internet communications, may be accessed and viewed by others without your knowledge and permission while in transit to us. Therefore, please do not send email to us with personal information. Company has no way to secure personal information sent via email.
(xii) Any complaints or concerns regarding the privacy or security of PHI maintained by Company are directed to Company’s Privacy Officer via privacy@Wayspringhealthcare.com. Our Privacy Program calls for all such complaints and their disposition to be documented and maintained by the Privacy Officer. Company has implemented a complaints and non-retaliation Policy to ensure open communication regarding privacy and security concerns and to ensure that an individual may exercise his or her rights under the HIPAA Privacy Rule, including filing a complaint without fear of retaliation by Company. Company acknowledges its responsibility and obligation to mitigate, to the extent it can, improper uses or disclosures of PII and PHI. In the event of an unauthorized disclosure of PHI and/or PII reported to or discovered by Company, Company will provide notification of the unauthorized disclosure to all of the affected parties. Company also will abide by all legal requirements regarding notification of unauthorized disclosure of PHI and/or PII.