Last Updated: April 16, 2015
CareSync’s mission is to connect people and data to redefine the role of the patient and create a better healthcare experience for everyone. We believe that everyone benefits when you put the patient at the center of healthcare and when data is appropriately shared among stakeholders.
- CareSync for Consumers provides a personal health platform that enables you to gather, edit, supplement, store, track, and share health information online. With CareSync, you can control your own health records and access them at any time, any place, and on any device. You can also share your health information with the people who care about you, your family, friends, and health care professionals.
- CareSync for Business helps hospitals, healthcare providers, employers, and health advocates facilitate better health management for their patients via an enterprise health platform with a suite of care coordination tools.
SCOPE OF THIS PRIVACY STATEMENT
This Privacy Statement applies to our CareSync health platforms and any other related features, contents, applications, or websites we may offer from time to time (collectively, the “CareSync Services”). This Privacy Statement explains CareSync’s information practices, including:
- What information we may collect through the CareSync Services and how we collect it.
- How we use the information we collect.
- How we may share collected information.
- What choices you have as to how we collect and use information.
INFORMATION WE COLLECT
In General. CareSync’s mission is to help you manage your health information, and we cannot help you do that without collecting certain information, including personal information about you. When we say “Personal Information,” we mean information that alone or in combination with other information may be used to readily identify, contact, or locate a specific person, such as: name, address, email address, phone number, medical records or certain other health data, insurance information, and financial information. We do not consider Personal Information to include information that has been anonymized so that it does not allow a third party to easily identify a specific individual.
We collect information when you:
- Create a CareSync account. In order to use the CareSync Services, you must create an account. To create a CareSync account, you must provide Personal Information such as name, email address, and a password. This information will help CareSync and others that you collaborate with to identify you.
- Build your Personal and Health profile. As a CareSync member, you can add information to your account. You may choose to provide Personal Information such as address, phone number, date of birth, a profile photo, gender, blood type, health conditions, medications, allergies, and body measurements. You may opt to upload important documents to your Health profile, such as medical, lab, insurance, legal, and other documents. You may also choose to include Personal Information about others in your profile by providing us with names and contact information for emergency contacts and health care providers.
- Add a Family Member. You can manage your family’s records in the same CareSync account. When you add a family member, you may choose to provide Personal Information about them as you build their health profile. When you provide Personal Information about other people, you represent that you have the authority to do so. You can also allow this family member to log in to your CareSync account using their own email and password. If you allow this family member to log in, you control what information they can see as described in “Your Choices” below.
- Add a Caregiver. Caregivers, such as family, friends, or health advocates, can help you manage your healthcare. When you add a Caregiver, we ask that you provide their name, relationship to you, and an email address. If your Caregiver has their own CareSync account, you may choose to let them see some or all of your information as described in “Your Choices” below.
- Link your CareSync account to services or devices. If you choose to link your CareSync account to certain other services or devices, such as calendars, wearables, scales, fitness trackers, or other health monitoring devices, we may collect information related to your use of such services or devices. When these services or devices are administered by a third party, the information practices and policies for those services or devices are the responsibility of that third party.
- Request Health Records. If you choose to request health records, we will ask you to provide Personal Information as needed to complete a request form that complies with the requirements of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). Such Personal Information may include a Social Security number.
- Seek assistance from CareSync. If you contact CareSync with questions and requests, we may collect information from you in order to assist you. If you enroll in CareSync Plus, you have unlimited access to a CareSync Plus Health Assistant who can assist you with medical appointment scheduling and other care coordination tasks, which may require you to provide additional information.
- Cookies. A cookie is a small text file that may be stored on the hard drive of a computer or device when you access a website. When you visit our website, we may assign your device one or more cookies to facilitate access to our site and to personalize your online experience. You may refuse the service of cookies to your device or delete any existing cookies by changing your browser preferences. As the means by which you can do this vary from browser to browser, please refer to your browser’s help menu for more information. If you refuse or delete cookies, you may not be able to take advantage of all features and functionality of the CareSync Services.
- Information collected automatically. We may automatically collect information from your browser or device when you use the CareSync services. This information may include an IP address, device identifier, your browser type, access times, the content of any undeleted cookies your browser received from us, and other non-personally identifiable information that can help us optimize the CareSync services.
HOW WE USE INFORMATION WE COLLECT
We use information, including Personal Information, to deliver and improve the CareSync Services.
We may use information, including Personal Information, to:
- Communicate with you. We may send email to the email address you provide us to verify your account and for informational and operational purposes, such as account management, customer service, system maintenance, or to provide information we think may be of interest to you. We may also communicate with you through the CareSync Services or other means enabled by the CareSync Services, such as through text messages, push notifications, or in-app messaging. You may adjust your communications preferences in your CareSync account settings at any time or by unsubscribing from our marketing emails using the link provided at the bottom of those emails.
- Communicate with others at your request. If you choose to use CareSync to share information with others, we may require Personal Information such as names, email addresses, fax numbers, or other contact information.
- Customize your CareSync experience. We use information we collect through the CareSync Services to customize your CareSync experience.
- Organize and analyze your health information. When you share information or we receive it from others, our employees and service providers may review that information to categorize and organize it for you. For example, CareSync Plus Health Assistants will use information you provide to them to coordinate appointments and perform other requested tasks.
- Provide and improve the CareSync Services. We use information, including Personal Information, for internal and service-related purposes and may provide it to third parties as necessary to allow us to facilitate or improve the CareSync Services.
We may aggregate or de-identify data collected through the CareSync Services and use it for any purpose.
HOW WE MAY SHARE INFORMATION
We do not rent, sell, or share Personal Information. We do not share your Personal Information with other people or nonaffiliated companies for their direct marketing purposes, unless we have your permission. We may share aggregate or de-identified data with third parties for any purpose.
We may share information, including Personal Information, as follows:
- With your permission. We may share your Personal Information or other information about you with third parties when we have your permission or at your direction, including when you direct us to send information to a healthcare provider.
- When you add a family member or Caregiver. We may share information about you according to your “Sharing Settings” in your CareSync account. We are not responsible for the privacy practices or actions of any third party with whom you choose to share information.
- With our vendors and service providers. We may share any information we receive with vendors and service providers retained to help us provide or improve the CareSync Services.
- As required by law and similar disclosures. We may access, preserve, and disclose your Personal Information, other account information, and content if we believe doing so is required or appropriate to: comply with law enforcement requests and legal process, such as a court order or subpoena; defend against legal claims; respond to your requests; protect the rights, property, and safety of you, CareSync, or others; or as otherwise required by law.
- In connection with a merger, sale, or other asset transfer. If we are involved in a merger, acquisition, financing, reorganization, or other substantial corporate transaction, or in the unlikely event of bankruptcy, any information we possess, including Personal Information, may be shared, sold, or transferred as part of such a transaction as permitted by law and/or contract. In such cases, we cannot control how other entities may use or disclose such information.
CareSync offers you a number of ways to control collection and use of your information when you use the CareSync Services. Your options include:
- Control who sees your information. Each time you add a family member or caregiver, you get to decide what types of information the person can access. You can change these setting at any time. We share information with third parties only at your request and with your specific authorization.
- Modifying your account information. You can review the information you or others have shared by logging into your CareSync account. You can modify or delete any information that you have provided us at any time. You may also choose to modify and delete information that others have shared with you.
- Modifying your account settings. CareSync account settings are designed to provide you with control over the information that you share. We encourage you to review your account settings and adjust them in accordance with your preferences. If you are logged into your account, visit the “Personal” tab and then “Sharing Settings” to modify what information each person you have connected with can see.
- Closing your account. If you no longer desire to use the CareSync Services, you may close your account by sending us an email to email@example.com. After you close your account, you will not be able to sign in to our website or access any of your information. However, you can open a new account at any time. If you close your CareSync account, we have no obligation to retain your information and may delete any or all of your account information without liability. We may retain and use your information as described in “Data Retention” below. Please note: if you have provided or shared information to third parties, retention of that information will be subject to those third parties’ policies and practices.
We take steps to ensure that information is treated securely and in accordance with this Privacy Statement. Unfortunately, neither the Internet nor any form of electronic storage can be guaranteed to be 100% secure, and we cannot ensure or warrant the security of any information provided to us. We do not accept liability for any unintentional disclosure.
By using the CareSync Services or providing an email address to us, you agree that we may communicate with you electronically regarding security, privacy, and administrative issues relating to your use of the CareSync Services.
We will retain your information for as long as your account is active or as needed to provide you with CareSync Services. We will retain and use your information as necessary to comply with our legal obligations, prevent fraud or abuse, resolve disputes, enforce our agreements, or take other actions permitted by law. Anonymous or aggregated information that does not identify you personally may be retained indefinitely.
We do not knowingly collect, maintain, or use Personal Information from children under 13 years of age, and no part of the CareSync Services are designed for or directed to children under the age of 13. If you learn that your child has provided us with Personal Information without your consent, you may alert us at firstname.lastname@example.org. If we learn that we have collected any Personal Information from children under 13, we will promptly take steps to delete such information and terminate any account created by such children.
If you are the parent or guardian of a child under the age of 13, you may choose to manage your child’s health information through your CareSync account.
If you are visiting or using the CareSync Services from the European Union or other regions with laws governing data collection and use, please note that you are agreeing to the transfer of your information to the United States and to processing globally. By providing your information, you consent to any transfer and processing in accordance with this Privacy Statement.
CHANGES TO THIS PRIVACY STATEMENT
We may update this Privacy Statement from time to time to reflect changes to our information practices. If we decide to change this Privacy Statement, we will post the changes on this page so that you are aware of our practices and update the “Last Updated” date above. If we make a material change in how we collect, use, or disclose Personal Information, we will make reasonable efforts to provide notice through the CareSync Services and obtain consent to any such uses as may be required by law. We encourage you to periodically review this page for the latest information on our privacy practices.
If you have questions or comments about this Privacy Statement, please email us at email@example.com.