MedTrak, Inc. (“MedTrak”)
has written this privacy policy (“Policy”) to demonstrate its commitment to
privacy and security. MedTrak reserves the right to amend the Policy at any
time—these changes will apply to all old and new data collected by MedTrak but
will never relax the privacy and security standards currently in place. Any
changes to the Policy will be posted on www.orthosight.com along with a notice
of the policy changes.
MedTrak has implemented a number of procedures and safety measures to protect
the privacy and security of personal information according to HIPAA
regulations. All tools and services MedTrak provides to users, patients, and
visitors are HIPAA compliant. This privacy policy will convey our information
collecting, security, and distribution practices.
MedTrak also
complies with the U.S.-EU Safe Harbor Framework as set forth by the U.S.
Department of Commerce regarding the collection, use, and retention of personal
information from European Union member countries. MedTrak has certified
that it adheres to the Safe Harbor Privacy Principles, and to learn more about
the Safe Harbor program or to view our
certification page, please visit http://www.export.gov/safeharbor/.
The privacy policy is divided into four separate sections: User Privacy,
Patient Privacy, Potential User and Visitor Privacy, and Additional
Information. To view our policies, please refer to the appropriate section.
User Privacy
User Data and Information
MedTrak gathers information from users who sign-up for our services (“Service”)
through contracts, discussions and the website. Users are required to provide
contact information such as name, company name, address, phone number, and
email address. This information is used to setup the Service and provide
support. Except as required to perform the Service, no information will be
disclosed to third parties.
MedTrak also collects and logs information (IP addresses, login attempts)
concerning website usage. This information is used to monitor attempted
security penetrations, detect technical problems, and review site usage
patterns.
Information and data users collect using OrthoSight and store on MedTrak’s
servers will not be reviewed, shared, or disseminated except as stated in the
Business Associates Agreement and Software License Agreement or as required by
law. Individual records in MedTrak’s databases may be accessed to provide the
Service, resolve an issue, evaluate usage patterns, provide support services,
or review contractual issues. Users are required to maintain the security of
their User Name and password as outlined in MedTrak’s password policy on the
website.
MedTrak uses aggregated, de-identified information and data to create marketing
statistics and average scores viewable by all users. Marketing statistics will
be made available to third parties.
Discontinue Use Policy – Users
Users may request that MedTrak discontinues use of their contact information by
contacting their MedTrak representative or by emailing info@orthosight.com.
Patient Privacy
Notice
Personal information will only be collected by MedTrak after timely notice of
the type of information to be collected, how information will be used, and how
information may be shared is given to the patient.
Choice
If a patient would like to withdraw or refuse consent for a study, the patient
should inform his/her doctor and MedTrak. A patient will always make the choice
about the ways that personal information is used and shared.
Relevance
Only as much personal information that is needed to complete the study will be
collected and used. Personal information will be used in a manner consistent
with the consent provided by the patient.
Retention
Personal
information will be stored only as long as is necessary for the purposes for
which it was collected, or as permitted by law.
Accuracy
Appropriate
steps will be taken to ensure all personal information stored by MedTrak is
complete and accurate.
Access
Patients
will be provided access to their own personal information stored on MedTrak’s
servers in order to correct any problems.
Security
MedTrak
provides high quality security controls and protocols to ensure that all
information and data is protected against loss, misuse, alteration, or
unintentional destruction. MedTrak employs Secure Sockets Layer (SSL)
technology to protect information traveling to and from the website and a
firewall to block unauthorized use of the web server and database. Information
and data are protected by access controls, passwords, employee training
regarding security issues, and storage of sensitive information in locked
offices, encrypted files, or behind the firewall.
Potential User and Visitor Privacy
Potential users may sign-up on www.orthosight.com to be contacted by a MedTrak
representative. They will submit contact information that will only be used to
set-up an appointment or demonstration.
MedTrak logs visitor IP addresses and activity. This information is used to
monitor attempted security penetrations, detect technical problems, and review
site usage patterns.
Additional Information
In compliance with the Safe Harbor Principles, questions, complaints, or
comments regarding the privacy practices of MedTrak should be directed to
MedTrak. MedTrak will do everything to resolve issues quickly and to the
satisfaction of the patient. European Union or U.S. citizens with inquiries or
complaints regarding this privacy policy should first contact MedTrak at:
MedTrak, Inc.
Attn:
Privacy Complaints
1100 East Hector Street, Ste. 457
Conshohocken, PA
19428
Phone: 484-532-7587
Email:
info@orthosight.com
MedTrak has further committed to refer unresolved privacy complaints under the
Safe Harbor Principles to an independent dispute resolution mechanism, the BBB
EU Safe Harbor, operated by the Council of Better Business Bureaus. If you do
not receive timely acknowledgment of your complaint, or if your complaint is
not satisfactorily addressed by MedTrak, you may contact:
Council of Better Business Bureaus, Inc.
BBB EU Safe Harbor
4200 Wilson Boulevard, Suite 800
Arlington, VA 22203
Phone: 703-276-0100
Web: www.us.bbb.org
Email: eusafeharbor@council.bbb.org
Version 1.1
Last Updated: August 6th, 2010
