CareMetx Privacy Statement, Effective Date of January 1, 2020, Updated June 6, 2021
CareMetx, LLC, (including CareMetx systems, websites, portals, other interfaces individually and collectively referred to as “CareMetx Systems”) is
committed to protecting the privacy of your information.
This Privacy Statement describes CareMetx’s privacy practices and how CareMetx uses the information you provide when using our CareMetx Systems. By using CareMetx Systems, you agree to and consent to the collection and use of your information as described below.
If you do not want us to use your information as described in this Policy, please do not use CareMetx Systems. Additionally, you may opt out of use of your information as described in this Policy by contacting Us as described below.
Your personal Information is never sold by CareMetx and is collected solely for the purpose specified in the program related communication.
One of the organizations helping to provide services to you (the “Services”) is CareMetx, LLC, which operates and manages its proprietary CareMetx Systems. Before CareMetx (referred thereafter as “We” or “Us”) shares any information you provide to Us, We make sure you understand who will receive your information and why they are requesting it. If you do not want to share your information in the way described, you may decide not to complete the agreement/authorization process or opt out. You understand that if you do not agree or authorize the disclosure, you may not be able to participate in the program being described to you. CareMetx Systems may provide links to websites of other organizations or companies that may offer materials and services as well as links to other sites. Please note that We do not accept any responsibility or liability for personal data that may be collected through these websites or services. We recommend that you read their privacy policies before you submit any personal data to them or use their services.
We collect information from individuals who visit CareMetx Systems (“Visitors”) and individuals who subscribe to use the Services (“Customers”). In order to be able to use the Services, Customers may have to electronically submit data or information (“Customer Data”). When signing up to use our Services, We may ask Customers for certain identifying information so that We can verify their identity. The Customer Data that We may ask for may include, if applicable, name, birth date, address, practice name, specialty, address, email address, fax number, NPI number, DEA number, and Tax ID number. We may also request that you provide Us with a verification code that We send to your email address. In some cases, We may request additional information to help verify your identity. If you choose to complete any agreement or attestation through our CareMetx Systems, We may request that you submit an electronic signature as well. When expressing an interest in obtaining additional information about the Services, We will require you to provide Us with personal contact information, such as name, address, phone number, and email address (“Required Contact Information”). As you navigate CareMetx Systems, We may also collect information through the use of commonly used information-gathering tools, such as cookies (“Website Navigational Information”). Website Navigational Information includes standard information from your web browser (such as browser type and browser language), your Internet Protocol (“IP”) address, and the actions you take on CareMetx Systems (such as pages viewed and the links clicked).
We use the information you provide to Us to perform the Services offered through the CareMetx Systems. We may use Website Navigational Information to operate and improve CareMetx Systems.
We use commonly used information-gathering tools to collect information as you navigate CareMetx websites and portals (i.e. “Website Navigational Information”). This section escribes the types of Website Navigational Information that may be collected by CareMetx websites and portals (collectively referred to as “Site”) and how this information may be used.
When you visit our Site, we collect your Internet Protocol (“IP”) addresses to track and aggregate non-personal information. For example, we use IP addresses to monitor the regions from which Customers and Visitors navigate our website. We also collect IP addresses from Customers when they log into the Services as part of the Company’s security features.
Third Party Cookies
From time-to-time, We engage third parties to track and analyze usage and volume statistical information from individuals who visit our website. This information will not contain personal information or Customer Data.
We may share Data about Customers with our service providers to ensure the quality of information provided. Unless described in this privacy statement, or the agreement/authorization that you may sign, We do not share, sell, rent, or trade any information provided with third parties for their promotional purposes. If you agree/authorize the sharing of your information, We will share your information with the party or parties described in that agreement/authorization.
We reserve the right to use or disclose information provided if required by law or if We reasonably believe that use or disclosure is necessary to protect our rights and/or to comply with a judicial proceeding, court order, or legal process. We may share information We collect to another entity as part of a sale, merger, or reorganization, if applicable. If you do not wish Us to share personally identifiable information you provide as described herein, or if you wish to examine or update any personal information you may have provided to Us, you may contact Us as indicated below.
We may disclose your information if We need to so a third-party vendor can help Us provide our services. We may also use other vendors. We make sure those vendors have strict confidentiality practices.
Customers may electronically submit data or information to the Services for hosting and processing purposes (“Customer Data”). We will not share or distribute Customer Data except as provided in a separate agreement.
We use robust security measures to protect Customer Data from unauthorized access, maintain data accuracy, and help ensure the appropriate use of Customer Data. When the Services are accessed using modern web browsers, Secure Socket Layer (.SSL.) technology protects Customer Data using both server authentication and data encryption. These technologies help ensure that Customer Data is safe, secure, and only available to the Customer to whom the information belongs and those to whom the Customer has granted access. We also implement an advanced security method based on dynamic data and encoded session identifications and host our Site in a secure server environment including firewalls, intrusion detection systems, and other advanced technology to prevent interference or access from unauthorized users. We also have policies and other organizational measures in place, including recurrent employee training on data protection and strict procedures to deal with any suspected personal data breach. Unfortunately, no website, server or database is completely secure. We cannot guarantee that your personal information will not be disclosed, misused or lost by accident or by the unauthorized acts of others. Customers are responsible for maintaining the security and confidentiality of any verification codes that they may receive.
We reserve the right to change this Policy, and when updated, the effective date of the new version will be at the top of this policy.
If you have any questions, comments or requests regarding this Policy or our processing of your information, please contact:
Phone: 1-877-690-0220 (Toll Free)
Some states have specific requirements supporting consumer privacy. If you would like more information regarding our support of the relevant policies for your state, please reference your state below:
We permit residents of California to use our Site. Therefore, it is our intent to comply with the California Business and Professions Code §22575-22579, the California Consumer Privacy Act of 2018 (“CCPA”) and California Civil Code § 1798.83, known as the “Shine the Light” law. If you are a California resident, you may request certain information regarding our disclosure of Personal Information to any third parties for their direct marketing purposes. In summary, you must presume that we collect electronic information from all Visitors. You may contact Us at either method provided in Section 10 with any questions or to exercise your rights as a California Resident. Any terms defined in the CCPA have the same meaning when used in this notice.
We collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device (“personal information”). In particular, We have collected the following categories of personal information from consumers within the last twelve (12) months:
Personal information does not include:
Publicly available information from government records.
De-identified or aggregated consumer information.
Information excluded from the CCPA’s scope, such as:
– Health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data.
– Financial Information covered by the Gramm-Leach-Bliley Act, and implementing regulations.
We obtain the categories of personal information listed above from the following categories of sources:
Use of Personal Information
We may use or disclose the personal information We collect for one or more of the following business purposes:
We will not collect additional categories of personal information or use the personal information We collected for materially different, unrelated, or incompatible purposes without providing you notice.
Disclosure of Personal Information
We may disclose your personal information to a third party for a business purpose. When We disclose personal information for a business purpose, We enter a contract that describes the purpose and requires the recipient to both keep that personal information confidential and not use it for any purpose except performing the contract.
In the preceding twelve (12) months, We may have disclosed the following categories of personal information for a business purpose:
We may disclose your personal information for a business purpose to the following categories of third parties:
Your Rights and Choices
The CCPA provides consumers (California residents) with specific rights regarding their personal information. This section describes your CCPA rights and explains how to exercise those rights.
Access to Specific Information and Data Portability Rights
You have the right to request that We disclose certain information to you about Our collection and use of your personal information over the past 12 months. Once We receive and confirm your verifiable consumer request, We will disclose to you any of the following, as requested:
Deletion Request Rights
You have the right to request that We delete any of your personal information that We collected from you and retained, subject to certain exceptions. Once We receive and confirm your verifiable consumer request, We will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies.
We may deny your deletion request if retaining the information is necessary for Us or Our service providers to:
Response Timing and Format
We endeavor to respond to a verifiable consumer request within 45 days of its receipt. If We require more time (up to 90 days), We will inform you of the reason and extension period in writing. If you have an account with Us, We will deliver our written response to that account. If you do not have an account with Us, We will deliver our written response by mail or electronically, at your option. Any disclosures We provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. The response We provide will also explain the reasons We cannot comply with a request, if applicable.
We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, We will not:
Exercising Your Rights under CCPA
If you wish to exercise your rights under California law, please do not hesitate to contact us at:
Phone: 1-877-690-0220 (Toll Free)
Only you or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information.
You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must: