Privacy Policy

Privacy Policy2017-08-11T13:20:25+00:00

Privacy Policy

Effective Date: May 1, 2017

HealthDecision Support, Inc. (“HealthDecision”) collects certain information through the HealthDecision Technology (defined below). This page (this “Privacy Policy”) lays out our policies, practices, and procedures surrounding the collection and handling of any such information.  This Privacy Policy applies to all personal and non-personal information received by HealthDecision whether in electronic, written, or verbal format.

This Privacy Policy does not apply to any third-party site or service linked from the HealthDecision Technology or recommended or referred by it, or by the HealthDecision staff.  These third-party sites or services are governed by their own privacy policies.  Please check the privacy policy of any entity you interact with on or off the HealthDecision Technology.  HealthDecision shall have no responsibility or liability for the content and activities of these linked or recommended sites.

1.    Definitions

In addition to terms defined elsewhere in this Privacy Policy, the terms set forth immediately below have the following meanings.

“Affiliates” an entity that directly or indirectly controls, is controlled by, or is under common control with the Customer.

“Clinician” means the medical professional providing medical care and information.

“Customer” means the institution or entity that has contracted HealthDecision to provide HealthDecision Technology and its affiliates.

“Data” means Protected Health Information (PHI) and other non-PHI that either the User enters into the HealthDecision Technology or the HealthDecision Technology collects, or receives from a connected EHR.

“Documentation” means the documentation, instructions, User guides, and other documents made available by HealthDecision that relate to the Services and Software.

“EHR” or “Electronic Health Record” means the software used for the electronic health record used by You.

“HealthDecision Technology” means the Services, Software, and Documentation.

“Patient” means the person seeking medical care and information.

“Protected Health Information (PHI)” any individually identifiable health information relating to health, health care, or payment for health care.   PHI has the same meaning generally in this Privacy Policy as defined under “Protected Health Information” in 45 C.F.R. § 160.103.

“Services” means the Site and any hosted Software services made available via the Site, including without limitation any dashboards, reports, reporting tools, or other services.

“Site” means all websites and webpages hosted at the healthdecision.org or healthdecision.com domains, as well as any HealthDecision-branded mobile applications.

“Software” means any software that HealthDecision makes available.

“User” means the person or the Customer using the HealthDecision Technology and may include a Patient or a Clinician.

2.    Information We Collect

A User’s privacy is important to us, and we are committed to keeping the User’s Data private.  HealthDecision Technology receives Data entered by the User or passed to it by a connected Electronic Health Record.

Electronic Health Record (EHR). The encrypted links developed for connection to Electronic Health Record Software operate under the following general guidelines:

Protected Health Information and other information: When connected to an EHR, the HealthDecision Technology receives Data that are used for calculations and to recognize when individual Users return to the Site at different times. These Data are also used to understand User trends or trends in Patient characteristics over time. In addition, these Data become part of a session, which is stored on the HealthDecision secure servers, is used for billing purposes, and can become part of reports that are generated for the Customer.

Non-EHR use. When a User accesses the HealthDecision Technology without a connection through an EHR, Data are entered manually in the different tools. These Data are recorded and maintained by HealthDecision.

Identifiable Clinician data. A Clinician is given the option to enter their name and email address to help customize use of the HealthDecision Technology. Furthermore, this information allows HealthDecision to communicate with a subset of Clinicians and give those Clinicians early access to new tools and new features.

HealthDecision does not sell, lease, or distribute any email address or other information provided by Clinicians using the Site.

System logs. When the User accesses the HealthDecision Technology, these Data may be automatically collected and stored in system logs. The HealthDecision Technology may use a third party to generate statistics, conduct evaluations, and streamline workflows. Certain information such as timestamps and internet protocol addresses are automatically collected and stored in system logs.

Cookies. When using the HealthDecision Technology without a connection through an EHR, the HealthDecision Technology may use cookies for identifying returning Users. For EHR connected sessions, no cookies are used.

Analytics. The HealthDecision Technology sends transformed usage data to a third party for analysis of usage patterns. No identifiable Patient or Clinician data is passed outside of the Site in this way. The HealthDecision Technology may use a third party to generate statistics, conduct evaluations, and streamline workflows.

Links to Other Sites. The Site contains links to other sites, such as PubMed for the convenience of Site Users. The Site does not transmit any of the above Data to other sites.

3.    Information Security

HealthDecision works hard to protect our Users’ Data both online and offline. HealthDecision Technology is hosted on HIPAA-compliant servers using industry standards for data protection.

4.    Contractor and Other Third Party Access

HealthDecision gives certain independent contractors access to the Data mentioned in this Policy. Those contractors assist with operations, software development, maintenance and other activities. All contractors are required to sign contracts in which they agree to protect these Data using procedures reasonably similar to ours. HealthDecision also may disclose these Data to attorneys, collection agencies, or law enforcement authorities to address potential terms of use violations, other contract violations, or illegal behavior. HealthDecision also discloses any Data demanded in a court order or otherwise required by law or to prevent imminent harm to persons or property. Finally, HealthDecision may share these Data in connection with a corporate transaction, like a merger or sale of our company, or a sale of all or substantially all of its assets or of the product or service line received from HealthDecision, or a bankruptcy.

As noted above, HealthDecision compiles usage statistics from collected Data. HealthDecision may publish those statistics or share them with third parties, as long as there are no Data that might individually or collectively identify a specific User or Customer.

5.    How to Contact Us

Should you have any questions or concerns about this Privacy Policy, please e-mail feedback@healthdecision.com.

6.    Usage of Collected Information for Quality and Research

HealthDecision may participate in quality and usability projects which use the Data collected by the HealthDecision Technology. In addition, HealthDecision may allow research groups to access Customer Data. These projects must be approved in writing by both the Customer and all applicable institutional review boards (IRBs) prior to data access. In these projects, HealthDecision will follow any additional security and privacy requirements required by the IRBs for the research project. For these projects, the data will be fully de-identified, aggregated and transformed such that there are no links from the data back to any Customers or Users from the data.

7.    Amendment of This Privacy Policy

HealthDecision reserves the right to change this Privacy Policy at any time by posting a new version on this page or on a successor page. The new version will become effective on the date it is posted, which will be listed at the top of the page as the new Effective Date.  Your continued use of the Site following any such modification constitutes your acceptance of any changes to this Privacy Policy. It is therefore important that you review this Privacy Policy regularly.

Version: 1
Contact Us