Care Affiliates are hospitals, clinics, practices or other medical groups or healthcare systems that have contracted with NextStep HealthTech to permit use of the Service by their respective Clinicians, Care Providers, and Patients; Clinicians are practitioners, patient advocates, coaches or other individuals who (as employees of or contractors to a Clinical Partner) provide healthcare or related services to Patients; and Patients are individual patients of the Clinical Partner who receive medical treatments or other healthcare services from one or more Clinicians, or individuals who are properly authorized representatives of any such patient.
Through their provision of healthcare services to Patients, Clinicians and Care Affiliates will have access to and be responsible for Patient Personally Identifiable Information and Patient Protected Health Information as defined by Health Insurance Portability and Accountability Act (HIPAA) Privacy Rules or other applicable laws. Clinicians and Care Affiliates are responsible for the privacy and security of such information and for obtaining consent from Patients for the use and disclosure of such information to, from and through the App and the Service.
Information Collection and Utilization; Choice and Consent
You must register with NextStep HealthTech Software Products or Services and set up an account in order to use the Service. We may receive Personally Identifiable Information about you from your Care Provider(s) in order to identify you as an authorized user of the Service. When you register, we collect your name and email address. It is always your choice whether or not to provide us with such information. NextStep HealthTech uses Personally Identifiable Information to:
- Provide the Service
- Communicate with you
- Communicate with Care Affiliates as applicable
- Create user profiles
- Create de-identified analytical information
- Reply to your request for information or comments
- Send you information about your relationship or transactions with us
- For other internal purposes to support, improve or enhance our business, the Services, and other products and services we offer
- Notify you about certain resources or healthcare providers we think you may be interested in learning more about
- Contact you when necessary or requested
- Customize and tailor your experience of the Services
- Send emails and other communications that display content that we think will interest you and according to your preferences
- Send you news and information about our Services
You may withdraw your consent to further use of your Personally Identifiable Information by emailing a request to us at email@example.com. We will respond to your request in accordance with the law that applies to you. Your Personally Identifiable Information which we processed prior to your request may not be deleted from our Site system records but will be blocked from further processing without your permission. A request to withdraw consent may not apply to information collected by tracking technologies or used internally to recognize you and/or facilitate your interactions with NextStep HealthTech Software Products or Services, or information we may keep to comply with legal requirements.
You may access, change, modify or delete your information as described below.
Protection of Your Information
NextStep HealthTech uses secure server software (SSL), firewalls, and end-to-end encryption to protect your Personally Identifiable Information from unauthorized access, disclosure, alteration, or destruction. However, no method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, we cannot guarantee its absolute security.
We will retain Personally Identifiable Information for as long as necessary to provide our services, but no later than 6 years following termination of Services. We will retain and use Personally Identifiable Information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
With respect to any content you upload or submit to the Service, you grant us a non-exclusive, transferable, sub-licensable, royalty-free, worldwide license to use such content.
Information Sharing and Disclosure
Your Personally Identifiable Information may/will be shared with:
- healthcare treatment services/providers with which you choose to interact through the Services
- third parties to provide, maintain, and improve our Services, including service providers who access information about you to perform services on our behalf
- In connection with, or during the negotiation of, any merger, sale of company stock or assets, financing, acquisition, divestiture or dissolution of all or a portion of our business (but only under non-disclosure and confidentiality agreements and protections)
- If we believe that disclosure is reasonably necessary to comply with any applicable law, regulation, legal process or governmental request; to enforce applicable user agreements or policies; to protect the security or integrity of our website or services; and to protect us, our users or the public from harm or illegal activities
- Your consent
We will disclose your information in response to valid legal process, for example, in response to a court order, a subpoena or other legal request for information, and/or to comply with applicable legal and regulatory reporting requirements. We also may disclose your information in response to a law enforcement agency’s request or other request for information from the U.S. or other government entities, or where we believe it is necessary to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, or to verify or enforce compliance with the policies governing our products and/or services and with applicable laws, or as otherwise required or permitted by law or consistent with legal requirements. In addition, we may, upon notice to you and/or your Clinical Partner, transfer your information to an entity or individual that acquires, buys, or merges with NextStep HealthTech, or our other business units.
We share Analytics with Care Affiliates for their internal use and with other third parties to market and promote NextStep HealthTech and the Service.
Links to Other Sites; Third Party Apps; Transactions with Third Parties
NextStep HealthTech is not responsible for and will not be a party to any transactions between you and a third party provider of products, information or services. NextStep HealthTech does not monitor such transactions or ensure the confidentiality of your Personally Identifiable Information, including credit card information, for any third party transaction. Any separate charges or obligations you incur in your dealings with these third parties linked to NextStep HealthTech Site are solely your responsibility.
Your California Privacy Rights; California Do Not Track Disclosures
If you are a California resident, California Civil Code Section 1798.83 permits you to request information regarding the disclosure of your Personal Information by NextStep HealthTech or its subsidiaries to a third party for the third party’s direct marketing purposes. Since we do not make such disclosures, we are exempt from these reporting requirements.
Your browser may offer you a “Do Not Track” option, which allows you to signal to operators of websites and web applications and services (including behavioral advertising services) that you do not wish such operators to track certain of your online activities, over time and across different websites. We do not honor “Do Not Track” signals.
Accessing Your Information
You may access, review, change, update or delete your Personally Identifiable Information by contacting us at firstname.lastname@example.org. You can help us maintain the accuracy of your information by notifying us of any changes to your information by email to email@example.com.