Health Leads’ Commitment to Privacy
Last revised: July, 2016
At Health Leads, we value your support and respect your privacy. Health Leads (also referred to herein as “we”, “us”, or “our”) operates the http://www.healthleadsusa.org, https://reach.healthleadsusa.org/, http://www.healthleadsreach.org websites, and the Health Leads Reach™ mobile application (collectively referred to herein as the “Sites”). This policy explains how we handle the information you provide to us through your use of our Sites, and applies to the services and applications we provide (the “Services”). We are committed to protecting your personal information shared over our Sites and through our Services, as described in this policy. Please read this policy carefully. If you do not understand any aspects of this policy, please feel free to contact us at firstname.lastname@example.org
By providing information to us via our Sites, you consent to the use and disclosure of information as outlined in this policy.
- Data Security
- Information Provided by You to Health Leads
- How We Use and Share Your Information
- Website Donor Privacy
- Consent To Processing Of Personal Data In United States
- Links to Other Sites
Health Leads uses various security measures that are intended to protect your personal information, following reasonable industry practices regarding network configuration, firewalls, and other measures to protect all data contained in our on-site and cloud-based systems. Health Leads is a HIPAA compliant organization and also complies with the Massachusetts Security Breach Law (M. G.L. c 93H and 201 CMR 17.00 et seq.). However, since the Internet is not a 100% secure environment, we cannot guarantee, ensure, or warrant the security of any information you transmit to us. There is no guarantee that information may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards. It is your responsibility to protect the security of your login information. Please note that e-mails, text messages, and other communications you send to us through our Sites are not encrypted, and we strongly advise you not to communicate any confidential information through these means.
If you use a public computer when using our Sites or Services, always remember to log out of the Site. We are not responsible for your handling, sharing, re-sharing and/or distribution of your personal health information through the Internet. Moreover, if you forward or transmit in any format (e.g. electronic or via other media including paper or fax) personal health information to another person on or off a Site or Service, we are not responsible for any harm or other consequences from third party use or re-sharing of your information.
There are a number of sections on our Sites containing input forms, which require your name, e-mail address, home address, work address, telephone number, resume, employment history, and other information for the purposes of creating or modifying your account, registering to use our Sites, obtaining Services from us, requesting information from us, or otherwise communicating with us. By submitting such forms, you give us permission to contact you with messages that relate to your interest in Health Leads and to use such information as described in this policy.
All disclosure to us is voluntary and you may at any time decide to rescind your authorization for us to communicate with you by contacting us directly at email@example.com. If you receive any email from Health Leads by mistake, please contact firstname.lastname@example.org with “Unsubscribe” as the subject line to be removed from these communications. All “Unsubscribe” requests will be processed within five business days.
Health Leads, Health Leads staff and volunteers, and Health Leads third party service providers may have access to your information and other data that you submit or that we collect regarding your use of the learning network site, on an as-needed basis, for the purpose of performing their respective duties for Health Leads. We use all of this information and data to administer and improve the operations of Health Leads.
We maintain web logs to record data about all visitors who use this site and interact with the Services and we will store this information. These logs may contain IP address information, information relating to the type of operating system you use, the date and time you visited the site, and information about the type of device you use to connect to the Services. All web logs are stored securely and are accessible to a very limited number of employees and contractors, who have to contractually adhere to strict guidelines regarding user data security and privacy.
If you are under the age of 13, please do not attempt to register with us at this Site or provide any personal information about yourself to us. If we learn that we have collected personal information from a child under the age of 13, we will promptly delete that information. If you believe we have collected personal information from a child under the age of 13, please contact us at email@example.com.
As a business associate of health care providers that are covered entities under the federal health care privacy and security rules (HIPAA and HITECH), we maintain your protected health information (“PHI”) in compliance with these rules and our contractual obligations with health care providers. We share information with health care providers who provide services to individuals, and they share information with us, for purposes related to treatment, payment and health care operations, purposes allowed by HIPAA and HITECH, and otherwise as agreed to or authorized by you. Please note that the use and disclosure of PHI or medical information is also subject to the privacy practices of the health care providers with whom you may interact through the Health Leads Services, as described in the Notice of Privacy Practices which is provided to you by such providers.
In addition to the sharing described in this policy, we will share personal information with companies, organizations or individuals outside of Health Leads when we have your consent to do so.
Credit card transactions on the Health Leads website are processed by Authorize.net. Should you donate to Health Leads, and in the process provide us with personally identifiable information, no personal information you provide will be shared with any third-party organization other than to process your donation or support our operations.
If you are a resident of the European Economic Area (EEA), in order to provide our Sites and Services to you, we may send and store your personal information (also commonly referred to as personal data) outside of the EEA, including in the United States. Accordingly, your personal information may be transferred outside of the country where you reside or are located, including to countries that may not or do not provide the same level of protection for your personal information. We are committed to protecting the privacy and confidentiality of personal information when it is transferred. Where such transfers occur, we take appropriate steps to provide the same level of protection for the processing carried out in any such countries as within the EEA to the extent feasible under applicable law. By using and accessing our Sites, users who reside or are located in countries outside of the United States agree and consent to the transfer to and processing of personal information on servers located outside of the country where they reside, and that the protection of such information may be different than required under the laws of their residence or location.
Health Leads’ website includes links to other sites that may contain information of interest to our visitors. Health Leads takes no responsibility for, and exercises no control over, third party organizations’ privacy policies, security practices, views, or the accuracy of any information contained on other such websites. We encourage you to be aware when you leave our Sites and to read the privacy statements of each and every website that collects personal information.