Health Leads’ Commitment to Privacy

Last revised: July, 2016

At Health Leads, we value your support and respect your privacy. Health Leads (also referred to herein as “we”, “us”, or “our”) operates the http://www.healthleadsusa.org, https://reach.healthleadsusa.org/, http://www.healthleadslearningnetwork.org, http://www.healthleadsreach.org websites, and the Health Leads Reach™ mobile application (collectively referred to herein as the “Sites”). This policy explains how we handle the information you provide to us through your use of our Sites, and applies to the services and applications we provide (the “Services”). We are committed to protecting your personal information shared over our Sites and through our Services, as described in this policy. Please read this policy carefully. If you do not understand any aspects of this policy, please feel free to contact us at privacy@healthleadsusa.org

By providing information to us via our Sites, you consent to the use and disclosure of information as outlined in this policy.
This privacy policy explains:

Data Security

Health Leads uses various security measures that are intended to protect your personal information, following reasonable industry practices regarding network configuration, firewalls, and other measures to protect all data contained in our on-site and cloud-based systems. Health Leads is a HIPAA compliant organization and also complies with the Massachusetts Security Breach Law (M. G.L. c 93H and 201 CMR 17.00 et seq.). However, since the Internet is not a 100% secure environment, we cannot guarantee, ensure, or warrant the security of any information you transmit to us. There is no guarantee that information may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards. It is your responsibility to protect the security of your login information. Please note that e-mails, text messages, and other communications you send to us through our Sites are not encrypted, and we strongly advise you not to communicate any confidential information through these means.

If you use a public computer when using our Sites or Services, always remember to log out of the Site. We are not responsible for your handling, sharing, re-sharing and/or distribution of your personal health information through the Internet. Moreover, if you forward or transmit in any format (e.g. electronic or via other media including paper or fax) personal health information to another person on or off a Site or Service, we are not responsible for any harm or other consequences from third party use or re-sharing of your information.

Information Provided by You to Health Leads

There are a number of sections on our Sites containing input forms, which require your name, e-mail address, home address, work address, telephone number, resume, employment history, and other information for the purposes of creating or modifying your account, registering to use our Sites, obtaining Services from us, requesting information from us, or otherwise communicating with us. By submitting such forms, you give us permission to contact you with messages that relate to your interest in Health Leads and to use such information as described in this policy.

All disclosure to us is voluntary and you may at any time decide to rescind your authorization for us to communicate with you by contacting us directly at info@healthleadsusa.org. If you receive any email from Health Leads by mistake, please contact info@healthleadsusa.org with “Unsubscribe” as the subject line to be removed from these communications. All “Unsubscribe” requests will be processed within five business days.

Health Leads, Health Leads staff and volunteers, and Health Leads third party service providers may have access to your information and other data that you submit or that we collect regarding your use of the learning network site, on an as-needed basis, for the purpose of performing their respective duties for Health Leads. We use all of this information and data to administer and improve the operations of Health Leads.

We maintain web logs to record data about all visitors who use this site and interact with the Services and we will store this information. These logs may contain IP address information, information relating to the type of operating system you use, the date and time you visited the site, and information about the type of device you use to connect to the Services. All web logs are stored securely and are accessible to a very limited number of employees and contractors, who have to contractually adhere to strict guidelines regarding user data security and privacy.

We use cookies, web beacons, and other technologies to receive and store certain types of information whenever you interact with our Sites through your computer or mobile device. A cookie is a small data file that certain web sites write to your hard drive when you visit them. A cookie file, for instance, may collect user identification information while navigating a site, but the only personal information a cookie can contain is the information you provide. Your user identification or profile information is not stored in cookies. We use cookie technology in the aggregate to understand how our users collectively use our Sites. This helps us to continually improve our Sites. Most web browsers are set to accept cookies, but if you prefer not to receive cookies you can set your browser to warn you to refuse cookies altogether by turning them off in your browser. However, some Sites features or Services may not function properly without cookies.

If you are under the age of 13, please do not attempt to register with us at this Site or provide any personal information about yourself to us. If we learn that we have collected personal information from a child under the age of 13, we will promptly delete that information. If you believe we have collected personal information from a child under the age of 13, please contact us at info@healthleadsusa.org.

How We Use and Share Your Information

As a business associate of health care providers that are covered entities under the federal health care privacy and security rules (HIPAA and HITECH), we maintain your protected health information (“PHI”) in compliance with these rules and our contractual obligations with health care providers. We share information with health care providers who provide services to individuals, and they share information with us, for purposes related to treatment, payment and health care operations, purposes allowed by HIPAA and HITECH, and otherwise as agreed to or authorized by you. Please note that the use and disclosure of PHI or medical information is also subject to the privacy practices of the health care providers with whom you may interact through the Health Leads Services, as described in the Notice of Privacy Practices which is provided to you by such providers.

In addition to the sharing described in this policy, we will share personal information with companies, organizations or individuals outside of Health Leads when we have your consent to do so.

We may disclose personally identifiable information about you as required or permitted by law, including as permitted by HIPAA. For example, we may disclose your information as necessary to comply with an authorized civil, criminal or regulatory investigation. We may, in our sole discretion, disclose personal information or other information to satisfy any law, regulation, subpoena, or government request. We reserve the right to release to appropriate law enforcement agencies, personal information or other information about users who we believe are engaged in illegal activities, or are in violation of our terms of use, even without a subpoena, warrant, or court order, if we believe, in our sole discretion, that such disclosure is necessary or appropriate to operate our website or to protect our rights or property, or that of our affiliates, or our officers, directors, employees, agents, third-party content providers, suppliers, sponsors, or licensors. We also reserve the right to report to law enforcement agencies any activities we reasonably believe in our sole discretion to be unlawful. We also reserve the right to de-identify your information and share de-identified information with third parties.

If the ownership of all or substantially all of our business changes or we otherwise transfer assets relating to our business, the Services, or the Sites to a third party, such as by merger, acquisition, bankruptcy proceeding or otherwise, we may transfer or sell your personal information to the new owner. In such a case, unless permitted otherwise by applicable law, your information would remain subject to the promises made in the applicable privacy policy unless you agree differently.

Website Donor Privacy

Credit card transactions on the Health Leads website are processed by Authorize.net. Should you donate to Health Leads, and in the process provide us with personally identifiable information, no personal information you provide will be shared with any third-party organization other than to process your donation or support our operations.

Consent To Processing Of Personal Data In United States

If you are a resident of the European Economic Area (EEA), in order to provide our Sites and Services to you, we may send and store your personal information (also commonly referred to as personal data) outside of the EEA, including in the United States. Accordingly, your personal information may be transferred outside of the country where you reside or are located, including to countries that may not or do not provide the same level of protection for your personal information. We are committed to protecting the privacy and confidentiality of personal information when it is transferred. Where such transfers occur, we take appropriate steps to provide the same level of protection for the processing carried out in any such countries as within the EEA to the extent feasible under applicable law. By using and accessing our Sites, users who reside or are located in countries outside of the United States agree and consent to the transfer to and processing of personal information on servers located outside of the country where they reside, and that the protection of such information may be different than required under the laws of their residence or location.

Links to Other Sites

Health Leads’ website includes links to other sites that may contain information of interest to our visitors. Health Leads takes no responsibility for, and exercises no control over, third party organizations’ privacy policies, security practices, views, or the accuracy of any information contained on other such websites. We encourage you to be aware when you leave our Sites and to read the privacy statements of each and every website that collects personal information.

Changes to Health Leads’ Privacy Policy

If Health Leads decides to change our privacy policy, we will post those changes to this privacy policy, so you are aware of what information we collect, how we use it, and under what circumstances, if any, we disclose it. If the changes to this privacy policy are significant, we will provide a more prominent notice (including, for certain services, email notification of privacy policy changes). We will not reduce your rights under this privacy policy without your consent, to the extent required by applicable law.

Questions

All questions on Health Leads’ Privacy Policy should be directed to privacy@healthleadsusa.org.