What information do we collect?
We collect personally identifiable information (“Personal Information”) and other non-individually identifiable information from you when you register on the Notivate Services, respond to communication, or otherwise use the Notivate Services in any manner.
To participate in certain features of the Notivate Services, you will be required to provide certain Personal Information. For example, when registering as a user on any Notivate Service, we may ask you for your name, e-mail address, birth date, mailing address, zip code, phone number, credit card information or other Personal Information. You may, however, visit portions of the Notivate Services without providing any Personal Information.
We may collect and use mobile device identifiers, IP addresses, and session identifiers to administer the Notivate Services.
If necessary to perform the Notivate Services, we may collect protected health information (“PHI”), as defined by the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). Any use of PHI will be in accordance with applicable laws, including HIPAA.
Like many web sites and certain mobile apps, we use and may allow third party service providers to use “cookies”, flash cookies, local shared objects, web beacons, pixels, single pixel GIFs, clear GIFs, and/or other tracking technologies to enhance your experience and gather information about visitors and visits to the Notivate Services, including how you use the Notivate Services (“Usage Data”). Please refer to the “Do we use ‘cookies’?” section below for information about cookies and how we use them.
We may also collect transactional information, customer services information, or any other legally permissible information.
We may collect and store certain other personally non-identifiable information. This information is collected passively using various technologies, and cannot presently be used to specifically identify you.
Your information may be supplemented with additional information from other companies such as publicly available information, information about households, and other information that we may append or match to your information.
How do we use your information?
We may use the Personal Information and other data we collect from you when you register, purchase services, respond to a survey or marketing communication, access or view the Notivate Services, or use certain other Notivate Service features in the following ways:
- To provide any legitimate business service or product;
- To personalize your Notivate Service and to allow us to deliver the type of content and product offerings in which you are most interested;
- To allow us to better service you in responding to your customer service requests;
- To contact you when necessary or requested;
- To verify and validate your identity;
- To administer Notivate Service features;
- To troubleshoot problems with the Notivate Services, or any services, as requested;
- To enforce our Terms of Service, and to detect and protect against error, fraud and other unauthorized or illegal activities;
- To operate and improve the Services available through us;
- To communicate with you and respond to your inquiries; and
- To conduct research about your use of our products.
We reserve the right to make full use of Usage Data. For example, we may use Usage Data to provide better service to Service visitors or end users, customize the Services based on your preferences, compile and analyze statistics and trends about the use of our Services and otherwise administer and improve our Services.
Do we disclose the information we collect to outside parties?
You understand and agree that we can disclose your Personal Information and other data to third parties, as follows:
- To our strategic partners and to third parties we engage to provide services, such as medical services, web site hosting, credit card payment processing, order processing, analytics services etc.
- In the event of the sale or transfer of Notivate, of one or more of our business units or of some or all of our assets, or in the context of some other business acquisition transaction.
- In response to lawful governmental requests or legal process (for example a subpoena, court order, or search warrant); to establish or exercise our legal rights, or to defend against claims; or to protect the safety or security of the public or of users of the Notivate Services; or in other circumstances in which we have a good-faith belief that a crime has been or is being committed by a user of our Services, that an emergency exists that poses a threat to the safety of you or another person,
- When necessary to protect either our rights or our property or for us to render the service you have requested.
- We can disclose aggregate information and other non-individually identifiable information about users of the Notivate Service to our service providers, partners, advertisers or others. For example, we may share information publicly to show trends about the general use of our websites and/or other products or services.
- Carriers may also see other appointment or notification related information sent from Epic through our endpoint to the end user.
Do we use “cookies”?
If you are using our website, you can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser settings. If you are accessing our services through a mobile app, you can choose to change your permissions and settings on your mobile device. Each browser and device is different, so look at your browser or devices Help or Settings menu to learn the correct way to modify them. If you turn cookies off or disable certain permissions, you won’t have access to many features that may make your Notivate Service more efficient and some of our services will not function properly.
“Do Not Track”
Our Notivate Services currently do not respond to “Do Not Track”(DNT) signals and do not recognize browser-based “do-not-track” requests.
Safeguarding your Personal Information privacy
Notivate follows generally accepted industry security standards to safeguard and help prevent unauthorized access and maintain data security of Personal Information. However, no commercial method of information transfer over the Internet or electronic data storage is known to be 100% secure. As a result, we cannot guarantee the absolute security of any Personal Information submitted to or otherwise collected during your use of any Notivate Service. Accordingly, you understand and agree that you transmit all data, including Personal Information, to us at your own risk.
Privacy and third-party links
Only individuals 18 years of age or older are authorized to use the Notivate Services, either for themselves or on behalf of their minor children. We do not knowingly collect information directly from children under the age of 18. If you have reason to believe that an individual under the age of 18 has provided Personal Information to us through a Notivate Service, please contact us, and we will endeavor to delete that information from our databases.
Retention of your Personal Information
We will store the Personal Information you provide for as long as we believe is necessary or appropriate (i) to carry out the purpose(s) for which we collected it, or (ii) to comply with applicable laws, contracts, or other rules or regulations.
Questions and feedback
We welcome your questions, comments, and concerns about the Notivate Services. Please send us any and all feedback pertaining to the Notivate Services to support@Notivatehealth.com.
Your California privacy rights
For California residents: We may share your personal information with third parties and affiliated third parties (such as local, state and regional affiliates and affiliate alliances), some of which do not share the We name, for their direct marketing purposes. As these third parties and this category of affiliated third parties are considered an unaffiliated party under California law, you may opt-out of our disclosure of personal information to third parties for their direct marketing purposes. To opt out, please contact us as described in the “How to Contact Us” section below.
We will continue to provide your information to local, state and regional affiliates and affiliate alliances identified in your membership application or account for the purpose of processing your membership in such affiliate and affiliate alliance programs.
California Consumer Privacy Act
The California Consumer Privacy Act (CCPA), effective January 1, 2020, gives California consumers enhanced rights with respect to their personal information that is collected by businesses. First, California consumers may opt out of having their personal information sold to other persons or parties. Second, they have a right to know:
- What specific pieces of information a business has about the consumer;
- Categories of personal information it has collected about the consumer;
- Categories of sources from which the personal information is collected;
- Categories of personal information that the business sold or disclosed for a business purpose about the consumer;
- Categories of third parties to whom the personal information was sold or disclosed for a business purpose; and
- The business or commercial purpose for collecting or selling personal information
In addition, California consumers can request that the personal information a business has collected about them be deleted from the business’s systems and records.
To make a “request to know” or request to delete your personal information, send us an e-mail at support@Notivatehealth.com.
(Please put either “Request to Know” or “Request to Delete” in the subject heading of your email.) We will use commercially reasonable efforts to honor these requests whether or not you would qualify as a California consumer under the CCPA.
If and to the extent we are considered a covered business under the CCPA: We will confirm receipt of your request within 10 days along with a description of what steps we will take to verify and respond. We must provide the requested information or delete your personal information within 45 days of receipt of your request but can use an additional 45 days, but we must let you know the additional time is needed.
When contacting us, we may ask you to provide certain, limited personal information, such as your name, email address and/or account login ID and/or password, to verify your request and to match with our records and systems. This is also to protect against fraud. We will not retain this personal information or use it for any other purpose. Also please be advised that we need to search our records and systems only for the preceding 12 months.
Residents of other states may also have similar rights to request information about or delete their personal information. To inquire about exercising these rights, please contact us at support@Notivatehealth.com.
Pursuant to California’s “Shine The Light law (California Civil Code § 1798.983), California residents are entitled, once a year and free of charge, to request the disclosure of certain categories of personal information to third parties for their own direct marketing purposes in the preceding calendar year, if any. Under the law, a business should either provide California customers certain information upon request or permit California customers to opt out of this type of sharing. You may request this information by contacting us at support@Notivatehealth.com.
Indicate in the email subject line, “California Shine The Light Request.” Please include your mailing address, state of residence, and email address with your request.
EPIC DATA USE POLICY:
- We are obtaining following information related to patient from EHR Software:
- a) Patient Epic Id
- b) Patient MRN
- c) Patient’s Full name
- d) Age
- e) Sex
- f) Race
- g) Marital Status
- h) Patient’s Primary Care Provider Name
- i) Appointment Date/Time
- j) Appointment Provider information
Our app writes to Epic information related to scheduling. Such information is confirming appointments, cancelling, and rescheduling direct to Epic.
- Data is used in the following ways
- Hl7 Data is collected from SIU documents and stored. This appointment and patient related data is systematically analyzed and used for logic in messaging related to appointment reminder, and confirmation based notifications.
- Using patient identifiers mentioned we query Epic to obtain provider slots (Appointment times) from Epic
- Data Retention
Data is retained for data processed by Our App for 365 days unless the customer specifies for the information to be removed quicker. Customer can request for data retention for more than 365 days to a maximum 60 months and it will be mentioned in BAA.
- The length of time You retain Data:
All data is purged post 365 days AND/OR client specified purge rules if applicable.
- Secondary uses of Data, including transfer of Data to a third party or third-party product:
Because we are a messaging service SMS and messaging Carriers will see patient name, appointment time, location, and provider name in the message sent through them. Outside of that scope No secondary use of data without additional client consent.