Privacy Policy
Effective Date: March 1, 2018Welcome to our Privacy Policy. We provide a platform for medical professionals to transmit and communicate about patient data and treatment. The Privacy Policy explains how we collect, use, disclose, and secure information we obtain through the “Services.” The terms “Radloop,” “we,” and “us” include HVR MSO, LLC d/b/a Radloop and our affiliates and subsidiaries. This Privacy Policy is incorporated by reference into our Terms of Use. Any capitalized terms used and not defined in this Privacy Policy shall have the meaning given to them in the Terms of Use. The “Services” means any website, mobile application, or Internet service under the control of Radloop, whether partial or otherwise, in connection with providing the online platform available at www.radloop.net and the related mobile application called radloop®.
Users Privacy Practices.
We act as a service provider to our clients and we collect data on behalf of our clients. Therefore, our use and disclosure of information is limited by our agreements with them. This Privacy Policy does not reflect the privacy practices of our clients, and we are not responsible for our clients’ privacy policies or practices. We do not review, comment upon, or monitor our clients’ privacy policies or their compliance with their respective privacy policies, nor do we review our client’s instructions with respect to our processing of information to determine whether such instructions are in compliance or conflict with the terms of the client’s published privacy policy.
HIPAA.
We have designed the Services to be compliant with the HIPAA Privacy Rule and Security Rule to protect Protected Health Information (“PHI”) pursuant to the Health Insurance Portability and Accountability Act of 1996, as amended, and its implementing regulations (collectively, “HIPAA”). However, we do not make any representations or guaranty your use of the Services will comply with HIPAA or meet your HIPAA obligations or any other standards, laws, rules, or regulations. Compliance with HIPAA is a shared responsibility, and we work with our clients to protect data in compliance with HIPAA.
INFORMATION COLLECTION
Registration and Account Information.
You must register to use the Services. To register, you may need to provide information about yourself, such as your name, address, email address, and telephone number. You may also provide other optional information.
Using the Services.
We collect the information you provide through the Services. For example, when you submit patient health information, medical test results, and physician comments and decisions about care, the Services will collect the information you provide in such submissions.
Patient Information.
We collect patient information, including Protected Health Information, from users. Surveys. We may invite you to participate in surveys, and we receive any information you provide when participating in those surveys.
Referrals.
A user may submit information, such as a name and email address, about others to us so that the user can recommend the Services and content available on the Services to them. We use the information to send an email communication inviting the individual to use the Services. The recipient of an invitation to use the Services will see your name and email address as the referrer.
Communicate with Us.
We collect information about you through your communications with our customer-support team or through other communications with us, including through social media. From Other Sources. We may receive information about you from third parties. We may combine this information with other information about you that we received through the Services.
Location Information.
We collect and store your location information if your device settings are enabled to send it to us. We also infer your location from your IP address and other data. We use this information to provide and improve the Services.
Information and Content that You Select from Your Device.
With your permission, the Services may access and collect information you select from your device’s contact lists so you can use contacts with the Services.
Automatic Data Collection: Cookies and Related Technologies.
When you visit our Services or open our emails, we and our third-party partners, such as analytics providers, collect certain information by automated means, such as cookies, web beacons and web server logs. By using the Services, you consent to the placement of cookies, beacons, and other similar technology in your browser and on emails in accordance with this Privacy Policy. The information collected in this manner includes IP address, browser characteristics, device IDs and characteristics, operating system version, language preferences, referring URLs, and information about the usage of our Services.
We may use this information, for example, to determine how many users have visited certain pages or opened messages or newsletters, or to prevent fraud. We may link this data to your profile. Our partners also may collect and combine information about your online activities over time, on other devices, and on other websites or apps, if those websites and apps also use the same partners. We currently use Google Analytics to collect and process certain website usage data. To learn more about Google Analytics and how to opt out, please visit www.google.com/policies/privacy/partners/. You may be able to change browser settings to block and delete cookies when you access the Site through a web browser. However, if you do that, the Site may not work properly. The Site does not respond to browser do-not-track signals.
HOW RADLOOP USES INFORMATION
Internal and Service-Related Usage.
We use information for internal and service-related purposes, such as extracting, analyzing, communicating, reporting, and documenting patient health information, radiology report data, physician recommendations, and other related physician discussions. We use and retain any data we collect to provide and improve any of our services to the extent permitted by HIPAA and applicable HIPAA Business Associate Agreements (“BAAs”). We use and disclose patient health information in accordance with HIPAA and applicable BAAs.
Communications.
We may send emails to the email address you provide to us, push notifications to your mobile device if you have downloaded the app and enabled notifications, and text messages to any cellphone number you provided to us, to verify your account and for informational and operational purposes, such as account management, customer service, system maintenance, and other service-related purposes. You may also receive email, phone calls, and text messages from other users of the Services in connection with the Services using the contact information available in the Services.
Marketing.
We may use information about users for marketing purposes, such as sending information we think may be useful or relevant to users. Users may opt out of email marketing by using the unsubscribe link in a marketing email.
De-identified Data.
We de-identify data collected through the Services and may use and disclose it for any purpose. With respect to PHI, such de-identification shall be performed in accordance with HIPAA and applicable BAAs.
RADLOOP MAY DISCLOSE YOUR INFORMATION
To Vendors and Service Providers.
We share information we receive with vendors and service providers that perform services for us, including server cloud infrastructure providers and other service providers that provide management and application development and support. We execute BAAs with vendors and service providers that receive access to patient health information.
In Compliance with HIPAA and BAAs.
We use and disclose patient health information in accordance with HIPAA and applicable BAAs.
On Behalf of Users.
You may have the ability using the Services to share patient information, including PHI, with others. The information and content you provide to the Services may be displayed on the Services to other users based on settings and relationships among users. For example, when a referring physician refers a patient to a radiologist and provides patient information through the Services, other radiologists in the group may have authorized access to the patient information as necessary to provide the services to the patient. In addition, you may be able to use the Services to distribute information and content to non-users off of the Services.
You are solely responsible for any disclosure of patient information, including PHI, that you initiate using the Services (e.g., you are required to ensure the recipient is authorized to receive the PHI).
Physicians may use and disclose the patient information they obtain through the Services as necessary to provide their services to the patients in accordance with HIPAA. You are prohibited from accessing patient information, including PHI, on the Services if you are not authorized to access such information.
Legal and Similar Disclosures.
We may access, preserve, and disclose your information, if we believe doing so is required or appropriate to: comply with law enforcement requests and legal process, such as a court order or subpoena; respond to your requests; comply with the law; or protect your, our, or others’ rights, property, or safety.
Merger, Sale, or Other Asset Transfers.
If we are involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, sale of company assets, or transition of service to another provider, your information may be disclosed in connection with the negotiation of such transaction, and/or sold or transferred as part of such a transaction as permitted by law and/or contract.
With Your Permission.
We may also disclose your information with your permission.
INFORMATION SECURITY
We take steps in an effort to treat your information securely and in accordance with this Privacy Policy. HIPAA also requires us to, among other things, apply reasonable and appropriate measures to safeguard the confidentiality, integrity, and availability of the protected health information we handle. Unfortunately, the Internet cannot be guaranteed to be 100% secure, and we cannot ensure or warrant the security of any information you provide to us.
INTERNATIONAL USERS
If you are using the Services, you agree to the transfer of your information to the United States and processing globally. By providing your information you consent to any transfer and processing in accordance with this Privacy Policy.
UPDATE YOUR INFORMATION OR POSE A QUESTION OR SUGGESTION
If users would like to request that we update or correct any information that users have provided to us through their use of the Services or otherwise, please use the functionality provided by the Services or send an email to support@radloop.net. If patients would like to request access or updates to the patient information we have about them, patients can send an email to support@radloop.net and we will forward the request to the physician who submitted the patient information to us. We do not provide patients with access or updates to patient information, they must communicate with their physician who uses the Services. If you have suggestions for improving this Privacy Policy, please send an email to legal@radloop.net.
CHANGES TO OUR PRIVACY POLICY AND PRACTICES
Posting of a Revised Privacy Policy.
We may make changes to this Privacy Policy from time to time, and the revised version will be effective when it is posted. If we make any material changes, we will let you know through the Services, by email, or through other communication. We encourage you to read this Privacy Policy periodically to stay up-to-date about our privacy practices. As long as you use the Services, you are agreeing to this Privacy Policy and any updates we make to it.
Contact Information
HVR MSO, LLC d/b/a Radloop 2678 South Road,
Suite 202 Poughkeepsie, NY 12601-5254
info@radloop.net
Effective Date: March 1, 2018