HIPAA Privacy Policy.

VIPatient - HIPAA Privacy Policy

Posted: February, 2017.

VIPatient LLC, an Indiana limited liability company, (the "Company") provides telemedicine services (internet teleconferencing health care consultations or related services, through an Internet-based platform ""VIPatient") to healthcare providers (the "Providers") for use with their patients and clients (the "Patients") (individually and collectively "Users").

Definitions In addition to such terms as are defined in this Privacy Policy, the following definitions shall apply.

"Business Associate" As defined by HIPAA is a person or entity, other than a member of the workforce of a covered entity (in this instance, "Providers"), who performs functions or activities on behalf of, or provides certain services to, a covered entity that involve access by the business associate to protected health information; or, is a subcontractor that creates, receives, maintains, or transmits protected health information on behalf of another business associate.

"Business Associate Agreement(s)" are the agreements prescribed by HIPAA to govern the relations of the Company with the Providers with which it has an agreement to provide telemedicine services.

"Protected Health Information" ("PHI") means information that is created or received by the Company and relates to the past, present, or future physical or mental health or condition of a person; the provision of health care to a participant; or the past, present, or future payment for the provision of health care to a participant; and that identifies the participant or for which there is a reasonable basis to believe the information can be used to identify the participant. PHI includes information concerning persons living or deceased. The Company does not store PHI and accesses PHI incidentally only for the operation of VIPatient.

"Personal Information" ("PI") means any information that may be used to identify an individual, including, but not limited to, first and last name, employment information, home or work address, email address, phone number, or other contact information. The Company stores PI for purposes of the operation of VIPatient, including, but not limited to, identification and registration of users, system diagnostics, system repair and customer service to the Providers and occasionally Patients using VIPatient as captured by the Company’s on-line registration forms and as loaded into VIPatient by the Providers using VIPatient.

"HIPAA" means the Health Insurance Portability and Accountability Act of 1996 and its implementing regulations and rules, as amended, as administered by the United States Department of Health and Human Services.

Privacy Policy means this published policy as same may from time to time be updated or amended by the Company.

Technical Data means the technical data and related information the Company may collect and use as part of its operations, including but not limited to technical information about a User’s device, system and application software, peripherals, IP address, cookie information, location-based information, browser information and interactions with VIPatient.

The Company’s Operations and Privacy Obligations

The Company will have access to PI and PHI to the extent it identifies a Patient as a part of its registration process and may have incidental access to a Patient’s PHI as may be required for the operation of the Company as a Business Associate of the Providers with whom the Company has a business relationship.

The Company’s Obligations as a Business Associate

The Company is operating as a Business Associate by reason of the Company furnishing telemedicine services to the Providers with which it has a business relationship. The Company has adopted this Privacy Policy with regard to the use and disclosure of PHI and individuals’ rights relating to PHI. All members of the Company’s workforce who have access to PHI must comply with this Privacy Policy. Individuals who would be considered part of the Company’s workforce under HIPAA are employees, volunteers, trainees, and other persons whose work performance is under the direct control of the Company, whether or not they are paid by the Company. The term "Employee" herein includes all of these types of workers.

Requirements for Business Associates

Although the Company will have specific Business Associate Agreements with each Provider with which it has a business relationship, generally, HIPAA generally requires that covered entities and business associates enter into contracts with their business associates to ensure that the business associates will appropriately safeguard protected health information. The Business Associate Agreement also serves to clarify and limit, as appropriate, the permissible uses and disclosures of protected health information by the Business Associate, based on the relationship between the parties and the activities or services being performed by the Business Associate.

Accordingly, the Company may use or disclose PHI and the PI of Patients (which is PHI) only as permitted or required by its Business Associate Agreement or as required by law. The terms and conditions of each Business Associate Agreement shall govern the legal relationship of the Company and the applicable Provider and control over these general obligations of the Company.

Use of PI which is Not PHI

The Company will use PI which does not constitute PHI only for purposes of User support, billing to Providers and administrative notices regarding VIPatient to Users. The Company does not disclose any PI of any User to any third-party for any purpose, excepting only to its Employees.

The Company may disclose PI to law enforcement or other government officials as the Company, in its sole discretion, believes necessary or appropriate, in connection with an investigation of fraud, intellectual property infringements, or other activity that is illegal or may expose the Company to legal liability.

PI that constitutes PHI is governed by the Business Associate Agreements the Company has with the Providers with whom it has a business relationship.

Use of Technical Data

Technical Data that does not identify a User or does not otherwise constitute PHI is not deemed by the Company to constitute PI and such Technical Data is the property of the Company and may be aggregated and used by the Company in any manner for any purposes the Company deems appropriate.

Changes to Privacy Policy

The Company reserves the right at any time to make changes, modifications, alterations and/or additions to this Privacy Policy. The Company will notify Users of any changes to this Privacy Policy by providing Users with notice of such changes at the Users’ email addresses as provided to the Company in the User registration process.

Questions Regarding Privacy Policy

Questions regarding this Privacy Policy should be directed by email to support@vipatient.net.

Effective Date

The effective date of this Privacy Policy is January 26, 2017.

Governing Law

In addition to HIPPA, this Privacy Policy is governed by the laws of the State of Indiana without regard to provisions regarding conflicts of laws. Users agree that the federal or state courts in Allen County, Indiana, shall have personal and exclusive jurisdiction of them in connection with any suits or proceedings arising out of, or related to, this Privacy Policy.


Download


Related Articles

About

We use technology to help healthcare providers deliver effective, convenient, and affordable patient care.

Social Links

Get the App