Effective Date: 05/31/17
1. What Information Is Collected And How Is It Used?
Account Creation Information. When creating an account, users must register by providing an email, username and a password. Upon account creation, users may also provide their company-related name and contact information to establish a company profile. The primary account holder may additionally add the email addresses of other users authorized to access their account in a manner designated in account settings.
Services-Related User Information. To purchase subscription-related Services, users must input information relating to their individual and/or company name, address, and payment debit and/or credit card or other payment processing information to process payments on the Platform.
Confidential Information. To the extent a customer or vendor provides BSI with personally identifiable information and/or protected health information (“PHI”), such information is maintained in accordance with BSI’s HIPAA compliant privacy and security policies.
Cookies. The Platform utilizes cookie technology to gather information on Internet use in order to serve you more effectively. Usage of cookies is in no way linked to personally identifiable information. You can set your browser to remove or reject cookies; however some Platform features or Services may not work properly without cookies.
2. Is Information Collected by or Disclosed to Third Parties?
Anonymous Data – Analytics. BSI uses the following third party analytics to learn how our customers use the Platform and Services:
Social Plug-Ins. Users may share their experiences on Instagram, Facebook, LinkedIn and Twitter. Users should click on the hyperlinks to review the applicable privacy policies for more detail about information collected from these sites.
Integrated Services. BSI offers Subscribers the ability to integrate a variety of third party medical solution provider services with Subscriber’s account to facilitate Subscriber’s account Services. Users should review the applicable privacy policies of those Integrated Services Providers for more information on their data collection and use practices.
Other Potential Third Party Disclosures. Information may also be disclosed to third parties (i) as required by law, such as to comply with a subpoena, or similar legal process; (ii) when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request, or (iii) if BSI is involved in a merger, acquisition, or sale of all or a portion of its assets.
3. How Does BSI Comply with the Children’s Online Privacy Protection Act? We do not knowingly collect information from persons under the age of 13. Users must be at least 18 years of age to register an account on the Platform. If a parent or guardian becomes aware that his or her child has provided us with information without their consent, he or she should contact us at firstname.lastname@example.org. We will delete such information from our files within a commercially reasonable time.
4. How long does the BSI retain information collected?
We will retain account and service data for a commercially reasonable time and as we deem necessary to provide our services to our users. If you would like us to delete your registered account information, please contact us at email@example.com and we will respond in a reasonable time.
5. What is BSI’s Security Policy?
We have implemented reasonable, and where applicable, HIPAA-compliant, administrative, technical and physical security measures to protect your personal information and PHI against unauthorized access, disclosure, destruction or alteration. However, no security system can ever be 100% secure.
BSI stores its data on AWS’ highly secure SAS 70 certified data centers located within the United States. Please see the AWS Cloud Security Policy for more information on its security practices.
6. How Does the Platform Respond to “Do Not Track” Signals?
“Do Not Track” is a feature enabled on some browsers that sends a signal to request that a website disable its tracking or cross-site user tracking. At present, the Platform does not respond to or alter its practices when a Do Not Track signal is received.
8. Contact Us.
If you have any questions regarding privacy while using the Platform or have questions about our practices, please contact us via email at firstname.lastname@example.org or by mail at BSI, 8050 North Palm Avenue, Suite 300, Fresno, California.