Patient Discovery Privacy Policy and Terms of Use
Privacy Policy
Effective Date: December 2020
Patient Discovery, Inc. (“Patient Discovery”) is committed to protecting the privacy and security of your personal information. This Patient Discovery Privacy Policy (the “Privacy Policy”) describes how we may collect, use and disclose your personal information when you visit the Patient Discovery website at https://app.patientpathfinder.com (the “Website”) and use its online service to learn about your medical condition and insurance options, create discussion guides to assist you in communicating with your healthcare provider, participate in studies that utilize the Website, or access services and offers that may be relevant to your medical condition (the “Services”). This Privacy Policy does not address personal information that you provide to us in other contexts (e.g., through a business relationship not handled through the Website).
Acceptance of Privacy Policy
By using the Website or clicking your acceptance, you signify your acceptance of this Privacy Policy. If you do not agree to the terms of this Privacy Policy, please do not use the Website. To the extent you are using the Website in furtherance of a study, your participation in the study may be contingent on your acceptance of this Privacy Policy. Your continued use of the Website or the Services following the posting of changes to this Privacy Policy will mean that you accept those changes.
Personal Information We Collect
Patient Discovery collects your personally identifiable information (“PII”) through the Website when you choose to provide such information, such as when you (i) complete a discussion guide with information about your medical condition, preferences, and goals of care, (ii) request an offer or service, or (iii) submit information through the “Contact” page of the Website, where you must provide your email address. Patient Discovery also collects your IP address and web log data. Patient Discovery may also pull certain limited information, such as your name and your doctor appointment dates, from your healthcare provider’s electronic health record system.
Use of Personal Information
We will use your PII only (i) to operate the Website, (ii) to provide the Services, and (iii) to provide marketing materials, communications and information, promotional offers, and newsletters. If you provide your email address, we may send you administrative and promotional emails, brochures and other written materials. Where required in the relevant jurisdiction, we will obtain your consent before sending you promotional emails. If you wish to opt out of promotional emails, you may do so by following the “unsubscribe” instructions in the email.
Disclosure of Personal Information
Patient Discovery will not sell, rent, license, or trade your PII with third parties for their own direct marketing use unless we receive your express consent to do so. Unless you give us permission to do so, we will not share your PII with third parties other than as specified in this Privacy Policy.
Disclosures to Your Healthcare Provider. We may share the fact that you have signed up for this website with your healthcare provider. All other PII may only be shared with your healthcare provider by request from you. Patient Discovery is not responsible for a healthcare provider’s use of your personal information, which is governed by the provider’s privacy practices and applicable privacy laws and regulations.
Disclosures to Third Parties Assisting In Our Operations. We may share your PII under confidentiality agreements and any legally required data processing agreements with other companies that work with, or on behalf of, Patient Discovery to provide products and services, such as those who are providing email solutions, providing cloud hosting services, analyzing data and usage of the Website, or providing support and maintenance services for the Website, as well as legal, regulatory, audit and other professional advisors. These companies may use your PII to assist us in our operations or for our legitimate business interests. However, these companies do not have any independent right to share this information.
Disclosures Under Special Circumstances. We may provide information about you, including PII, to respond to subpoenas, court orders, legal processes or governmental regulations or inquiries, or to establish or exercise our legal rights or defend against legal claims. We believe it is necessary to share information in order to investigate, prevent or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, or as otherwise required by law.
Other Parties With Your Consent or At Your Direction. In addition to the disclosures described in this Privacy Policy, we may share information about you with third parties when you consent to or request such sharing. To the extent you are participating in a study, we may share information with the study investigator and/or sponsor in accordance with the study protocol.
Business Transfers. We may share your PII with other business entities in connection with the sale, assignment, merger or other transfer of all or a portion of Patient Discovery’s business to such business entity. We will require any such successor business entity to honor the terms of this Privacy Policy.
HIPAA Compliance
Patient Discovery may provide certain Services through an arrangement with, and acting on behalf of, your healthcare provider. In such cases, Patient Discovery may be subject to the Health Insurance Portability and Accountability Act (“HIPAA”), a federal health care privacy law, as a business associate. When Patient Discovery is providing services to you as a HIPAA business associate, our collection, use and disclosure will be governed by your healthcare provider’s HIPAA Notice of Privacy Practices, and not by the other sections of this Privacy Policy.
Automatically Collected Information and Anonymous Information
Each time you visit the Website, Patient Discovery collects some information to improve the overall quality of your online experience.
Aggregated and/or Anonymized Data. Patient Discovery may collect aggregate queries for internal reporting and also may count, track, and aggregate the visitor’s activity into Patient Discovery’s analysis of general traffic-flow at the Website. To these ends, Patient Discovery may merge information about you into aggregated group data.
In some cases, Patient Discovery may remove personal identifiers from PII and may maintain it in aggregate or de-identified form. This information may or may not later be combined with other information to generate fully anonymous data and information. Such anonymous data and information may be shared with, or sold to, Patient Discovery’s affiliates, business partners, service providers and/or vendors; if it does so, Patient Discovery will not disclose your individual identity.
Web Server Logs and IP Addresses. An Internet Protocol (“IP”) address is a number that automatically identifies the computer or device you have used to access the Internet. The IP address enables our server to send you the web pages that you want to visit, and it may disclose the server owned by your Internet Service Provider. Patient Discovery may use IP addresses to conduct Website analyses and performance reviews and to administer the Website, although it will not combine traffic data with user accounts.
Cookies. Cookies are pieces of information that a website transfers to a user’s computer for purposes of storing information about a user’s preferences. Cookies in and of themselves do not personally identify users, although they do identify a user’s computer. Many websites use cookies as a standard practice to provide useful features when a user visits the website, and most web browsers are set up to accept cookies. Patient Discovery uses cookies to improve your online experience when visiting the Website. You can set your browser to refuse cookies, but some portions of a Website may not work properly if you refuse cookies. A session cookie is one that exists for the time period that your browser is open. A persistent cookie is one that is saved on your device/computer even after the browser is closed. Like many websites, we may use both session cookies and persistent cookies.
Web Beacons. Some of the Website’s web pages may use web beacons in conjunction with cookies to compile aggregate statistics about Website usage. A web beacon is an electronic image (also referred to as an “action tag,” “single-pixel,” or “clear GIF”) that is commonly used to track the traffic patterns of users from one web page to another in order to maximize web traffic flow and to otherwise analyze the effectiveness of the Website. Some web beacons may be unusable if you elect to reject their associated cookies.
Response to “Do Not Track” Signals
Some web browsers may transmit “do-not-track” signals to the websites with which the user communicates, although web browsers incorporate and activate this functionality in different ways, and it is not always clear whether users intend for these signals to be transmitted. There currently is disagreement, including among participants in the leading Internet standards-setting organization, concerning what, if anything, websites should do when they receive such signals. Patient Discovery currently does not take action in response to these signals, but, if and when a standard is established and accepted, we may reassess how to respond to these signals.
Children’s Privacy Protection
Under Age 13. Patient Discovery does not knowingly collect or retain personally identifiable information about persons under 13 years of age. Any person who provides their personal information to Patient Discovery via the Website represents that they are 13 years of age or older. The Website does not knowingly solicit or collect personally identifiable information online from children under the age of 13 without prior verifiable parental consent. If we learn that a child under the age of 13 (or such legally required higher age) has submitted personally identifiable information online without parental consent, we will take all reasonable measures to delete such information from our databases and to not use such information for any purpose (except where necessary to protect the safety of the child or others as required or allowed by law). If you become aware of any personally identifiable information, we have collected from children under 13, please contact us at support@patientdiscovery.com.
Under Age 18. Minors under 18 years of age may have the PII that they have provided to us through the Website deleted by contacting us at support@patientdiscovery.com and requesting deletion. Please note that, while we make reasonable efforts to comply with such requests, deletion of your personal information does not ensure complete and comprehensive removal of that data from all our systems and back-up systems.
Privacy Settings/Opt Out/Changes/Access
If you would like your PII removed from our database, changed or updated, you can contact us at support@patientdiscovery.com. If requested, we will promptly verify and delete your account and you will no longer receive emails from Patient Discovery. Your removal from the mailing list or database will not remove records of past transactions or delete information stored in our data backups and archives where we are required to keep your data for legitimate business or legal requirements. Data on past transactions and data stored in backups and archives will be deleted in the normal course of our business. You have the right to access or, if required by applicable laws, receive a copy of your PII held by us by making a written request by sending an email to the contact email address below.
Referrals/Links
The Website may contain links to other websites. Patient Discovery is not responsible for the privacy practices or the content of those websites. Users should be aware of this when they leave our Website and review the privacy statements of each third-party website. This Privacy Policy applies solely to information collected by the Website.
Security
Patient Discovery understands that storing our data in a secure manner is essential. Patient Discovery stores PII and other data using reasonable physical, technical and administrative safeguards to secure data against foreseeable risks, such as unauthorized use, access, disclosure, destruction or modification. Please note, however, that while Patient Discovery has endeavored to create a secure and reliable website for users, the confidentiality of any communication or material transmitted to/from the Website or via e-mail cannot be guaranteed.
Website Visitors from Outside the United States
Patient Discovery and its servers are located in the United States and are subject to the applicable laws of the United States (where data privacy laws are less stringent than in the European Union and some other jurisdictions). If you choose to access or use the Services, you consent to the transfer, use and disclosure of information in accordance with this Privacy Policy and subject to such applicable laws.
Changes to this Privacy Policy
This Privacy Policy may be revised from time to time as we add new features and services, as laws change, and as industry privacy and security best practices evolve. If we update the Privacy Policy, we will let you know about our changes we consider material by placing a note on the relevant web page you use to access the Services or you may receive an email with notification of the updated Privacy Policy. By accessing or using the Website or the Services after we have placed such a notice, you consent to the new practice(s) identified in the update. The most current version of the Privacy Policy will always be available on the website at https://app.patientpathfinder.com. You can check the “effective date” posted at the top to see when the Privacy Policy was last updated. Small changes or changes that do not significantly affect individual privacy interests may be made at any time and without prior notice.
Contact
If you have any questions about this Privacy Policy or about our handling of your information, please contact Patient Discovery’s Privacy Officer at support@patientdiscovery.com.