Privacy

Privacy Policy

as of: September 14, 2016

INTRODUCTION

WITTY Health, Inc. (“WITTY Health”, “Company”, “us”, and “we”) is committed to protecting your privacy. We have prepared this Privacy Policy to describe to you our practices regarding the Personal Information (as defined below) we collect from users of both our website, located at www.Wittyhealth.com and the WITTY Health Platform (collectively the “WITTY Health Platform”) as described and defined in the WITTY Health Terms of Use (“WITTY Health TOS”). Capitalized terms not defined herein are defined in the WITTY Health TOS. Our Privacy Policy also serves as a notice to describe how personal information and health information (PHI) about you may be used, how it may be disclosed and how you can obtain access to this information. The law (45 CFR Part 160 and Part 164, Subparts A and E) requires that your PHI be kept private. We must give you such notice about our privacy practices and follow the terms of this notice while it is in effect. Your use of the WITTY Health Platform indicates your acceptance of the terms of this notice and our Privacy Policy. WITTY Health is engaged in the business of providing internet healthcare resources to connect our Users with Independent Professional dietitians in real time, via live streaming video, telephone, messaging, social media and/or secure e-mail and to provide WITTY Health Collection Services between our Users and Independent Professionals (collectively “Platform Services”).

INFORMATION THAT MAY BE COLLECTED BY WITTY HEALTH

In order to use the Platform Services, you as a User are required to enter an email address and password, which we refer to here as your WITTY Health ID or credentials. After you create your WITTY Health ID, you can use the same credentials to log in to WITTY Health’s website and utilize the Platform Services. This log-in process will allow you to manage your account, it will allow you to search dietitian, make appointments, attend appointments, and utilize and enjoy all Platform Services. The first time you log in to WITTY Health’s website to utilize the Platform Services, you will be asked to create an account also known as your profile. To create an account, you must provide personal information such as name, address, telephone number, date of birth, e-mail address, gender, and other pertinent data that will be available for you to share with the Independent Professionals who are also registered on the WITTY Health Platform. WITTY Health will use the email address you provide when you create your account to send you an email requesting that you validate your account. Your email address may also be used by WITTY Health to provide appointment reminders, changes in appointments, messages from our Independent Professionals and other relevant communications in connection with Platform Services. WITTY Health will also use your e-mail address as the primary means to reset your username and password. Your email address will not be shared with any other third parties and will not be used for advertising or sales purposes. WITTY Health creates as appropriate, a textual, audio, and visual record of all Platform Services in which you participate. Some examples include the creation of video and/or audio files associated with all dietitian sessions, electronic medical records that may be uploaded or created as a result of treatment by you or an Independent Professional, data received from medical wearable technologies, etc.

For certain Platform Services that require a fee, we will collect credit card or billing/payment account information which we maintain in encrypted form on secure servers. In order to participate in Platform Services, you will need to provide, and/or upload to the WITTY Health Platform, Personal Health Information (“PHI”). Here are examples of the types of Personal Health Information we gather:-Information You Give Us – Examples of the types of information you may provide us include measurements, such as weight, blood pressure or glucose levels, lab results, medications, health history, and other health or PHI, such as prescription information.-Information Accessed through Third-Party Data Platform Services – When you use WITTY Health Platform Services, we may access health-related information about you that is stored with third party-data Platform Services such as Microsoft HealthVault or Google Health, and such information will subsequently be available to us.-Third-Party Information – Health-related information about you received from third-parties (such as nurses, doctors or family members) as well as personally identifiable and other health-related information you provide specifically related to family members who may be utilizing the Platform Services under your account. Demographic information,such as age, education, gender, social security number and zip code.

HOW INFORMATION ABOUT YOU MAY BE USED BY WITTY HEALTH

WITTY Health may gather PHI primarily to share with our Independent Professionals for the purposes of diagnosis, treatment, and health care operations. However, in limited circumstances WITTY Health may use de-identified, non-personal information for statistical analysis, improvement of the Platform Services, and customization of web design and content layout.

Uses and Disclosures of PHI

WITTY Health is permitted to use and disclose your PHI for following purposes: For Dietitian Treatment. WITTY Health may use or disclose your PHI to facilitate your treatment via Platform Services that is being provided by a WITTY Health registered Independent Professional dietitian. For Payment. WITTY Health may use and disclose your PHI with others who help pay for your care such as health insurers or health plans in connection with the processing and payments of claims and other charges. For Health Care Operations. WITTY Health may use and disclose your PHI for its health care operations. These uses and disclosures help us run our programs and make sure WITTY Health’s patients receive quality care. For example, WITTY Health may use PHI to review the treatment and provision of Platform Services. WITTY Health may use PHI to measure the performance of the Independent Professionals who are working with you or providing you treatment. WITTY Health may share PHI with third parties who WITTY Health engages to provide various Platform Services. If any such third party requires access to your PHI in order to perform the agreed upon Platform Services, WITTY Health will require that third party be bound to the terms outlined in this Privacy Policy. WITTY Health may contract with outside businesses to provide some Platform Services. For example, WITTY Health may use the Platform Services of transcription, laboratories or collection agencies. Each contracted party must enter into a Business Associate agreement with WITTY Health, which requires said third party businesses to protect PHI that is shared with them in accordance with the restrictions outlined in this Privacy Notice. Furthermore, PHI will only be provided to third party businesses for the limited scope of performing required Platform Services to help facilitate treatment, payment, and health care operations to you. For Appointment Reminders. WITTY Health may contact you to remind you about your appointments. Treatment Alternatives. WITTY Health may use and disclose PHI to tell you about different types of treatment available to you. WITTY Health may use and share PHI to tell you about other benefits and Platform Services related to your health. Research. In support of telemedicine and ehealth initiatives, WITTY Health may use and disclose your PHI for research. WITTY Health will only use and disclose information for research if WITTY Health receives your written consent, or if a review committee that meets Federal standards says WITTY Health does not need your consent. Genetic Information. WITTY Health does not collect or use genetic information. WITTY Health does not use genetic information for underwriting and related purposes. Fundraising Activities. WITTY Health will not disclose your individual PHI for fundraising activities without your written authorization. As Required By Law. WITTY Health may use and disclose your PHI when required to do so by federal, state or local law. Testimonials. We display personal testimonials of satisfied customers on our site in addition to other endorsements. With your consent we may post your testimonial along with your name.

How WITTY Health May Use and Disclose PHI – Special Situations

Military. If you are in the U.S. or foreign armed Platform Services, WITTY Health may share your PHI as required by the proper military authorities. Workers’ Compensation. WITTY Health may share your PHI for workers’ compensation or programs like it. WITTY Health may do this to the extent required by law. Public Health Risks. WITTY Health may share your PHI for public health activities, as required by federal, state or local law.For example, we may share your PHI:

  • to prevent or control disease, injury or disability;
  • to report births and deaths;
  • to report child abuse or neglect;
  • to report reactions to medicines or problems with products;
  • to tell you about product recalls;
  • to tell you if you have been exposed to a disease or may be at risk for catching or spreading a disease or condition;
  • to tell the proper government department if WITTY Health believes a patient has been the victim of abuse, neglect or domestic violence. WITTY Health will only share this information when ordered or required by law.

De-identified Information. WITTY Health may use, disclose, and request PHI if the Health Information to be used or disclosed is de-identified pursuant to the procedures set forth in 45 CFR 145.514(a)-(c).Health Oversight Activities and Registries. WITTY Health may share your PHI with government agencies that oversee health care. WITTY Health may do so for activities approved by law. These activities include, but are not limited to, audits, investigations, inspections and licensure surveys. The government uses these activities to monitor the health care system. It also monitors the outbreak of disease, government programs, compliance with civil rights laws, and patient outcomes. WITTY Health may share PHI with government registries, if required. Lawsuits and Disputes. If you are in a lawsuit or a dispute, WITTY Health may share your PHI in response to a court order, legal demand or other lawful process. Law Enforcement. WITTY Health may share PHI if asked to do so by a law enforcement official under limited circumstances as follows:

  • to report certain types of wounds;
  • to respond to a court order, subpoena, warrant, summons or similar process;
  • to identify or locate a suspect, fugitive, material witness, or missing person;
  • about the victim of a crime, if under certain limited circumstances, WITTY Health is unable to obtain the victim’s agreement;

Decedents. WITTY Health may, under limited circumstances, disclose your PHI to coroners, medical examiners, funeral directors for the purposes of identification, determining the cause of death and fulfilling duties relating to decedents. National Security. WITTY Health may share, if required, your PHI with the proper federal officials for national security reasons.

HOW PHI DATA SECURITY IS HANDLED AT WITTY HEALTH

The importance of security for all personal information including, but not limited to, PHI associated with you is of utmost concern to us. At WITTY Health, we exercise state of the art care in providing secure transmission of your information from your PC or mobile device to our servers. PHI collected by the WITTY Health platform is stored in secure operation environments that are not available or accessible to the public. Only those employees who need access to your information in order to do their jobs are allowed access, each having signed confidentiality agreements. Any employee who violates our privacy or security policies is subject to disciplinary action, including possible termination and civil and/or criminal prosecution. WITTY Health is not only HIPPA compliant but additionally utilizes the latest technologies to ensure utmost security. WITTY Health uses several layers of firewall security and different degrees of encryption for each customer’s sensitive PHI to ensure the highest level of security which meets or exceeds the requirements promulgated under HIPAA (defined below) WITTY Health is the sole owner of the information collected on its site. WITTY Health will not sell, share or lease this information to others. WITTY Health does not sell any customer lists, e-mail addresses, cookies or other data without your written authorization.

Cookies and Tracking Technologies

Cookies are text information files that your web browser places on your computer when you visit a website. Cookies assist in providing non-personal information from you as an online visitor. It can be used in the customization of your preferences when visiting our website. Most browsers accept cookies automatically, but can be configured not to accept them or to indicate when a cookie is being sent. WITTY Health uses Google Analytics, a third-party tracking service, which uses cookies to track non-personal identifiable information about our visitors to our main site in the aggregate to capture usage and volume statistics. WITTY Health has no access to or control over these cookies.

WITTY Health works with other companies, including Google, who use tracking technologies to serve ads on our behalf across the Internet. These companies use first-party cookies (such as the Google Analytics cookies) and third-party cookies (such as the Adwords cookie) to collect information about your interaction on our website, including advertising, and remarketing. If you would like to opt-out of receiving ads tailored by 3rd party tracking technologies associated with our website, please click here. Note that if you opt-out from these third party tracking technologies, you may still see our ads at other websites, but the ads will not be tailored using third party tracking technologies associated with our website.

Secure interaction

When you interact with the WITTY Health Platform, all of your PHI including, but not limited to, your credit card number and delivery address, is transmitted through the Internet using Secure Socket Layers (SSL) technology. SSL technology causes your browser to encrypt your entered information before transmitting it to our secure server. SSL technology, an industry standard, is designed to prevent someone other than operators of our web site from capturing and viewing your personal information. WITTY Health also takes the following measures to protect your PHI online: Passwords. To provide you with an increased level of security, online access to your PHI is protected with a password you select. We strongly recommend that you do not disclose your password to anyone. WITTY Health will never ask you for your password in any unsolicited communication (including unsolicited correspondence such as letters, phone calls, or E-mail messages). No data transmission over the Internet can be guaranteed to be 100% secure. While we strive to protect your PHI from unauthorized access, use or disclosure, WITTY Health cannot ensure or warrant the security of any information you transmit to us on our web site.

Your Rights Regarding Your PHI

You have the following rights regarding PHI that WITTY Health maintains about you: Right To Inspect and To Receive Copies. You have the right to view and receive copies of the PHI used to make decisions about your care, provided you submit your request in writing. Usually, this includes medical and billing records. It does not include some records such as psychotherapy notes. WITTY Health may deny your request to view and/or copy your PHI in limited circumstances. If your request is denied, WITTY Health will inform you of the reason of the denial and you have the right to request a review of the denial. WITTY Health may charge a fee for the costs of processing your request. Right To Amend. If you think that personal information WITTY Health has about you is wrong or incomplete, you have the right to ask for an amendment to your record. To request deletion of any personal information or ask for a change to your record, you must make your request in writing and submit it to WITTY Health. If we are not able to comply with your request, we will respond with an explanation. WITTY Health may deny your request for an amendment to your record. WITTY Health may deny your request if it is not submitted in writing or does not include a reason to support the request. WITTY Health may also deny your request if you ask WITTY Health to amend information that:

  • WITTY Health did not create, unless the person or entity that created the information is no longer available to make the amendment;
  • is not part of the records used to make decisions about you;
  • is not part of the information which you are permitted to inspect and to receive a copy; or is accurate and complete.
  • is not part of the information which you are permitted to inspect and to receive a copy; or is accurate and complete.

We will retain your information for as long as your account is active or as needed to provide you Platform Services. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. Right To an Accounting of Disclosures. You have the right to get a list of the disclosures WITTY Health has made of your PHI. This list will not include all disclosures that WITTY Health made. For example, this list will not include disclosures that WITTY Health made for treatment, payment or health care operations. It will not include disclosures you specifically approved. To ask for this list, you must submit your request in writing on the approved form. The form will be provided to you upon request. Right To Request Restrictions. You have the right to ask for a restriction or limitation on the PHI WITTY Health uses or discloses for treatment, payment or health care operations. You also have the right to ask for a limit on the PHI WITTY Health discloses with someone who is involved in your care or in the payment for your care. Such a person may be a family member or friend. WITTY Health is not required to comply with your request. If WITTY Health does agree, we will fulfill your request unless the information is needed to provide you with emergency treatment or if otherwise required by law. To ask for restrictions, you must make your request in writing on a form that we will give you upon request. You must tell us:

  • what information you want to limit,
  • how you want us to limit the information, and
  • to whom you want the limits to apply.

Right To Request Confidential Communications. You have the right to request confidential communications of your PHI or medical matters. You may request that WITTY Health communicate with you through specific means or at a specific location. You must make your request in writing on a form that will be provided to you upon request. WITTY Health will fulfill all reasonable requests. Right To a Paper Copy of This Notice. You may ask WITTY Health to give you a written copy of this Notice at any time. Even if you have agreed to get this Notice electronically, you still have a right to a paper copy of this Notice. If you click on a link to a third party site, you will leave the WITTY Health site you are visiting and go to the site you selected. Because we cannot control the activities of third parties, we cannot accept responsibility for any use of your PHI by such third parties, and we cannot guarantee that they will adhere to the same privacy practices as WITTY Health. We encourage you to review the privacy policies of any other service provider from whom you request services. If you visit a third party website that is linked to the WITTY Health Platform, you should read that site’s privacy policy before providing any personal information.

Revisions To This Notice

WITTY Health is constantly innovating and implementing new features as part of its Platform Services. As a result, our privacy practices may change. We may revise this Notice to reflect any changes in our privacy practices. We reserve the right to make the revised Notice effective for PHI we already have about you. It also will be effective for any information we receive in the future. We will post a current version of the Notice on this Site prior to the change becoming effective. The effective date of this Notice is on the first page, in the top, left-hand corner. If we make any material changes we will notify you by email (sent to the e-mail address specified in your account) or by means of a notice on the WITTY Health Platform prior to the change becoming effective.

Social Media Widgets

Our Web site includes Social Media Features, such as the Facebook button. These Features may collect your IP address, which page you are visiting on our site, and may set a cookie to enable the Feature to function properly. Social Media Features and Widgets are either hosted by a third party or hosted directly on the WITTY Health Platform. Your interactions with these Features are governed by the privacy policy of the company providing it.

Complaints

If you think your privacy rights have been violated, you may file a complaint with legal@Witty.com or in writing at the address listed below. You may also file a complaint with the Secretary of the Department of Health and Human Services. You will not be penalized for filing a complaint. You may also contact us for further information about your privacy rights by emailing us at support@Witty.com as well as by post mail:

Privacy Officer

C/O Ram Sesha

Witty HEALTH INC

5850 Witte Road, Suite 500

Houston, Texas 77057

ACCEPTANCE

By using the WITTY Health Platform and the Platform Services, you acknowledge your acceptance of this Privacy Policy and agree to its terms. If you do not agree with this policy, you should not use the WITTY Health Platform and the Platform Services. It is recommended that you read this privacy policy before use of Platform Services to ensure that you have not missed any changes to the privacy policy. Your continued use of the Platform Services following any changes to the privacy policy signifies your acceptance of those changes.