as of: September 14, 2016
INFORMATION THAT MAY BE COLLECTED BY WITTY HEALTH
In order to use the Platform Services, you as a User are required to enter an email address and password, which we refer to here as your WITTY Health ID or credentials. After you create your WITTY Health ID, you can use the same credentials to log in to WITTY Health’s website and utilize the Platform Services. This log-in process will allow you to manage your account, it will allow you to search dietitian, make appointments, attend appointments, and utilize and enjoy all Platform Services. The first time you log in to WITTY Health’s website to utilize the Platform Services, you will be asked to create an account also known as your profile. To create an account, you must provide personal information such as name, address, telephone number, date of birth, e-mail address, gender, and other pertinent data that will be available for you to share with the Independent Professionals who are also registered on the WITTY Health Platform. WITTY Health will use the email address you provide when you create your account to send you an email requesting that you validate your account. Your email address may also be used by WITTY Health to provide appointment reminders, changes in appointments, messages from our Independent Professionals and other relevant communications in connection with Platform Services. WITTY Health will also use your e-mail address as the primary means to reset your username and password. Your email address will not be shared with any other third parties and will not be used for advertising or sales purposes. WITTY Health creates as appropriate, a textual, audio, and visual record of all Platform Services in which you participate. Some examples include the creation of video and/or audio files associated with all dietitian sessions, electronic medical records that may be uploaded or created as a result of treatment by you or an Independent Professional, data received from medical wearable technologies, etc.
For certain Platform Services that require a fee, we will collect credit card or billing/payment account information which we maintain in encrypted form on secure servers. In order to participate in Platform Services, you will need to provide, and/or upload to the WITTY Health Platform, Personal Health Information (“PHI”). Here are examples of the types of Personal Health Information we gather:-Information You Give Us – Examples of the types of information you may provide us include measurements, such as weight, blood pressure or glucose levels, lab results, medications, health history, and other health or PHI, such as prescription information.-Information Accessed through Third-Party Data Platform Services – When you use WITTY Health Platform Services, we may access health-related information about you that is stored with third party-data Platform Services such as Microsoft HealthVault or Google Health, and such information will subsequently be available to us.-Third-Party Information – Health-related information about you received from third-parties (such as nurses, doctors or family members) as well as personally identifiable and other health-related information you provide specifically related to family members who may be utilizing the Platform Services under your account. Demographic information,such as age, education, gender, social security number and zip code.
HOW INFORMATION ABOUT YOU MAY BE USED BY WITTY HEALTH
WITTY Health may gather PHI primarily to share with our Independent Professionals for the purposes of diagnosis, treatment, and health care operations. However, in limited circumstances WITTY Health may use de-identified, non-personal information for statistical analysis, improvement of the Platform Services, and customization of web design and content layout.
Uses and Disclosures of PHI
How WITTY Health May Use and Disclose PHI – Special Situations
Military. If you are in the U.S. or foreign armed Platform Services, WITTY Health may share your PHI as required by the proper military authorities. Workers’ Compensation. WITTY Health may share your PHI for workers’ compensation or programs like it. WITTY Health may do this to the extent required by law. Public Health Risks. WITTY Health may share your PHI for public health activities, as required by federal, state or local law.For example, we may share your PHI:
- to prevent or control disease, injury or disability;
- to report births and deaths;
- to report child abuse or neglect;
- to report reactions to medicines or problems with products;
- to tell you about product recalls;
- to tell you if you have been exposed to a disease or may be at risk for catching or spreading a disease or condition;
- to tell the proper government department if WITTY Health believes a patient has been the victim of abuse, neglect or domestic violence. WITTY Health will only share this information when ordered or required by law.
De-identified Information. WITTY Health may use, disclose, and request PHI if the Health Information to be used or disclosed is de-identified pursuant to the procedures set forth in 45 CFR 145.514(a)-(c).Health Oversight Activities and Registries. WITTY Health may share your PHI with government agencies that oversee health care. WITTY Health may do so for activities approved by law. These activities include, but are not limited to, audits, investigations, inspections and licensure surveys. The government uses these activities to monitor the health care system. It also monitors the outbreak of disease, government programs, compliance with civil rights laws, and patient outcomes. WITTY Health may share PHI with government registries, if required. Lawsuits and Disputes. If you are in a lawsuit or a dispute, WITTY Health may share your PHI in response to a court order, legal demand or other lawful process. Law Enforcement. WITTY Health may share PHI if asked to do so by a law enforcement official under limited circumstances as follows:
- to report certain types of wounds;
- to respond to a court order, subpoena, warrant, summons or similar process;
- to identify or locate a suspect, fugitive, material witness, or missing person;
- about the victim of a crime, if under certain limited circumstances, WITTY Health is unable to obtain the victim’s agreement;
Decedents. WITTY Health may, under limited circumstances, disclose your PHI to coroners, medical examiners, funeral directors for the purposes of identification, determining the cause of death and fulfilling duties relating to decedents. National Security. WITTY Health may share, if required, your PHI with the proper federal officials for national security reasons.
HOW PHI DATA SECURITY IS HANDLED AT WITTY HEALTH
The importance of security for all personal information including, but not limited to, PHI associated with you is of utmost concern to us. At WITTY Health, we exercise state of the art care in providing secure transmission of your information from your PC or mobile device to our servers. PHI collected by the WITTY Health platform is stored in secure operation environments that are not available or accessible to the public. Only those employees who need access to your information in order to do their jobs are allowed access, each having signed confidentiality agreements. Any employee who violates our privacy or security policies is subject to disciplinary action, including possible termination and civil and/or criminal prosecution. WITTY Health is not only HIPPA compliant but additionally utilizes the latest technologies to ensure utmost security. WITTY Health uses several layers of firewall security and different degrees of encryption for each customer’s sensitive PHI to ensure the highest level of security which meets or exceeds the requirements promulgated under HIPAA (defined below) WITTY Health is the sole owner of the information collected on its site. WITTY Health will not sell, share or lease this information to others. WITTY Health does not sell any customer lists, e-mail addresses, cookies or other data without your written authorization.
Cookies and Tracking Technologies
WITTY Health works with other companies, including Google, who use tracking technologies to serve ads on our behalf across the Internet. These companies use first-party cookies (such as the Google Analytics cookies) and third-party cookies (such as the Adwords cookie) to collect information about your interaction on our website, including advertising, and remarketing. If you would like to opt-out of receiving ads tailored by 3rd party tracking technologies associated with our website, please click here. Note that if you opt-out from these third party tracking technologies, you may still see our ads at other websites, but the ads will not be tailored using third party tracking technologies associated with our website.
When you interact with the WITTY Health Platform, all of your PHI including, but not limited to, your credit card number and delivery address, is transmitted through the Internet using Secure Socket Layers (SSL) technology. SSL technology causes your browser to encrypt your entered information before transmitting it to our secure server. SSL technology, an industry standard, is designed to prevent someone other than operators of our web site from capturing and viewing your personal information. WITTY Health also takes the following measures to protect your PHI online: Passwords. To provide you with an increased level of security, online access to your PHI is protected with a password you select. We strongly recommend that you do not disclose your password to anyone. WITTY Health will never ask you for your password in any unsolicited communication (including unsolicited correspondence such as letters, phone calls, or E-mail messages). No data transmission over the Internet can be guaranteed to be 100% secure. While we strive to protect your PHI from unauthorized access, use or disclosure, WITTY Health cannot ensure or warrant the security of any information you transmit to us on our web site.
Your Rights Regarding Your PHI
You have the following rights regarding PHI that WITTY Health maintains about you: Right To Inspect and To Receive Copies. You have the right to view and receive copies of the PHI used to make decisions about your care, provided you submit your request in writing. Usually, this includes medical and billing records. It does not include some records such as psychotherapy notes. WITTY Health may deny your request to view and/or copy your PHI in limited circumstances. If your request is denied, WITTY Health will inform you of the reason of the denial and you have the right to request a review of the denial. WITTY Health may charge a fee for the costs of processing your request. Right To Amend. If you think that personal information WITTY Health has about you is wrong or incomplete, you have the right to ask for an amendment to your record. To request deletion of any personal information or ask for a change to your record, you must make your request in writing and submit it to WITTY Health. If we are not able to comply with your request, we will respond with an explanation. WITTY Health may deny your request for an amendment to your record. WITTY Health may deny your request if it is not submitted in writing or does not include a reason to support the request. WITTY Health may also deny your request if you ask WITTY Health to amend information that:
- WITTY Health did not create, unless the person or entity that created the information is no longer available to make the amendment;
- is not part of the records used to make decisions about you;
- is not part of the information which you are permitted to inspect and to receive a copy; or is accurate and complete.
- is not part of the information which you are permitted to inspect and to receive a copy; or is accurate and complete.
We will retain your information for as long as your account is active or as needed to provide you Platform Services. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. Right To an Accounting of Disclosures. You have the right to get a list of the disclosures WITTY Health has made of your PHI. This list will not include all disclosures that WITTY Health made. For example, this list will not include disclosures that WITTY Health made for treatment, payment or health care operations. It will not include disclosures you specifically approved. To ask for this list, you must submit your request in writing on the approved form. The form will be provided to you upon request. Right To Request Restrictions. You have the right to ask for a restriction or limitation on the PHI WITTY Health uses or discloses for treatment, payment or health care operations. You also have the right to ask for a limit on the PHI WITTY Health discloses with someone who is involved in your care or in the payment for your care. Such a person may be a family member or friend. WITTY Health is not required to comply with your request. If WITTY Health does agree, we will fulfill your request unless the information is needed to provide you with emergency treatment or if otherwise required by law. To ask for restrictions, you must make your request in writing on a form that we will give you upon request. You must tell us:
- what information you want to limit,
- how you want us to limit the information, and
- to whom you want the limits to apply.
Revisions To This Notice
WITTY Health is constantly innovating and implementing new features as part of its Platform Services. As a result, our privacy practices may change. We may revise this Notice to reflect any changes in our privacy practices. We reserve the right to make the revised Notice effective for PHI we already have about you. It also will be effective for any information we receive in the future. We will post a current version of the Notice on this Site prior to the change becoming effective. The effective date of this Notice is on the first page, in the top, left-hand corner. If we make any material changes we will notify you by email (sent to the e-mail address specified in your account) or by means of a notice on the WITTY Health Platform prior to the change becoming effective.
Social Media Widgets
If you think your privacy rights have been violated, you may file a complaint with legal@Witty.com or in writing at the address listed below. You may also file a complaint with the Secretary of the Department of Health and Human Services. You will not be penalized for filing a complaint. You may also contact us for further information about your privacy rights by emailing us at support@Witty.com as well as by post mail:
C/O Douglas M. McIntyre
Witty HEALTH INC
1515 Witte Road, Suite 160
Houston, Texas 77080