What is the purpose of the app?
CuraPatient is a mobile-first digital health platform to enable a patient’s medical “journey” from the hospital to the home and beyond. Our platform includes bidirectional integration with client systems and is accessible on any smart device, including a fully native iOS, Android, and responsive web app. This allows for a secure, frictionless, user-friendly experience for providers so they can focus on the individual’s needs and reduce burnout and compassion fatigue. CuraPatient, with its robust backend with 421 NIST controls and the required automation, enables health systems across to keep up with changing mandates, CDC recommendations, and other requirements while protecting the integrity of a patient’s data.
What personal information do we collect from the people that visit our blog, website or app(s)?
When you register on our website and/or App(s), the following information is collected from you: Name, Email ID, Mailing Address (Location), Phone Number, Date of Birth, Camera Photos, Images, Files, Audio, Video and/or Other details.
When do we collect information?
We collect information from patients when they register on our site, fill out a form, use Live Chat, open a Support Ticket, make a purchase, sign up for our newsletter, respond to a survey or marketing communication, surf our websites, and/or enter information on our website and/or app(s).
How do we use patient information?
We may use the information we collect from patients when they register, make a purchase, sign up for our newsletter, respond to a survey or marketing communication, surf our websites, use our app(s), and/or make use of certain other site and/or app features in the following ways:
- To help patients with their vaccination and/or care experience and/or to provide information required by appropriate Public Health Services Agencies whenever asked by them.
- To personalize the patient experience and to allow us to deliver the type of content and product offerings in which patients are most interested.
- To allow us to better service patients in responding to customer service requests.
- To quickly process scheduling, location services, and other transactions.
- To send periodic emails regarding the patient experience and/or other products and services.
What permissions does a user need to give while accessing the mobile app?
While using the mobile app, the user needs to give permission to access following information to aid the app and/or website with:
- Precise location (GPS based)
Photos / Media / Files / Storage:
- Read the contents of your device storage for camera photos
- Take picture to add to your profile in app
How do we protect patient information?
We do not use vulnerability scanning and/or scanning to PCI standards.
We only provide articles and information.
We never ask for credit card numbers unless a purchase is being made by a user.
We use regular Malware Scanning.
Personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. In addition, all sensitive information patients supply is encrypted via Secure Socket Layer (SSL) technology.
We implement a variety of security measures when a user enters, submits, or accesses their information to maintain the safety of their personal information.
All transactions are processed through a gateway provider and are not stored or processed on our servers.
Use of 'cookies'
We do not sell, trade, or otherwise transfer to outside parties any Personally Identifiable Information.
Occasionally, at our discretion, we may include or offer third-party products or services on our website. These third-party sites have separate and independent privacy policies. We therefore have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our site and welcome any feedback about these sites.
Google’s advertising requirements can be summed up by Google’s Advertising Principles.
They are put in place to provide a positive experience for users.https://support.google.com/adwordspolicy/answer/1316548?hl=en
We have not enabled Google AdSense on our site but we may do so in the future.
California Online Privacy Protection Act
You can learn more about CalOPPA by visiting: http://consumercal.org/california-online-privacy-protection-act-caloppa/#sthash.0FdRbT51.dpuf
In accordance with CalOPPA, we agree to the following:
Users can visit our site anonymously.
How does our site handle Do Not Track signals?
We honor Do Not Track signals, and we Do Not Track, plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place.
Does our site allow third-party behavioral tracking?
It’s also important to note that we do not allow third-party behavioral tracking.
COPPA (Children Online Privacy Protection Act)
When it comes to the collection of personal information from children under the age of 13 years old, the Children’s Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, which is the United States’ consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children’s privacy and safety online.
We do not specifically market to children under the age of 13 years old..
Fair Information Practices
The Fair Information Practices Principles form the backbone of privacy law in the United States, and the concepts they include have played a significant role in the development of data protection laws around the globe.
Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.
In order to be in line with Fair Information Practices, we will take the following responsive action, should a data breach occur:
We will notify users via email:
- Within 7 business days
We will notify the users via in-site notification:
- Within 7 business days
We also agree to the Individual Redress Principle which requires that individuals have the right to legally pursue enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or government agencies to investigate and/or prosecute non-compliance by data processors.
CAN SPAM Act
The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.
We collect user email addresses in order to:
- Send information, respond to inquiries, and/or other requests or questions To be in accordance with CAN-SPAM, we agree to the following:
- Not use false or misleading subjects or email addresses.
- Identify the message as an advertisement in some reasonable way.
- Include the physical address of our business or site headquarters.
- Monitor third-party email marketing services for compliance, if one is used.
- Honor opt-out/unsubscribe requests quickly.
- Allow users to unsubscribe by using the link at the bottom of each email.
If at any time a user would like to unsubscribe from receiving future emails:
- They can email us at: email@example.com
- By following the instructions at the bottom of each email, we will promptly remove a user from ALL correspondence.
300 Spectrum Center Dr. #250
Irvine, California 92618