OPISAFE
PRIVACY POLICY

Last Updated: October 24, 2018

RxAssurance Inc. d/b/a OpiSafe (“Company”) is committed to protecting the privacy of Providers and Patients using the Platform. We have prepared this Privacy Policy to describe to you our practices regarding all data we collect from users of the services we provide through this Platform (“Services”).

1. Questions; Contacting Company; Reporting Violations. If you have any questions or concerns or complaints about our Privacy Policy or our data collection or processing practices, or if you want to report any security violations to us, please contact us at the following address or phone number:

RxAssurance
Attn: Sara Streich
3513 Brighton Blvd, Suite 250, Denver, CO 80216
877-377-6110 x805

2. User Consent. By using the Platform, you agree to the terms of this Privacy Policy and you expressly consent to the collection, use and disclosure of your Provider Data and Patient Data in accordance with this Privacy Policy.

3. Types of Data We Collect. “Personal Data” includes all data that allows someone to identify or contact you, including, for example, your name, address, telephone number, e-mail address, as well as any other non-public information about you that is associated with or linked to any of the foregoing data. “Provider Data” means data that is provided to the Platform by the Provider, which identifies the individual and contains health information. “Patient Data” means data provided to the Platform by the Patient that identifies the individual and includes health information. “Anonymous Data” means data that is not associated with or linked to Personal Data or Patient Data; Anonymous Data does not, by itself, permit the identification of individual persons. We collect Personal Data, Provider Data, Anonymous Data, and Patient Data (collectively “Data”), as described below.

(a) Information You Provide to Us.

  • We may collect Data from you, such as your first and last name, gender, e-mail and mailing addresses, professional title, company name, and password when you create an account to log in to our network (“Account”).
  • We retain information on your behalf, such as files and messages that you store using your Account.
  • If you provide us feedback or contact us via e-mail, we will collect your name and email address, as well as any other content included in the e-mail, in order to send you a reply.
  • We also collect other types of Personal Data that you provide to us voluntarily, such as your operating system and version, product registration number, and other requested information if you contact us via e-mail regarding support for the Services.

(b) Information Collected via Technology.

  • Information Collected by Our Servers. To make our Platform and Services more useful to you, our servers (which may be hosted by a third party service provider) collect information from you, including your browser type, operating system, Internet Protocol (“IP”) address (a number that is automatically assigned to your computer when you use the Internet, which may vary from session to session), domain name, and/or a date/time stamp for your visit.
  • Log Files. As is true of most websites, we gather certain information automatically and store it in log files. This information includes IP addresses, browser type, Internet service provider (“ISP”), referring/exit pages, operating system, date/time stamp, and clickstream data. We use this information to analyze trends, administer the Platform, track users’ movements around the Platform, gather demographic information about our user base as a whole, and better tailor our Services to our users’ needs. For the information may be collected so that when you visit the Platform or the Services again, it will recognize you and the information could then be used to serve advertisements and other information appropriate to your interests. Except as noted in this Privacy Policy, we do not link this automatically-collected data to Personal Data, Provider Data, or Patient Data.
  • Cookies. Like many online services, we use cookies to collect information. “Cookies” are small pieces of information that a website sends to your computer’s hard drive while you are viewing the website. We may use both session Cookies (which expire once you close your web browser) and persistent Cookies (which stay on your computer until you delete them) to provide you with a more personal and interactive experience on our Platform. This type of information is collected to make the Platform more useful to you and to tailor the experience with us to meet your special interests and needs.

4. Use of Your Data

(a) General Use. In general, Personal Data, Provider Data, and Patient Data submitted to us is used either to respond to requests that you make, or to aid us in serving you better. We use your data in the following ways:

  • facilitate the creation of and secure your Account on our network;
  • identify you as a user in our system;
  • provide improved administration of our Platform;
  • improve the quality of experience when you interact with our Platform;

(b) Creation of Anonymous Data. We may create Anonymous Data records from the data by excluding information (such as your name) that makes the data personally identifiable to you. We use this Anonymous Data to analyze request and usage patterns so that we may enhance the content of our Services and improve Platform navigation. We reserve the right to use Anonymous Data for any purpose permitted by law and disclose Anonymous Data to third parties in our sole discretion.

5. Patient Data. The Platform is used for the storage and transmission of Protected Health Information between Company and Providers and their authorized representatives. Protected Health Information is used in accordance with the Health Information Portability and Accountability Act (HIPAA) and applicable federal and state laws governing patient privacy.

6. Disclosure of Your Personal Data. We disclose your Personal Data as described below and as described elsewhere in this Privacy Policy.

(a) Users. We will share your Personal data with other Users solely for the purpose of providing the Services.

(b) Third Party Service Providers. We may share your Personal Data with third party service providers to: provide you with the Services that we offer you through our Platform; to conduct quality assurance testing; to facilitate creation of accounts; to provide technical support; to comply with legal requirements; and/or to provide other services to the Company.

(c) Affiliates. We may share some or all of your Personal Data with our parent company, subsidiaries, joint ventures, or other companies under a common control (“Affiliates”), in which case we will require our Affiliates to honor this Privacy Policy.

(d) Corporate Restructuring. We may share some or all of your Personal Data in connection with or during negotiation of any merger, financing, acquisition or dissolution transaction or proceeding involving sale, transfer, divestiture, or disclosure of all or a portion of our business or assets. In the event of an insolvency, bankruptcy, or receivership, Personal Data may also be transferred as a business asset. If another company acquires our company, business, or assets, that company will possess the Personal Data collected by us and will assume the rights and obligations regarding your Personal Data as described in this Privacy Policy.

(e) Other Disclosures. Regardless of any choices you make regarding your Personal Data (as described below), Company may disclose Personal Data if it believes in good faith that such disclosure is necessary (a) in connection with any legal investigation; (b) to comply with relevant laws or to respond to  subpoenas or warrants served on Company; (c) to protect or defend the rights or property of Company or users of the Platform or Services; and/or (d) to investigate or assist in preventing any violation or potential violation of the law, this Privacy Policy, or our Terms of Use.

7. Disclosure of Patient Data. Company and Provider shall each comply with applicable requirements of the Health Insurance Portability and Accountability Act (“HIPAA”) and the Health Information Technology for Economic and Clinical Health Act (“HITECH”) when using and disclosing Patient Data. Company only shares Protected Health Information with the Provider authorized by a Patient, until such time that the Patient revokes previous consent. COMPANY DOES NOT SHARE PROTECTED HEALTH INFORMATION WITH ANY THIRD PARTY WITHOUT YOUR EXPRESS WRITTEN CONSENT.

8. Your Choices Regarding Information. You have several choices regarding the use of information on our Platform:

(a) Email Communications. We will periodically send you free newsletters and e-mails that directly promote the use of our Platform. When you receive newsletters or promotional communications from us, you may indicate a preference to stop receiving further communications from us and you will have the opportunity to “opt-out” by following the unsubscribe instructions provided in the e-mail you receive or by contacting us directly (please see contact information above). Despite your indicated e-mail preferences, we may send you service-related communications, including notices of any updates to our Terms of Use or Privacy Policy.

(b) Cookies. If you decide at any time that you no longer wish to accept Cookies from our Service for any of the purposes described above, then you can instruct your browser, by changing its settings, to stop accepting Cookies or to prompt you before accepting a Cookie from the websites you visit. Consult your browser’s technical information. If you do not accept Cookies, however, you may not be able to use all portions of the Platform or all functionality of the Platform. If you have any questions about how to disable or modify Cookies, please let us know at the contact information provided below.

(c) Changing or Deleting Your Personal Data. You may change any of your Personal Data in your Account by editing your profile within your Account or by sending an e-mail to us at the e-mail address set forth above. You may request deletion of your Personal Data by us, and we will use commercially reasonable efforts to honor your request, but please note that we may be required to keep such information and not delete it (or to keep this information for a certain time, in which case we will comply with your deletion request only after we have fulfilled such requirements). When we delete any information, it will be deleted from the active database, but may remain in our archives. We may also retain your information for fraud or similar purposes.

9. Security of Personal Data, Provider Data, and Patient Data. Information accessed through this Platform, including Protected Health Information, is secured using administrative, physical and technical safeguards. For example, the transfer of information is encrypted using industry standard Secure Sockets Layer (SSL) technology and information is stored on controlled servers with restricted access. All access is password protected and each individual user has his/her own user name and password. All access is tracked at Company for security purposes.

10. Changes to This Privacy Policy. This Privacy Policy may be updated from time to time for any reason. We will notify you of any changes to our Privacy Policy by posting the new Privacy Policy here [https://opisafe.com/privacy] and we will change the “Last Updated” date above. You should consult this Privacy Policy regularly for any changes.