MedTrak is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC).
User Data and Information
MedTrak gathers information from users who sign-up for our services (“Service”) through contracts, discussions and the website. Users are required to provide contact information such as name, company name, address, phone number, and email address. This information is used to setup the Service and provide support. Except as required to perform the Service, no information will be disclosed to third parties.
MedTrak also collects and logs information (IP addresses, login attempts) concerning website usage. This information is used to monitor attempted security penetrations, detect technical problems, and review site usage patterns.
Information and data users collect using CareSense and store on MedTrak’s servers will not be reviewed, shared, or disseminated except as stated in the Business Associates Agreement and Software License Agreement or as required by law. Individual records in MedTrak’s databases may be accessed to provide the Service, resolve an issue, evaluate usage patterns, provide support services, or review contractual issues. Users are required to maintain the security of their User Name and password as outlined in MedTrak’s password policy.
MedTrak uses aggregated, de-identified information and data to create marketing statistics and average scores viewable by all users. Marketing statistics will be made available to third parties.
Discontinue Use Policy – Users
Users may request that MedTrak discontinues use of their contact information by contacting their MedTrak representative or by emailing firstname.lastname@example.org.
Personal information will only be collected by MedTrak after timely notice of the type of information to be collected, how information will be used, and how information may be shared is given to the patient. MedTrak also may be required to disclose an individual’s personal information in response to a lawful request by public authorities, including to meet national security or law enforcement requirements.
Use and disclosure of personal information will be fully described in the consent form given to the patient. If a patient would like to withdraw or refuse consent for a study, the patient should inform his/her doctor and MedTrak. A patient will always make the choice about the ways that personal information is used and disclosed.
Only as much personal information that is needed to complete the study will be collected and used. Personal information will be used in a manner consistent with the consent provided by the patient. Only patient name, date of birth, and email address will be collected under Privacy Shield. Patient name and date of birth will be used to match patient records properly, and the email address will be used to collect information from the patient outside of the office.
Personal information will be stored only as long as is necessary for the purposes for which it was collected, or as permitted by law. Personal information will not be shared with third parties.
Appropriate steps will be taken to ensure all personal information stored by MedTrak is complete and accurate.
MedTrak acknowledges that individuals have the right to access the personal information/data that we maintain about them. Patients will be provided access to their own personal information stored on MedTrak’s servers in order to correct any problems or delete it. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data, should direct his query to email@example.com. If requested to remove data, we will respond within a reasonable timeframe.
MedTrak provides high quality security controls and protocols to ensure that all information and data is protected against loss, misuse, alteration, or unintentional destruction. MedTrak employs Secure Sockets Layer (SSL) technology to protect information traveling to and from the website and a firewall to block unauthorized use of the web server and database. Information and data are protected by access controls, passwords, employee training regarding security issues, and storage of sensitive information in locked offices, encrypted files, or behind the firewall.
MedTrak does not currently transfer personal information to third parties. If we ever were to engage in any onward transfers of your data with third parties, for a purpose other than which it was originally collected or subsequently authorized, we would provide you with an opt-out choice to limit the use and disclosure of your personal data.
In cases of onward transfer to third parties of data of EU individuals received pursuant to the EU-US Privacy Shield occur in the future, MedTrak is potentially liable.
Potential User and Visitor Privacy
Potential users may sign-up on www.caresense.com to be contacted by a MedTrak representative. They will submit contact information that will only be used to set-up an appointment or demonstration.
MedTrak logs visitor IP addresses and activity. This information is used to monitor attempted security penetrations, detect technical problems, and review site usage patterns.
Attn: Privacy Complaints
1100 East Hector Street, Ste. 457
Conshohocken, PA 19428
MedTrak has further committed to refer unresolved privacy complaints under the EU-US Privacy Shield Principles BBB EU PRIVACY SHIELD, a non-profit alternative dispute resolution provider located in the United States and operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/EU-privacy-shield/for-eu-consumers/ for more information and to file a complaint.
Please note that if your complaint is not resolved through these channels, under limited circumstances, a binding arbitration option may be available before a Privacy Shield Panel.
Last Updated: September 1st, 2016