MedTrak has implemented a number of procedures
and safety measures to protect the privacy and security of personal information according to HIPAA regulations. All
convey our information collecting, security, and distribution practices.
MedTrak is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC).
User Data and Information
MedTrak gathers information from users who sign-up for our services (“Service”) through contracts, discussions and the website. Users are required to provide contact information such as name, company name, address, phone number, and email address. This information is used to setup the Service and provide support. Except as required to perform the Service, no information will be disclosed to third parties.
MedTrak also collects and logs information (IP addresses, login attempts) concerning website usage. This information is used to monitor attempted security penetrations, detect technical problems, and review site usage patterns.
Information and data users collect using CareSense and store on MedTrak’s servers will not be reviewed, shared, or disseminated except as stated in the Business Associates Agreement and Software License Agreement or as required by law. Individual records in MedTrak’s databases may be accessed to provide the Service, resolve an issue, evaluate usage patterns, provide support services, or review contractual issues. Users are required to maintain the security of their User Name and password as outlined in MedTrak’s password policy.
MedTrak uses aggregated, de-identified information and data to create marketing statistics and average scores viewable by all users. Marketing statistics will be made available to third parties.
Discontinue Use Policy – Users
Users may request that MedTrak discontinues use of their contact information by contacting their MedTrak representative or by emailing firstname.lastname@example.org.
Personal information will only be collected by MedTrak after timely notice of the type of information to be collected, how information will be used, and how information may be shared is given to the patient. MedTrak also may be required to disclose an individual’s personal information in response to a lawful request by public authorities, including to meet national security or law enforcement requirements.
Use and disclosure of personal information will be fully described in the consent form given to the patient. If a patient would like to withdraw or refuse consent for a study, the patient should inform his/her doctor and MedTrak. A patient will always make the choice about the ways that personal information is used and disclosed.
Only as much personal information that is needed to complete the study will be collected and used. Personal information will be used in a manner consistent with the consent provided by the patient. Patient name and date of birth will be used to match patient records properly, and the email address will be used to collect information from the patient outside of the office.
Personal information will be stored only as long as is necessary for the purposes for which it was collected, or as permitted by law. Personal information will not be shared with third parties.
Appropriate steps will be taken to ensure all personal information stored by MedTrak is complete and accurate.
MedTrak acknowledges that individuals have the right to access the personal information/data that we maintain about them. Patients will be provided access to their own personal information stored on MedTrak’s servers in order to correct any problems or delete it. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data, should direct his query to email@example.com. If requested to remove data, we will respond within a reasonable timeframe.
MedTrak provides high quality security controls and protocols to ensure that all information and data is protected against loss, misuse, alteration, or unintentional destruction. MedTrak employs Secure Sockets Layer (SSL) technology to protect information traveling to and from the website and a firewall to block unauthorized use of the web server and database. Information and data are protected by access controls, passwords, employee training regarding security issues, and storage of sensitive information in locked offices, encrypted files, or behind the firewall.
MedTrak does not currently transfer personal information to third parties. If we ever were to engage in any onward transfers of your data with third parties, for a purpose other than which it was originally collected or subsequently authorized, we would provide you with an opt-out choice to limit the use and disclosure of your personal data.
When using the iOS CareSense patient app, MedTrak will ask for permission to access HealthKit data to track your step count. If HealthKit permission is not granted, only the step counting aspects of the app will stop working.
Potential User and Visitor Privacy
Potential users may sign-up on www.caresense.com to be contacted by a MedTrak representative. They will submit contact information that will only be used to set-up an appointment or demonstration.
MedTrak logs visitor IP addresses and activity. This information is used to monitor attempted security penetrations, detect technical problems, and review site usage patterns.
Attn: Privacy Complaints
PO Box 242
Blue Bell, PA 19422
Last Updated: August 16th, 2023