Email
Text
HIPAA PURPOSE
We, at StudyScavenger.com (hereafter the “Company”) treat the privacy of our subjects with the highest importance. This policy details the measures we taken to preserving and safely guarding your privacy of their personal identifiable date (PII) medical data (covered by HIPAA) when you visit or communicate with our site or personnel. Regular updates of the HIPAA Privacy Policy are done which require you to check back on this Policy from time to time.
APPLICABILITY
Sharing or Renting Information
StudyScavenger.com does not rent, sell, or share subject personal identifiable information with other people or non-affiliated companies and makes every reasonable attempt to safeguard subject privacy. Except where required by regulation, court order, official authority or applicable law, Company will not make available individual customer information or data to any third party.
DEFINITIONS
HIPPA: Health Insurance Portability and Accountability Act of 1996, Public Law 104-191
POLICY DETAILS
| HIPAA | Study Scavenger (SS) | |
| Do individuals have access to their study information? | Under HIPAA, patients can request a copy of their medical records from their health care provider. This typically requires completing release paperwork and may require a printing or copying fee. In some circumstances, availability of certain records may be limited. | In Study Scavenger (SS), subjects study history is not captured or maintained. |
| Are individuals informed of how their information is used and protected? | Health care providers must provide patients with written notice of their HIPAA privacy rights. | SS’s research site is not considered ‘health care providers ‘ and is not a covered entity. Subejcts information is encrypted and sits behind an SSL of protection. |
| What information is protected? | Under HIPAA, personally identifiable information is protected.
De-identified patient information is not protected. Aggregate, de-identified patient information can be published and shared with third parties. |
Under the Study Scavenger (SS) privacy policy, personally identifiable information is protected.
De-identified information, including our anonymous logs data, is restricted to approved research site user access and cannot be shared with third parties. |
| When is information Sharing permitted? | Health care providers may share information with patient authorization, and may share without authorization, for certain purposes, such as: • When doctors or other health care providers share information to treat patients, like when faxing patient records for a referral • When used for payment, including sharing with insurance companies to pay for care • When employers face workplace injury claims • When public health researchers need aggregate information for studies • For health care operations, including to contractors and vendors operating on a provider’s behalf (subject to security and confidentiality requirements) |
Study Scavenger (SS) may share information with explicit user authorization, and may share without authorization in certain limited circumstances, such as: • With contractors and vendors operating solely on SS’s behalf (subject to security and confidentiality requirements) • To protect against imminent harm to the rights, property or safety of SS, its users or the public, or to address fraud or violations of the Terms of Service |
| When is information sharing required? | Under various federal and state laws, health care providers must share patient information to comply with court orders and subpoenas. HIPAA itself also allows health care providers to voluntarily share patient information with law enforcement without a subpoena and without permission from or notice to the patient. | Under various federal and state laws, SS must share user information to comply with court orders and subpoenas. When possible, we notify the user in order to give them the opportunity to object. Under the Electronic Communications Privacy Act (ECPA), SS may not voluntarily share most user information with law enforcement. |
| How does the individual authorize sharing? | Patient authorization is not required for institutions to share information in the case of certain permitted disclosures, described above. When authorization is required, patients provide consent to share information through a written authorization form that must satisfy certain HIPAA requirements. Sharing is revocable under HIPAA. | SS must perform due diligence in writing via email or text to alert subjects if data is being shared at anytime. Subjects must request and give SS permission to share information entered into Study Scavenger (SS) account. Sharing is revocable at any time. |
| Is information protected when used by third parties? | If the third party is covered by HIPAA, HIPAA rules apply. If the third party (e.g., a patient’s family member or employer) is not covered by HIPAA, HIPAA rules do not apply. | If the third party is covered by HIPAA, HIPAA rules apply. If the third party (e.g., a patient’s family member or employer) is not covered by HIPAA, HIPAA rules do not apply. Online services not covered by HIPAA that wish to integrate with Study Scavenger (SS) must comply with Study Scavenger (SS)’s Developer Policies, which establish strict privacy standards for how they collect, use, or share user information. |
| Do individuals have a right to correct inaccurate information in their records? | Patients can request corrections in their records, and the service or doctor can reject or accept the request. | Subject can delete or edit any of their PII stored on Study Scavenger (SS). |
| How is information kept secure? | HIPAA requires that health care providers and other services maintain a minimum standard of “reasonable and appropriate safeguards to prevent intentional or unintentional use or disclosure of health information”. | Study Scavenger (SS) secures information by: • Using electronic security measures such as Secure Socket Layer (SSL) encryption, back-up systems, and other cutting-edge information security technology • Strongly restricting information access to a limited number of trained and authorized personnel |
| Who enforces privacy protections? | Under HIPAA, the Department of Health and Human Services enforces HIPAA privacy protections through civil and criminal penalties. Read more information about HIPAA enforcement from the HHS Office of Civil Rights. | Under Section 5 of the Federal Trade Commission Act, the FTC enforces privacy protections in the Study Scavenger (SS) privacy policy through civil and criminal penalties. State attorneys general and district attorneys have similar authority under general consumer protection laws. |
Contacting Us
We welcome any queries, requests you may have regarding this HIPAA Privacy Policy, or comments.