BACK PAIN TRACKER PRIVACY NOTICE
This Privacy Notice covers your use of the Back Pain Tracker ("BPT") application that may be accessed through an iOS device, Android device, web client and any other methods of access that we may provide today or in the future. BPT allows you to carefully track and share information related to your pain, physical function, and general health status. Although BPT is not an electronic health record, data you enter constitutes personal health information under data privacy laws. Health Insurance Portability and Privacy Act (HIPAA 1996) requires to inform you of the following government stipulations regarding use of Protected Health Information (or “PHI”) such as your name, address, telephone number, email address, and health status assessments.
- NOTICE (what personal information is being collected in the application);
- CHOICE (what options you have about how/whether personal data is collected and used);
- ACCESS (how you can see what data has been collected and change/correct it if necessary);
- SECURITY (how any data that is collected is stored/protected);
NOTICE: What personally identifiable information is collected from you through the website, how it is used and with whom it may be shared
PEER is the sole owner of the information collected in the BPT. We know that privacy is important to you. We only have access to/collect information that you voluntarily give us via completion of questionnaires or updating your profile. In order to use this application, a user must first complete the registration form. During registration a user is required to give certain information (such as name, date of birth, gender, address, phone and email). This information is used to contact you about follow-up questionnaires. We will not sell or rent this information to anyone. We will never sell or rent information that can be used to identify or contact you or any individual whose information you provide, such as your name, address, telephone number or email address ("Protected Health Information" or “PHI”), to any third party without your consent. We may, however, transfer your PHI to third parties in the following limited situations:
- To fulfill your requests to export data via the BPT, including sending information to care professionals; (2) To our subsidiaries, affiliated legal entities and service providers based on necessary data processing agreements, who may only use the data to provide BPT updates to you; or
- In response to subpoenas, court orders, or legal process by disclosing your data and other related information, if necessary or to establish or exercise our legal rights or defend against legal claims; or
- We may aggregate data from multiple users without PHI in order to help us improve services, deliver more personalized content, and the like. We may also share such de-identified aggregated data either publicly or with our partners outside of PEER. For example, we may want to share with our partners general trends about the usage of the BPT or popularity of BPT.
CHOICE: What choices are available to you regarding the use of your data
ACCESS: How you can see what data has been collected and change/correct it if necessary
You can do the following at any time by contacting us via the email firstname.lastname@example.org or phone number 703-828-6579:
- See what data we have about you, if any;
- Change/correct any data we have about you;
- Have us delete any data we have about you;
- Express any concern you have about our use of your data.
SECURITY: The security procedures in place to protect the misuse of your information
We take precautions to protect your information. When you submit sensitive information via the BPT, your information is protected both online and offline. Wherever we collect sensitive information (such as responses to questionnaires), that information is encrypted and transmitted to us in a secure way. You can verify this by looking for a lock icon in the address bar and looking for "https" at the beginning of the address of the Web page. While we use encryption to protect sensitive information transmitted online, we also protect your information offline. Only employees who need the information to perform a specific job (for example, software updates or customer service) are granted access to personally identifiable information. The computers/servers in which we store personally identifiable information are kept in a secure environment.
REDRESS: How you can correct any inaccuracies in the information