BDIHS
Privacy Policy
This Privacy Policy (this “Privacy Policy”) informs you (or the entity on whose behalf you are using this Service) (“You” or as the context requires “Your”) what personal information BDIHS (“BDIHS,” “we,” or “us”) may collect and how BDIHS uses such information.
This Privacy Policy is a part of and incorporated into the Terms of Use Agreement (“Terms of Use”) posted to the applicable to the BDIHS website (“Site”) and any Terms and Conditions (“Terms and Conditions”) of BDIHS software provided at such Site (“Software”) (collectively, the applicable “Site” and “Software” are referred to herein as “Services”).
Any terms capitalized herein but not defined shall have the meanings assigned to such terms in the applicable Terms of Use or Terms and Conditions.
By visiting or using the Services, You agree to accept the practices described in this Privacy Policy. If You do not agree to the terms of this Privacy Policy, please do not use the Services. Please note that some privacy rights and obligations may differ in certain locations based on local law, in which case BDIHS will comply with the local legal requirements.
BDIHS reserves the right, at any time, to modify this Privacy Policy. If we make revisions that change the way we collect, use, or share Personal Information, we will post those changes in this Privacy Policy. If we make material changes to our Privacy Policy, we may also notify You by other means prior to the changes taking effect, such as by posting a notice on our Site or sending You a notification. You should review this Privacy Policy periodically so that You keep up to date on our most current policies and practices. BDIHS will note the effective date of the latest version of our Privacy Policy at the end of this Privacy Policy.
Personal Information Collected By the Services:
BDIHS uses information collected from users of the Services to personalize and improve Your visit and experience at the Site and for other purposes set out below.
BDIHS gathers information in the following ways:
Information You Give to BDIHS:
Through a user’s interactions with the Services, BDIHS collects “Personal Information,” which is information that identifies an individual or relates to an identified individual. Personal Information includes any information You have provided in connection with Your use of the Services. Personal Information is collected when You establish an account with BDIHS, or when You communicate with BDIHS about the Site.
Sensitive Personal Information” refers to Personal Information regarding more sensitive areas, such as Your government ID and certain other medical or health information, financial information, gender, marriage status, race/ethnicity, or veteran or disability status.
Web Beacons:
BDIHS (or service providers on BDIHS’s behalf) may collect information from visits to the Site through the use of “Web Beacons.” Web Beacons are web page elements which may employ cookie technology that enable BDIHS to record data about visits to or transactions made on the Site. This information is sometimes known as “clickstream data.”
BDIHS may use this data to analyze trends and statistics to improve Your online experience or our customer service. No Personal Information is collected through the use of Web Beacons on the Site.
Cookies:
Through the use of cookies, we may also collect and analyze the IP address used to connect Your computer to the Internet; computer and connection information such as Your browser type and version; operating system and platform; purchase history; confirmation when You open email that we send You; and the URLs which lead You to and around the website including the date and time.
You can generally set Your browser to reject cookies or to notify You when You are sent a cookie. Software is also available from third parties which will allow You to visit the website without providing this information.
Information Received as a Business Associate:
Upon Your request or with Your consent, Your healthcare provider may share information about You, including Your Personal Information, with BDIHS.
BDIHS shall only use such information as a “business associate” of a “covered entity” in accordance with any instructions or restrictions provided to BDIHS by Your healthcare provider. With regard to such information, BDIHS shall comply with the applicable provisions of Health Insurance Portability and Accountability Act and the regulations promulgated thereunder, and the Health Information Technology for Economic and Clinical Health Act and any regulations promulgated thereunder, to the extent such privacy laws are applicable to business associates.
Use of Information Collected By BDIHS:
BDIHS uses the Personal Information collected in an effort to improve Your experience with the Services, to provide services to You and to communicate with You about information that You request.
BDIHS may also use Personal Information to help target specific offers to You and to help BDIHS develop and improve its Services. Additionally, BDIHS may use Your Personal Information to:
Respond to user service requests.
Administer user accounts.
Provide service to our clients, which may include healthcare providers.
Respond to your questions and concerns.
To communicate with users about our products, services, and related issues.
To administer fees and provide users with invoices or resolve billing issues.
Conduct research and analysis.
Sharing of Information with Third Parties:
BDIHS will not rent, sell or otherwise disclose Your Personal Information to unrelated third parties without Your consent, except as stated in this Privacy Policy:
BDIHS may disclose Personal Information to its parent, subsidiary, affiliates, and other related companies without Your consent.
BDIHS may disclose Personal Information to service providers for the purposes of operating our business, delivering, improving, and customizing our products or services, sending marketing and communications related to our business, payment processing, and for other legitimate purposes permitted by applicable law. BDIHS is responsible for the processing of personal data it receives from citizens of the EU under the Privacy Shield Framework and subsequently transfers to a third party acting as an agent on its behalf.
BDIHS complies with the Privacy Shield Principles for all onward transfers of personal data from the EU, including the onward transfer liability provisions.
BDIHS may disclose Personal Information, including Sensitive Personal Information, to BDIHS’s clients, which may include healthcare providers.
To the extent permitted by law, BDIHS will disclose Personal Information to government authorities or third parties pursuant to a legal request, subpoena, or other legal process. BDIHS may also use or disclose Your Personal Information as permitted by law to perform charge verifications, apply or enforce the Service’s Terms of Use or Terms and Conditions, or protect BDIHS’s rights, interests, or property as well as those of BDIHS affiliates, customers, or Service users.
If BDIHS sells all or part of its business or makes a sale or transfer of assets or is otherwise involved in a merger or business transfer, You agree that BDIHS may transfer Your Personal Information to a third party as part of that transaction.
BDIHS gives citizens of the EU the opportunity to opt-out prior to disclosing Personal Information or using Personal Information for a purpose that is incompatible with the purpose for which it was originally collected or subsequently authorized by such individual. Additionally, BDIHS gives citizens of the EU the opportunity to affirmatively opt-in prior to any additional disclosures of Sensitive Personal Information to a third party not described in this Privacy Policy or to use of Sensitive Personal Information for a purpose that is incompatible with the purpose for which it was originally collected or subsequently authorized by such individual. Exceptions to these requirements may apply where the disclosure of Personal Information is necessary for BDIHS to coordinate with service providers or Your selected healthcare provider, carry out its employment law obligations, or for other reasons as permitted by the Supplemental Principles under the Privacy Shield Framework or applicable law.
Security of Personal Information:
BDIHS has reasonable and appropriate safeguards in place to help protect the Personal Information BDIHS collects from loss, misuse, and unauthorized access, disclosure, alteration, and destruction. Although BDIHS attempts to protect the Personal Information in our possession, no security system is perfect, and BDIHS cannot promise that Your Personal Information will remain absolutely secure in all circumstances.
Data Integrity and Purpose Limitation:
BDIHS limits the use of Personal Information to ways that are compatible and relevant to the purposes for which the Personal Information was collected or subsequently authorized or for which consent was obtained.
BDIHS will take reasonable steps to ensure that Personal Information is reliable for its intended use, accurate, complete, and current.
Retention of Personal Information:
BDIHS will retain Your Personal Information as needed to fulfill the purposes for which it was collected. BDIHS will retain and use Your Personal Information as necessary to comply with BDIHS’s business requirements, legal obligations, resolve disputes, protect our assets, and enforce our agreements.
Aggregated De-Identified Information:
BDIHS may provide aggregated information related to Your Personal Information to some of BDIHS’s business partners.
This information is used in a collective manner and does not identify You individually in any way. In addition, as set forth in the Terms of Use and/or Terms and Conditions for the Services, BDIHS may, subject to the limitations set out in the Terms of Use or Terms and Conditions, use certain de-identified PHI.
Links to Third Party Websites:
The Site may contain certain links to third party websites. BDIHS is not responsible or liable for the privacy practices or content found on these websites. You should check the privacy notice and policies of each website You visit. Links to third party sites are provided solely for Your convenience and any use or submission of data to such sites shall be at Your sole risk.
Cross-Border Transfer of Personal Information:
BDIHS may transfer Your Personal Information to BDIHS’s entity in the United States, to any BDIHS subsidiary or affiliate, or to third parties as described above that are located in various countries around the world. By using BDIHS’s Services, or providing any Personal Information to BDIHS, where applicable law permits, You consent to the transfer, processing, and storage or such information outside of Your country of residence where data protection standards may be different.
BDIHS safeguards and enables the global transfer of Personal Information in a number of ways:
EU-U.S. Privacy Shields
BDIHS has certified its compliance with the EU-U.S. Privacy Shield Framework. BDIHS is committed to subjecting all personal data received from European Union (“EU”) member countries, in reliance on the Privacy Shield Framework, to the Framework’s applicable Privacy Shield Principles. If there is any conflict between the terms in this Privacy Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view BDIHS’s certification, please visit here. With respect to personal data received or transferred pursuant to the Privacy Shield Framework, BDIHS is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission.
If You have any complaints regarding our compliance with this Privacy Policy, You should first contact BDIHS at the address listed below under the section titled “Contact Information.” BDIHS will investigate and attempt to resolve complaints and disputes regarding collection, use, and disclosure of Personal Information in accordance with this Privacy Policy.
If You are a citizen of the EU and You have an unresolved privacy or data use concern that BDIHS has not addressed satisfactorily, please contact JAMS, BDIHS’s U.S.-based third party dispute resolution provider (free of charge) by clicking here. Under certain conditions, more fully described on the Privacy Shield website, You may invoke binding arbitration when other dispute resolution procedures have been exhausted. If You are an employee, past employee, or prospective employee, please see BDIHS’s employee privacy notice for information concerning who to contact if You have an unresolved privacy or data use concern.
Right to Access and Correct Personal Information:
BDIHS strives to make sure that our information is reliable, accurate, and up-to-date. While Personal Information is maintained by BDIHS, You may access the Personal Information that BDIHS has collected directly from You to the extent required by law to review, update, and correct inaccuracies. Upon request made to the contact listed below under the section titled “Contact Information,” BDIHS will provide You with reasonable access to the Personal Information BDIHS has collected from You. Because Personal information—for example, Your email address—is required to use the Site, we retain certain Personal Information as long as your account is active. You will have the opportunity to correct, transfer, update, modify, or delete this information by logging into Your account and updating Your Personal Information online or contacting BDIHS at the address listed below under the section titled “Contact Information.” You may also limit the use and disclosure of Your Personal Information by either unsubscribing from marketing communications or contacting BDIHS at the address listed below under the section titled “Contact Information.” Please note that some information may remain in BDIHS’s records even after You request deletion of Your Personal Information, to the extent permitted by the Privacy Shield Principles or required by applicable laws.
Additionally, there may be limits to the amount of information BDIHS can practically provide. For example, we may limit access to Personal Information where the burden or expense of providing access would be disproportionate to the risks to an individual's privacy or where doing so would violate others’ rights.
Regardless of the above, however, and except as required by applicable law, BDIHS does not provide You with access to patient records and will recommend that You directly contact Your healthcare provider to obtain a copy of Your patient records.
Contact Information:
If You have any questions or concerns related to this Privacy Policy, please contact the BDIHS Chief Privacy Officer at:
919-907-3334
Pursuant to applicable law, BDIHS may be required to send You notice of known or suspected security breaches that impact Your Personal Information. In the event that BDIHS must provide a notice of a security breach to You, BDIHS will send security breach notices to the contact information contained in Your account information unless BDIHS is required by law to notify You using another method. Otherwise, if BDIHS needs, or is required, to contact You concerning any event that involves information about You we may do so by email, telephone, or mail.
Last Updated September 25, 2023