MedKeeper respects the privacy of our customers, business partners and individuals whose personal data with which we are entrusted. MedKeeper collects, uses and discloses personal data consistent with the laws and regulations of the countries and states in which the data is collected, and in which MedKeeper conducts business.
The MedKeeper Sites provide online services that our customers use to operate aspects of their businesses. These services include tools for patient care, training and tracking, among others (“Services”).
In providing these Services, MedKeeper processes the data our customers submit via our Sites or instruct us to process on their behaves. While MedKeeper's customers decide what data to submit through the Sites and Services, it typically includes information about the customer’s employees, medical professionals, and patients. To create an account on a MedKeeper Site so that you can use our Services, we may collect contact and demographic information such as your name, email address, employer name, and job title. As part of your use of the Services as a customer, you may choose to submit additional data through the MedKeeper Sites about your employees and healthcare professionals, such as information about their training records and qualifications. Similarly, as a customer of our Services, you may choose to submit information about patients, including sensitive data about their medications, medical record numbers, and date of birth, among other identifiers.
The purposes for which MedKeeper uses this data include the following: to furnish the Services to our customers and end users, to create and administer accounts on MedKeeper Sites, to correct and address technical or service problems, to follow instructions of the MedKeeper customer who submitted the data, and to implement MedKeeper's software per our contractual requirements.
There may be other circumstances in which we are required or permitted to share your data. For example, we may share your data with a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution or other sale or transfer of some or all of MedKeeper's assets, to comply with a court order, law or legal process, to enforce agreements, if we believe disclosure is necessary or appropriate to protect the rights, property, or safety of MedKeeper, our customers or others, or we may disclose your data with your consent.
MedKeeper will only collect and use your personal data if the use or processing is permitted by applicable privacy laws in your jurisdiction. This is sometimes referred to as having a “legal basis” to use or process your personal data. The legal bases we may rely on to collect and process your personal data include:
Depending on the jurisdiction in which you reside, you may have certain rights with respect to your personal data. If you would like to make a request relating to data about you that has been submitted by our customers and stored in our system(s), you must make the request with the customer directly. We will support the customer as needed in responding to your request.
You may have the following data protection rights regarding the data MedKeeper has collected about you:
We will handle any request to exercise your rights in accordance with applicable law, but please note that these rights may not be absolute. We may refuse or deny a request in accordance with applicable privacy laws, and in those cases we will let you know the reason for our denial. Additionally, depending on the circumstances and where you are located, not all of the above rights may be available to you.
Consistent with the Collection and Use of Data section above, we collect certain information about California residents that are considered personal data in California ("CA Personal Data"). If you reside in California and we collect CA Personal Data about you, we are required to provide additional information to you about how we use and disclose your information, and you may have additional rights with regard to your CA Personal Data. For example and specific to CA Personal Data, MedKeeper may have collected the following categories of information about you in the last 12 months:
We obtain the above listed categories of CA Personal Data directly from you when you interact with the Sites and Services as well as from other third parties as described in the “Collection and Use of Data” section above.
We may use and disclose your CA Personal Data for the business and commercial purposes, consistent with the “Collection and Use of Data” and “Disclosure” sections above.
MedKeeper does not, and has not in the preceding 12 months, knowingly sold any CA Personal Data of California residents, and we have no actual knowledge that we have sold the CA Personal Data of California residents under the age of 16 years old. Further, we have not knowingly sold any de-identified patient information derived from patient information. The CCPA defines “sale” as: selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, a consumer’s CA Personal Data to another business or third party for monetary or valuable consideration. If we determine that any activity that MedKeeper engages in could constitute a "sale" under California law, we will modify this notice and add a Do Not Sell button to the Sites.
Subject to certain exceptions, as a California resident, you may have the following rights to your CA Personal Data:
If you are a California resident and wish to exercise any of these rights, you may submit a verifiable request to using either of the following methods:
We will verify your identity prior to providing any information in response to a consumer rights request. Please note that you are limited by law in the number of requests you may submit per year. Only you, or a person registered with the California Secretary of State that you authorize to act on your behalf (Authorized Agent), may attempt to make a consumer request for you. We will respond substantively to your request within 45 days. However, where reasonably necessary, we may extend our response time by an additional 45 days, provided we send you notice of such extension first.
Do Not Track (“DNT”) is a privacy preference that users can set in some web browsers, allowing users to opt out of tracking by websites and online services. At the present time, the World Wide Web Consortium (W3C) has not yet established universal standards for recognizable DNT signals and therefore, the MedKeeper Sites do not recognize DNT.
We have implemented reasonable and appropriate security measures designed to secure your personal data from accidental loss and from unauthorized access, use, alteration and disclosure. Please note that the transmission of information by the internet is not completely secure. While we undertake reasonable efforts to protect your personal data, we cannot guarantee its security.
Unfortunately, the transmission of information by the internet is not completely secure. We undertake reasonable efforts to protect your personal information. We cannot guarantee its security.