Phyzit Privacy Policy

This Privacy Policy describes how Phyzit, Inc. ("Phyzit") protects your personal information when you use the Phyzit web and mobile applications and all related products and services (collectively, “the Service”).  Phyzit, Inc. is located at P.O. Box 7632, Little Rock, Arkansas 72217. All references to Phyzit include its subsidiaries or affiliates involved in providing the Service. All references to you include your Authorized Individuals (Phyzit Proxies), if any.

Your use of the Service is subject to this Privacy Policy as well as our Terms of Use. After reading this Privacy Policy, you will know:

A.       Summary of Data Practices

B.       Definitions

C.       What information Phyzit Collects

D.       How Phyzit Uses Your Information

E.       How the Information is Shared with Third Parties

F.       Choices You Have About How Phyzit Uses Your Information

G.      Authorized Individuals-Representatives (Proxies)

H.       How Phyzit Protects Your Information

I.        How We Provide Required Notices of Security Breaches

J.       How We May Change this Privacy Policy

K.       How to Obtain More Information About this Privacy Policy

Please review this Privacy Policy and the Terms of Use carefully. If you do not agree with our practices, do not access or use any part of the Service.

 

 

 

 

 

A.             Summary of Data Practices

Phyzit Data Release                                                                               Personal Information       Aggregate Data

Do we release your Personal Health Data (PHD) for the following purposes?                 

Marketing and Advertising:                                                                   No                          No

Medical and pharmaceutical research:                                            No                          No

Developing metrics derived from use of the Service:    No                          Yes

To your insurer and employer:                                                            No                          No

For developing software applications:                                            No                          No

Do we require limiting agreements that restrict what third party Service Providers can do with your Personal Information?                                                                            Yes                        N/A

Do we stop releasing your Personal Information if you close your account?        Yes                        N/A

Do we have Security Measures that are reasonable and appropriate to protect PHD, in any form, from unauthorized access, disclosure, or use?                                       Yes                        Yes

Do we keep Personal Information Activity Logs?                       Yes                        N/A

B.             Definitions

          Activity Logs

Activity logs are Phyzit’s and its Service Providers' records of when PHD is created, accessed, modified, deleted, released, or exported from and/or Phyzit.

       Aggregate Data

Aggregate Data is data related to the use of the Service (for example: page views, duration of sessions, application response time, completion rates, etc). It does not connect to you as an individual, it is used exclusively for the purpose of improving the Service. In other words, Aggregate Data is not personal data and cannot be sued to identify you as an individual.

      Authorized Individuals 

An Authorized Individual (Phyzit Proxy) is someone you authorize to access limited portions of your Phyzit account on your behalf.

     Dependent

A Dependent is a minor child or other individual over whom an Authorized Individual has legal authority.    

       PHD

When you sign up for the Service, you provide and/or you authorize all or some of your Providers to provide Phyzit information about you. Any information in Phyzit is considered PHD.  PHD might include, but is not limited to the following:

·        Your name and contact information, such as your address, phone number, or email address

·        Your medical history, conditions, treatments, and medications

·        Your healthcare claims, health plan account numbers, bills, and insurance information

·        Demographic information, such as your age, gender, ethnicity, and occupation

·        Computer information, such as your IP address and "cookie" preferences

As described further below, Phyzit may use your PHD to achieve the following:

·        Operate and manage the Service including software, websites, web and mobile applications and all related products and services

·        Maintain and protect its computer systems

·        Comply with the law, such as responding to subpoenas and search warrants

PHD includes Personal Information.

       Personal Information

Personal Information means information about you that reasonably can be linked to you such as your name, health information, and other identifiers.  Personal Information may also include but is not limited to your financial information or social security number.

 

      Provider 

 

A healthcare provider, healthcare practice, hospital or staff that you authorize to provide information to your Phyzit service account. When you sign up for the Service, you may provide authorization for a healthcare practice or hospital, and associated authorized users to add Personal Information to your Phyzit service account.  

       Reporting

Phyzit and our Service Providers might report about business activities and customers (you) to others, such as investors, auditors, potential business partners, or public communities. Reports will not include Personal Information without your specific permission or as permitted or required by law.

       Service Providers

A Service Provider is an entity that is hired to perform certain functions for Phyzit to support the development, maintenance, and implementation of the Service.  Service Providers may include, but are not limited to, software or website designers, data storage providers and consultants.

       Security Measures

Security measures can include computer safeguards, secured files, and employee security training. In addition, Phyzit may be required by law to notify you about particular data breaches.

C.             What Information Phyzit Collects

1.             Before you register for the Service, Phyzit may collect your information in three ways: (1) if you contact Phyzit through the Internet and provide Phyzit with your contact information (e.g., name, mailing address, email address and other information); (2) Phyzit may obtain your information from a healthcare Provider that uses the Service; (3) you create a Phyzit service account after receiving an invitation to join the Service.  In any case, Phyzit will use such information for the sole purpose of informing you about the Service, inviting you to register for the Service or in conjunction with your healthcare Provider’s use of the Service.

2.             To use the Service, you must complete the registration process, which includes accepting the Terms of Use, this Privacy Policy and the Phyzit TCM Terms of Service (“Terms of Service”). As part of the registration process, you may be asked to provide certain information, such as your name, mailing address, and email address. You also may be asked to confirm the information that you or a partnering Provider has provided to Phyzit prior to registration, if any. Further, to register, you must agree to the Phyzit Terms of Use which incorporates this Privacy Policy. As part of the registration process, you may also have the opportunity to provide additional information to Phyzit. We recommend that you provide such information, as it will enhance your use of the Service.

3.             In general, Phyzit collects all information that you supply directly to the Service. Phyzit may also collect information from participating healthcare Providers who use the Service.  Further, Phyzit may collect information from other third party information providers that you expressly authorize to send information to Phyzit.  

4. Phyzit passively collects information from you as you navigate through our Service. Phyzit may track IP addresses, use industry standard tracking devices (e.g., session and persistent cookies, flash cookies, web beacons), and electronically gather information about the technology you use to access the Service and the areas of the Service you utilize. Phyzit passively collects this information for operational purposes such as evaluating, updating and improving the Service.

Cookies help us in many ways to make your visit to our websites more enjoyable and meaningful to you. Cookies are text information files that your web browser places on your computer when you visit a website. Phyzit may use such "cookie" technology to obtain non-personal information from you as an online visitor. As an example, this might entail recognizing several web page requests coming from the same computer and therefore the same visitor. Most browsers accept cookies automatically, but can be configured not to accept them or to indicate when a cookie is being sent. If you do not wish Phyzit to collect cookies, you may set your browser to refuse cookies, or to alert you when cookies are being sent. If you do so, please note that some parts of the Service may then be inaccessible and you may not receive the full benefits of the Service.

D.             How Phyzit Uses Your Information

1.             Phyzit uses your information to provide the Service as described on our web site, as described by your healthcare Provider, theTerms of Use, the Terms of Service and to enhance the performance of the Service and/or create new services. Phyzit will not use Personal Information for product development or product enhancement without your express, written permission.

2.             If you and your healthcare Provider participate in the Service, you authorize Phyzit to facilitate the exchange of information and communication between you and your Provider (e.g., the Service may enable you to schedule an appointment with your Provider and receive an appointment reminder in return).

3.             Communications between you and your Provider may be initiated by you or your Provider. You are under no obligation to initiate or respond to such communications. By participating in such communications, you agree that some or all of your PHD contained in the Service may be sent to your Provider through the Service or through interfaces with the Provider's information systems, and you agree that such PHD may be incorporated into your health record maintained by your Provider. Phyzit will not alter the content of the communications. However, Phyzit may remove or block any content that Phyzit deems offensive, indecent, or otherwise objectionable or in violation of section 11 of the Terms of Use. Phyzit may keep a record of all communications between you and your Providers. Phyzit will not share the content of such communications except as permitted under this Privacy Policy, the Terms of Use, Terms of Service or as required by law, unless you expressly consent to or authorize disclosure.

4.             Phyzit will not sell or rent, your Personal Information without your written consent. Phyzit will not use or disclose your Personal Information, except as described in this Privacy Policy, the Terms of Use, the Terms of Service or as permitted or required by law.

E.             Sharing Your Information With Third Parties

1.             Phyzit may make your Personal Information available to third parties participating in the Service that are authorized by you or as necessary to complete transactions you authorize.

2.             Phyzit may disclose your Personal Information to Phyzit's Service Providers that provide technical support or other services to Phyzit related to the Service. All such Service Providers are subject to confidentiality obligations and may only access and utilize your data for purposes of fulfilling their obligations to Phyzit.

3.             If a third party acquires the assets of Phyzit related to the Service and its products and services (whether by sale, merger, change of control, bankruptcy or otherwise), your Personal Information may be transferred to the new owner(s). In such case, your Personal Information would remain subject to the provisions of the Phyzit Privacy Policy that was in effect immediately prior to the transfer unless Phyzit provides you notice otherwise.

F.              Choices You Have About How Phyzit Uses Your Information

1.             Managing Your Account. You have the following choices regarding the Personal Information you provide to Phyzit for use:

a. Generally, you may change how your information is used and disclosed through the account settings and account management features. As explained more fully in the Terms of Use, modifications to your Phyzit record are not automatically communicated to your Providers or any third-party sources. If you want your Provider or a third party to know of changes you make within your Phyzit record, you must inform the Provider or third-party of such changes.

You may access your Phyzit account at any time to review your PHD.  To change any of your Personal Information, edit it manually where possible, or contact your healthcare provider.  For technical questions related to the Phyzit Service, contact Phyzit support via email at support@phyzit.com or locating contact information on the Phyzit websitehttp://www.phyzit.com.

2.             Authorized Individuals.  You may grant access to your Phyzit account to one (a “Phyzit Proxy”) or more Authorized Individuals or Authorized Individual-Representatives (collectively “Phyzit Proxies”).  You may grant an Authorized Individual access to your Phyzit account by specifically authorizing Phyzit to permit access by such Authorized Individual to your Phyzit account.  When you grant access to an Authorized Individual, you permit the Authorized Individual to see your Phyzit Service content.  Whether or not to grant an Authorized Individual access to your Phyzit Service account is your decision.  

You acknowledge and agree that: (a) you are solely responsible for verifying the identity of, and monitoring the use by, any Authorized Individual you select; and (b) Phyzit has no responsibility or liability in connection with any access to, or use of, your account and information by any Authorized Individual or Authorized Individual-Representative.

3.             Deactivating an Authorized Individual. You may revoke any Authorized Individual's authorization to access your Phyzit service account through the Service by utilizing your account settings or contacting your healthcare Provider.  Once revoked, the Authorized Individual may no longer access and use the Service with respect to you and your Personal Information. Any disclosure of your PHD or Personal Information made prior to the authorization revocation cannot be recalled, removed, or retrieved by Phyzit.  By using the Service, you agree that Phyzit cannot, and has no obligation to, remove Personal Information from your Provider's, other third-party's or Authorized Individual's records once properly disclosed.

4.             Terminating Your Account.  Phyzit will maintain and/or destroy all PHD and Personal Information associated with your account in accordance with its then current document retention and destruction policies.  Please note that copies of your Personal Information may remain in your Providers', other third-parties' and Authorized Individual-Representative's and/or Authorized Individual's records, as described in Section F.3, above.

G.             Authorized Individuals-Representatives

Parents or guardians may elect to establish Phyzit service accounts for their children through the Service as Authorized Individuals-Representatives (Phyzit Proxies) and, in doing so, expressly consent to Phyzit utilizing such information as set forth in this Privacy Policy, the Terms of Use and Terms of Service.

An Authorized Individual-Representative may authorize and/or have access to PHD of the Authorizing Patient (the parent or guardian).  Through the account, the Authorized Individual-Representative may:  (a) review personal health data as maintained in Phyzit; and (b) engage in such communications and transactions as permitted between the Authorized Individual-Representative and the Authorizing Patient’s healthcare Providers within the Service.  Accounts are created specifically for each healthcare Provider.  Thus, an Authorized Individual-Representative will have to specifically authorize each Provider to establish a Phyzit account in the name of the Authorizing Patient. 

An Authorizing Patient’s Phyzit account will be linked to an Authorized Individual-Representative's Phyzit account until the Authorizing Patient revokes access through the Service.

Each Authorized Individual-Representative agrees that an Authorizing Patient’s Phyzit account also may be linked to the Phyzit account of another Authorized Individual-Representative, and each Authorized Individual-Representative will have the same rights to access and communicate through the Authorizing Patient’s Phyzit account. 

H.             How Phyzit Protects Your Information

Phyzit uses both technical and procedural Security Measures to maintain the integrity and security of the Phyzit and other databases, including the use of firewalls. Phyzit encrypts all PHD during transmission between you, your Provider(s) and Phyzit. Within Phyzit all data is encrypted at rest.

The safety and security of your Personal Information also depends on you. Never share your password with anyone else. Notify Phyzit, Inc. or your Provider promptly if you believe your password has been breached. Also, remember to log off of the Phyzit service when your session is finished.

I.               Security Breach Notification Requirements

Pursuant to applicable law, Phyzit may be required to send you notice of security breaches or suspected security breaches that impact your Personal Information. In the unlikely event that Phyzit must provide you a notice of a security breach, Phyzit will send you security breach notices to the e-mail address contained in your account information unless we are otherwise require by law. 

Please note: many e-mail systems have built in SPAM filters.  If you have one in place, you should check with your system administrator or the available instructions to confirm that e-mails from Phyzit are not blocked by the filter (e.g., by confirming that the Service domain name (Phyzit.com) is a permitted domain name.

J.             Changes to this Privacy Policy

Phyzit reserves the right to change the Privacy Policy in its sole discretion. In such case, Phyzit will post the new Privacy Policy on the web site and the effective date of the new Privacy Policy will be clearly marked. If Phyzit updates this Privacy Policy, your continued use of the Service (following the posting of the revised Privacy Policy) means that you accept and agree to the terms of the revised Privacy Policy. Remember, by using any part of the Service, you accept and agree to our Privacy Policy and privacy practices.

If you have additional questions, please contact Phyzit any time at support@phyzit.com.

Or write to the company at:

Phyzit, Inc.
c/o Privacy
P.O. BOX 7632

Little Rock, Arkansas 72217 (USA)

stewart@phyzit.com

Version 2.0 Revised 01/24/2017