FHIRBlocks Privacy Policy

Last Updated: March 15, 2021

 

BBM Health, LLC d.b.a., FHIRBlocks (“FHIRBlocks” or “we” or “our”) is committed to maintaining security and privacy of information of its customers. FHIRBlocks offers a platform and services to give patients access to their electronic health information and facilitates data interoperability between patients, health care providers, health care systems and other authorized health care solutions partners. This Privacy Policy describes FHIRBlocks’ information collection practices in connection with use by patients of the FHIRBlocks website at www.FHIRBlocks.com, software we offer through our website, mobile applications, and web-based tools (collectively, our “Services”). FHIRBlocks collects and uses information in the course of our customers’ (“you” or “your”) use of our Services.

 

Consent of use of Personal Information

By accepting our Terms of Use (FHIRBlocks Mobile App Terms of Use), you consent to the collection, use, storage, and disclosure of personally identifiable information as outlined therein and in this Privacy Policy.

 

How Do We Collect Personal Information?

The information FHIRBlocks collects from you depends on your activities and use of our Services. We comply with all local, state and federal privacy laws regulating the transmission, processing and storing of health information, including the Health Insurance Portability and Accountability Act of 1996, as amended from time to time, together with the regulations adopted thereunder (“HIPAA”). References in this Privacy Policy to “data” applies to all types of data, including de-identified, anonymized or pseudonymized data.
 

Information you provide to us

  • Account and Profile Information: When you register and use the Services, we may collect information about you such as your name, title, email address, phone number, address, and similar information by which you may be personally identified (“Personal Information”). We may collect this information directly from you or from another user (administrator or other authorized person).

  • Health Information: You may also provide us with Protected Health Information (as defined under HIPAA) or authorize us to obtain Protected Health Information from third parties. This may include:

    • Information about your health care providers health care coverage

    • Health information that might be included in electronic health or medical records (including medications) or Medicare claims and encounter data, if you elect to have that information shared with us. You are responsible for determining uses and disclosures of your personal health information and the potential impact such uses and disclosures might have on your family members when it involves data regarding genetic and family health histories.

  • Together, we refer to Personal Information and Protected Health Information as “Your Information.” We will specifically ask for your permission to get Your Information from a third party.

  • Content of Information: We collect and store content you create, input, transmit, or store in the process of using our Services, including Your Information and data you post (i.e., upload) to our platform. Such content may include Protected Health Information and other regulated and/or personal information. We also collect information on your behalf when you authorize us to retrieve and import information from business customers, vendors or other third parties. We may collect other data you may submit when using our website or that you may submit to us directly such as when you request customer support.

 

Information we automatically collect from your use of our website

  • FHIRBlocks and our third-party partners (such as analytics service providers) may automatically receive and record certain non-Personal Information from you using web logs when you interact with our website (such as your IP address, browser type, internet service provider, operating system, URLs, date/time stamps, and system configuration information). We also collect and store analytics (e.g., usage) information to help us improve our Services.

  • FHIRBlocks uses various technologies to collect information about your use of our website, including cookies and other tracking mechanisms. We gather this information to allow you to access and use the website more easily and to improve our services to you more generally. For example, we use these tools to save user preferences, preserve session settings and activity, help authenticate users, allow users to auto-fill pages of websites they frequently visit, and debug and evaluate the performance of our website. Our third party service providers also may collect such information about your online activities over time and on other websites or apps. Our systems do recognize browser “do-not-track” requests. You may be able to disable certain tracking, cookies, and change browser settings to block and delete cookies when you access our website through a web browser, however doing so may affect its functionality.

 

Information we collect from third party sources

  • We may obtain information about you from our partners, service providers and other sources and add it to information we otherwise have about you.

 

Other

  • FHIRBlocks also collects certain information about you automatically through your smartphone and/or other wearable devices. Your smartphone and/or wearable device(s) may have a built-in app that allows you to collect Your Information on the same device on which FHIRBlocks’ app is also loaded and store and share Your Information with us and with other apps and devices. For example, we may automatically collect data via Apple’s health application and HealthKit and you may enable sharing between FHIRBlocks, Apple and other health applications as well as choose which information is shared. You may also enable sharing between FHIRBlocks and cloud-based health and fitness platforms and applications such as Google Fit. Because the settings in your smartphone and/or wearable device(s) and such other apps will affect how your information is used and disclosed, it is important that you review the privacy policies and settings of those applications and platforms.

 

How Do We Use This Information?

We may use the information we collect for a variety of purposes, including to:

  • Provide, operate, maintain, improve, promote, and personalize our Services to you;

  • Communicate with you, including responding to your comments and questions; providing customer service and support; providing you with information about our Services, including technical notices, security alerts, changes in our terms, or administrative messages; and providing other news or information about us and our partners;

  • Investigate and prevent fraudulent transactions, unauthorized access to our Services, and other illegal activities;

  • For business purposes, such as data collection and analysis, developing new products, services, features, and functionality; we may anonymize and aggregate data collected through our Services; and

  • Monitor and analyze trends, usage, and activities in connection with our Services to better understand how users access and use our Services and platform, both on an aggregated and individualized basis, in order to improve our Services, platform and our services to our customers, and for other research and analytical purposes. We may combine and compile Your Information with other individuals’ information for the purpose of analysis.

 

How Do We Share Your Personal Information?

To the extent that you provide us with Your Information, we will use and disclose it only to the extent disclosed and permitted in this Privacy Policy. We apply reasonable and appropriate measures to safeguard the confidentiality, integrity, and availability of Your Information we store and process on behalf of you.

We may share Your Information in the following ways:

  • With your consent: We will share Your Information with companies, organizations, or individuals outside of FHIRBlocks when we have your prior proper consent to do so, except as otherwise specified herein.

  • Vendors and other third parties: We may share Your Information with third party vendors, service providers, contractors or agents who perform services on our behalf and require access to such information to do that work and support our business. In each such case in compliance with HIPAA. Examples include data analysis, payment processing, hosting services, and customer support functions. Such third-party service providers will only have access to Your Information as necessary to perform their functions and pursuant to agreements they enter into with us that require them to fully comply with our data protection policies and this Privacy Policy.

  • Compliance with laws and protection of our rights: We may use and disclose Your Information to a third party if: (i) we believe that disclosure is reasonably necessary to comply with any applicable law, regulation, legal process or governmental request; (ii) to enforce our agreements, policies and terms of service; (iii) to protect our operations and the security or integrity of FHIRBlocks products and services; (iv) to protect the property, rights, and safety of FHIRBlocks, you, our customers or the public from harm or illegal activities; or (v) to investigate and defend ourselves against any third-party claims or allegations and to allow us to pursue available remedies or limit the damages that we may sustain.

  • Sale of the Business: We may share or transfer Your Information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company. In the event of such an event, an acquiring company will be responsible for informing you about material changes to the way your data is used.

  • Aggregate or non-identifying data: We may share aggregate or other non-Personal Information that does not directly identify you with third parties in order to improve the overall experience of your using our website and the Services that we provide.

We do not rent, sell or share Personal Information about you with other persons for their direct marketing or other purposes, without your permission.

 

How Do We Protect Your Information?

Maintaining the privacy and security of Your Information is important to us. FHIRBlocks has implemented appropriate safeguards to prevent unlawful use or disclosure of information. These include administrative, physical, and technical security safeguards that reasonably and appropriately protect the confidentiality, integrity, and availability of information we receive, maintain, or transmit. Nevertheless, while security of information is of tremendous importance to us, no data transmission (over the internet or any wireless network) or method of electronic storage can be guaranteed to be 100% secure. In the event of a security breach, we will notify affected individuals, regulatory authorities, and others consistent with requirements under federal and state law or contractual obligations.

 

Information retention

FHIRBlocks’ collection, use, and disclosure of information are generally governed by this Privacy Policy and by law, including by HIPAA. Information maintained to provide our Services to our customers is retained only for as long as we have a valid business purpose and in accordance with applicable law. FHIRBlocks may retain Your Information as necessary to comply with legal obligations, resolve disputes and enforce our agreements and other authorized uses under this Privacy Policy. Upon termination of your account, you can request deletion of Your Information. For accounts that have been dormant with no activity for an extended period of time, we will contact individuals directly prior to removing the account and associated health information. Please note that if you are an individual user, closing your account affects only Your Information that is stored on FHIRBlocks servers. It does not affect, alter or accomplish the deletion of any of Your Information that is stored or maintained on other systems, such as those of your healthcare providers or our other customers that may have, with your permission, provided us with Your Information. FHIRBlocks indefinitely stores non-Personal Information.

 

Updating Your Information

You may modify Your Information that you have submitted by logging into your account and updating your profile information. You may discontinue use of the Services and FHIRBlocks’ use of Your Information by contacting support@fhirblocks.com. In the event you withdraw your consent for use of Your Information, FHIRBlocks will permanently delete all of your health data from our data stores. However, your Personal Information may persist in Backup Files for up to a year and in our Audit Files for longer periods of time consistent with federal and state laws as well as private organization guidelines that pertain to analogous categories of data and information.

Please note that copies of information that you have updated, modified or deleted may remain viewable in cached and archived pages of the site or application for a period of time. You may also contact us directly if you would like to review, correct, amend, delete or otherwise limit our use of Your Information that has been previously provided to us by contacting us at support@fhirblocks.com. Although we will use reasonable efforts to do so, it may not be technologically possible to remove from our systems every record of Your Information. The need to back up our systems to protect information from inadvertent loss means a copy of Your Information may exist in a non-erasable form that will be difficult or impossible for us to locate or remove.

If you have used our Services to share information with another user or a third party, we will not be able to access, update, or delete that shared information. You will need to contact that other user or third party directly. Further, if another user of our website or services submits information that identifies you, you will not be able to access, update, or delete that information.

Certain users - such as health care providers - may be required under applicable laws or regulations to retain information about you for extended periods of time, even indefinitely. Additionally, we may have independent obligations under applicable laws or regulations to retain such information indefinitely. We also retain copies of data stored by our website for indefinite periods of time for disaster recovery and business continuity purposes.

 

Protecting Children’s privacy

FHIRBlocks’ website and Services are not intended for use by individuals under the age of 18. By using this Services, you warrant that you are 18 years of age or older.

 

International Access; Acceptance of Policy

If You are using our website and services when outside the United States of America, Your information will be transferred to, stored, and processed in the United States. The privacy laws of the United States may not be as protective as those in other jurisdictions. By using our website and services, you acknowledge that we collect and process your data as described in this Privacy Policy. We collect and use information as reasonably necessary to fulfill your requests for suggested support resources, to operate our business, and to comply with law.  You acknowledge that these are acceptable reasons to collect and process your data.  You also consent to the transfer of your information to the United States and the use and disclosure of your information as described in this Privacy Policy.  If you want us to correct, delete, or no longer process your data, please contact us at support@fhirblocks.com. You understand and agree that a request for us to delete or no longer process your data means that you can no longer use our website and services, as it is necessary for us to generate suggested support resources for our website and services. 

 

California privacy rights

California Civil Code Section § 1798.83 permits users of our website who are California residents to request certain information regarding our disclosure of Personal Information to third parties for their direct marketing purposes. To make such a request, please contact us at support@fhirblocks.com.

 

Third party websites

We are not responsible for the practices employed by websites linked to or from our website nor the information or content contained therein. Often links to other websites are provided solely as pointers to information on topics that may be useful to the users of our website. Please remember that when you use a link to go from our website to another website, our Privacy Policy is no longer in effect. Your browsing and interaction on any other website, including websites which have a link on our website, is subject to that website’s own rules and policies. Please read over those rules and policies before proceeding.

 

Acceptance and Changes to this Privacy Policy

By using our website, you signify your acceptance of this Privacy Policy. If you do not agree to the terms of this Privacy Policy, please do not use our website or our services. We may update this Privacy Policy by posting changes on this website or otherwise notify you directly. Any Privacy Policy changes will be effective for all information that we maintain, even information in existence before the change. Your use of our website following any changes to the Privacy Policy signifies your acceptance of those changes.

 

Contact Us

If you have any questions or concerns about the Privacy Policy or FHIRBlocks, please email us at support@fhirblocks.com.