SYMBOL HEALTH SOLUTIONS, LLC WEBSITES
Protecting Personal Information
We strive to maintain electronic and procedural safeguards in order to comply with federal and state regulations to guard nonpublic personal information. Although we generally believe that we have reasonable procedures and technologies in place which strive to protect against unauthorized disclosure of nonpublic personal information, we cannot, and do not, guarantee that information posted on, collected by or transmitted to, from, through or for this website will remain confidential or private at all times. We offer no assurances whatsoever that our controls and techniques will prevent unauthorized disclosures or breaches of, or compromises, in security.
To the extent you provide or access information on our system through the use of a password, we encourage you to keep your password confidential and secure, as we cannot be responsible for acts resulting from the unauthorized use of your password. And, as set forth in the Terms and Conditions of Use for this website, we have other rights, and you have other obligations, about or concerning any of your user ID, login, password or other access controls.
HIPAA Privacy Protections
We do not collect information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) via our website. This information is gathered through the PATIENT PORTAL, hosted by NextGen Healthcare Information Systems, LLC, its parent company Quality Systems, Inc. and their respective subsidiaries and affiliates.
SYMBOL and its clients have a “Business Associate Agreement,” or “BAA” to keep protected health information confidential as required by HIPAA. If you require a copy of the BAA, it can be obtained through the SYMBOL website TALK TO US form. This BAA does not change your CareClinic contract.
Collection of Data from Children
The information above illustrates, but does not exhaust, the kind of information that may be necessary or convenient for us to collect in order to serve your health-related or educational-related needs, or in order for us to provide you with other services available via the website or in order for us to protect our content, website, personnel and our other interests. For more information, visit the Federal Trade Commission’s website for tips on protecting children’s privacy online: www.OnGuardOnline.gov.
What Information We Collect
The types of information that may be gathered by us in connection with your use of this website includes information such as your name, address, email address, employer identity, information about your job function, and other information. We endeavor to clearly label which information is required and which information is optional in all cases. If you are unable or choose not to provide us with the personal information we reasonably require, we may be unable to provide you with the information or services you have requested.
We may also collect information regarding your use of educational or informational materials or services, including the articles or educational materials you have viewed or purchased. If you make a purchase via this website, information about the financial transaction may be collected. We do not store credit card information.
How We Collect Information
Our website collects information, such as information provided by you, and monitors website activity, such as described in our Cookies and Other Tracking Technologies section below.
Actively Submitted Information
We collect certain types of personal information when you act with our Services, such as when you:
- Register for an account on any Service or update your profile information
- Sign up for e-news or emails
- Participate in a health education program
- Respond to an online survey
- Submit comments, reviews or other user-generated content on our Services
- Request customer or technical support from us
SYMBOL tracks your usage of our website when you interact with email or other electronic communication. All of this information may be used or disclosed for various purposes (for example, but not limited to, the following: to monitor aggregate activity and trends, to improve site content, to comply with any laws, treaties, rules or regulations and to achieve our other business purposes). We may use and disclose information to third parties, as outlined in the Sharing of Information section below, except to the extent such use or disclosure clearly violates applicable law. The information we collect is not sold to marketing vendors, direct mail entities or email list services.
Passively Submitted Information
For each visitor to our website, we may collect or track (in addition to the information mentioned above) non-personal information such as, but not limited to, referring domain name, IP address, and browser type. An IP address is a number automatically assigned to your computer by your Internet service provider. Each time you use the website and each time you request one of our pages, our server logs your IP address. This type of information is collected for such purposes as system administration and to audit the use of the website.
Where permitted by applicable law, we may collect information about your place of employment, job title and other information from public resources. We may also collect or track other personal information to the extent not in violation of any applicable law.
Cookies and Other Tracking Technologies
SYMBOL and our analytics providers, such as Google Analytics, use technologies such as cookies, beacons, tags, and scripts, to collect information and to analyze website user activity. When users revisit our website, we may recognize the user based on any cookies placed on their computer and customize the users’ experiences accordingly. We may receive reports based on the use of these technologies.
Third party sites hyperlinked from the website may contain cookies that are collected by the third-party site owner. These cookies are beyond our control.
We do not accept, and we do disclaim, any responsibility or liability, whether civil, criminal or otherwise, for damages, losses, fines, injuries, demands, actions or other claims resulting from the use of or reliance on information located on any linked sites or resulting, in any way, from the content of such sites.
Use of Personal Data Collected
We use personal information that we collect about you through SYMBOL’s Services to:
- Upon request, create an account for you for the Services;
- Respond appropriately to your inquiries;
- Update you regarding your account;
- Provide you with a customized experience in connection with our Services;
- Discharge our contractual obligations to you; and
- Comply with any legal obligations that apply to us.
To the extent permitted by applicable law, including in accordance with your consent where required by applicable law, we also use your personal information for the following purposes:
- Invite you to participate in online health education programs by email. If you do not wish to receive such emails, you may opt out by following the opt-out instructions included in such emails. We may also invite you via postal mail.
- Send you health and wellness newsletters/blog posts including the top health news in your field of interest, employer-sponsored clinic industry news, and CareClinic or medical alerts. If you do not wish to receive such emails, you may opt out by following the opt-out instructions included in such emails.
- Send you invitations to complete market research surveys, by email. If you do not wish to receive such emails, you may opt out by following the opt-out instructions included in such emails.
- Review the information provided by you and obtained from public resources to complete your profile and better understand which medical news, education programs and surveys may be of most interest to you.
We also perform statistical analyses of the users of our Services to improve the content, design and navigation of our Services. In these cases, we use aggregate or statistical data that cannot reasonably be used to identify you.
If you respond to a SYMBOL survey, we only use your personal information in connection with your survey responses for the purposes of: (i) verifying your eligibility to participate; and/or (ii) validating your identity and responses for the purposes of preventing duplicate or fraudulent responses. Unless we have obtained your explicit consent, we anonymize survey results before sharing them with third parties, although we may be required by applicable law to identify a particular respondent to comply with applicable legal requirements, such as adverse events reporting requirements.
Opt-Out Right and Updating Account Information
If you would like to opt out of receiving invitations to medical education programs, medical surveys or medical newsletters from us, please click the opt-out link at the bottom of our emails. Even after you opt out or update your preferences, however, please allow us sufficient time to process your preferences. It may take up to 10 days to process your email-related requests, and up to 30 days for all other requests. Even after you have opted out of receiving invitations to medical education programs, medical surveys and medical newsletters from us, we may still contact you for appointment-making, healthcare follow-up, transactional or informational purposes. These include, for example, customer service issues or any questions regarding a specific inquiry you made to us.
If you believe any information we have about you is no longer accurate or current or would like to access personal information we may have about you, please contact us by emailing email@example.com. Upon authenticating your request, we will update or amend your information, or provide you with access, but we reserve the right to use personal information obtained previously to verify your identity or take other actions that we believe are appropriate.
Sharing of Information
SYMBOL does not share personal health information with patients’ employers, per our HIPAA privacy protections. Any reporting of patient health trends to SYMBOL clients are de-identified, completely anonymous and general in nature. We do not sell your nonpublic personal information to third parties. We may share information with our affiliated companies and others, such as auditors, insurers, reinsurers, producers, brokers, insurance agents or business consultants or other third parties with whom we may, from time to time, do business. We may disclose information about our website users to these parties in connection with their services or in connection with conducting our business or their business. For example, SYMBOL clients’ Human Resources representatives or brokers who market and sell our Services may have access to information as we view as necessary or convenient in conducting our business.
We may also disclose your use of, and other information about, educational and informational services for the purpose of reporting SYMBOL educational utilization to client leadership.
We may disclose personal, private, confidential or other information, with or without prior notice to you, when we believe that disclosure is, or appears likely, required by law or in answering or otherwise responding to any lawful discovery, investigation or subpoena. We may also disclose personal, private, confidential or other information, with or without prior notice to you, in cooperation with local, state and federal law enforcement (whether criminal, civil or otherwise) investigations and in cooperation with local, state and federal regulators, auditors and other governmental agencies or bodies.
From time to time, we may retain third parties to perform various support services for us or provide consulting or other services to us or for our website users including, but not limited to, our website designer and information technology support technicians.
We may contact you via surveys to conduct research about your opinion of current services or of potential new services that may be offered.
As set forth in the Terms and Conditions of Use for this website, we have other rights, and you have other obligations.
1) Send us an email at firstname.lastname@example.org , or
2) Write us at:
3765-A Government St.
Mobile, AL 36693
Supplemental European Privacy Statement
Legal Bases for the Processing
We process your personal data on several different legal bases, as follows:
- Based on compliance with legal obligations (see Article 6(1)(c) of the EU GDPR): We may need to process your personal data to comply with relevant laws, regulatory requirements and to respond to lawful requests, court orders, and legal process.
- Based on our legitimate interests (see Article 6(1)(f) of the EU GDPR): We process your personal data to send you invitations to relevant medical education activities (unless you have opted out), medical newsletters (unless you have opted out), invitations to relevant market research surveys (unless you have opted out), understand which products and services may be relevant to you and generally improve our products, services and business practices.
- Based on consent (see Article 6(1)(a) of the EU GDPR): We process your personal data on the basis of your consent in various instances, such as with respect to cookies that are not strictly necessary. You may withdraw such consent at any time, without affecting the lawfulness of processing based on consent before such withdrawal.
Disclosures to affiliates
In accordance with applicable law, SYMBOL may disclose your personal data to its affiliates who act as data controllers for the purposes of improving SYMBOL and their products, services and business practices. Please contact us at email@example.com for information about our affiliates and, if applicable, their GDPR-specific representative and data protection officer.
Personal Data Transfers outside of the EEA
Some recipients of your personal data located outside of the EEA are located in the following country for which the European Commission has issued adequacy decisions: Canada. In this case, the transfer is thereby recognized as providing an adequate level of data protection from a European data protection law perspective (pursuant to Article 45 of the EU GDPR).
Some recipients of your personal data are located in the following countries for which the European Commission has not issued an adequacy decision in respect of the level of data protection there: The U.S. (where the recipient is not Privacy Shield certified) and Mexico. By entering into appropriate data transfer agreements based on Standard Contractual Clauses (2010/87/EU and/or 2004/915/EC) as referred to in Article 46(5) of the EU GDPR or other adequate means, we have established that all such recipients will provide an adequate level of data protection and that appropriate technical and organizational security measures are in place to protect personal data against accidental or unlawful destruction, loss or alteration, unauthorized disclosure or access, and against all other unlawful forms of processing. Any onward transfer (including to our affiliates outside the EEA) is subject to appropriate onward transfer requirements as required by the applicable contract or law.
You can ask for a copy of such appropriate data transfer agreements by contacting us as set out at the bottom of this notice.
We will delete, erase or anonymize your personal data within one month after your personal data is no longer necessary for us to provide you with any information or services you have requested, pursue any of the legitimate interests specified herein where the legitimate interest is not overridden by your fundamental rights or privacy interests, comply with any legal obligations to which we are subject, or defend any legal claim against us or support any legal claim made by us, including any potential appeal.
Data Subject Rights
Under the conditions set out under applicable law (i.e., the EU GDPR), you have the following rights:
- Right to withdraw your consent: If you have declared your consent regarding certain types of processing activities, you can withdraw this consent at any time with future effect. Such a withdrawal will not affect the lawfulness of the processing prior to the consent withdrawal.
- Right of access: You have the right to obtain from us confirmation as to whether your personal data is being processed, and, where that is the case, to request access to the personal data. The access information includes, among other things, the purposes of the processing, the categories of personal data concerned, and the recipients or categories of recipients to whom the personal data have been or will be disclosed. You have the right to obtain a copy of the personal data undergoing processing. Subject to applicable law, we may charge a reasonable fee for copies, based on administrative costs.
- Right to rectification: You have the right to obtain from us the rectification of inaccurate personal data concerning you. Depending on the purposes of the processing, you have the right to have incomplete personal data completed, including by means of providing a supplementary statement.
- Right to erasure: You have the right to ask us to erase your personal data to the extent it is not required for legally required purposes.
- Right to restriction of processing: You have the right to request restriction of processing of your personal data, in which case, it would be marked and processed by us only for certain purposes.
- Right to data portability: You have the right to receive your personal data which you have provided to us in a structured, commonly used and machine-readable format and you have the right to transmit the personal data to another entity without hindrance from us.
- Right to object: You have the right to object, on grounds relating to your particular situation, at any time to the processing of your personal data by us and we can be required to no longer process your personal data. If you have a right to object and you exercise this right, your personal data will no longer be processed for such purposes by us. Exercising this right will not incur any cost. Such a right to object may not exist, in particular, if the processing of your personal data is necessary to take steps prior to entering into a contract or to perform a contract already concluded.
- Right to submit complaints: You have a right to lodge a complaint with a supervisory authority.
Please note that these rights may be limited under the applicable national data protection law. To exercise your rights, please contact us as stated below.
You are not required to provide any personal data to SYMBOL, but if you do not provide any personal data to us, you may not be able to use or receive the Services. You can use the Services without consenting to cookies that are not strictly necessary; the only consequence is that the Services will be less tailored to you.
For more information or to exercise your rights as described herein, please contact us at firstname.lastname@example.org.