An “Individual” is any person visiting the public sections of the Website
A “Provider” is a physician, facility, group practice and/or their authorized representatives that may access SutureHealth’s products or services available on the Website.
A “Registered User” (User) is any Provider authorized to enter the secure sections of www.SutureHealth.com.
SutureHealth, through its products and services, provides private and secure access to health related and personal information. In addition, SutureHealth provides private and secure access to Provider information.
Providers must register to access the secure areas of SutureHealth. Privacy and security are top priorities at SutureHealth. For that reason, SutureHealth has implemented a process that helps protect Protected Health Information (“PHI”), as that term is defined by the Health Insurance Portability & Accountability Act of 1996, as amended (“HIPAA”), contained on our site from inappropriate access. Before a Registered User can access medical information available on our site, the user must first be authenticated as being a provider or a representative of a provider as defined above.
Information Collected Before Registration: SutureHealth obtains personal information regarding physician providers from a third party source including but not limited to state medical license numbers. This data is protected within a secure firewall environment, access to which is limited to only SutureHealth and its representatives.
Information Collected During Registration: SutureHealth collects personal data during the registration process, including but not limited to names and email addresses. SutureHealth will not sell nor distribute personally identifiable or contact information. SutureHealth reserves the right to provide a service to third parties who may wish to contact you through our network provided that you have given consent for such services to be rendered. As part of the service provided by SutureHealth, you understand that SutureHealth will contact you on the behalf of other healthcare providers
Statistical Data on Website Usage – SutureHealth continually strives to enhance the features and services that are offered to our web site. In an effort to determine the effectiveness and functionality of our web site, we monitor aggregated data regarding the use of our web site. For instance, we may track the number of visits to a certain page; direct links from other web sites; and frequency of usage for independent services. Although we reserve the right to share this information as indicated above, this statistical data, does not contain any personal information that could disclose the user’s identity.
Disclosure of Non-Public Personal Information, including Personal Health Information (PHI): We restrict access to nonpublic personal information, including PHI. Information may be shared with entities (i.e. providers and vendors) that assist SutureHealth in providing services to our Registered Users. Information is provided to nonaffiliated third parties as required or allowed by federal and state law. SutureHealth maintains physical, electronic, and procedural safeguards that comply with federal regulations to guard nonpublic personal information, including but not limited to high-level encryption.
Disclosure to Providers: SutureHealth discloses nonpublic personal information including PHI to Providers through their access to the website. This information is disclosed to Providers for treatment, payment or health care operations (TPO) as allowed under HIPAA. To ensure that Providers are only accessing patient information for TPO, SutureHealth has implemented the following safeguards:
• The accompanying Terms of Service outlines acceptable uses of patient information.
• SutureHealth maintains audit trails of user activity.
• SutureHealth requires both a user name and password for access to PHI.
• Providers default access to PHI is limited to those records with which they or their associates (i.e. providers who are in the same practice or facility) or representatives need to have access for treatment, payment, or health care operations. For some facilities this is determined by their need to create or modify patient records. Notwithstanding however, these facilities will only have access to the medical information that they have submitted into the system; thus, alleviating those access concerns which often times arises in a competitive market environment.
Disclosure of Aggregate Information: SutureHealth may disclose aggregate information to third parties. This information may contain medical information; however, it is not associated to a specific individual. Depending on the circumstances, SutureHealth may or may not charge third parties for this Aggregate Information. SutureHealth requires parties with whom aggregate information is shared to agree that they will not attempt to make this information personally identifiable, such as by combining it with other databases.
Retention of Information Collected
While SutureHealth uses SSL encryption to protect sensitive information online, SutureHealth protects User-information off-line. Only employees who need the information to perform their jobs are granted access to personally identifiable information. Furthermore, all employees are kept up-todate on SutureHealth security and privacy practices. Finally, the servers that store personally identifiable information are kept in a secure environment.
Revised: May 9, 2011
Did you find this article helpful?