The following describes the types of personal and other information that DocBuddy may collect about you, the organization you represent, and patients treated by you or by an affiliated organization, as well as how we may use and maintain that information, including, but not limited to:
Registration. Before you can use certain functionality offered through the Services, we may ask that you register with DocBuddy and provide your email address, a password, your first and last name, your institutional affiliations, other contact information, and personal details. We request this information for identification purposes, to communicate with you regarding your account, and to facilitate the functioning of certain aspects of the Services. We may keep this information indefinitely.
Forms. To fully employ the Services, you may be required to fill out forms that collect contain personal information including but not limited to your name, address, telephone number, DEA number, account information, employment, and other personal information relevant to a patient’s health insurance coverage, diagnosis and treatment.
Medical Records. For medical professionals to provide care to their patients, we may collect data concerning such patients, including but not limited to standard medical and clinical data, test results, insurance claim data, eligibility data, enrollment data, health risk assessment data, billing information, and electronic health record data. We may keep this information indefinitely in de-identified form.
Correspondence. If you correspond with us via email, we may gather in a file specific to you the information that you submit. We may keep this information indefinitely.
URL and IP addresses. Like many other websites, we collect information about the use and navigation of our Services. This information helps us to design our Services to better suit our users’ needs. For example, our Services will track the URL that you visited before you came to our website(s), the URL to which you next go and your Internet Protocol (IP) address. We may use your IP address to help diagnose problems with our server and to administer our Services. Your IP address also is used to help identify you and to gather broad demographic information.
We will not share, rent, sell or otherwise disclose any of the personally identifiable information that we collect about you, your organization(s), or your patients, except when we have your permission or in any of the following situations:
If you use our Services or services outside of the United States, information that we collect about you may be transferred to servers inside the United States and maintained indefinitely, which may involve the transfer of information out of countries located in the European Economic Area. By allowing us to collect information about you, you consent to such transfer and processing of your data.
Our Services require users to give us unique identifiers in order to log into many areas of our Services. We utilize these unique identifiers to verify the user’s identity and eligibility, in order to protect our members from the release of sensitive or personally identifiable information to unauthorized users. To help protect the privacy of data you transmit through our Services or through a mobile device, where personally identifiable information is requested, we also use technology designed to encrypt the information that you input before it is sent to us using Secure Sockets Layer (SSL) technology or similar encryption technology. In addition, we take steps to protect the data we collect against unauthorized access. However, you should keep in mind that our Services are run on software, hardware and networks, any component of which may, from time to time, require maintenance or experience problems or breaches of security beyond our control.
You may correct or update information collected about you by managing your account profile or by contacting us at the email or mailing address noted below. We will use reasonable efforts to update our records. For our records, we may retain original and updated information for reasons such as technical constraints, dispute resolution, troubleshooting and agreement enforcement.
We do not knowingly collect or maintain personally identifiable information from persons under 13 years old, and no part of our Services are directed to persons under 13. IF YOU ARE UNDER 13 YEARS OF AGE, PLEASE DO NOT USE OR ACCESS OUR SERVICES AT ANY TIME OR IN ANY MANNER. If we learn that personally identifiable information of persons less than 13 years old has been collected without verifiable parental consent, then we will take appropriate steps to delete this information.
Google Analytics is a web analysis service provided by Google Inc. Google uses collected data to track and examine the use of our website(s), to prepare reports on its activities, and share them with other Google services. Google may use the data it collects to contextualize and personalize the ads of its own advertising network.
The use of Google Analytics in connection with our Services might use Google’s Interest-based advertising, 3rd-party audience data and information from the DoubleClick Cookie to extend analytics with demographics, interests and ads interaction data.
We use Google Firebase to send notifications to users of the Android version of our software. Firebase may collect data about you regarding engagement with our application, what kind of device you are using, your location, and other data regarding you and your use of our Services.
We may capture and disclose data about you and your use of the Services in order to develop, test, and refine our offerings using tools and services developed by third parties. Such third-party tools include but are not limited to Bitrise, BugSnag, FireBase, and Pusher, among others.
If enabled by you, the iOS version of our mobile application Services may use Apple iCloud for the storage and syncing of DocBuddy data. Similarly, if enabled by you, we may use data collected by Apple Analytics to help us better understand how our users use our Services.
We may store content that you disclose to us on virtual servers owned by third parties, including but not limited to Amazon Web Services (each, a Cloud Service Provider). A Cloud Service Provider may disclose, move, access, or use data disclosed by you in accordance with the agreements between DocBuddy and such Cloud Service Providers, as well as the terms of service or privacy policies of such Cloud Service Providers.
We may use, in limited instances, certain third-party services (each, an Integration Platform) to transfer PHI between our systems and electronic health records systems licensed or accessed by your affiliated healthcare organization. In connection with our use of an Integration Platform, if any, we may disclose and transmit PHI to the owner or licensee of such an Integration Platform, as well as information regarding software, devices, and network configurations used by you or your affiliated healthcare organization, for the purposes of providing services to you or your affiliated healthcare organization.
Certain aspects of our services require you to enter speech data in order to use and derive the benefits of our software applications. These applications collect and transmit the speech data you input into the software applications. One or more third parties acting under our direction, pursuant to confidentiality agreements, use the speech data to develop, tune, enhance, and improve their services and products. Neither DocBuddy nor its vendors will use the contents of any speech data provided to us through your use of DocBuddy services for any purpose except as set forth above. Speech Data means the audio files, associated text and transcriptions and log files provided by you here under or generated in connection with our applications, and may include personal information or PHI.