Last Updated: 3/3/2019
I. INFORMATION WE COLLECT
We use a number of internal and third-party methods to recognize and automatically collect certain non-personal information about your use of the Site. Such information includes, but is not limited to, server log information and information regarding your domain name or the domain name of your internet service provider, information regarding the device you are using, the type of browser you are using, the internet protocol (IP) address used, the address of the website you visited immediately before or after accessing the Site, search engines used, the operating system you are using, the pages you visit on the Site, the length of time spent on the Site, the frequency and date/time of your visits to the Site, and other relevant statistics.
II. HOW WE USE INFORMATION
1. manage your account and facilitate your participation on the Site;
2. customize your user experience on the Site;
3. improve the Site and any products and services;
4. respond to your questions or feedback and otherwise communicate with you;
5. troubleshoot problems that may arise on the Site;
6. protect against fraud or other criminal activity on the Site and other websites;
7. increase our understanding of our users and user database;
8. tailor advertisements or notifications to our users;
9. monitor user interest in products and services;
10. assist in tailoring products, services, and the content of the Site to our users’ needs;
11. develop new products and services;
12. contact and/or notify you of new services and send service notifications; and
13. conduct surveys, sweepstakes, contests, or other special promotions.
Additionally, if you provide us with any reviews, testimonials, or other feedback, we may use it for the purpose of publicizing and promoting ProDash. By submitting such reviews, testimonials, or feedback, you authorize us to use all or part of the statements you make, as well as your first name, last initial, and state of residence, for any lawful purpose. This information may be used in printed publications, multimedia presentations, websites, or any other distribution media. You agree that you will make no monetary or other claim against ProDash for the use of this information.
III. HOW WE SHARE INFORMATION
A. Service Providers
B. Third Party Marketing
C. Subsidiaries and Affiliates
D. Change in Control
F. Aggregate/Anonymous Sharing
H. As Disclosed
J. HIPPA ASSURANCES
In the event ProDash creates, receives, maintains, or otherwise is exposed to personally identifiable or aggregate patient or other medical information defined as Protected Health Information ("PHI") in the Health Insurance Portability and Accountability Act of 1996 or its relevant regulations ("HIPAA") and otherwise meets the definition of ProDash as defined in the HIPAA Privacy Standards (45 CFR Parts 160 and 164), ProDash shall:
(a) Recognize that HITECH (the Health Information Technology for Economic and Clinical Health Act of 2009) and the regulations thereunder (including 45 C.F.R. Sections 164.308, 164.310, 164.312, and 164.316), apply to ProDash in the same manner that such sections apply to you;
(b) Not use or further disclose the PHI, except as permitted by law;
(c) Not use or further disclose the PHI in a manner that had you done so, would violate the requirements of HIPAA;
(d) Use appropriate safeguards (including implementing administrative, physical, and technical safeguards for electronic PHI) to protect the confidentiality, integrity, and availability of and to prevent the use or disclosure of the PHI other than as provided for by this Agreement;
(e) Comply with each applicable requirements of 45 C.F.R. Part 162 if the ProDash conducts Standard Transactions for or on behalf of you;
(f) Report promptly to you any security incident or other use or disclosure of PHI not provided for by this Agreement of which ProDash becomes aware;
(g) Ensure that any subcontractors or agents who receive or are exposed to PHI (whether in electronic or other format) are explained the ProDash obligations under this paragraph and agree to the same restrictions and conditions;
(h) Make available PHI in accordance with the individual’s rights as required under the HIPAA regulations;
(i) Account for PHI disclosures for up to the past six (6) years as requested by you, which shall include: (i) dates of disclosure, (ii) names of the entities or persons who received the PHI, (iii) a brief description of the PHI disclosed, and (iv) a brief statement of the purpose and basis of such disclosure;
(j) Make its internal practices, books, and records that relate to the use and disclosure of PHI available to the U.S. Secretary of Health and Human Services for purposes of determining Customer’s compliance with HIPAA; and
(k) Incorporate any amendments or corrections to PHI when notified by you or enter into a ProDash Agreement or other necessary Agreements to comply with HIPAA.
K. III. Termination Upon Breach of Provisions. Notwithstanding any other provision of this Agreement, you may immediately terminate this Agreement if you determine that ProDash breaches any term in this section. Alternatively, you may give written notice to ProDash in the event of a breach and give ProDash thirty (30) business days to cure such breach. You shall also have the option to immediately stop all further disclosures of PHI to ProDash if you reasonably determine that ProDash has breached its obligations under this Agreement. In the event that termination of this Agreement and the Agreement is not feasible, ProDash hereby acknowledges that you shall be required to report the breach to the Secretary of the U.S. Department of Health and Human Services, notwithstanding any other provision of this Agreement or Agreement to the contrary.
L. Return or Destruction of Protected Health Information upon Termination. Upon the termination of this Agreement, unless otherwise directed by you, ProDash shall either return or destroy all PHI received from you or created or received by ProDash on behalf of you in which ProDash maintains in any form. ProDash shall not retain any copies of such PHI. Notwithstanding the foregoing, in the event that ProDash determines that returning or destroying the Protected Health Information is infeasible upon termination of this Agreement, ProDash shall provide you notification of the condition that makes return or destruction infeasible. To the extent that it is not feasible for ProDash to return or destroy such PHI, the terms and provisions of this Agreement shall survive such termination or expiration and such PHI shall be used or disclosed solely as permitted by law for so long as ProDash maintains such Protected Health Information.
M. De-Identified Data. Notwithstanding the provisions of this Agreement, ProDash and its subcontractors may disclose non-personally identifiable information provided that the disclosed information does not include a key or other mechanism that would enable the information to be identified.
N. Amendment. ProDash and you agree to amend this Agreement to the extent necessary to allow either party to comply with the Privacy Standards, the Standards for Electronic Transactions, the Security Standards, or other relevant state or federal laws or regulations created or amended to protect the privacy of patient information. All such amendments shall be made in a writing signed by both parties.
O. Interpretation. Any ambiguity in this Agreement shall be resolved in favor of a meaning that permits you to comply with the then most current version of HIPAA and the HIPAA privacy regulations.
P. Definitions. Capitalized terms used in this Agreement shall have the meanings assigned to them as outlined in HIPAA and its related regulations.
Q. Survival. The obligations imposed by this Section shall survive any expiration or termination of this Agreement.
IV. YOUR OPTIONS
A. Information You Provide
You may always choose whether or not to provide information on the Site. However, if you choose not to disclose certain information, you may not be able to fully access or use certain portions of the Site.
B. Account Information
You may update, correct, or delete any personal information about you, or delete your account, at any time by logging into your online account or emailing us at info@ProducerDashboard.com. Note, however, that even after you ask that we remove personal information from our databases, it may be impossible to remove some information, such as information tracked in our web server log files and information that may reside in backup files. This residual information is retained to preserve the integrity of backed-up files and for business continuity purposes. We may also retain (i) certain technical information for use in the aggregate and to analyze and improve the Site and (ii) personal information with any document retention policy and to comply with applicable laws, rules, regulations, or guidelines, to prevent fraudulent activity, to protect ourselves against liability, to resolve disputes, to enforce our contractual or other rights, to permit us to pursue available remedies, to limit any damages that we may sustain, and for any other legitimate business purpose.
C. Communications From Us
From time to time, we may send non-promotional announcements or notifications related to the Site. Generally, you may not opt out of these service-related communications. We may also send promotional emails or newsletters from time to time. If you do not wish to receive these promotional materials, you may opt-out by following the “unsubscribe” instructions contained in any such communications. You may also contact us at info@ProducerDashboard.com.
E. Third Party Marketing Opt Out
If, after providing consent, you want to opt out of having your personal information disclosed to third parties for marketing purposes, please let us know by sending us an email at info@ProducerDashboard.com or by writing to us at www.ProducerDashboard.com. Please be sure to include your full name, your ProDash username, the email address you used to sign up with ProDash, and your mailing address, and specifically state that you do not want your personal information shared with third parties for marketing purposes.
You can decline to allow the Site to access your device’s location, either when you are first asked permission or at any other time by using your device’s settings and controls. Certain features of the Site may not be accessible without sharing location information.
V. STORAGE AND SECURITY
Additionally, you are responsible for safeguarding and preventing unauthorized access to the information and password that you use to access the Site (“Login Information”). You agree not to disclose your Login Information to any third party and are responsible for the activity of any individual using your Login Information to access the Site, regardless of whether or not you authorized that activity. You must immediately notify ProDash of any unauthorized use of your Login Information or any other information you have provided to ProDash.
VI. YOUR CALIFORNIA PRIVACY RIGHTS
If you are a resident of California, California Civil Code Section 1798.83 permits you to request information regarding the disclosure of your personal information by ProDash or its subsidiaries to a third party for the third party’s direct marketing purposes once per calendar year. This right granted to California residents applies only to their activities within the State of California. To make such a request, please send an email to info@ProducerDashboard.com with “Request for California Privacy Information” on the subject line and in the body of the message or write us at 2330 Rocklyn Drive, Urbandale, Iowa, 50322, or calling us at 515-992-5000.
Please be aware that not all information sharing is covered by the requirements of California Civil Code Section 1798.83 and only information on covered sharing will be included in our response.
The Site is not directed to, and ProDash does not knowingly collect the personal information of, children under the age of thirteen (13). Children under the age of thirteen (13) are not eligible to use the Site and we ask that they do not submit any personal information to us. Should we discover that we have collected personal information online from a child who is under thirteen (13), we will promptly delete that personal information.
B. External Sites
D. Governing Law
The Site is hosted in the United States of America and is intended for use by residents of the United States of America only. All matters relating to the Site are governed exclusively by the laws of the State of Iowa in the United States of America and not the jurisdiction in which you are located.
If you are located outside of the United States of America and you contact us, please be advised that any information you provide to us will be transferred to, processed in, and maintained on servers or databases located in the United States of America. The laws in the United States may not be as protective of your privacy as those in your location. By submitting such information and/or using the Site, you explicitly authorize the collection, use, transfer, and disclosure of your personal information and communications in the United States of America and agree that such collection, use, transfer, and disclosure will be governed by the applicable laws in the United States of America.
E. Residents of the European Union
The Site is not currently intended for residents of the European Union. If we discover that we have inadvertently collected personal data of a data subject (as such terms are defined in the European Union General Data Protection Regulation (“GDPR”)), we will delete such information from our systems after notifying the data subject of the discovery and prohibit that person from using the Site.