Privacy Policy
Our Philosophy. Your trust is our greatest asset. We make every reasonable effort to ensure that information held by MedScope-powered Web sites is confidential and secure. We disclose our information-security practices to you as clearly and fully as possible. These practices receive continuous oversight, and many of our business decisions, including Web design, technology selections, and third-party business relationships, begin and end with considerations for your privacy.
Contacting Us. If you have any questions about this Privacy and Confidentiality Policy, the practices of MedScope-powered Web sites, your dealings with MedScope, or would like to provide comments, please contact us at info@medscope.org, or by phone, toll-free, at 1-800-645-2060 within the United States.
Site Ownership, Scope, and Applicability of The Policy. This Policy applies only when you are within the MedScope-powered environment and only to information that MedScope collects. Please be advised that individual medical practices with MedScope-powered Web sites are the legal owners of those MedScope-powered sites and can customize their sites in two ways that fall outside the scope of the MedScope Privacy and Confidentiality Policy: A medical practice could put a link on its site that takes you to a site or service that is not part of the MedScope-powered environment. Once there, you will no longer be interacting with a MedScope server, and you should no longer see any MedScope trademarks or legends that refer to MedScope. If you leave the MedScope-powered environment in this way, you can no longer be assured that the operator of the other site or service will follow the privacy policies and information security practices that are described in this MedScope policy.
Within borders bearing a MedScope trademark, a practice might publish online forms that ask you to provide information, which is then sent directly to the practice via e-mail (instead of sending it to a database on a MedScope server). The most common example would be a practice conducting an online survey or questionnaire among visitors to its site. MedScope has no control over information collected in this manner and we cannot be responsible for the security or privacy of that information.
Activity Tracking. We collect and use activity statistics so we can understand the ways in which our sites and services are being utilized. Activity related data is stored anonymously and it is only used in the form of aggregated statistics. This aggregated, anonymous data may also be shared with business partners. Activity related data cannot be used to target you with solicitations of any kind.
With the exception of your User ID and Password, you have full, online access to any and all information that you provide to us for purposes of viewing and changing it.
Collection and Stewardship of Other Information. We only collect information that is required in order to provide you with services. We design our sites so that you must make express, informed choices to use services that ask for personal information and authorize us to have access to your personal information. If you do choose to provide us with personal information, we will hold that information in the strictest confidence taking all reasonable steps to protect your personal health information.
At any time, you can opt out of any service you have been using and revoke your authorization for our access to your information. We monitor and adopt best practices from industry guidelines and applicable statutes, and we follow appropriate information security practices.
Third Parties. We work with business partners to provide the highest-quality service available. Our business partner contracts include protective language regarding consumer privacy in those cases where we feel the nature of the partner’s role demands it. We do not disclose personal information to any third party without clearly noting the purpose of such disclosure at the point where you choose to use the service and obtain your authorization.
Use of Cookies. We use non-persistent session state cookies to establish and sustain login sessions. These cookies disappear after you close your browser. The cookies are used to monitor your session and to automatically log you out of our service if you exceed 60 minutes of inactivity. Other sites cannot use cookies created by our sites, and we do not use cookies to track your activities outside of our own sites. A cookie is a small text file that Web sites use to recognize a user. At its simplest, cookie technology works by carrying a unique ID generated by the server that creates the cookie. A cookie does not pose a threat to the computer that accepts it.
Legal Requests. MedScope cooperates with law enforcement inquiries as a matter of policy. We will use IP addresses and other available information to attempt to identify a user when we are legally compelled to do so or when we feel it is necessary to protect our services, sites, customers, or others.
Legal Disclaimer. Unfortunately, no data protection method or combination of methods can be guaranteed 100 percent secure. We take all reasonable steps to protect your personal information as described throughout this policy, but we cannot ensure or warrant our ability to do so. As a result, you use MedScope content, products, and services at your own risk. MedScope will not be liable for disclosures of your personal information due to errors in transmission or unauthorized acts of third parties.
Encryption. We use all reasonable means to provide secure transmission of your information from your computer to our servers. When you transmit personal information to us, we encrypt it using the current industry-standard encryption technology. Encryption provides a secure means to protect your information as it passes over the Web to our servers.
Firewalls. Our servers and other technical infrastructure are protected from network intrusion using firewalls and other means.
Internal Access. Our employees and contractors have occasional, legitimate needs to access our data servers for purposes of system troubleshooting and maintenance. We ensure that such access is granted only to those who have such needs. All such individuals are continually made aware of their obligations regarding user information. Access is controlled via pre-assigned user accounts that require multiple levels of authentication and only the minimum amount of access necessary is permitted.
Physical Site Security. The facilities that house our servers, network devices, backup data storage media, and other equipment and information are physically secured and attended. Access is strictly limited to only those individuals who require it for a legitimate purpose.
Policies and Procedures. We continuously evolve and update our internal information security policies and our business continuity and disaster recovery plans. We perform risk assessment, security audit, and system test activities on an ongoing basis. Our employees and contractors receive frequent training and/or reminders regarding information security and protecting the confidentiality of your information.
Standards and Regulations. We are committed to meet or exceed regulatory and industry self-regulatory guidelines regarding privacy, confidentiality, and information security. On an ongoing basis we will review and adapt to statutes, regulations, formal private-sector standards, and informal policy guidelines as they apply. In particular, we will comply with all applicable provisions of the final Health Insurance Portability and Accountability Act (HIPAA) rules for information privacy and security.
User Passwords. If you register with us, your personal information is password-protected, so only you have access to it. It is your responsibility to ensure the security of your User ID and password. If you believe this security has been violated, please contact MedScope Member Services by e-mail at info@medscope.org, or by phone, toll-free, at 1-800-645-2060 within the United States.