Last Revised: June 3, 2019
Information Collected by Our Services
Information You Submit or We Collect on Your Behalf
We collect information from you when you:
Information we collect about you may include your name, address, telephone number, email address, or the information you enter on or upload to our Services.
Automatically Collected Information
We and our partners automatically gather information whenever you visit, log in, or otherwise interact with our Services, including when you receive emails delivered via our Services. We and our partners use the technologies described below and similar technologies that may not be expressly described (which we collectively call "Engagement Tools") to gather this information to enhance and operate our Services in a number of ways, such as to:
Even if you do not register with us or submit any information on our Services, our Engagement Tools will automatically receive information about, and the software running on, the computer, mobile phone, or tablet (each, a "Device") you use to interact with our Services.
When you interact with our Services, we collect information about your Device such as the URL of services your Device is requesting and the referring web pages, your IP address, Device type, operating system, browser type, application identifier, and, under certain circumstances, the location information your Device sends to us.
Cookies & Similar Technologies
We and our partners collect information about you and your Devices through cookies, web beacons, and similar technologies. A "cookie" is a small data file sent from a website and stored on your Device to identify your Device in the future and allow for an enhanced personalized user experience based on your previous activity on the website. A "session cookie" disappears after you close your web browser, or may expire after a fixed period of time. A "persistent cookie" remains after you close your web browser and may be accessed every time you use our Services. We and our partners may use both session and persistent cookies on our Services. You should consult your web browser to modify your cookie settings. Please note that if you delete or choose not to accept cookies from us, you may not be able to use certain features of our Services.
Some of our partners deploy these technologies directly on our Services. These third parties may collect information over time about your use of our Services, as well as your online activities across other websites or online services.
Do Not Track Disclosure
Information from Other Sources
We may receive or proactively gather information about you from other sources and add it to information we otherwise have about you for any purpose described in this Policy. This may include situations where a third party seeks to communicate with you through the Services or establish an "Integration" (as more fully described below under the heading, Third Party Integrations).
How We Use Information
We may use the information we collect for the following purposes:
How our Services Allow Users to Share Information
Our Services may be used to facilitate one-on-one communications between users.
Examples may include, but are not limited to:
In any one-on-one communication, users are sending information to one another or to an individual or entity who may not be a user of the Services. Depending on the message, this could include the sharing of contact and other personally identifiable information.
If you are a healthcare provider who has entered into a DocStation Provider Services Agreement, you may have the ability to have your contact and directory information listed in one or more of our professional directories of healthcare providers on our Services that users and/or the general public may be able to view. These directories include profile information (e.g., contact, specialty and other information) and other features that allow users and/or the general public to locate and contact those listed in the directory.
If you visit our Services seeking to contact or schedule an appointment with a provider listed in one of our directories, you may need to submit personally identifiable and other information.
Our Services may include public forums that allow users to communicate with groups of users or the general public. Information a user posts in one of our communities may be available to a wide range of individuals, and should be presumed public. We strongly advise users to exercise care in selecting what information they share with our communities or public forums, and strongly recommend against sharing any personally identifiable, health, or other sensitive information that could directly or indirectly be traced to any individual, including themselves, in these public forums.
Surveys, Feedback, Informational Programs
From time to time you may receive survey requests through emails or displays within our Services that request feedback on a variety of topics. These programs may be sponsored or funded by third parties, and may include branded or unbranded content about medical conditions, treatments and products, or safety and regulatory information resources. If you choose to engage with or use one of these requests, you may be asked to provide information that may be used to supplement information that you submitted to our Services. This information may be shared with the sponsor of the program.
Our Services allow users to store personally identifiable and health information ("Records"), including Records that identify other individuals, including other users. Certain Services permit users to share all or portions of these Records at their discretion.
Emails and Other Communications
Our Services may allow users to communicate with others through our in-product instant messaging services, Service-branded emails, and other electronic communication channels. Communications that are sent by or on behalf of a user are indicated as being "From" that user, such as when our Services send an appointment notification from, and on behalf of, a healthcare provider to his or her patient.
Additionally, we may communicate administrative or Service-related announcements through email or other communications within our Services. These communications may be "real time" communications or communications triggered automatically upon the occurrence of certain events or dates, such as a repeated sign-in failure or an appointment notification. Please note that you may not be able to opt out of receiving certain messages from us.
Third Party Integrations
Sharing of Information
We may share information you submit to us with third parties under the following circumstances:
For Website Visitors Outside of the United States
To help prevent unauthorized access, maintain data accuracy, and protect against the inappropriate use of the information we collect, store, and transmit, we deploy a range of technical, physical and administrative safeguards. Under our DocStation Provider Services Agreement and applicable law, we are required to apply reasonable and appropriate measures to safeguard the confidentiality, integrity, and availability of individually identifiable health information residing on, and processed by, those elements of our Services that we operate as a business associate on behalf of healthcare providers. It is important to remember, however, that no system can guarantee 100% security at all times. Accordingly, we cannot guarantee the security of information stored on or transmitted to or from our Services.
Third Party Services
Changes to this Policy
Viewing and Updating Your Information
Our Services aim to provide you with access to the information you submit and the means to update it within our Services consistent with applicable law. This can be accomplished by logging into our Services and updating that information, or contacting a customer support representative. Under certain circumstances, we may ask you to verify your identity before your request is processed.
Please note that, unless you have administrative rights over another user's account pursuant to our DocStation Provider Services Agreement, you are not entitled to access, update, or delete the content of another user's account.
If you have used our Services to share information with another user or a third party, you will not be able to access, update, or delete that shared information. Further, if another user of our Services submits information that identifies you, you will not be able to access, update, or delete that information.
Certain users, such as healthcare providers, may be required under applicable laws or regulations to retain information about you for extended periods of time or indefinitely. Additionally, we may have independent obligations under applicable laws or regulations to retain such information indefinitely. Finally, for disaster recovery and business continuity purposes we retain copies of data stored by our Services for indefinite periods of time.
HIPAA grants patients certain rights to access and amend certain health information that their healthcare providers retain about them. Patients should submit requests to access or amend their health information directly to their healthcare providers.
We welcome your comments and feedback. If you have questions regarding this Policy, please contact us at:
Attn: Legal Department
2011 E. 10th Street
Austin, TX 78702