MedsIncontext™ Privacy Policy

As a user of MedsIncontextTM, you have our assurance that we are committed to protecting the privacy and security of all patient health information. This privacy policy explains how we transmit and store health information, what choices we give our registered members regarding the access to the information, what measures we take (and certain limitations on our ability) to safeguard and protect the privacy and integrity of the stored information, and how we use website cookies to help enhance your user experience.

Measures We Take to Safeguard Patient Information

The MedsIncontextTM security system provides a variety of rigorous information security features, including: State-of-the-art firewall protection, stringent login credentials and verification process, advanced encryption for all internet-based data communications, encryption within our systems for "data at rest", and additional firewall protection between the user interface and system's databases.

Our "live" or production servers and database are guaranteed 99.9% uptime and protected by a professional and secure data storage facility that is located in disaster-free zone state. The facility includes video surveillance cameras, motion and temperature detectors, and continuously monitoring for online intrusions.

Re-Disclosure Risk

MedsIncontextTM data and patient health information are stored in dedicated web servers. We will not disclose any patient's personal, identifiable health information to third parties without the patient's authorization. Our system, however, does provide authorized user-member with the ability to register other new users who can include third parties (such as other clinicians and professional care givers).

Any time a new user is being registered, MedsIncontextTM system sends a notification via email to the client system's administrator or program manager about the new user. The notification also provides instructions for the member and the person who is registering the new user to void or change the terms of the registration.

There may be times when we are legally required to release health information in order to comply with a court order, but in such cases we will notify our members and patients that we are doing so unless it would violate the law for us to do so.

We may give access to health information on an as-needed basis from time to time to our employees and contractors who are directly involved with the maintenance or upgrading of our servers and for the purpose of handling and processing requests for health record collection. Our employees and contractors with access to our databank must sign confidentiality clauses relating to the disclosure and use of personal health information and are required to follow strict operating guidelines to protect the confidentiality and security of the information.

Limitations on Security and What Happens if Security Breach Occurs

MedsIncontextTM has not experienced any security breach in our history. However, there is always some risk that an unauthorized third party may find a way to thwart our security systems and methods. Our members must always weigh the advantages of convenience with the potential risks and compromise to systems security. Should our members discover or suspect that a breach has occurred, we ask that they notify MedsIncontextTM immediately.

If a security breach is determined to be valid, MedsIncontextTM will notify the members-at-risk of the investigation's findings including the source, scope, and nature of the breach. With member permission and help, MedsIncontextTM will take action steps to limit the damage from the breach; to address the issues at hand; and to set up preventive measures for reducing the reoccurrences of such risks in the future.

Cookies

Cookies are small information files we transfer to a user's computer hard drive that allow us to label the user and help customize our website to the individual user. The cookies let us know how often the user visits our site and the activities they conduct while on our site.

We do not use permanently stored cookies on our members' computers for many reasons, including our members' concerns about potential privacy misuse. Our server software uses temporary "per-session" cookies on our members' pages to ensure proper display of user interface features. Each of the simultaneous member and visitor sessions are securely handled without requiring members to log in multiple times during an active session.

We track user requests, inquiries and traffic patterns as part of our own internal monitoring of patterns or usage. During the period a user is logged onto our website, we document the activities through an Audit Trail, a product feature we provide our members for tracking and reporting activities in their accounts.

MedsIncontextTM may provide features that enable the ability for the user to download software (such as Acrobat Reader) to view the health information reports in PDF format.

External web site links provided on our site are only for the convenience of our members and do not constitute an endorsement by us. Do not act or rely on any information on such sites, or linked to such sites, without seeking the advice of a professional.

Communications with Members

MedsIncontextTM will occasionally send its members general, unsecured, and unencrypted emails to notify and verify certain changes in their account made either by the members themselves or by other authorized users. We will keep disclosure of personal identifiable information in these emails to a minimum. Sometimes, however, the purpose of the email might require certain identifiable information to be disclosed in order for the content to be helpful or actionable to the recipient. MedsIncontextTM may send email notifications or alerts to our members for the following reasons:

  • Confirmation of successful registration
  • Users added or removed in care community
  • Incoming message received in account
  • Reset of password or security question & answer
  • Reminders for user action or response
  • Alerts when certain clinical parameters or conditions are met

Under no circumstance would MedsIncontextTM communicate or confirm user login and password credentials via unencrypted email.

Forgot Password

Each member is responsible for the security of his or her password and agrees to take reasonable measures to ensure that no unauthorized person obtains it. Each member agrees to advise MedsIncontextTM if he has reason to believe his password or user ID has been obtained by an unauthorized person. In such cases, MedsIncontextTM will deactivate the member's account until a new password and user ID is assigned.

In the event a user forgets their password, they are advised to follow the 'Forgot Password' process, which includes providing the correct answer to the security question that they chose during account registration. If the user has forgotten the answer to their security question, they should contact MedsIncontextTM to reset their security question. Please call us at (415) 362-8800.

Changes to Our Privacy and Security Policy

When we change our privacy or security policy, we will post these changes on our public website under the respective section headers (privacy or security policy). We will also inform members of our changes via email notifications, so that members are always aware of how we collect, store and safeguard their information and under what circumstances we disclose it.