Privacy Policy
Last Updated: JANUARY 3, 2020
EnSoftek, Inc. (EnSoftek) owns and operates this drcloudehr.com website business. All references to “we”, “us”, this “website” or this “site” shall be construed to mean EnSoftek. We understand that visitors to this website are concerned about the privacy of information and we value your privacy. The following describes our privacy policy regarding information, including Personal Information, that we collect through this website. By using this website you are accepting the practices described in this Privacy Policy.
HOW WE MODIFY THIS PRIVACY POLICY
We reserve the right to modify this Privacy Policy at any time, and without prior notice, by posting an amended Privacy Policy that is always accessible by clicking on the “Privacy Policy” link on this site’s home page. Your continued use of this site indicates your acceptance of the amended Privacy Policy.
You should check the Privacy Policy through this link periodically for modifications by clicking on the link provided near the top of the Privacy Policy for a listing of material modifications and their effective dates.
Regarding Personal Information (defined below), if any modifications are materially less restrictive on our use or disclosure of the Personal Information previously disclosed by you, we will obtain your consent before implementing such revisions with respect to such information.
HIPAA PROVISIONS
What We Do. We provide data processing services to Covered Entities under the Health Insurance Portability and Accountability Act (HIPAA) of 1996, as amended, including without limitation amendments by the Health Information Technology for Economic and Clinical Health (HITECH) Act (collectively referred to herein as “HIPAA”).
The EnSoftek services have been developed for health and human services organizations (“providers”) who have subscribed to the services. In the process of providing our services, we may access, receive, process, maintain, archive, and/or transmit information defined by HIPAA as Protected Heath Information (PHI) and/or Electronic Protected Health Information (ePHI) from our Covered Entity customers (PHI and ePHI are collectively referred to herein as “PHI”).
USE AND DISCLOSURE OF PHI.
We may use or disclose PHI on behalf of, or to provide services to, Covered Entities for purposes of performing our obligations under our services agreements to Covered Entities, provided that such use or disclosure is permitted or required by the applicable Business Associate Agreement and would not violate HIPAA, including its Privacy Rule or Security Rule as applicable to Business Associates.
We may use PHI internally for our own internal management, administration, data aggregation and legal obligations, but only to the extent such use of PHI is permitted or required by the applicable Business Associate Agreement and would not violate HIPAA, including its Privacy Rule or Security Rule as applicable to Business Associates.
We may disclose PHI for law enforcement purposes as required by law or in response to a valid subpoena.
We may disclose PHI to downstream subcontractors or agents that provide supporting services to us; however, we will require such subcontractors and agents to comply with the same terms and conditions that apply to us under the applicable Business Associate Agreement and PHI, including the implementation and maintenance of required safeguards.
Safeguards. We have established and maintain safeguards that are required by the applicable Business Associate Agreement and HIPAA, including its Privacy Rule and Security Rule as applicable to Business Associates. These safeguards include administrative, physical, and technical safeguards that are reasonable and appropriate for the protection of the PHI that we access, receive, process, maintain, archive, and/or transmit on behalf of our Covered entity customers.
THE TYPES OF NON-PHI INFORMATION WE COLLECT
Personal Information. In addition to PHI, we collect Personal Information about you when you register to use the services and that may be used to identify you (“Personal Information”). Personal Information that we collect may vary with each separate purpose for which you provide it, and it may include one or more of the following categories: name, physical address, an email address, phone number, and credit card information including credit card number, expiration date, and billing address.
For purposes of this Privacy Policy, the term “Personal Information” does not include any PHI (PHI is governed under the Section titled “HIPAA” Provisions above.
Non-Personal Information. We reserve the right to collect anonymous information such as your browser type, the URL of the previous website you visited, your computer’s operating system and Internet protocol (IP) Address, Internet domain and host name, your Internet Service provider, your clickstream data, and the dates and times that you may access this site and specific pages (Non-Personal Information”). Non-Personal Information is essentially anonymous when collected; however, it’s possible that Non-Personal Information could be used to identify you.
HOW AND WHEN WE COLLECT NON-PHI INFORMATION
Personal Information. We collect Personal Information at the time you provide it to us. We collect Personal Information through sign-up forms and as part of your registration for an account, product, or service from this website. Personal information that we collect may vary with the each sign-up or registration.
Your Communications With Us. We collect Personal Information that we receive from you as you communicate with us.
Passive and Analytical Information. We reserve the right to monitor your use of this site. As you navigate through this site, Non-Personal Information may be passively collected (that is, gathered without your actively providing the information) using various analytics and reporting technologies, such as cookies and web beacons.
HOW WE USE YOUR NON-PHI INFORMATION
We use your Personal Information for the performance of the services or transaction for which it was given, our private, internal reporting for this site, and security assessments for this site.
We do NOT tie or link your Personal Information to Non-Personal Information with persistent identifiers. For example, we would not tie or link your email address (Personal Information) with information collected by a cookie regarding the length of time you visit our site (Non-Personal Information).
We reserve the right to make full use of Non-Personal Information. For example, we may use Non-Personal Information to provide better service to site visitors, customize the site based on your preferences, compile and analyze statistics and trends about the use of this site, and otherwise administer and improve this site for your use.
HOW WE DISCLOSE YOUR NON-PHI INFORMATION
General Disclosure Policy. Our general policy is that we will not share, sell, or rent your Personal Information to others. The only exceptions to this general policy: (i) are described in the subsections below, and (ii) if you explicitly approve through our site. We reserve the right to disclose Non-Personal Information without restriction.
Disclosure to Affiliated Entities. We reserve the right to provide your Personal Information to any affiliated entities we may have, including our subsidiaries.
Disclosure to Service Providers and Online Partners for Website Operations. We reserve the right to disclose your Personal Information to our trusted service providers that assist us with the operation and maintenance of this site. For example, we may use third parties to process payments, host our servers, provide security, and provide production, fulfillment, optimization, analytics, and reporting services. We will take commercially reasonable efforts to cause these third parties to agree to hold your information in confidence or to disclose information only to third parties that we believe in good faith are trustworthy regarding the confidentiality of your information.
Disclosure to Successors. If we are acquired by or merged with a third party entity, or if we sell this website business or a line of business from this website, we reserve the right to transfer such information as part of such merger, acquisition, sale, or other change of control. In the unlikely event of our bankruptcy, insolvency, reorganization, receivership, or assignment for the benefit of creditors, or the application of laws or equitable principles affecting creditors’ rights generally, we reserve the right to transfer such information to protect our rights or as required by law.
Disclosure Incident to Legal Process and Enforcement. We reserve the right to disclose your Personal Information if we have a good faith belief that access, use, preservation or disclosure of such information is reasonably necessary (i) to satisfy any applicable law, regulation, legal process or enforceable governmental request (such as for example, to comply with a subpoena or court order), or (ii) to investigate or enforce violations of our rights or the security of this site.
SPECIFIC INFORMATION ABOUT COOKIES AND WEB BEACONS
3rd Party Cookies for Web Analytics and Reporting. We reserve the right to use web analytics services provided by 3rd parties. These services use 3rd party cookies (cookies passed by others, not by us) to collect Non-Personal about your use of this site. These web analytics services may also transfer this information to third parties where required to do so by law, or where such third parties process the information on the service’s behalf.
3rd Party Cookies for Serving Behavioral Ads. We reserve the right to serve our ads and third party ads on our site that are targeted to your interests (“3rd Party Behavioral Ads”). 3rd Party Behavioral Ads are served by 3rd party advertising services that use 3rd party cookies (cookies passed by others, not by us) to collect Non-Personal Information about your use of this site and other websites. This information is your “behavioral data”. 3rd Party Behavioral Ads do not use your Personal Information. Instead, they associate your behavioral data on visited sites with your computer, so that the ads your computer sees on this site are more likely to be relevant to your interests. These advertising services may also transfer this information to third parties where required to do so by law, or where such third parties process the information on the service’s behalf. We will provide notice and the opportunity to opt-out of receiving 3rd Party Behavioral Ads.
Participation in Google’s Adsense Network. We reserve the right to participate in Google’s AdSense network for purposes of serving 3rd Party Behavioral Ads. Google uses DoubleClick’s DART cookie in its AdSense network. You may opt out of the use of the DART cookie. For information regarding how to opt out, go to http://www.google.com/privacy_ads.html .
DATA SECURITY FOR NON-PHI INFORMATION
We follow reasonable and appropriate industry standards to protect your Personal Information and data. Unfortunately, no data transmission over the Internet or method of data storage can be guaranteed 100% secure. Therefore, while we strive to protect your Personal Information by following generally accepted industry standards, we cannot ensure or warrant the absolute security of any information you transmit to us or archive at this site.
When you transmit Personal Information through our registration process or if you purchase products or services, we encrypt that information in transit using secure socket layer technology (SSL).
After the secure transfer of your Personal Information, the information is maintained and stored with 256-bit encryption.
ONWARD TRANSFER OUTSIDE YOUR COUNTRY OF RESIDENCE
Any Personal Information which we may collect on this site will be stored and processed in our servers located only in the United States. By using this site, if you reside outside the United States, you consent to the transfer of Personal Information outside your country of residence to the United States.
UPDATING PERSONAL INFORMATION
Upon request, we will permit you to request or make changes or updates to your Personal Information for legitimate purposes. We request identification prior to approving such requests. We reserve the right to decline any requests that are unreasonably repetitive or systematic, require unreasonable time or effort of our technical or administrative personnel, or undermine the privacy rights of others. We reserve the right to permit you to access your Personal Information in any account you establish with this site for purposes of making your own changes or updates, and in such case, instructions for making such changes or updates will be provided where necessary.
EMAIL; OPT-OUT
This site treats email messages and other electronic messages that are sent through this site and not viewable by others as confidential and private, except as required by law, including without limitation, the Electronic Communications Privacy Act of 1986, 18 U.S.C. Sections 2701-2711 (the “ECPA”). The ECPA permits this site’s limited ability to intercept and/or disclose electronic messages, for example (i) as necessary to operate our system or to protect our rights or property, (ii) upon legal demand (court orders, warrants, subpoenas), or (iii) where we receive information inadvertently which appears to pertain to the commission of a crime. This site is not considered a “secure communications medium” under the ECPA.
If you supply us with your e-mail address you may receive periodic messages from us with information specific to the site and required for the normal functioning of the site as well as for new products or services or upcoming events. If you prefer not to receive periodic email messages, you may opt-out by following the instructions on the email.
LINKS TO OTHER SITES; ONLINE ADS
This site may contain links to other websites with whom we have a business relationship. These links may include online advertisements that we deem to be appropriate. Any information that you provide in the process of registration or purchase will be transferred to these sites. We have no responsibility or liability for the policies and practices of these sites; however, we have entered into agreements with these websites which provide that unless you specifically agree otherwise, they will use and share your Personal Information only for the purpose of providing or fulfilling your request for products or services. You should be careful to review any privacy policies posted on any of these sites before providing information to them.
CHILDREN’S ONLINE POLICY
The Services are not permitted for use by individuals under the age of eighteen (18) unless they have provided the written consent of their parents or legal guardians, and we request that these individuals do not provide Personal Information to us.
CONTACTING ENSOFTEK
If you have questions about the privacy aspects of our Services or would like to make a complaint about our compliance with this Privacy Policy, you may contact us at legal@ENSOFTEK.com, by calling 503-643-1226, or at our mailing address:
EnSoftek, Inc.
735 SW 158th Ave,
Beaverton, OR 97006.