Last Updated: September 11, 2012
A Practitioner may register to use the Service for him or herself or as an administrator for a practice. In order to register, a Practitioner must provide personally identifiable information to create access credentials and establish an account for the Service. For example, we may request a first and last name, email address, and payment information in order to register for the Service. A Practitioner who serves as administrator for a practice will be responsible for creating user credentials for other Practitioners in his or her practice and for establishing security controls governing their access to data.
A Practitioner also may sign Patients up to use the Service by providing a Patient’s name and email address to the Service. This results in the transmission of an email to Patient with a link to the Site where the Patient may create his or her unique user credentials.
The Practitioner also may select videos and other content to be viewed by the Patient and may leave specific instructions or comments for the Patient using the communications tools in the Service. This information may include information about the Patient’s health.
This Service is not intended to collect information on children younger than 13 years of age. A parent or legal guardian may access and use the Content and Tools on the Service for the benefit of a child age 13 or older, but must register and be responsible for any such use.
Access to the Service requires information that can be used to identify a Practitioner or Patient individually (“Personally Identifiable Information” or “PII”). Establishing Patient user credentials and communications between Patients and Practitioners using the Tools may also include information about individuals’ past, present and future physical health, illness, injury or treatment that is identifiable to the Patient (“Personal Health Information” or “PHI”). The Patient and Practitioner share responsibility for ensuring that the information collected on the Service is accurate and complete, and for making appropriate changes or corrections when necessary. The specific types of information collected through use of the Service are as follows:
The circumstances under which we disclose PHI and PII are as follows:
Information collected on this Service is maintained in databases that are located on servers hosted by our service provider. With the exception of information created using the Tools, PII is not stored in the same database as PHI. Access credentials likewise are stored separately and are accessible only to individuals whose roles require that they have access.
We use physical, technical and administrative safeguards to help prevent the loss, misuse or alteration of personal information under our control. Data, including the nature of content assigned to a Patient is stored in databases in encrypted form. We use industry standard encryption to protect communications between Practitioner or Patient computers and the Service. In addition, the servers housing the Site and these databases are behind firewalls. Firewalls are hardware and software systems configured to block access by unauthorized parties. Data collected and stored by the Site also is located in a data center that is electronically and physically secured. Despite these precautions, neither humans nor security systems, including encryption, are foolproof. People also may commit crimes, fail to follow policies or make other mistakes. While we believe the safeguards we maintain are reasonable and appropriate in light of the nature, type and amount of data collected by the Service, we cannot guaranty the security of your personal information. Practitioners and Patients should take reasonable security precautions and to check their security settings periodically.
The Service provides the means to send electronic mail messages to therapists using your own email account. These communications do not take place within the Service and are not covered by this Policy. Practitioners and Patients also may send electronic mail to us. By sending us an electronic mail message, a Practitioner or Patient may be sending us additional personal information not already in our database. We may store the name and address of the requester in order to respond to the request or to otherwise resolve the subject matter of the e-mail.
If you have questions or concerns related to privacy, please contact us at firstname.lastname@example.org.