Privacy Policy Overview
Chartlocker is a service provided by Chartlocker, LLC (“Chartlocker”) Chartlocker, LLC (“Chartlocker”) is an Internet application that helps individuals like you by providing a HIPAA compliant, secure, electronic means of managing your Personal Health Record (PHR”) by requesting, storing and sharing your personal health information (“PHI”).
In order to provide you with access to Chartlocker (the “Services”) and the ability to use the Services, Chartlocker may collect and process your personal information as described in this Chartlocker Privacy Policy (“Privacy Policy”). This Privacy Policy is designed to inform you about how Chartlocker collects and uses information you provide when you create an account with Chartlocker (“Account”), visit the Chartlocker-owned web sites through which Chartlocker provides the Services (“Service Portal”), and use the Services. Chartlocker may update this Privacy Policy, or other privacy notices established for other Chartlocker websites, at any time, and future updates to the Privacy Policy will be effective as soon as they are published. If you are interested, you should check back from time to time and make sure that you have reviewed the most current version of this Privacy Policy.
Information You Provide to Chartlocker
Information That You Give to Us
When you create an Account, you are asked to provide certain personal information, including your name, date of birth, last four digits of your social security number, a valid email address and a cell phone number. You will be assigned a username and have the ability to create a unique password for your PHR Account and provide other information (such as answers to security questions and a security phrase). We use the information you provide to us to confirm your eligibility for an Account, to protect against unauthorized access to your PHR Account, to provide the Services to you, to communicate with you, and to provide assistance or technical support in connection with your use of the Services.
Other Information you can provide to take advantage of your Account
You can use Chartlocker to enter, upload, and transfer a wide variety of other personal and/or medical records and information for storage, organizing, and sharing of your PHR with others as you choose.
Our Website and Servers, Your Use of Browsers
We also collect and record certain information from your browser each time you connect to our Service Portal, such as:
• IP address;
• Browser type;
• Preferred language;
• The date, time, and duration of your connection; and
• The actions that you perform while on the Service Portal.
We use this information in order to provide the Services, monitor the performance of the Services, and offer any technical support or assistance you might request in connection with your use of the Services or our websites.
Do-Not-Track
Some web browsers and operating systems include a Do-Not-Track (DNT) setting that you can activate to signal your preference not to have information about your online activities monitored. There is currently no uniform standard for recognizing and implementing DNT signals. As a result, the Services do not respond to DNT signals. If a standard for recognizing DNT signals is adopted in the future and we follow that standard, we will inform you about our approach in an update to this Privacy Policy.
Cookies
We use cookies to collect information about access to and use of the Services and the Service Portal. The Service Portal plants a session cookie in your browser that logs data in order to maintain your logged in state, track which Service Portal content you view, and analyze and improve the usage of the Service Portal and the Services. Our collection of this information may include:
• Your IP address;
• The pages of our site that you visit;
• The time and date of your visit;
• The time you spend on certain pages on our site; and
• Various other statistics.
You may adjust cookie usage in your browser settings. Adjusting your cookie settings may prevent you from accessing the Service Portal and/or utilizing the functionality of the Services.
How Do We Use Your Information?
The information that you provide us when you use the Services is retained and processed for as long as you use the Services and after you cease using the Services, as described in this Privacy Policy. We will use your information for purposes such as:
• To provide the Services to you;
• To communicate with you;
• To provide assistance or technical support in connection with your use of the Services;
• To audit, monitor, and further develop the Services; and
• To investigate violations of the Chartlocker Terms of Service and protect Chartlocker.
By creating an Account, you consent to our use of your information in accordance with this Privacy Policy.
Who Has Access to Your Information?
When you provide your personal information directly to Chartlocker via the Service Portal, your information may be shared with and accessible to Chartlocker staff, including with staff who provide technical support for the Services. In addition, Chartlocker may at times engage other companies or individuals to perform certain activities on our behalf and related to our provision of the Services, such as assistance in obtaining your medical records for your PHR, correcting hardware problems, off-site storage of information for disaster recovery, web site hosting, or technical assistance regarding operating systems, web browsers, or other non-Chartlocker software with which the Services might interact. Chartlocker will provide such third parties access to your personal information (i) when such access is intended to accomplish the activity for which we have engaged the third party; and (ii) when the third party has agreed to use the information for activity for which they’ve been engaged and protect the confidentiality and security of the information. The Services allow you to grant access to your information to third parties, such as hospitals, healthcare providers, and others, as you see fit. We will make good faith efforts to provide you access to your personal information through the Service Portal, including through features available to you on the Service Portal. While the Services allow you to delete documents that you have pulled, pushed, or uploaded into Chartlocker, you are not able to correct or delete inaccuracies in your PHR Chartlocker Account in the Service Portal. To make such corrections or deletions, you should work directly with the healthcare organizations that delivered the records to your Chartlocker PHR Account.
How We Protect Your Information
Chartlocker employs a wide variety of administrative, physical, and technical safeguards to protect the confidentiality, integrity, and availability of your personal information. When you provide your information to us, it is encrypted and transmitted in a secure way. You can verify this by looking for a closed lock icon at the top or bottom of your web browser or looking for “https” at the beginning of the URL address of the web page if you navigated to the Service Portal from a web browser. Please remember that no method of transmission over the Internet or method of storage can keep your data 100% secure against unauthorized access, use, or disclosure.
How you control the sharing of your personal information and the circumstances in which we may disclose it to others
The Services allow you to transfer your personal information to and from your PHR Account. You control those authorizations and sharing permissions through the features provided within the Services. Only those individuals or entities that you authorize will be able to access your personal information and medical records and initiate sharing. To enable this functionality, the Services make the fact that you are a PHR Account holder known to those individuals or entities where you have authorized to access your personal information and PHI.
You also will be able to download your personal information and PHI to your local computer or portable storage devices or send such personal information to other entities. All such sharing of your personal information will be solely in your control, as directed by you through your use of the Services unless you authorize some other individual or entity through the features provided within the Services.
Please note that Chartlocker cannot control and is not responsible for the privacy and security of your personal information or PHR once it has left Chartlocker’s servers in accordance with your requests and instructions when using the Services. We cannot retrieve that information after you have shared it, and we cannot control or restrict the use of personal information by other individuals or entities. How such individuals and entities treat your personal information is determined by their privacy practices.
We may disclose your personal information to:
• Comply with any applicable law, legal process served on us, or request of a law enforcement or government regulatory agency;
• Protect the personal safety or health of the public or users of the Services;
• Protect our rights and property and address fraud or security breaches;
• Deidentify your data for use in the development of the Services, enhancement of clinical services by third-parties or clinical research. We will not disclose your personally identifiable data, records or information to any third-party without your consent.
How Long Does Chartlocker Keep Your Information?
Chartlocker will retain your personal information for as long as you have a PHR Account. By creating an PHR Account, you agree to allow us to retain your information in accordance with this Privacy Policy.
You can choose to close your PHR Account at any time. If you choose to do so, we will offer you the opportunity to have us retain your PHR and Account information for a 90-day grace period during which you can easily re-activate the account. If you do not opt for the grace period, we will deactivate your PHR Account and delete all your personally identifiable information from Chartlocker’s servers. If you do opt for the grace period, then the deletion of your personally identifiable information from Chartlocker’s servers will occur after the grace period. Please note that closing an Account affects only your personally identifiable information that is stored on Chartlocker’s servers. It does not affect, alter, or delete any personal information that is stored or maintained on other systems, such as those of your healthcare providers or the individuals and entities that you have authorized to receive personal information during your use of the Services.
Your personal information may persist in Chartlocker’s servers’ backup files and in our activity logs for periods of time based upon government agency and private organization guidelines and recommendations that pertain to analogous categories of data and information. Our backup files and activity logs are not readily or easily accessible.
Ways in which you can further protect your personal information
You should be careful with your personal information, and there are steps you can take to prevent unauthorized access to or disclosure of the information in your PHR Account. For example, never share your username and password with anybody, immediately change your password if you believe any unauthorized access to your Account has occurred, and install appropriate security products on the computers from which you access your Account.
Your California Privacy Rights
If you are a California resident, California law may provide you with additional rights regarding our use of your personal information. To learn more about your California privacy rights, visit our CCPA privacy notice for California residents (Insert link to CCPA doc).
Contact Chartlocker
If you have questions or concerns about ChartLocker, or this Privacy Policy, please contact ChartLocker at support@Chartlocker.net. In any correspondence, please include the website or reason that led you to contact us.
