Book a Consult

BOOK A CONSULT

Privacy Policy

 

PatientLock Privacy Policy

Last Updated: October 23, 2024

  • Who We Are

PatientLock, LLC is a leading provider of cybersecurity technologies and advisory services. When we refer to “we,” “us,” or “PatientLock” in this Privacy Policy, we are referring to PatientLock, LLC and/or its affiliates. Additional details, including our contact information, can be found in Section 18 below.

  • Purpose of this Policy

PatientLock believes that protecting, and using, personal information in a transparent and appropriate manner is important for various reasons. With this, we want you to understand how we collect, use and disclose information that you have provided to us, or we have otherwise obtained, through our website. By providing information to us and/or accessing our website, you agree to the terms and conditions of this Privacy Policy.

  • What is Personal Information?

When we use the term “personal information” or “personal data” in this Policy, we mean information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, to an individual. It does not include aggregated or de-identified information that is maintained in a form that is not capable of being associated with, or reasonably linked, to any individual. To the extent we de-identify any data originally based on personal information, we will maintain and use such data only in de-identified form and will not attempt to re-identify the data.

  • Information That We May Collect

We may collect data from individuals and representatives of organizations who have visited our website. This list includes anyone visiting our website and may include, among others, those that are just browsing, suppliers, and prospective and current clients.

Information collected or accessed may include browser and device information (which may include an approximate location based on your IP), demographic information and other information provided by you, contact information (which may include email, postal address, and telephone numbers), business account information, and customer and user preferences.

  • How We May Use Information

We may use your information: to analyze website visitor behavior and improve the performance of our website, to provide you with information that you request from us or to respond to your inquiries (which may include contacting you and providing results based upon any free assessment you may take on our site); to communicate with you and your organization about solutions, services, and information that may be of interest; to conduct market research, including research about potential new solutions and services; to carry out our obligations and enforce our rights arising from any contracts entered into between you/your organization and us, including for billing and collection; for security-related purposes, including to attempt to detect or prevent illegal activities; and to notify you about changes to this website or any services or solutions we offer or provide through the website.

If PatientLock sends you any marketing communications, you may opt out of this whenever you wish, in accordance with Section 16 or 18 below.

  • Cookies

To learn more about cookies, there are various sites on the internet that provide good information. One such site is www.allaboutcookies.org.

As you navigate through and interact with our website, we may use automatic data collection technologies to collect certain information about your equipment, browsing actions and patterns, including:

  • Details of your visits to our website, including traffic data (including date and time of visits), and other communication data and the resources that you access and use (including your page views and search queries) on our website; and
  • Information about your computer and internet connection, including your IP address, approximate location data (based on your IP), operating system and browser type and version.

The technologies we use for this automatic data collection are:

  • Cookies (or browser cookies): A cookie is a small file placed on the hard drive of your computer. You may refuse to accept browser cookies by activating the appropriate setting on your browser. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you direct your browser to this website;
  • Web beacons: Pages of our website may contain small electronic files known as web beacons (also known as smart pixels) that permit us to count users who have visited those pages and for other related website statistics.

We may use cookies and web beacons to help us to improve our website and to provide you with a more personalized experience. 

Google Analytics:

  • We use Google Analytics (“GA”) to track website related information in order to help us analyze visitor behavior and improve website performance, understand user flow to optimize content, and track metrics (like session length).
  • The information provided to, or accessed by, GA is anonymized or pseudo anonymized data (IP address (anonymized by GA), device information (browser type, operating system, etc), approximate location (based on IP), and on-site behavior (pages visited, time spent, etc).
  • Data collected by, or provided to, GA is governed by Google’s privacy policy and terms of service.
  • If you prefer that information related to your visits to our website are not tracked by GA, you can adjust your browser settings and opt out using Google’s opt out tools.

We do not use cookies, or other automated technologies, to deliver advertising tailored to your interests (behavioral tracking)

You may also contact us to opt-out of certain cookies/tracking technologies. You can also adjust the setting of your Internet browser to reject the setting of all or some cookies, and to alert you when a cookie is placed on your device.

For more information about how to reject cookies, please refer to your Internet browser ‘help’/’tool’ or ‘edit’ section or see www.allaboutcookies.org.

Please be aware that if you elect to block all cookies (including strictly necessary cookies) you may not be able to access all of our website and/or certain functionality.

  • Assessments Provided on our Website

PatientLock may offer free, limited cybersecurity-related assessments (whether titled as a “Self-Assessment Survey” or otherwise) on our website for current or prospective clients. These assessments are offered by PatientLock at no cost and are provided for informational purposes only (as a service to provide clients or prospective clients with a general understanding of their current state of cybersecurity maturity). These assessments, and any related reports, are provided without any sort of guarantees or warranties, and PatientLock has no liability in relation to these assessments or reports, including, without limitation, how you decide to use the assessment and generated reports and any actions you take, or do not take, in relation thereto. The assessments and generated reports do not provide any sort of compliance with federal, state, or local, laws, or any cybersecurity frameworks.

By taking the assessment, you give PatientLock the right to use your information (which may include your name, email address, phone number, and assessment input and output) in order to perform the assessment, provide you with results, and reach out to you in order to discuss these results. In response to the results, PatientLock may also provide suggestions on cybersecurity products and services that it believes may be of assistance to you.

After taking the assessment, if you wish to no longer be contacted by PatientLock or receive future marketing information, you may contact us and notify us of this. 

  • Surveys

The information you provide in response to any surveys (whether such surveys are done via our website, emails, or otherwise) may be used to help support your relationship with PatientLock. PatientLock may use (online or other) surveys to ask visitors/customers for contact information. We may use contact data from our surveys to send the survey taker information about our company and/or materials on behalf of ourselves and/or our partners.

  • Information Disclosure

PatientLock will not give or sell any information regarding you to any outside organization for its use in marketing or solicitation without your consent, except as otherwise expressly set forth in this policy.

Your information may be shared with companies, agents, suppliers, contractors or vendors of PatientLock who provide services to us or who otherwise process data for the purpose of performing services for you or PatientLock.

PatientLock may release personal data (including personally identifiable information) when required to by law if we have a good-faith belief that such action is necessary to comply with a current judicial proceeding, in response to a lawful request by public authorities, a court order or legal process served on PatientLock.

We may disclose your information if we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of the business or assets. If PatientLock or substantially all of its assets are acquired by a third party, personal data held may be one of the transferred assets. Any third party who acquires assets from us may acquire all or part of our business. They may not be in the same line of business as we are. Similarly, your personal information may be passed on to a successor in interest in the event of a reconstruction, liquidation or administration.

  • Security

PatientLock uses what we consider to be reasonable and appropriate organizational, technical and administrative measures to protect information under our control. This website has reasonable security measures in place to attempt to protect the loss, misuse and alteration of the information under our control. However, while we use all reasonable efforts to safeguard your personal data, no security program is impenetrable, and third parties have been adept at circumventing widely adopted security safeguards. Accordingly, you acknowledge that the use of the internet is not entirely secure and that you provide personal information to PatientLock at your own risk. PatientLock cannot therefore guarantee the security or integrity of any personal data that is transferred from you or via the internet. Any user or third party accessing PatientLock’s website or services is responsible for its own use of the website and the services.

If applicable, where we have given you (or where you have chosen) a password which enables you to access certain parts of our website, you are responsible for keeping this password confidential. We ask you not to share a password with anyone. Please make sure this password is unique and that you do not use this password for any other purpose. If you use another account (such as a social media account) to log on to a secure part of the PatientLock website, then please make sure that you keep that password secure as well. If you think that any of your passwords have been compromised, please notify us so that we can look after the security of your details on our website.

  • Social Media Features

Our website may include social media features. These features may collect your IP address, which page you are visiting on our website, and may set a cookie to enable the feature to function properly. Social media features may either hosted by a third party or hosted directly on our website. Your interactions with these features are governed by the privacy policy of the company providing it.

  • Your Rights Related to Certain State Privacy Laws

Certain state laws (including without limitation California, Colorado and Delaware) provide residents (generally deemed “consumers” under applicable state privacy laws) with certain rights regarding their personal information, but those laws also include limitations as to when those rights apply.

  • If you believe your state’s laws provide you with certain rights, you may contact us in accordance with Section 18 below.
  • Upon our receipt of a verifiable request, we will review your request, along with your state’s applicable privacy laws, in order to determine how to respond.
  • If we deny all or part of your request, we will provide you with our rationale, and you may contact us if you wish to better understand, and/or appeal that decision. 
  • Any verifiable consumer request you submit must:
    • Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative.
    • Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

Certain state privacy laws provide their resident consumers the right to:

  • Knowledge, access, correction, and deletion of their personal information
  • Opt-out of the sale or sharing of their personal information
  • Limit how their sensitive information is used
  • Not be discriminated against for exercising any of these rights

A few notes that you should be aware of as they may impact your rights under state laws:

  • Certain of your rights (like the request to delete information) are limited by state laws based on our need to continue to use your personal information for various reasons (including, to be able to continue to provide you with products and services that you use, or for other legal/regulatory reasons)
  • Many of PatientLock’s customers are healthcare providers. Therefore, if the reason we have your personal information is because we are providing our solutions and services to your healthcare provider, then your direct relationship, and main point of contact, is your provider. In order to pursue your rights, you generally would need to start with the entity that you have a direct relationship with (here, your healthcare provider). If we are providing solutions or services on behalf of your healthcare provider, then we often are not legally allowed to comply with your requests, as your request should be directed to your healthcare provider. 
  • PHI is exempt from most state privacy laws. This means that if your request relates to PHI, then your state laws likely would not apply.
  • Due to PatientLock acting in the role of a “business associate” pursuant to HIPAA, PatientLock is fully exempt from certain state privacy laws that exempt both business associates and covered entities.

We may use, or disclose, the personal information we collect for one or more of the business purposes described below. When we disclose personal information for a business purpose, we enter into a contract that describes the purpose for disclosing the information, and requires the recipient to both: keep that personal information confidential, and not use or further disclose it for any purpose except performing the contract. In the past 12 months we may have used or disclosed personal information:

  • To provide you with information that you request from us;
  • To respond to your inquiries;
  • To communicate with you and your organization about solutions, services, and information that may be of interest;
  • To conduct market research, including research about potential new solutions and services;
  • To carry out our obligations and enforce our rights arising from any contracts entered into between you/your organization and us, including for billing and collection;
  • For security-related purposes, including to attempt to detect or prevent illegal activities;
  • To notify you about changes to this website or any services or solutions we offer or provide through the website;
  • To provide, support, personalize, and develop our websites, products, and services;
  • To create, maintain, customize, and secure your account with us;
  • To help maintain the safety, security, and integrity of our websites, products and services, databases and other technology assets, and business;
  • To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations;
  • To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets;
  • As otherwise described to you when collecting your personal information or as otherwise set forth in applicable state privacy laws.

We may disclose your information to the following categories of third parties:

  • Service providers
  • Business partners
  • Website analytics providers
  • Our affiliates
  • Other third parties, in order to comply with laws
  • Third parties to assess, or complete, a merger, acquisition, sale, or other transfer of assets

Under certain state privacy laws, the term “share” means “the disclosure of personal information to a third party for cross-context behavioral advertising, whether or not for money or other valuable consideration.”

Pursuant to state law, PatientLock has the right to “sell” and/or “share” your personal information, as those terms are defined pursuant to state law, and subject to your right to opt-out of those sales (as set forth below).

  • PatientLock does not “sell” or “share” your personal information, as defined by applicate state laws.

As noted above, if you are seeking to invoke any of your rights, please contact us through one of the means set out in Section 18 below.

  • Children’s Privacy

Our website and services are not directed to, and we do not intend to, or knowingly, collect or solicit personal information from children under the age of 13. If you are under the age of 13, do not use our website or provide us with any personal information either directly or by other means. If a child under 13 has provided personal information to us, we encourage the child’s parent or guardian to contact us to request that we remove the personal information from our systems. If we learn that any personal information we collect has been provided by a child under the age of 13, we will promptly delete that personal information.

  • Links to Third-Party Websites and Services

Our website may contain links to third-party sites. If you click on those links, it will take you outside PatientLock’s service. We cannot control, and are not responsible for, the privacy practices of those third-party sites. We encourage users to be aware when they leave our website, and to read the privacy statements of each website they visit. This Privacy Policy applies only to our website.

  • Retention of Personal Data

We keep your personal information as long as we need it to provide our services, comply with legal obligations, or protect ours or others’ interest. We decide how long we keep each category of personal information on a case-by-case basis.

  • Rights Related to Ongoing Marketing Efforts

You have the following rights:

  • You have the right to opt out of receiving marketing communications from us. You can exercise this right by clicking on the “unsubscribe” or “opt-out” link in any marketing e-mails we send you. To opt out of other forms of marketing (such as postal marketing or telemarketing), then please contact us using the contact details provided below.
  • If we have collected and processed your personal data with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal data conducted in reliance on lawful processing grounds other than consent.

In order for us to respond to your request, you must provide your name and email address or other information sufficient to allow us to identify you. We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws.

  • Updates to this Privacy Policy

We may change this Privacy Policy at our discretion. You should visit this page regularly in order to ensure that you have the most up-to-date information. All changes shall be effective from the date of publication unless otherwise provided. Section 18 below sets out the last time we updated our Privacy Policy. Your continued use of our website following any changes indicates your consent to the terms and practices described in the most-current version of this Privacy Policy.

  • General Contact, and other, Information

PatientLock, LLC is a Kansas limited liability company.

You may contact us through any of the following means:

  • You may reach us by mail at our main business address: 9393 W. 110th Street, Ste. 500, Overland Park, KS 66210.
  • You can email any requests, questions, comments and/or feedback related to this Policy to us at: notices@patientlock.net.
  • You may call us at 866-938-4250

These Terms were last updated: October 23, 2024.