Privacy Policy
Guardoc Customer Web Application Privacy Policy
Effective Date: 2024-06-16
​
This Privacy Policy describes how Complihealth, Inc. (“Complihealth” or we" or "us") collects, uses, and shares personal information in connection with the Guardoc web-based software platform(s) and any other services owned or operated by us which link to this Policy (the "Application" or the “Service”).
​
“You” or “User” means any person who will use the Service, including but not limited to use through employment or on behalf of a business or organization for commercial purposes (“Licensee”). In order to use our Service, You will be redirected to the EHR vendor partner login page to sign in with your existing EHR credentials and then redirected back to the Application. Users are identified by us through the username in the EHR. Please read this Policy carefully to understand our policies and practices regarding the information we collect and how we will treat it. If you do not agree to this Policy, do not use the Application. By using the Application, you agree to this Policy.
This Policy applies to information we collect in the Application and through the Service.
​
Through the Service, a User will provide, receive or have access to information that is regulated by the Health Insurance Portability and Accountability Act of 1996, as amended by Subtitle D of the Health Information Technology for Economic and Clinical Health Act, and their implementing regulations (collectively, “HIPAA”). Information provided by You that is subject to HIPAA will be governed by the Terms of Use and the Business Associate Agreement between Licensee and Us.
​
Information We Collect and How We Collect It
We collect information from and about users of our Application when it is provided directly to us and in other cases, automatically through use of the Application. This information includes:​
-
Login Credentials and contact details - Login to the Application is performed with a Single Sign On (SSO) with your existing Electronic Health Record (EHR) vendor. We collect your EHR username, your full name, your initials, your title and position within your organization and information about your access privileges in the EHR, as well as a temporary authentication token that is created by the EHR during the login session.
-
Information you may provide through the internal messaging system - You can collect links, snapshots, and other types of data from the EHR web application by either capturing that data, or by sending such data in the support messaging system to Guardoc. This channel can help support the auditing and error correction process.
-
Chat Messages - We collect chat messages between you and Guardoc support to resolve any issues you may encounter and to improve customer service.
When you access and use the Application, it may use technology to automatically collect:
-
Usage Details – When you access and use the Application, we may automatically collect certain details about your access to and use of the Application.
-
Device Information – We may collect information about your device operating system, and browser type.
​
The technologies we may use for automatic information collection may include:
Session Cookies: Cookies are essentially text files (or code lines) that are created on the browser and collect relevant information, such as the duration of your visit on the site and pages, your browsing method and the actions performed therein. We only use first-party session cookies in order to store session authentication tokens which is a temporary token created at the login. The use of session cookies facilitates your identification when you revisit our web application and it is helps with fast page loading and easy navigation.
If you do not want us to collect this information, do not use the Application.
​
How We Use Your Information
We use your information for purposes described in this Privacy Policy, which includes, for example:
-
Providing and operating the Service and its core functionality, including allowing you to log in and use the Service and also guiding you through the audit and error correction process.
-
Using the error correction process workflow to improve the Service by developing and training models that enhance accuracy and effectiveness.
-
Recording the entire user session for the purposes of debugging and improving the Application functionality and performance.
-
Monitoring information security.
-
Handling technical issues.
-
Handling applications.
-
Preventing fraud and/or illegal activities, and protecting the legal rights and legitimate interests of us and others, all subject to the provisions of any law.
-
Responding to your support requests and provide customer service.
We combine information. For example, we may combine information that we have collected offline with information we collect online. We combine information that we have collected across other third party sites. We combine information across devices, such as computers and mobile devices. We may also combine information we receive from a third party with information we already have.
​
How We Share Your Information
We may disclose your information to third parties as follows:
-
For the purposes set out in this Policy and for purposes we are authorized to perform by law.
-
To our subsidiaries and related companies. This includes current and future companies.
-
To subcontractors and suppliers that provide us with services (such as cloud service providers for data storing, companies that provide support and maintenance for equipment, software providers, accountants, lawyers, banks, customer service centers).
-
As part of the sale of our business (in part or in whole), merger, divestiture, restructuring, reorganization or other sale or transfer, or during negotiation of such sale, provided that such third party meets the provisions of applicable laws.
-
To comply with a court order, law or legal process, including to respond to any governmental or regulatory request.
-
To protect the rights, property or safety of Company, or our users or others.
-
To enforce our rights arising from any contracts entered into between you and us.
-
With your consent.
-
For defense of legal claims.
-
For any other purpose disclosed by us when you provide the information.
​
Third Party Sites Links
If you click on a link to a third party site, you will be taken to websites we do not control. When using the Application, links to external pages that refer to the EHR domains may appear. Should you choose to press on such links, be mindful that once you click on them you will be subject to the legal terms and conditions and to the privacy policy of the EHR’s websites/pages/applications. We are not responsible for these third party practices.
​
Your Rights
Depending on the law where you reside, you may have certain rights under applicable privacy laws, such as accessing, correcting or deleting your personal information, subject to certain exceptions provided in the law as those rights are not absolute. You can exercise your rights by contacting us at support@guardoc.health. Subject to legal considerations, we will make reasonable efforts to honor your request in accordance with applicable laws. In order to comply with your request, we may ask you for additional information to verify your identity and for security purposes.
You will not be discriminated against for exercising any of your rights. Please understand that, if the exercise of your rights limits our ability to process personal data (such as a deletion request), we may no longer be able to provide you with the Service.
​
Security
We take reasonable security measures a required by applicable law. However, please remember that no method of transmission over the internet or method of electronic storage is 100% secure.
You are also responsible for maintaining appropriate means of information security, such as the use of a strong password, anti-virus software, software updates etc.
Data Retention
We retain your information for as long as necessary for us to provide our services. In addition, we will retain your personal information for as long as we need it for resolving disputes and legal defenses, conducting audits, pursuing legitimate business purposes, enforcing agreements and in order to comply with our legal obligations.
Changes to this Policy
We may update this Policy from time to time. Should we make material changes to this Policy, we will notify you as required by law. Your continued use of the Application after we revise the Policy means you accept those changes so please check the Policy periodically for updates.
Contact Us
If you have any questions or concerns about this Policy, please contact us at support@guardoc.health.
​