Privacy Policy

Privacy Language

viihealth, Inc. Privacy Shield Principles Statement

viihealth, Inc. and/or viihealth International Limited comply with the EU-US Privacy Shield Framework set forth by the US Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries.  viihealth, Inc. has certified that it adheres to the Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability.  If there is any conflict between the policies in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern.  To learn more about the Privacy Shield program, and to view our certification page, please visit https://www.privacyshield.gov/

Address:

viihealth, Inc., 116 Research Drive, Bethlehem, PA 18015 USA

  1. NOTICE
    1. viihealth, Inc. (VIIHEALTH) and/or viihealth International Limited and its authorized personnel collect data from you through a variety of means including, but not necessarily limited to, online usage, online requests, online surveys, phone calls, emails, and voicemails. Information about your personal health, medical conditions, or care that you provide to us, is held in strictest confidence.  Based upon valid business purposes (such as performance of service and customer service) at times, VIIHEALTH may disclose this information on a need to know basis to appropriate third parties.

      Third Parties may include:

      Business Partners, Agents and Contractors:  To provide you with the services on the Site and the programs we support, we may disclose your information to business partners, agents, and contractors who perform services on our behalf, such as fulfillment, web hosting, or data storage.  These third parties may also collect information on our behalf.  viihealth, Inc. will enter into confidentiality agreements providing that any business partners, agents, and contractors to whom we share information agrees to the same restrictions and conditions that apply through this Privacy Policy to viihealth, Inc. with respect to such information.

      Company is a service provider to Corporate Clients, i.e., corporations in Life Science and/or Healthcare Industries.  When Company processes Personal Information for or on behalf of a Corporate Client, the Company processes Personal information solely for the purpose of providing the Services, in a legal and compliant manner, in accordance with the Agreement and any SOW, and not for any other purpose or in any other manner.  In those cases, that Client is the sole owner or controller of all Personal Information made available to Company and Company only acts under the instruction of Client in connection with Company’s Processing of it and that any Personal Information processed by Company for or on behalf of Client is deemed to be the Confidential Information of Client.

      We do not give out, exchange, barter, and rent, sell, lend, or disseminate any information about users who download our mobile application or access our eMedicareHelp website, or receive any other services that are considered patient confidential, which is restricted by law, or has been specifically restricted by a patient/client in a signed HIPAA consent form.

      VIIHEALTH is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC).

    2. Inquiries or Complaints

      Any inquiries and/or complaints can be directed to:

      Email: info@viihealth.com

      Address:  viihealth, Inc., 116 Research Drive, Bethlehem, PA 18015 USA

      Contact: Privacy Officer

  2. CHOICE
    1. Opt out: viihealth, Inc. offers individuals the opportunity to choose (opt out) whether to disclose personal information.  viihealth, Inc. offers individuals the opportunity to opt out when information to be used for a purpose that is incompatible with the purpose(s) for which it was originally collected or subsequently authorized by the individual.  Individuals are provided a clear and conspicuous, readily available, and affordable mechanism to exercise choice.
    2. Opt in: limited right to use non-identifying personal Information from biographies, letters, notes, and other sources such as blogs:

      Any pictures, stories, letters, biographies, correspondence, or thank you notes sent to us become the exclusive property of VIIHEALTH.  We reserve the right to use non-identifying information about our clients (i.e., those who receive services or goods from or through us) for promotional purposes. VIIHEALTH enables life sciences companies to drive increased ROI by delivering branded, customizable customer engagement solutions at a lower cost and faster time to market. Our solutions increase HCP productivity and streamline the healthcare decision-making process by strengthening patient-provider information exchange both inside and outside the HCP office.  Our interactive, personalized, mobile solutions drive meaningful patient behavior changes for improved adherence and, ultimately, improved care outcomes.

      The platform has been conceived and developed as a central engine for efficient development, rollout, support and operation of a multitude of patient engagement programs and enables deep aggregate data and multiple usage options. Our platform uniquely separates the front-end application from the middleware layer and from the backend web services API services and enables us to offer “white label” versions of the platform for companies in life science and healthcare industries.

      VIIHEALTH and its authorized personnel collect data from you through a variety of means including, but not necessarily limited to, online usage, online requests, online surveys, phone calls, emails, and voicemails.  You have the right to access, correct, or delete your personal data.  An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data, should direct your query to our Privacy Officer.  If requested to remove data, we will respond within a reasonable timeframe.

      Information about your personal health, medical conditions, or care that you provide to us is held in strictest confidence.

      Clients will not be compensated for use of this information, and no identifying information (e.g., photos, addresses, phone numbers, contact information, last names or uniquely identifiable names) will be used without the client’s express advance permission.

  3. ACCOUNTABILITY FOR ONWARD TRANSFER

    To disclose information to a third party, viihealth, Inc. will apply the Notice and Choice Principles. 

    What We Do Not Do With Your Information:

    Information about your personal health, medical conditions, or care that you provide to us, is held in strictest confidence.

    We do not give out, exchange, barter, and rent, sell, lend, or disseminate any information about users who download our mobile application or access our eMedicareHelp website, or receive any other services that are considered patient confidential, which is restricted by law, or has been specifically restricted by a patient/client in a signed HIPAA consent form.

    In cases of onward transfer to third parties of data of EU individuals received pursuant to the EU-US Privacy Shield, VIIHEALTH is potentially liable.

  4. SECURITY

    Information is only used as is reasonably necessary to provide you with health or educational services that may require communication between you (or your caregiver) and your provider.

  5. DATA INTEGRITY AND PURPOSE LIMITATION

    It is the policy of VIIHEALTH that information, as defined hereinafter, in all its forms - written, spoken, recorded electronically or printed - will be protected from accidental or intentional unauthorized modification, destruction or disclosure throughout its life cycle. This protection includes an appropriate level of security over the equipment and software used to process, store, and transmit that information.  Information will only be used for valid business purposes (e.g., sales, marketing, order fulfillment, or research).

    We may be required to disclose an individual’s personal information in response to a lawful request by public authorities, including to meet national security or law enforcement requirements.

  6. ACCESS

    You have the right to access your personal data (contact us at:  Privacy Officer, viihealth, Inc., 116 Research Drive, Bethlehem, PA  18015 USA).

    All policies and procedures must be documented and made available to individuals responsible for their implementation and compliance. All activities identified by the policies and procedures must also be documented. All the documentation, which may be in electronic form, must be retained for at least 6 (six) years after initial creation, or, pertaining to policies and procedures, after changes are made. All documentation must be periodically reviewed for appropriateness and currency, a period of time to be determined by each entity within VIIHEALTH.

    At each entity and/or department level, additional policies, standards and procedures will be developed detailing the implementation of this policy and set of standards, and addressing any additional information systems functionality in such entity and/or department. All departmental policies must be consistent with this policy.  All systems implemented after the effective date of these policies are expected to comply with the provisions of this policy where possible. Existing systems are expected to be brought into compliance where possible and as soon as practical.

  7. RECOURSE, ENFORCEMENT AND LIABILITY

    The Information Security Policy applies to all users of VIIHEALTH information including: employees, medical staff, students, volunteers, and outside affiliates. Failure to comply with Information Security Policies and Standards by employees, medical staff, volunteers, and outside affiliates may result in disciplinary action up to and including dismissal in accordance with applicable VIIHEALTH procedures, or, in the case of outside affiliates, termination of the affiliation. Failure to comply with Information Security Policies and Standards by students may constitute grounds for corrective action in accordance with VIIHEALTH procedures. Further, penalties associated with state and federal laws may apply.

    Possible disciplinary/corrective action may be instituted for, but is not limited to, the following:

    • Unauthorized disclosure of PHI or confidential information as specified in Confidentiality Statement.
    • Unauthorized disclosure of a sign-on code (user id) or password.
    • Attempting to obtain a sign-on code or password that belongs to another person.
    • Using or attempting to use another person's sign-on code or password.
    • Unauthorized use of an authorized password to invade patient privacy by examining records or information for which there has been no request for review.
    • Installing or using unlicensed software on VIIHEALTH computers.
    • The intentional unauthorized destruction of VIIHEALTH information.
    • Attempting to get access to sign-on codes for purposes other than official business, including completing fraudulent documentation to gain access

Independent Recourse Mechanism

In compliance with the EU-US Privacy Shield Principles, VIIHEALTH commits to resolve complaints about your privacy and our collection or use of your personal information.  European Union individuals with inquiries or complaints regarding this privacy policy should first contact VIIHEALTH at:

Privacy Officer

viihealth, Inc.

116 Research Drive

Bethlehem, PA  18015

USA

info@viihealth.com

 

VIIHEALTH has further committed to refer unresolved privacy complaints under the EU-US Privacy Shield Principles to BBB EU PRIVACY SHIELD, a non-profit alternative dispute resolution provider located in the United States and operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/EU-privacy-shield/for-eu-consumers/ for more information and to file a complaint.

Please note that if your complaint is not resolved through these channels, under limited circumstances, a binding arbitration option may be available before a Privacy Shield Panel.