M*Modal Privacy Policy

M*Modal respects the privacy and values the confidence of its customers, employees, and business partners, and strives at all times to comply with the laws of the countries in which it does business, including those countries in which it collects Sensitive Personal Health Data and other Personal Data (as those terms are defined below). This privacy policy describes how M*Modal collects and uses the personal data you provide on our Website: www.mmodal.com.

M*Modal has been awarded TRUSTe’s Privacy Seal signifying that this privacy policy and practices have been reviewed by TRUSTe for compliance with TRUSTe’s program requirements including transparency, accountability and choice regarding the collection and use of your personal data.  The TRUSTe program covers information that is collected through this Website, www.mmodal.com, and does not cover any information that may be collected offline. TRUSTe’s mission, as an independent third party, is to accelerate online trust among consumers and organizations globally through its leading privacy trustmark and innovative trust solutions.  If you have questions or complaints regarding our privacy policy or practices, please contact us at customeradvocacy@mmodal.com.  If you are not satisfied with our response you can contact TRUSTe here.

In furtherance of this privacy commitment, M*Modal has certified to the U.S.-EU Safe Harbor Agreement regarding Personal Data collected in the European Economic Area (EEA) (which includes the twenty-eight member states of the European Union (EU) plus Iceland, Liechtenstein and Norway) to the United States. M*Modal complies with the U.S. – E.U.  Safe Harbor Framework as set forth by the U.S. Department of Commerce regarding the collection, use and retention of personal data from the European Union member countries.  M*Modal has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement.  To learn more about the Safe Harbor program, and to view M*Modal’s certification, please visit http://www.export.gov/safeharbor/.

Definitions

“Agent” means any third party that collects or uses personal data under the instructions of, and solely for, M*Modal or to which M*Modal discloses personal data for use on M*Modal’s behalf.

“M*Modal” means M*Modal, its predecessors, successors, subsidiaries, divisions, groups and other affiliates in the United States.

“Personal Data” means any information that identifies or describes an identified or identifiable living natural person. “Personal Data” may include, for example, name, signature, employee identification number, social security number, telephone number, insurance policy number, job title, financial information, account numbers, or any other information that is capable of being associated with a particular identifiable individual. Personal Data does not include aggregate data that is not individually identifiable.

“Sensitive Personal Health Data” is a subset of Personal Data, and includes information pertaining to an individual’s racial or ethnic origin, political or religious beliefs or information related to an individual’s health or sex life.

Privacy Principles

The privacy principles in this Privacy Policy have been developed based on the following:

Notice: Most of the Personal Data that M*Modal holds is not collected directly from individuals (“data subjects”) but is received from M*Modal customers who engage M*Modal (either directly or through a third party) to process Personal Data on the customer’s behalf.  M*Modal does collect some Personal Data directly, including data related to M*Modal employees and investors and individuals who have made inquiries about using M*Modal’s products or services.  Where Personal Data is supplied to M*Modal from a customer, that customer is responsible for ensuring that data subjects are notified about the identity of the data controller or its representatives, the purposes for which it is collecting, processing and maintaining the data, and any further information that may be required by the circumstances under which the data are collected.  M*Modal also collects Personal Data that you provide to it on the “Contact Us” section of M*Modal’s Website, including your name, title, organization, phone number, e-mail.  M*Modal uses this Personal Data to contact you with additional information about M*Modal’s product offerings.  M*Modal will only share Personal Data with third parties in the manner that is described in this Privacy Policy.  M*Modal will not sell Personal Data to third parties.

Choice: In the event that Personal Data are to be used for a new purpose incompatible with the purposes for which the data were originally collected by M*Modal customers or subsequently authorized or transferred to the control of a third party that is not acting as an Agent of M*Modal, M*Modal’s customers will be given notice of such use so that such customers can provide notice to data subjects and, where feasible and appropriate, an opportunity to decline to have their data so used or transferred. Sensitive Personal Health Data will not be used by M*Modal for a new purpose or transferred to the control of a third party not acting as an Agent of M*Modal, unless such new use or transfer is (1) in the vital interests of the data subject or another person; (2) necessary for the establishment of M*Modal’s legal claims or defenses or to comply with the law, such as to comply with a subpoena; (3) required to provide medical care or diagnosis; (4) necessary to carry out M*Modal’s obligations in the field of employment law; (5) related to data that are manifestly made public by the data subject; or (6) in the event M*Modal sells or buys assets in the course of its business and it is necessary to transfer such data to: (i) a parent or subsidiary; (ii) an acquirer of assets; or (iii) a successor by merger; in any of the cases in (6), above, you will be notified via email and/or a prominent notice on our Website of any change in ownership or uses of your personal information, as well as any choices you may have regarding your personal data.

Opt-Out:  We provide you the opportunity to “opt-out” of having your Personal Data used for certain purposes, when we ask for this information.  For example, if you no longer wish to receive our newsletter and promotional communications, you may opt-out of receiving them by following the instructions included in each newsletter or communication or by emailing us at customeradvocacy@mmodal.com.

Onward Transfers: M*Modal does not sell, distribute or otherwise transfer Personal Data to third parties, except that M*Modal may, on occasion, rely on third parties for information technology and data center management purposes.  In such cases, M*Modal will only transfer Personal Data to an Agent, such as a service provider, vendor or other third party acting as a processor of Personal Data for M*Modal where such Agent has provided assurances that it provides at least the same level of privacy protection as is required by this Privacy Policy. Where M*Modal has knowledge that one of its Agents is using or sharing Personal Data in a way that is contrary to this Privacy Policy, M*Modal will take reasonable and appropriate steps to prevent or stop such processing.

Security: M*Modal takes reasonable and appropriate precautions to protect Personal Data in its possession and control from loss, misuse, alteration, destruction, or unauthorized access or disclosure.  The Internet is, however, inherently insecure and even the best precautions and systems cannot guarantee the security of data. When you enter Personal Data, we encrypt the transmission of that Personal Data using secure socket layer technology (SSL).

Access: Although M*Modal receives, handles and in some cases, stores Personal Data, M*Modal’s customers are typically the custodians of the permanent copies of such Personal Data and the permanent official copies of dictation audio are managed by M*Modal’s customers.  In the case of health records, all requests by data subjects for access to such records, such as to correct, update or delete it, should be directed to the relevant M*Modal customer to ensure that the data subject receives access to his or her official, final health record.  In the event that the relevant M*Modal customer does not respond to your request in a reasonably adequate or timely manner, please contact us at customeradvocacy@mmodal.com and we will escalate your request with such M*Modal customer.  In such cases, we will respond to your request within 30 days.

Data Retention: M*Modal will retain Personal Data for as long as necessary to deliver services to the relevant M*Modal customer, in addition to retaining and using Personal Data as is necessary to comply with M*Modal’s legal obligations, to resolve customer disputes, and to enforce M*Modal’s agreements with its customers.

Customer Testimonials:  We post customer testimonials, comments and reviews on our Website which may contain personal information.  We obtain the customer’s consent via email to post such customer’s name along with the testimonial, prior to posting the testimonial. If you wish to update or delete your testimonial, you can contact us at customeradvocacy@mmodal.com.

Data Integrity: M*Modal’s customers are responsible for ensuring that any Personal Data collected are accurate, complete, current and reliable for the intended use.  Draft medical reports generated by M*Modal for its customers may not be considered reliable, accurate, or complete until subsequently reviewed, edited (as necessary), and approved by a healthcare provider, which approval process occurs outside the M*Modal system.

Enforcement: M*Modal has put in place mechanisms to verify its ongoing compliance with this Privacy Policy.  Any M*Modal employee found to have violated the privacy principles in this Privacy Policy will be subject to appropriate corrective actions.

Dispute Resolution: M*Modal is committed to resolving any disputes that may arise by internal investigation and resolution of the issue. Should M*Modal’s efforts to resolve an issue be unsuccessful, M*Modal will facilitate the resolution of such disputes including through the submission of disputes to an independent third party.  M*Modal also participates in the EU Safe Harbor Privacy Framework as set forth by the United States Department of Commerce. As part of our participation in safe harbor, M*Modal has agreed to the TRUSTe Dispute Resolution Requirements for disputes relating to our compliance with the Safe Harbor Privacy Framework. If you have complaints regarding our compliance with the Safe Harbor Privacy Framework you should first contact us at customeradvocacy@mmodal.com or at M*Modal’s headquarters at 5000 Meridian Boulevard, Suite 200, Franklin, Tennessee 37067.  If contacting us does not resolve your complaint, you may raise your complaint by contacting TRUSTe here or by fax at 415-520-3420, or mail at Watchdog Complaints, TRUSTe, 835 Market Street Suite 800, San Francisco, CA 94103. If you are faxing or mailing TRUSTe to lodge a complaint, you must include the following information: M*Modal, the alleged privacy violation, your contact information, and whether you would like the particulars of your complaints shared with M*Modal. For information about TRUSTe or the operation of TRUSTe’s dispute resolution process, please visit TRUSTe or request this information from TRUSTe at any of the addresses listed above. The TRUSTe dispute resolution process will be conducted in English.  For human resources data we have agreed to cooperate with Data Protection Authorities in the EEA.

Links to Other Websites: This Website includes links to other Websites whose privacy practices may differ from those of M*Modal.  If you submit personal data information to any of those Websites, your information is governed by the privacy policies statements of those Websites. M*Modal encourages you to carefully read the privacy policy statement of any Website you visit.

Social Media Widgets

Our Website includes social media features, such as the Facebook “Like” button and widgets, such as the “Share this” button or interactive mini-programs that run on our Website. These Features may collect your IP address, which page you are visiting on our Website, and may set a cookie to enable the feature to function properly. Social media features and widgets are either hosted by a third party or hosted directly on our Website. Your interactions with these features are governed by the privacy policy of the company providing the feature.

Cookies: M*Modal may use cookies to keep track of preferences and profile information. Cookies are also used to collect general usage and volume statistical information that does not include Personal Data.  As is true of most Websites, we gather certain information automatically and store it in log files.  This information includes internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and clickstream data.  We use this information, which does not identify individual users, to analyze trends, to administer the site, to track users’ movements around the site and to gather demographic information about our user base as a whole.  We do not link this automatically-collected data to personally identifiable information

The use of cookies by our tracking utility company is not covered by our privacy policy.  We do not have access or control over these cookies.  Our tracking utility company uses persistent cookies in order to help M*Modal analyze trends related to website usage and to allow our customers to gain access to certain customer service applications on our Website.

Our third party partners employ clear gifs (a.k.a. Web Beacons/Web Bugs), images, and scripts that help them better manage content on our site. We do not tie the information gathered to our customers’ or other users’ personally identifiable information.

Any questions, comments or complaints about the data practices (including without limitation compliance with data privacy principles of notice, choice, onward transfer, access, security, data integrity, or enforcement) of an M*Modal customer for whom M*Modal processes data should be addressed to that customer.

Compliance with HIPAA

M*Modal provides technical controls and safeguards that support its customers’ compliance policies and procedures.  Although compliance with the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) is the responsibility of every healthcare organization, M*Modal is dedicated to ensuring that its products and services make it easier for them to reach that goal.

M*Modal has also established a corporate Department of Information Security and HIPAA Compliance led by a corporate director to facilitate and manage the information security needs of its customers.  The director’s role includes these responsibilities:

  • Implement corporate privacy and security policies, and ensure effective corporate-wide privacy and security awareness.
  • Validate that current operational and technical business practices ensure the privacy and security of protected health information.
  • Develop, implement and monitor a privacy and security awareness, education and training program, as well as a compliance program.
  • Assist our customers in the ongoing process of negotiating and finalizing the required Business Associate agreements.

M*Modal’s guiding principle is to make every reasonable effort to be knowledgeable and responsive regarding any changes in the Final Privacy Rule and Security Rule, and to act as a compliant Business Associate.

Limitation on Scope of Principles

Adherence by M*Modal to these privacy principles may be limited to the extent necessary to meet M*Modal’s regulatory, legal, governmental, or national security obligations.

How to Contact Us

Please contact us with any questions concerning this Privacy Policy or any of M*Modal’s privacy practices at:

M*Modal
5000 Meridian Boulevard
Suite 200
Franklin, TN 37067
Phone: 615-798-6000
Fax: 866-796-5127

Changes to this Privacy Policy

This privacy policy statement may be amended consistent with the requirements of the U.S-EU Safe Harbor Framework.  M*Modal may update this privacy policy statement to reflect changes to its data privacy practices. M*Modal encourages you to periodically review this page for the latest information on its privacy practices.

If we make any material changes we will notify you by email (sent to the e-mail address specified in your account) or by means of a notice on this Website prior to the change becoming effective. We encourage you to periodically review this page for the latest information on our privacy practices.

Last Updated:  February 24, 2014