M*Modal Privacy Notice
In furtherance of this privacy commitment, M*Modal has certified to the U.S.-EU Safe Harbor Agreement regarding Personal Data collected in the European Economic Area (EEA) (which includes the twenty-eight member states of the European Union (EU) plus Iceland, Liechtenstein and Norway) to the United States. M*Modal complies with the U.S. – E.U. Safe Harbor Framework as set forth by the U.S. Department of Commerce regarding the collection, use and retention of personal data from the European Union member countries. M*Modal has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Safe Harbor program, and to view M*Modal’s certification, please visit http://www.export.gov/safeharbor/.
“Agent” means any third party that collects or uses personal data under the instructions of, and solely for, M*Modal or to which M*Modal discloses personal data for use on M*Modal’s behalf.
“M*Modal” means Multimodal Technologies, LLC, its predecessors, successors, subsidiaries, divisions, groups and other affiliates in the United States.
“Personal Data” means any information that identifies or describes an identified or identifiable living natural person. “Personal Data” may include, for example, name, signature, employee identification number, social security number, telephone number, insurance policy number, job title, financial information, account numbers, or any other information that is capable of being associated with a particular identifiable individual. Personal Data does not include aggregate data that is not individually identifiable.
“Sensitive Personal Health Data” is a subset of Personal Data, and includes information pertaining to an individual’s racial or ethnic origin, political or religious beliefs or information related to an individual’s health or sex life.
Choice: In the event that Personal Data are to be used for a new purpose incompatible with the purposes for which the data were originally collected by M*Modal customers or subsequently authorized or transferred to the control of a third party that is not acting as an Agent of M*Modal, M*Modal’s customers will be given notice of such use so that such customers can provide notice to data subjects and, where feasible and appropriate, an opportunity to decline to have their data so used or transferred. Sensitive Personal Health Data will not be used by M*Modal for a new purpose or transferred to the control of a third party not acting as an Agent of M*Modal, unless such new use or transfer is (1) in the vital interests of the data subject or another person; (2) necessary for the establishment of M*Modal’s legal claims or defenses or to comply with the law, such as to comply with a subpoena; (3) required to provide medical care or diagnosis; (4) necessary to carry out M*Modal’s obligations in the field of employment law; (5) related to data that are manifestly made public by the data subject; (6) when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request; or (7) in the event M*Modal sells or buys assets in the course of its business and it is necessary to transfer such data to: (i) a parent or subsidiary; (ii) an acquirer of assets; or (iii) a successor by merger; in any of the cases in (6), above, you will be notified via email and/or a prominent notice on our Website of any change in ownership or uses of your personal data, as well as any choices you may have regarding your personal data.
Opt-Out: We provide you the opportunity to “opt-out” of having your Personal Data used for certain purposes, when we ask for this information. For example, if you no longer wish to receive our newsletter and promotional communications, you may opt-out of receiving them by following the instructions included in each newsletter or communication or by emailing us at firstname.lastname@example.org.
Security: M*Modal takes reasonable and appropriate precautions to protect Personal Data in its possession and control from loss, misuse, alteration, destruction, or unauthorized access or disclosure. The Internet is, however, inherently insecure and even the best precautions and systems cannot guarantee the security of data. If you have any questions about security on our Web site, you can contact us at email@example.com.
Access: Although M*Modal receives, handles and in some cases, stores Personal Data, M*Modal’s customers are typically the custodians of the permanent copies of such Personal Data and the permanent official copies of dictation audio are managed by M*Modal’s customers. In the case of health records, all requests by data subjects for access to such records, such as to correct, update or delete it, should be directed to the relevant M*Modal customer to ensure that the data subject receives access to his or her official, final health record. In the event that the relevant M*Modal customer does not respond to your request in a reasonably adequate or timely manner, please contact us at firstname.lastname@example.org and we will escalate your request with such M*Modal customer. In such cases, we will respond to your request within 30 days.
Referrals: If you choose to use our referral service to tell a friend about employment opportunities with M*Modal, we will ask you for your friend’s name, email address and contact number. We will send your friend an email or call him or her, inviting him or her to visit the site or otherwise gauging his or her interest in one or more open positions. M*Modal stores this information for the sole purpose of contacting your friend and tracking the success of our referral program. Your friend may contact us at email@example.com to request that we remove this information from our database.
Data Retention: M*Modal will retain Personal Data for as long as necessary to deliver services to the relevant M*Modal customer, in addition to retaining and using Personal Data as is necessary to comply with M*Modal’s legal obligations, to resolve customer disputes, and to enforce M*Modal’s agreements with its customers.
Customer Testimonials: We post customer testimonials, comments and reviews on our Website which may contain personal data. We obtain the customer’s consent via email to post such customer’s name along with the testimonial, prior to posting the testimonial. If you wish to update or delete your testimonial, you can contact us at firstname.lastname@example.org.
Blogs: Our Web site offers publicly accessible blogs or community forums. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them. To request removal of your personal information from our blog or community forum, contact us at email@example.com. In some cases, we may not be able to remove your personal information, in which case we will let you know if we are unable to do so and why.
Data Integrity: M*Modal’s customers are responsible for ensuring that any Personal Data collected are accurate, complete, current and reliable for the intended use. Draft medical reports generated by M*Modal for its customers may not be considered reliable, accurate, or complete until subsequently reviewed, edited (as necessary), and approved by a healthcare provider, which approval process occurs outside the M*Modal system.
Dispute Resolution: As part of our participation in the Safe Harbor, we have agreed to the TRUSTe Dispute Resolution for disputes relating to our compliance with the Safe Harbor Privacy Framework. Please click here for fax and postal mail information. TRUSTe’s dispute resolution process is only available in English.
Social Media Widgets
Tracking Technologies: Technologies such as: cookies, beacons, tags and scripts are used by M*Modal and our website analytics providers. These technologies are used in analyzing trends, administering the site, tracking users’ movements around the site and to gather demographic information about our user base as a whole. We may receive reports based on the use of these technologies by these companies on an individual as well as aggregated basis.
Log Files: As is true of most Websites, we gather certain information automatically and store it in log files. This information includes internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and clickstream data. We use this information, which does not identify individual users, to analyze trends, to administer the site, to track users’ movements around the site and to gather demographic information about our user base as a whole. We do not link this automatically-collected data to personal data.
Local Storage: Third parties with whom we partner to provide certain features on our site or to display advertising based upon your Web browsing activity use LSOs such as HTML 5 to collect and store information. Various browsers may offer their own management tools for removing HTML5 LSOs.
Service Providers: We may provide your personal data to companies that provide services to help us with our business activities such as offering customer service (Live Chat). These companies are authorized to use your personal data only as necessary to provide these services to us.
Any questions, comments or complaints about the data practices (including without limitation compliance with data privacy principles of notice, choice, onward transfer, access, security, data integrity, or enforcement) of an M*Modal customer for whom M*Modal processes data should be addressed to that customer.
Compliance with HIPAA
M*Modal provides technical controls and safeguards that support its customers’ compliance policies and procedures. Although compliance with the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) is the responsibility of every healthcare organization, M*Modal is dedicated to ensuring that its products and services make it easier for them to reach that goal.
M*Modal has also established a corporate Department of Information Security and HIPAA Compliance led by a corporate director to facilitate and manage the information security needs of its customers. The director’s role includes these responsibilities:
- Implement corporate privacy and security policies, and ensure effective corporate-wide privacy and security awareness.
- Validate that current operational and technical business practices ensure the privacy and security of protected health information.
- Develop, implement and monitor a privacy and security awareness, education and training program, as well as a compliance program.
- Assist our customers in the ongoing process of negotiating and finalizing the required Business Associate agreements.
M*Modal’s guiding principle is to make every reasonable effort to be knowledgeable and responsive regarding any changes in the Final Privacy Rule and Security Rule, and to act as a compliant Business Associate.
Limitation on Scope of Principles
Adherence by M*Modal to these privacy principles may be limited to the extent necessary to meet M*Modal’s regulatory, legal, governmental, or national security obligations.
How to Contact Us
5000 Meridian Boulevard
Franklin, TN 37067
Email Address: firstname.lastname@example.org
If we make any material changes we will notify you by email (sent to the e-mail address specified in your account) or by means of a notice on this Website prior to the change becoming effective. We encourage you to periodically review this page for the latest information on our privacy practices.
Last Updated: February 24, 2015