Date of Last Revision: October 12, 2023
More detailed commitments for the handling of information relating to our healthcare provider customers and outside contractors are detailed in separate data protection agreements. For more information, see our model Data Processing/Protection Agreement, or contact us. Our handling of personal information relating to employees and job applicants is governed by our internal employment policies.
“You” or “your” refers to the individual who uses this website, features, and services, or accesses available information, or engages with us directly by email or telephone.
The terms "using," “handling,” and "processing" information mean using information in any way, including, but not limited to collecting, storing, analyzing, evaluating, modifying, deleting, combining, and sharing or disclosing information.
Whose information does EngagedMD collect?
EngagedMD collects information from several types of individuals:
Individuals -- We collect information from people who contact us, primarily with questions about our services or job opportunities.
Customers -- We collect information from our customers, who are individuals and businesses, such as physicians, medical clinics or other healthcare providers, who have signed up for or have been provisioned an EngagedMD account, which enables them to provide their employees and patients with access to our e-learning and e-signing services. Customers provide us with personal contact information about their employees who interact with us. They also provide us personal contact information about their patients who will interact with us, as well as relevant healthcare information.
End Users -- We collect information from our end users, who are individuals that access our website in the course of using our services. If you interact with EngagedMD in the course of seeking medical treatment from your healthcare provider, you are probably an end user.
What information does EngagedMD collect?
Depending on your use of the EngagedMD website and services, or direct interactions with us, we collect two types of information: personal information and non-personal information.
Personal information identifies you or may be used in combination with other pieces of personal information to identify you. Examples of personal information include your name, company name, job title, address, e-mail address, telephone number, and billing and credit card information. Personal information can also include information that does not identify you, but could be combined with other information in a way that enables you to be identified. This includes information such as age, gender, profession, zip code, IP address, and current location.
Non-personal information is information that cannot be used or combined with other information to identify or contact you, including browser types, domain names, and statistical data involving the use of the EngagedMD website and services.
Does EngagedMD collect information from children under 16 years of age?
We are committed to protecting the privacy of children. The EngagedMD Service is not designed for or directed to children under the age of 16. We do not knowingly collect personal information from any person under the age of 16.
What does EngagedMD do with Customer information?
We use Customer information to facilitate the delivery of our services, including to understand how customers use our website and services and ways to improve our interaction with them; to support the internal operations of our website and services; and for billing and customer service, which can include sending emails about our services.
We may also send you commercial or transactional notifications. Transactional notifications are critical to the functioning of the services, such as a notification that a new learning module has been assigned or instructions for resetting your password, so you will not be able to unsubscribe from these notifications
We may also use your information to send other e-mail communication related to the EngagedMD website Also marketing emails.... We always give you the option to unsubscribe in any email we send you.
If you identify yourself to us by sending us an e-mail with questions or comments, we may use your information (including personal information) to respond to your questions or comments, and we may file your questions or comments (with your information) for future reference.
We may also use Customer information gathered to perform statistical analysis of user behavior, facilitate research, or to evaluate and improve the EngagedMD services. We may link some of this information to personal information for internal purposes or to improve your experience with the EngagedMD website and our services.
We will retain and use your information for as long as your customer account is active or as needed to provide your services. We will also retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
What does EngagedMD do with End User information?
We use End User information as necessary to provide agreed upon services with the End User’s relevant Customer. If you are interested in how we process the data on behalf of EngagedMD customers, please read our Data Processing Agreement with your healthcare provider.
We may use End User information for internal analytic purposes or for research purposes. When we do this, we first turn it into non-personal information by removing your identifying information (this is called de-identifying or anonymizing the data). We then use the information to perform statistical analysis of user behavior or to evaluate and improve EngagedMD services. We will obtain your consent if we link any of this information back to your personal information (that is, if we re-identify the data) for internal management purposes or to improve your experience with the EngagedMD website and our services.
We will retain and use your information for as long as your end user account is active or as needed to provide your services. We will also retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
What choices do I have regarding the collection, use, and disclosure of personal information?
Can I update or correct my information?
The rights you have to request updates or corrections to the information EngagedMD collects depend on your relationship with EngagedMD. Customers and End Users may review information about them maintained by EngagedMD and may request to update or correct such information.
If you are an end user and you learn that personal information is incorrect, that your personal information has changed, or if you no longer desire our service, you may request updates or corrections to the information or ask to have it removed by contacting your relevant Customer.
When does EngagedMD disclose information to third parties?
Please understand that third party access to and use of EngagedMD information is limited to their support for our services, which are governed by data processing agreements. We will not share any customer or end-user information with third parties without having such an agreement in place. Customer and End User permission for our use of their information includes its use by these third parties to the extent necessary for them to support our services. We will not be able to provide our services to you, as a customer or end-user, should you not consent to our sharing of your information with these third parties.
Is information collected by EngagedMD secure?
We take precautions to protect the security of your information. We have physical, electronic, and managerial procedures to help safeguard, prevent unauthorized access, maintain data security, and correctly use your information. However, neither people nor security systems are foolproof, including encryption systems. In addition, people can commit intentional crimes, make mistakes or fail to follow policies. Therefore, while we use reasonable efforts to protect your personal information, we cannot guarantee its absolute security. If applicable law imposes any non-disclaimable duty to protect your personal information, you agree that intentional misconduct will be the standards used to measure our compliance with that duty.
For more information about how EngagedMD stores and secures customer and company data, please see our Security Policy.
Laws and Legal Rights
EngagedMD complies with the U.S. Health Insurance Portability and Accountability Act (HIPAA) and is able to process, maintain and store protected health information for any entities governed by HIPAA. On request, EngagedMD will sign a business associate agreement (BAA) with your organization.
We may disclose your information (including personal information) if we believe in good faith that we are required to do so in order to comply with an applicable statute, regulation, rule or law, a subpoena, a search warrant, a court or regulatory order, or other valid legal process. We may disclose personal information in special circumstances when we have reason to believe that disclosing this information is necessary to identify, contact or bring legal action against someone who may be violating the EngagedMD Terms of Service, to detect fraud, or to protect the safety and/or security of our users, the EngagedMD website, or the general public. We also may be required to disclose an individual’s personal information in response to a lawful request by public authorities, including to meet national security or law enforcement requirements.
EU/UK/Switzerland-U.S. Privacy Framework
Our agreements with our Customers and Subcontractors provide that personal information may only be collected and used for limited and specified purposes consistent with your consent and that these entities will also provide the same level of protection as the Privacy Framework requires, and that they will notify EngagedMD if they make a determination that they can no longer meet this obligation. Our agreements with these entities provide that if and when such a determination is made, the other entity shall cease processing or otherwise take reasonable and appropriate steps to remediate.
In cases of onward transfer to third parties (e.g., EngagedMD’s Customers or Subcontractors) of personal information of EU, UK, or Swiss individuals received pursuant to the Privacy Framework, EngagedMD is potentially liable.
Please note that if your complaint is not resolved through these channels, under limited circumstances, a binding arbitration option may be available under a Privacy Framework panel.
Sale of Business
Whom do I contact if I have any privacy questions?