Privacy Policy

Updated and effective as of July, 2016

The privacy of your personal information is important to us and CareDox will strive to protect it. We have provided our policy to communicate our commitment to you and your privacy. CareDox.com is a service of CareDox Inc. (All references to CareDox apply to the CareDox site and to the organization CareDox Inc.) CareDox (“CareDox”, “we”, “our” or “us”) provides this Privacy Policy to inform you of our policies and procedures regarding the collection, use and disclosure of personal information we receive from users of www.CareDox.com and the CareDox mobile phone applications (collectively the “Site”) and the CareDox service made available through the Site (the “Service”). This Privacy Policy applies only to information that you provide to us or provide us with access to through the Site. Unless otherwise defined in this Privacy Policy, terms used in this Privacy Policy have the same meanings as in our Terms and Conditions of Service, accessible here.

By using, accessing, visiting, or browsing the Site or by any act demonstrating your assent, including clicking any button containing the words “Agree”, “Submit”, as well as starting a free trial or ordering a Subscription with CareDox through the Site, you accept, without limitation or qualification the Privacy Policy. If you do not agree to be bound by the Privacy Policy, you should exit the Site immediately. By accessing, using or ordering products and services through the Site, you affirm that you have read this Agreement and understand, agree, and consent to all the terms contained herein.

1. Protection of Your Medical Privacy

CareDox does not provide any medical data that you enter on the site or that we obtain from your medical providers to third parties without your authorization. Your account features security measures that include encryption of your health data and password protection for access. You are responsible for managing the sharing of your user name and password. CareDox will not provide access to your account to any third party, except where you have authorized such access by providing the third party a user name and password. Any third party to whom you provide access will have the ability to read and/or manage the data in your account. It is your responsibility to manage the creation and sharing of passwords to insure only authorized users have access to your account.

As a Member of CareDox.com, you grant us access to your account, including the ability to manage and view medical data to maintain your account. CareDox requires this access in order to update your account with medical records or to make changes to correct issues you may report to us.

2. Information Collection and Use

  • Personal Information. When you register with us through the Site, we will ask you for personally identifiable information. This refers to information about you that can be used to contact or identify you (“Personal Information”). Personal Information includes, but is not limited to your name and email address. We will use your Personal Information to create a CareDox account (“Account”) and you will become a member of CareDox (“Member”). We use your Personal Information mainly to provide the Service and to administer your Account and inquiries. Some “Members” have free accounts that are updated by the user, others have accounts, where some data is updated by CareDox. (Members with this service may be referred to as “Subscribers”.)
  • As a CareDox Member or Subscriber who has registered for the Service, we collect your Personal Information to associate your personal accounts with medical records that you upload or transmit or we obtain on your behalf from third party health providers (e.g. your doctor or hospital). By providing CareDox with the Personal Information required to identify you and/or members of your family, you understand that CareDox will access, retrieve and store content from your medical providers (“Healthcare Information”) in order to make it available and viewable through the Service.
  • We may publicly display on the Site certain information that does not, and cannot be used to, identify you (“De-Identified Information”).
  • We use your Personal Information (in some cases, in conjunction with your De-Identified Information) to provide the Service to you and administer your inquiries.
  • We also use your Personal Information to contact you with health and educational information about CareDox and its third party suppliers. We use feedback you provide to us to develop better health and educational products and services. We do not, however, engage in online targeted advertising (also known as online behavioral advertising), which is commonly described as collecting information about users based on the users’ website activity over multiple websites and delivering advertisements based on that activity. We do not share behavior tracking information with any third parties.
  • Choice / Opt-Out. If you decide at any time that you no longer wish to receive such communications from us, please follow the unsubscribe instructions provided in any of the communications or update your preferences via the “Settings” section of the Site. (See “Changing or Deleting Information,” below.) Active Members and Subscribers may not opt out of email and phone communication needed to maintain your account. If you wish not to receive them, you have the option to deactivate your account by emailing info@caredox.com with “cancellation” in the subject line.
  • De-Identified Information. Certain information would be considered a part of your Personal Information if it were combined with other identifiers (for example, combining your zip code with your street address) in a way that enables you to be identified. But the same pieces of information are considered De-Identified Information when they are taken alone or combined only with other de-identified information (for example, your preferences) in a manner that does not, and cannot be used to, identify you. When we de-identify information we do so in accordance with the Health Insurance Portability and Accountability Act (HIPAA) and the Family Educational Rights and Privacy Act (FERPA). We may use your De-Identified Information to improve our products and services, and to demonstrate the effectiveness of our products or services, including in our marketing materials. We may also aggregate your De-Identified Information with De-Identified Information of other users of the Site, and share that aggregated De-Identified Information with third parties for the development and improvement of educational sites, services and applications.

3. Log Data

When you visit the Site, our servers automatically record information that your browser sends whenever you visit a website (“Log Data”). This Log Data may include information such as your computer’s Internet Protocol (“IP”) address, pages of our Site that you visit, the time spent on those pages, information you search for on our Site, access times and dates, and other statistics. We use this information to monitor and analyze use of the Site and the Service and for the Site’s technical administration, to increase our Site’s functionality and user-friendliness, and to better tailor it to our visitors’ needs. We also use this information to verify that visitors to the Site meet the criteria required to process their requests. We do not treat Log Data as Personal Information or use it in association with other Personal Information, though we may aggregate, analyze and evaluate such information for the same purposes as stated above regarding other De-Identified Information. We do not share Log Data with any third parties.

4. Cookies

Like many websites, we use “cookies” to collect information. A cookie is a small data file that we transfer to your computer’s hard disk for record-keeping purposes. We use cookies for two purposes. First, we utilize persistent cookies to save your login information for future logins to the Site. Second, we utilize session ID cookies to enable certain features of the Site, to better understand how you interact with the Site and to monitor aggregate usage by Members and web traffic routing on the Site. Unlike persistent cookies, session cookies are deleted from your computer when you log off from the Site and then close your browser. You can instruct your browser, by changing its options, to stop accepting cookies or to prompt you before accepting a cookie from the websites you visit. If you do not accept cookies, however, you may not be able to use all portions of the Site or all functionality of the Service.

5. Third Party Cookies

The use of cookies by our partners, affiliates, tracking utility company, service providers is not covered by our privacy statement. We do not have access or control over these cookies. Our partners, affiliates, tracking utility company, service providers use session ID cookies to make it easier for you to navigate our site.

6. Promotions

From time to time we may provide you the opportunity to participate in surveys, contests or offers (collectively, “Promotions”) on our Site or via newsletters. If you decide to participate, we may request certain Personal Information from you. Participation in these Promotions is completely voluntary and you have a choice whether or not to disclose this information. We use this information to administer your participation in each Promotion.

7. CareDox Blog- Community features and “Sharing”

CareDox offers a publicly accessible blog, accessible at blog.caredox.com (the “Blog”). You should be aware that any information you provide on the Blog, including, but not limited to, comments, may be read, collected and used by others who access the Blog. Also any comments made in blog or user-generated content on the site, may be read, collected and used by others who access the Site. Also- if you elect to share data with other CareDox members or provide a login to medical providers or caregivers that you select to receive a login, those members will have the ability to view your data. Third parties will not have access to view your data except where you have provided them with a login- or invited them to share access to non-medical data such as growth charts or milestones. Finally, you may elect to share items to third party sites such as Facebook, through links on the Site. These third party sites and the information you share are not governed by this privacy policy- but by the policies of the site to which you shared the data. No data from your account will be posted or visible on third party sites as a result of your use of CareDox, except when you elect to do so by clicking “share” links or taking a direct action to post data for sharing.

We may post customer testimonials and feedback on the Site which may contain Personal Information. We will attempt to obtain a Member’s consent via email prior to posting the testimonial or feedback in conjunction with such Member’s Personal Information.

8. Phishing

Identity theft and the practice currently known as “phishing” are concerning to CareDox. Safeguarding information to help protect you from identity theft is of great importance to us. We do not and will not, at any time, request your credit card information, your login information or national identification numbers in a non-secure or unsolicited e-mail or telephone communication. All email or phone communication regarding payments for your account will direct you to the secure site CareDox.com for payment- unless you elect to confirm payment by phone. For more information about phishing, visit the Federal Trade Commission’s website.

9. Service Providers

We may employ third party companies and individuals to facilitate our Service, to provide the Service on our behalf, to perform Site-related services (e.g., without limitation, customer service, transcribing health records to your account, maintenance services, email management, database management, web analytics and improvement of the Site’s features) or to assist us in analyzing how our Site and Service are used. We may disclose Personal Information, such as name and contact information, to any person performing audit, legal, operational, or other services for us. We will use information which does not identify the individual for these activities whenever feasible. Information disclosed to vendors or contractors for operational purposes will be limited to the minimum necessary to perform their task and may not be re-disclosed to others by such a vendor or contractor. These third parties have access to your Personal Information and health records only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.

10. Compliance with Laws and Law Enforcement

CareDox cooperates with government and law enforcement officials and private parties to enforce and comply with the law. We will disclose any information about you to government or law enforcement officials or private parties as we, in our sole discretion, believe necessary or appropriate to respond to claims and legal process (including but not limited to subpoenas), to protect the property and rights of CareDox or an individual or third party, to protect the safety of the public or any person, or to prevent or stop activity we may consider to be, or to pose a risk of being, any illegal, unethical or legally actionable activity. We may disclose personal information to protect the security and reliability of this Site and to take precautions against liability.

11. Business Transfers

CareDox may sell, or transfer some or all of its assets, including your Personal Information, in connection with a merger, acquisition, consolidation, joint venture, reorganization or sale of assets. Your Personal Information will be maintained by any purchaser or successor in accordance with this Privacy Policy, unless you agree to a new or modified Privacy Policy as set forth below. Additionally, such transactions will be covered by a confidentiality agreement protecting the confidentiality of your Personal Information.

12. Changing or Deleting Your Information and Data Retention

All Members may review, update, correct or delete the Personal Information in their Account by contacting us at info@caredox.com or by making edits via the “profile” section of the Site. If you completely delete all such information, then your Account may become deactivated.

We may retain your information, including Personal Information, for as long as your Account is active or as needed to provide you the Service. If you would like us to delete your record in our system, please contact us at info@caredox.com with a request that we delete your Personal Information from our database. We will use commercially reasonable efforts to honor your request. We may retain an archived copy of your records as required by law or as part of our offline archive.

13. Security

CareDox is very concerned with safeguarding your information. The security of your personal information is important to us. But remember that no method of transmission over the Internet, or method of electronic storage, is 100% secure. When you enter Personal Information or otherwise provide CareDox with access to information (such as login information), and we encrypt that information using secure socket layer technology (SSL). In some cases, we also encrypt Personal Information where it is stored on our systems.

14. Transfer

Your information may be transferred to/from the United States and maintained on computers located outside of your state, province, country or other governmental jurisdiction where the privacy laws may be different. If you are located outside the United States and choose to provide information to us, CareDox transfers Personal Information to/from the United States and processes it there. Your consent to this Privacy Policy followed by your submission of such information represents your agreement to such transfers.

15. Links

Our Site contains links to other websites and offers for third party products or services that may be complementary to your use of the Site. If you click on a third party link, you will be directed to that third party’s website. The fact that we link to a website is not an endorsement, authorization or representation of our affiliation with that third party, nor is it an endorsement of their privacy or information security policies or practices. We do not exercise control over third party websites. These other websites may place their own cookies or other files on your computer, collect data or solicit personal information from you. Other sites follow different rules regarding the use or disclosure of the personal information you submit to them. We encourage you to read the privacy policies or statements of the other websites you visit.

16.Our Policy Towards Children and Others

This Site is not directed to individuals under 13. The Site is intended to be used by parents and legal guardians. If you are acting for another person, you hereby affirm that you have the legal right to do so such that as you are the parent, legal guardian or otherwise have a valid power of attorney to act on behalf of that person. Your use of the Site and the creation of Profiles within the site constitute your agreement to include personally identifiable data of your children or children for whom you are the legal guardian. Further you may utilize the Site only for children for whom you are the parent or legal guardian your establishment of child profiles is your confirmation of your status as a parent or legal guardian of the children included in your account. If we learn that an under 13 user has volunteered personally identifiable information on the Site, we will delete such information from our active databases in accordance with our deletion policy, described above.

17. Unsubscribe or Opt-Out

CareDox offers you the opportunity to opt out from receiving promotional email or mail from us and our third-party suppliers about our Site, Products and Services.

  • For email, users may opt-out at any time by using the unsubscribe mechanism within the email. The unsubscribe mechanism allows Site users to manage other subscription preferences to email alerts and special offers but does not allow a user to opt-out of receiving transactional email, such as subscription confirmation and responses to direct requests.
  • For calls or direct mail, a Site user may opt out by calling 1-260-227-3369.
  • If the information you have provided will be available to third parties, you will also be given the opportunity to opt out from this practice by calling 1-260-227-3369.
  • You may write us directly if you wish to: (a) update or delete your contact information (b) ask that we not share your Personal Information with third parties; (c) opt-out or request that we cease sending you promotional or other information via mail or email; or (d) address any other question or concern you may have such written requests should be sent to info@caredox.com.
  • In those instances, we will retain your information in a “do not promote” file in our database, and you will receive no further communications from us unless you consent otherwise.
  • If you have opted out of receiving future emails from us, we will implement your opt-out request within ten (10) business days of receipt. If you have opted-out of receiving future promotional materials by regular mail, we will implement your opt-out request within a commercially reasonable time.

18. California Privacy Rights Disclosure

Under California Civil Code Section 1798.83, also known as Senate Bill 27, or Shine the Light you are entitled to request and receive, free of charge, a copy of CareDox’ California Information Sharing Disclosure Notice for the previous calendar year. You may print this page, or call 1-260-227-3369, to request a copy or email us at info@caredox.com. We will provide the requested information to you at your email address in response. Please be aware that not all information sharing is covered by the “Shine the Light” requirements and only information on covered sharing will be included in our response.

19. Notification of Privacy Statement Changes

We will notify you of any material changes to this Privacy Policy or our privacy practices. We will obtain your consent as required and permitted under applicable law before using your Personal Information in accordance with a new or modified Privacy Policy.

Contact us at

info@caredox.com,
35 West 35th Street,
10th floor, Suite 1001,
New York, NY 10001 or at
347.696.7067

35 West 35th St.
10th floor, Suite 1001 New York, NY 10001

(347) 696 7067

info@caredox.com

CareDox © 2016|Privacy PolicyTerms
Request a School Demo

Learn How CareDox Can Help