HIPAA Compliance and Privacy Statement

HIPAA Compliance and Privacy Statement

HIPAA Statement

As a leader in cloud-based physician referral and patient engagement applications, LeadingReach understands the need to treat patient information in a manner that protects the privacy and security of protected health information (PHI).

In order to protect PHI, LeadingReach has taken the following steps to handle and protect all PHI in the manner specified by the Health Insurance Portability and Accountability Act (“HIPAA”):

  1. LeadingReach does not use, access, or disclose PHI unless it’s necessary to provide services to its customers in a manner consistent with its contractual commitments or as required or allowed by law.
  2. LeadingReach has adopted corporate policies that protect the privacy and security of PHI. These policies detail, among other things, the appropriate access, handling, and security measures that LeadingReach has set for the protection of PHI stored in its cloud or accessed by its employees when delivering services to its customers.
  3. LeadingReach has implemented reasonable and appropriate safeguards intended to maintain the security and integrity of electronic PHI under its control. These safeguards at a minimum meet the required implementation specifications contained in the HIPAA Security Rule.
  4. LeadingReach encrypts PHI where encryption is a reasonable and appropriate safeguard, and in accordance with its contractual commitments.  When encryption of PHI is not possible, such as in those circumstances where such encryption would materially affect the performance or use of the LeadingReach services, LeadingReach endeavors to have other reasonable and appropriate measures to safeguard the PHI.
  5. LeadingReach requires all subcontractors that may access PHI to provide written assurances that they will handle PHI in compliance with the HIPAA requirements applicable to subcontractors.
  6. LeadingReach does not sell PHI.
  7. LeadingReach has established processes to identify and respond to potential security incidents affecting PHI and a Breach of Unsecured PHI.
  8. LeadingReach policies and procedures are communicated to all employees that may handle or access PHI as part of LeadingReach’s HIPAA training program. LeadingReach requires all employees to sign confidentiality agreements. LeadingReach employees are subject to sanctions in the event they violate these policies, procedures, or confidentiality agreements.
  9. LeadingReach has adopted other policies and practices as necessary to meet its contractual commitments to customers and/or as required by law.
  10. LeadingReach is committed to maintaining its compliance with HIPAA and will adjust the policies and procedures listed above as laws affecting PHI evolve.

Privacy Policy

Introduction

Leading Reach, Inc. (“LeadingReach”) has created this Privacy Policy in order to disclose its collection, use and disclosure of personally identifiable information and associated data collected about you. This Privacy Policy is effective as of March 2, 2021. Any questions regarding this policy should be directed by email to [email protected]. You may also contact LeadingReach at 7719 Wood Hollow Drive, Suite 265, Austin, TX 78731. The following discloses LeadingReach’s practices for its website, services and/or applications.

If you use a website, mobile app, social networking site, or a service displaying or referencing this Privacy Policy, you consent to this policy and the collection, use and sharing of your personal information as described herein and in accordance with the applicable agreements, including any applicable terms of service and/or End-User License Agreement. 

Some customers engage LeadingReach as a “Business Associate” or “data processor” for certain services and in such case the collection, use and sharing of personal information for the engagement may be governed by the agreement between LeadingReach and our customer, and the customer’s privacy policy, in addition to this Privacy Policy. The collection, use and sharing of Protected Health Information is governed by the business associate agreement, the Notice of Privacy Practices issued by the Covered Entity, and the Health Insurance Portability and Accountability Act (“HIPAA”).

Personal Information Collected and Received

LeadingReach may collect or receive information about each person who visits or registers with the LeadingReach properties and LeadingReach including, but not limited to, user name, password, first and last name, email address, street address, gender, occupation, and interests. LeadingReach also collects information on the pages you access and other information you may volunteer, such as survey information. In addition, you may upload and/or provide information that you may deem as confidential.

We may collect personal information from you at various points, including but not limited to:

  • when we correspond with you;
  • when you visit the website and/or associated services;
  • when you register as an end-user of our services and an account is created for you;
  • when you provide information, such as user contributed content, survey information or join our mailing list;
  • when you contact us for help;
  • when the website and/or associated services send us error reports or collect certain analytics data;
  • when engaged by a customer to perform services for them or on their behalf, which may include protected health information; and
  • as otherwise described to you.

LeadingReach does not require you to include sensitive information (e.g. racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union memberships, genetic data, biometric data, data concerning health or data concerning sexual orientation). In the event that you provide such sensitive information as listed above without an express agreement covering it, you acknowledge that you have provided explicit consent concerning the collection, use and disclosure of such information in accordance with this Privacy Policy.

Some personal information may also be collected by a third-party as a service provider or other vendor. If you interact with some third party services, such as social media companies, particularly where you have an account with the third party, they may collect additional information separate from LeadingReach.

Use and Disclosure of Personal Information

LeadingReach may use and share personal information that we collect or receive about you to:

  • deliver the products and services that you have requested;
  • manage your customer relationship and provide you with customer support;
  • perform analysis about your use of the website and/or services;
  • communicate with you by email, postal mail, telephone and/or mobile devices about products or services that may be of interest to you;
  • enforce our terms and conditions and other agreements;
  • perform services as a processor or business associate on behalf of our customer, which may include your protected health information;
  • manage our business, including testing, development and other functions as part of improving and expanding the services offered;
  • conduct a sale of all or substantially all of our business or assets, which includes the sale, assignment or other transfer of your personal information in connection with such transaction.
  • respond to investigation, court orders, legal process, or to investigate, prevent or take action regarding illegal activities, suspected fraud, or situations involving potential threats to the physical safety of any person, or as otherwise required by law; and
  • perform functions as otherwise described to you at the time of collection.

WE WILL NEVER SELL YOUR EMAIL ADDRESS, OR ANY OTHER PERSONAL INFORMATION, TO ANY THIRD PARTY. EVER.

Except as described in this Privacy Policy, we will not disclose your personal information to any third party without notifying you of our intent to share the information and giving you an opportunity to prevent your information from being shared.

From time to time, we may partner with companies based on the interests of our users. These partner companies will never see your email address or any other information that could identify you or be used to contact you directly.

Any exceptions to this policy of sharing your name, address or email address with a partner company will be done only with your permission.

LeadingReach reserves the right to disclose information when required by law.

We use other companies to perform services necessary to our operations. In the course of providing these services, those companies may have access to your personal information. By contractual agreement, those companies must treat your information in accordance with this Privacy Policy. However, we will not be liable for any damages that may result from the misuse of your personal information by these companies.

LeadingReach may use your IP address to help diagnose problems with LeadingReach’s server and to administer LeadingReach’s website. Your IP address may also be used to help identify you and your online profile and to gather broad demographic information.

LeadingReach’s site’s registration form requires users to give LeadingReach contact information (such as your name and email address) and demographic information (such as your zip code or age). LeadingReach may use customer contact information from the registration form to send the user information about LeadingReach and promotional material from some of LeadingReach’s partners. The customer’s contact information is also used to contact the user when necessary. LeadingReach may use demographic and/or profile data to tailor the visitor’s experience on LeadingReach’s site, show the visitor content that LeadingReach thinks you may be interested in, and display content according to your preferences.

We may also disclose, on an anonymous basis, statements made by our customers about LeadingReach. With your consent, we may also post your name along with your testimonial.

Rights in Access, Correction and Deletion

Upon request, LeadingReach will provide you with access to information (e.g., name, address, phone number) that LeadingReach collects and maintains about you. This site gives you the following options for changing and modifying information previously provided: (i) email: [email protected]; or (ii) visit www.leadingreach.com. There you can also log into your account to update your contact information. You also may have the right under the law to request the deletion of your personal data.

For assistance with these rights, please utilize the contract information below. If we are operating as a business associate or processor for our customer with respect to your personal data, we will redirect your inquiry to the customer as appropriate.

Children’s Privacy

We do not knowingly collect any information through this website from anyone online who we know to be under the age of 13. If you are under the age of 18, you should use this website only with the involvement of a parent or guardian and should not submit any personal information to us. If we discover that a person under the age of 13 has provided us with any personal information through this website, we will use commercially reasonable efforts to delete such person’s personal information from all LeadingReach systems.

Security

LeadingReach uses industry-standard technologies when transferring and receiving consumer data exchanged between LeadingReach and other companies to help ensure its security. This site has security measures in place to protect the loss, misuse and alteration of the information under LeadingReach’s control. LeadingReach’s servers are backed up regularly and protected by security systems. However, there is no guarantee that your personal information in any system is completely secure, and you should take appropriate measures with respect to your data after considering the foregoing. 

Cookies

“Cookies” are small pieces of information that are stored by your browser on your computer’s hard drive. LeadingReach’s site uses cookies to keep track of your session, shopping cart, and advertising delivery. LeadingReach may also use cookies to deliver content specific to your interests and to save your password. LeadingReach may use an outside ad company to display ads on LeadingReach’s site. These ads may also contain cookies. While LeadingReach uses cookies in other parts of LeadingReach’s website, cookies received with banner ads are collected by LeadingReach’s ad company and LeadingReach does not have access to this information.

We may use standard Internet technology, such as web beacons and other similar technologies, to track your use on our sites and LeadingReach. We also may include web beacons in promotional email messages or newsletters to determine whether messages have been opened and acted upon. The information we obtain in this manner enables us to customize the services we offer our visitors/customers to deliver targeted advertisements and to measure the overall effectiveness of our online advertising, content, programming or other activities.

We may allow third-parties, including our authorized service providers, advertising companies, and ad networks, to display advertisements on our site and/or LeadingReach. LeadingReach and these companies may use tracking technologies, such as cookies, to collect information about users who view or interact with these advertisements and connect to the LeadingReach properties and/or LeadingReach. This information allows LeadingReach and these companies to deliver targeted advertisements and gauge their effectiveness.

Do Not Track Requests

Your web browser may have a setting that allows you to automatically send a “Do Not Track” message to the websites you visit. LeadingReach does not currently have technology to respond to such requests.

International Transfer of Your Personal Information

The website and/or services is hosted and operated in the United States and is subject to United States law. Any personal information that we collect from you is currently stored and processed in the United States. If you are accessing the website and/or associated services outside of the U.S., you need to understand that by accessing our website and/or associated services, you consent to the transfer of your personal information to the United States. Please be advised that United States law may not offer the same privacy protections as the law in your jurisdiction.

Your California Privacy Rights

In addition to rights that may be described elsewhere:

If you are a California resident, California Civil Code Section 1798.83 permits you to request certain information regarding our disclosure of personal information to third parties for the third parties’ direct marketing purposes. To make such a request, please contact us by sending an email to [email protected].

Our website and/or application are not intended to appeal to minors. However, if you are a California resident under the age of 18, and a registered user of our website and/or application, California Business and Professions Code Section 22581 permits you to request and obtain removal of content or information you have publicly posted. To make such a request, please send an email with a detailed description of the specific content or information to [email protected]. Please be aware that such a request does not ensure complete or comprehensive removal of the content or information you have posted and that there may be circumstances in which the law does not require or allow removal even if requested.

Under California law, California residents who have an established business relationship with us may opt-out of our disclosing personal information about them to third parties for their marketing purposes.

Other Information

LeadingReach may collect and use information from your use of the website and/or services, provided such information is not subject to contractual commitments to the contrary, and it does not individually identify you or otherwise qualify as personal information, personal data, or similar, under an applicable law. LeadingReach shall have the right to retain records of all data pertaining to use of the website and applications including, but not limited to, usage, activity logs, and click-throughs.  LeadingReach may deidentify data in accordance with applicable laws and contractual commitments. LeadingReach may disclose such data, whether collected or deidentified, to third parties provided it is grouped with other LeadingReach users’ data and is presented in an aggregate and deidentified form.

Links

LeadingReach may create links to other websites. LeadingReach will make a reasonable effort to link only to sites that meet similar standards for maintaining each individual’s right to privacy. However, many other sites that are not associated or authorized by LeadingReach may have links leading to LeadingReach’s site. LeadingReach cannot control these links and LeadingReach is not responsible for any content appearing on these sites.

Amendments

LeadingReach may amend this policy at any time. If LeadingReach is going to use personally identifiable information collected through LeadingReach’s corporate site and/or LeadingReach in a manner materially different from that stated at the time of collection LeadingReach will notify users via email and/or by posting a notice on LeadingReach’s website and/or LeadingReach for 30 days prior to such use. This Agreement may not be otherwise amended except in a writing that specifically refers to this Privacy Policy and is physically signed by both parties.

Successors and Assigns

This Privacy Policy inures to the benefit of successors and assigns of LeadingReach.

Contacts

If you have any questions about this Privacy Policy, the practices of this site and/or LeadingReach, or your dealings with this site and/or LeadingReach, you can contact [email protected].

Opt-Out

LeadingReach’s site provides users the opportunity to opt-out of receiving certain communications from LeadingReach. To opt-out of receiving such communications, you can (i) send email to [email protected]; or (ii) send postal mail to: 7719 Wood Hollow Drive, Suite 265, Austin, TX 78731.