Updated on April 8, 2019
The Health Storylines™ Application Notice of Privacy Practices
This Privacy Statement governs your use of the Health Storylines™ application created by Self Care Catalysts for use on a mobile or web-based device to assist in your personal healthcare and provide those who have referred you, information that in turn can be used for additional guidance to improve your healthcare decisions.
1. CONSENT TO PROCESSING OF INFORMATION
By using the Application, you are consenting to the Processing of User Provided and Automatically Collected Information (defined below) as set forth in this Privacy Statement. “Processing” means the collection, use, storage, combining, disclosure, or deletion of information about you or your use of the Application.
All processing of information will take place in Canada. If you reside outside Canada, your information will be transferred to Canada securely, where it will be processed and stored under Canada privacy standards. For users in the United States, SCC operates as a HIPAA business associate to your healthcare provider or third party that has referred you. By using Application and providing information, you consent to such transfer to, and processing in, Canada. If you have downloaded the Application by mistake, please go to Section 4 concerning “Uninstalling the Application.”
2. INFORMATION COLLECTED
A. User Provided Information. We may use your User Provided Information from time to time to provide you with information and notices.
B. Automatically Collected Information. In addition, the Application collects and stores certain information automatically. The Application does not collect your mobile device ID, but creates a unique alphanumeric ID for each installation of the Application on a device and uses that ID for internal operations (e.g. sending and receiving data packets to and from the server.
3. DISCLOSURE TO THIRD PARTIES
We may disclose User Provided Information and Automatically Collected Information we collect from you to third parties, including client pharmaceutical companies, for their own market research purposes where it is not prohibited by applicable law. Prior to any disclosure to third parties, your User Provided Information and Automatically Collected Information is de-identified as described herein so that the information cannot be linked back to you.
• You can always disable the access of the User Provided Information and/or Automatically Collected Information by written request. If you need help with this, SCC Privacy and Security Official will assist you.
• De-identification will be accomplished using the safe harbor method as described by 45 CFR § 164.514(a) in the Guidance on De-identification of Protected Health Information September 4, 2012, published by the U.S. DHHS.
• De-identified data files will be transmitted to the third party purchaser using a Secure FTP or other encrypted transmission methodology.
4. UNINSTALLING THE APPLICATION
You can stop all collection of information by uninstalling the Application through use of the uninstall processes available on your mobile device, the mobile application marketplace, or network.
5. DATA RETENTION
We will retain User Provided Information in its secure environment for as long as you use the Application and for perpetuity. If you would like us to delete any User Provided Information or would like access to your records, please contact as at firstname.lastname@example.org and we will respond in a reasonable time. Please note that some or all of the User Provided Information may be required in order for the Application to function properly, and we may be required to retain certain information by law.
We provide physical, electronic (including encryption), and procedural safeguards to protect the information we process. For example, we limit access to this information to authorized employees and contractors who need to know the information in order to operate, develop, or improve our Application. Please be aware that although we endeavor to provide reasonable security for information we process, no security system can prevent all potential security breaches.
You are responsible for protecting your data that resides on your mobile device or computer used to access our applications. SCC is not responsible for the loss or theft of the data that is on your own device and we encourage all users to implement security features on your devices.
This Privacy Statement may be updated from time to time for any reason. We will notify you of any changes to our Privacy Statement by posting the new Privacy Statement here www.selfcarecatalysts.com/privacy-policy
You are advised to consult this Privacy Statement regularly for any changes.
8. BREACH OF SECURITY
User acknowledges that Self Care Catalysts or its licensors, in their sole discretion, have taken necessary measures to ensure the privacy, integrity and security of the data entered by the user when transmitting the data between the user’s device(s) such as iphone, iPad, Android, or a web browser and the servers that will host/store the data. Despite these security and privacy measures, it is possible that there can be a breach in the data security resulting from non-malicious actions of Self Care Catalysts or its licensors and/or malicious actions of external parties. Neither Self Care Catalysts nor its licensors shall be responsible for such effects, and neither Self Care Catalysts nor its licensors shall have any obligation to furnish any maintenance and support services with respect to the Health Storylines™ application.
9. CONTACT US
If you have questions about our information-handling practices, please contact us by email or postal mail as follows:
Self Care Catalysts Inc.
Attn: Privacy & Security Officer
500-99 Spadina Avenue
Toronto, Ontario, M5V 3P8