- registered to have access to a FEMR Group web site;
- submitted an inquiry or request to FEMR Group via a FEMR Group web site;
- registered to attend an event via a FEMR Group web site;
- subscribed to a FEMR Group newsletter or publication;
- downloaded material from a FEMR Group web site;
- purchased a product or service from FEMR Group or one of its authorized resellers; or
- been authorized as a user of a FEMR Group Software-as-a-Service product.
This Policy applies to all web sites operated by FEMR Group for the purpose of the provision of information about its products, solutions and services or general information pertaining to HIPAA and HITECH regulations, compliance, enforcement and best practices.
FEMR Group recognizes that the protection of the privacy of personal and organizational data and information received and stored by it is important. As a company that provides services and solutions to assist organizations with their compliance with HIPAA and HITECH security and privacy regulations, FEMR Group is especially cognizant of its duty to safeguard such information against inappropriate use and disclosure, and to the rights of individuals and organizations to maintain control over their organizational and personal data while accessing FEMR Group’s resources. Due to the Children’s Online Privacy Protection Act of 1998, users must be at least thirteen (13) years of age to use the services and we ask that minors (under the age of 18) do not submit any personal information to FEMR Group or use the services. FEMR Group will not knowingly collect information from users in this age group.
This Policy sets out the following:
- The type of information collected and stored by FEMR Group
- How such information is utilized by FEMR Group
- With whom FEMR Group shares the information
- FEMR Group’s policy regarding correcting and updating personally identifiable information
- FEMR Group’s policy regarding deleting or deactivating personally identifiable information FEMR Group’s database
- Types of Data and Information Collected and Stored by FEMR Group
FEMR Group collects and stores some or all of the following information about individuals:
- Organization name, address, and phone number of the organization’s primary location and details of any additional locations provided to FEMR Group
- Names, job titles, email addresses, and other contact details of individuals provided to FEMR Group by those individuals
- Correct or Update Information
All individuals for whom FEMR Group has collected or stored such Information may provide updates or request that FEMR Group delete such Information at any time by emailing FEMR Group at firstname.lastname@example.org and providing adequate identifying details for FEMR Group to search and find such Information.
- Use of Information by FEMR Group
Generally-speaking, FEMR Group uses the Information to respond to requests and inquiries made to it; to communicate with correspondents about products, services, and information that may be of interest; and to conduct market research. All Information is considered to be confidential and FEMR Group shall protect the confidentiality of such Information. It is FEMR Group’s policy to not disclose Information to or share Information with third parties for any reason except as may be required by law.
FEMR Group may also de-identify the Information and aggregate it with other de-identified data anonymously and in aggregate and combined with other individuals’ anonymous data to improve FEMR Group’s offerings and to further evaluate the HIPAA and HITECH compliance market outlook, provided that such use will not, under any conditions, reveal the identity of the individual or the organization.
- Use of Email Addresses
With respect in particular to email addresses, FEMR Group may contact individuals directly for such purposes as: a) to inquire as to such individuals’ satisfaction with their interaction with FEMR Group, its web sites and/or its solutions and services, and b) to provide newsletters and/or information about other products and services from FEMR Group that may be of interest. Upon receipt of written notice from any such individual, that he/she is no longer interested in receiving such contact or information, FEMR Group shall cease such contact with that individual within 30 days.
- Links to External Web Sites
FEMR Group’s web sites may contain links to external web sites owned and maintained by third parties. When individuals click on one of these links, he/she is opening a session to another web site. While such external web sites are vetted and believed by FEMR Group to follow appropriate information security and privacy policies, FEMR Group does not accept liability or responsibility for any web site to which FEMR Group may link, and FEMR Group encourages individuals to read the privacy statements of such linked sites, as their privacy policies may differ.
FEMR Group uses software tags known as “cookies” within certain functions of its web sites to remember its visitors’ preferences and to maximize the performance of the site and the individual’s experience. Access to certain functionality may not be available to individuals that do not give their consent to the data processing carried out through cookies or whose browsers are set to reject all cookies.
- Information Security
All Information is stored and maintained in secure facilities that limit access to authorized personnel only. As part of FEMR Group’s continuous risk management process, its web sites are regularly tested to assess vulnerabilities and controls, remediate deficiencies, and to ensure that all Information is secure from unauthorized access or modification. Information is protected in transit via HTTPS and SSL security. Data is backed up routinely at an off-site remote location consistent with FEMR Group’s business continuity plan. While FEMR Group will exert all commercially reasonable efforts to protect the confidentiality, integrity and availability of the Information, FEMR Group cannot guarantee that such efforts will prevent an unauthorized breach of the Information.
FEMR Group may post an individual’s feedback on its web sites or in material promoting or describing FEMR Group and its solutions and services. Prior to publishing any such feedback that includes individual or organizational identifying details, FEMR Group will obtain written consent from the individual and organization.
- Retention of Information
FEMR Group will retain the Information for as long as an individual has not requested that his/her Information be deleted from FEMR Group’s database. FEMR Group shall securely erase Information from any equipment it retires or transfers.
- Legal Disclaimer
FEMR Group’s exercise of this Policy with respect to the Information is subject to existing laws and legal process, and nothing contained in this Policy is in conflict with FEMR Group’s right to comply with governmental, court, and law enforcement requests or requirements relating to the Information. In the event of a third party request for the Information, to the extent permitted by law FEMR Group will provide the individual or organization with prompt notice of such request so that the individual or organization may take such actions it may deem appropriate to protect the confidentiality of such Information and/or oppose the request.
FEMR Group may update this Policy at any time by providing notice of such update on its web site.
If anyone should have any questions or suggestions regarding this Policy, the individual should contact FEMR Group by emailing: email@example.com.