Privacy Policy
Date of Last Revision: October 12, 2023
Your privacy is extremely important to us and we are committed to fair practices that protect your information. This Privacy Policy is provided to explain our information practices and the choices you can make about the way your information is collected and used. To make this notice easy to find, we make our policies and procedures available on every page of this website.
Scope of this Privacy Policy
This Privacy Policy describes our basic commitments to protecting the privacy of individuals who use this website to get information about us or use our services to healthcare providers, which includes patient education (e-learning) and healthcare documentation support (e-signing).
More detailed commitments for the handling of information relating to our healthcare provider customers and outside contractors are detailed in separate data protection agreements. For more information, see our model Data Processing/Protection Agreement, or contact us. Our handling of personal information relating to employees and job applicants is governed by our internal employment policies.
The EngagedMD website or our services may provide you with access to other websites and services. Please be aware that we are not responsible for the privacy practices of any websites or services other than those provided by EngagedMD. We encourage you to read the privacy policy statements and notices of each and every such website and service. This Privacy Policy applies solely to information collected by us.
Some Definitions
This Privacy Policy relates to information collected by EngagedMD, LLC (referred to in this Privacy Policy as "EngagedMD" "we" or "us" or "our") through your use of the EngagedMD website, its features, the services we provide
“You” or “your” refers to the individual who uses this website, features, and services, or accesses available information, or engages with us directly by email or telephone.
The terms "using," “handling,” and "processing" information mean using information in any way, including, but not limited to collecting, storing, analyzing, evaluating, modifying, deleting, combining, and sharing or disclosing information.
Whose information does EngagedMD collect?
EngagedMD collects information from several types of individuals:
Individuals -- We collect information from people who contact us, primarily with questions about our services or job opportunities.
Customers -- We collect information from our customers, who are individuals and businesses, such as physicians, medical clinics or other healthcare providers, who have signed up for or have been provisioned an EngagedMD account, which enables them to provide their employees and patients with access to our e-learning and e-signing services. Customers provide us with personal contact information about their employees who interact with us. They also provide us personal contact information about their patients who will interact with us, as well as relevant healthcare information.
End Users -- We collect information from our end users, who are individuals that access our website in the course of using our services. If you interact with EngagedMD in the course of seeking medical treatment from your healthcare provider, you are probably an end user.
What information does EngagedMD collect?
Depending on your use of the EngagedMD website and services, or direct interactions with us, we collect two types of information: personal information and non-personal information.
Personal Information
Personal information identifies you or may be used in combination with other pieces of personal information to identify you. Examples of personal information include your name, company name, job title, address, e-mail address, telephone number, and billing and credit card information. Personal information can also include information that does not identify you, but could be combined with other information in a way that enables you to be identified. This includes information such as age, gender, profession, zip code, IP address, and current location.
Non-Personal Information
Non-personal information is information that cannot be used or combined with other information to identify or contact you, including browser types, domain names, and statistical data involving the use of the EngagedMD website and services.
Does EngagedMD collect information from children under 16 years of age?
We are committed to protecting the privacy of children. The EngagedMD Service is not designed for or directed to children under the age of 16. We do not knowingly collect personal information from any person under the age of 16.
What does EngagedMD do with Customer information?
We use Customer information to facilitate the delivery of our services, including to understand how customers use our website and services and ways to improve our interaction with them; to support the internal operations of our website and services; and for billing and customer service, which can include sending emails about our services.
We may also send you commercial or transactional notifications. Transactional notifications are critical to the functioning of the services, such as a notification that a new learning module has been assigned or instructions for resetting your password, so you will not be able to unsubscribe from these notifications
We may also use your information to send other e-mail communication related to the EngagedMD website Also marketing emails.... We always give you the option to unsubscribe in any email we send you.
If you identify yourself to us by sending us an e-mail with questions or comments, we may use your information (including personal information) to respond to your questions or comments, and we may file your questions or comments (with your information) for future reference.
We also use the information collected to send business critical messages such as announcements and updates regarding changes to our Terms of Service, Privacy Policy or when sending invoices. You will not be able to unsubscribe from these notifications as they contain important information relevant to your use of the EngagedMD website and our services.
We may also use Customer information gathered to perform statistical analysis of user behavior, facilitate research, or to evaluate and improve the EngagedMD services. We may link some of this information to personal information for internal purposes or to improve your experience with the EngagedMD website and our services.
We will retain and use your information for as long as your customer account is active or as needed to provide your services. We will also retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
What does EngagedMD do with End User information?
We use End User information as necessary to provide agreed upon services with the End User’s relevant Customer. If you are interested in how we process the data on behalf of EngagedMD customers, please read our Data Processing Agreement with your healthcare provider.
We may use End User information for internal analytic purposes or for research purposes. When we do this, we first turn it into non-personal information by removing your identifying information (this is called de-identifying or anonymizing the data). We then use the information to perform statistical analysis of user behavior or to evaluate and improve EngagedMD services. We will obtain your consent if we link any of this information back to your personal information (that is, if we re-identify the data) for internal management purposes or to improve your experience with the EngagedMD website and our services.
We will retain and use your information for as long as your end user account is active or as needed to provide your services. We will also retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
What choices do I have regarding the collection, use, and disclosure of personal information?
Except as otherwise described in this Privacy Policy or in an applicable Data Processing Agreement, we will only use personal information for the purposes described above or as otherwise disclosed at the time we request such information from you. You must "opt in" and give us permission to use your personal information for any other purpose. You may also change your preference and "opt out" of receiving certain marketing communications from us by clicking the unsubscribe link included on the bottom of all such communications, or by contacting us via email.
Can I update or correct my information?
The rights you have to request updates or corrections to the information EngagedMD collects depend on your relationship with EngagedMD. Customers and End Users may review information about them maintained by EngagedMD and may request to update or correct such information.
If you are a customer you may request updates or corrections, or the restriction of certain uses and disclosures of personal information as follows. You can contact us in order to: (1) update or correct your personal information; or (2) change your preferences with respect to communications and other information you receive from us. Such updates, corrections, changes and deletions will have no effect on other information that we maintain, or information that we have provided to third parties in accordance with this Privacy Policy prior to such update, correction, change or deletion. To protect your privacy and security, we may take reasonable steps (such as requesting a unique password) to verify your identity before granting you profile access or making corrections. You are responsible for maintaining the secrecy of your unique password and account information at all times.
If you are an end user and you learn that personal information is incorrect, that your personal information has changed, or if you no longer desire our service, you may request updates or corrections to the information or ask to have it removed by contacting your relevant Customer.
When does EngagedMD disclose information to third parties?
Except as set forth in this Privacy Policy or the [ EngagedMD Terms of Service / Data Processing Agreement ], or as specifically authorized by an EngagedMD end user or customer, we will not disclose any personal information or confidential business information to third parties.
Subcontractors -- We may employ independent contractors, vendors and suppliers to provide technical support for our website and services, such as electronic signature support, cloud service providers, credit card processing and fraud screening, mailing list hosting, and software and system development. In the course of providing products or services to us, these Outside Contractors may have access to information collected through the EngagedMD website or help desk services, including your personal information. We require that these Outside Contractors agree to (1) protect the privacy of your personal information consistent with this Privacy Policy, and any applicable Data Processing Agreement, and (2) not use or disclose your personal information for any purpose other than providing us with the products or services for which we contracted or as required by law.
Healthcare Service Providers -- We may share your information with healthcare service providers that either contract with us or with our Customers to support Customer’s objectives. These service providers can include but are not limited to companies that operate electronic health record systems, and companies that provide genetic testing or counseling. As with our Subcontractors, we require that these Healthcare Service Providers to agree: (1) to protect the privacy of your personal information consistent with this Privacy Policy and any applicable Data Processing Agreement; and (2) to not use or disclose your personal information for any purpose other than providing us with the products or services for which we contracted or as required by law
Affiliates -- We may disclose information (including personal information) about you to our Corporate Affiliates. For purposes of this Privacy Policy, "Corporate Affiliate" means any person or entity which directly or indirectly controls, is controlled by or is under common control with EngagedMD, whether by ownership or otherwise. Any information relating to you that we provide to our Corporate Affiliates will be treated by those Corporate Affiliates in accordance with the terms of this Privacy Policy.
Please understand that third party access to and use of EngagedMD information is limited to their support for our services, which are governed by data processing agreements. We will not share any customer or end-user information with third parties without having such an agreement in place. Customer and End User permission for our use of their information includes its use by these third parties to the extent necessary for them to support our services. We will not be able to provide our services to you, as a customer or end-user, should you not consent to our sharing of your information with these third parties.
Is information collected by EngagedMD secure?
We take precautions to protect the security of your information. We have physical, electronic, and managerial procedures to help safeguard, prevent unauthorized access, maintain data security, and correctly use your information. However, neither people nor security systems are foolproof, including encryption systems. In addition, people can commit intentional crimes, make mistakes or fail to follow policies. Therefore, while we use reasonable efforts to protect your personal information, we cannot guarantee its absolute security. If applicable law imposes any non-disclaimable duty to protect your personal information, you agree that intentional misconduct will be the standards used to measure our compliance with that duty.
For more information about how EngagedMD stores and secures customer and company data, please see our Security Policy.
Laws and Legal Rights
This Privacy Policy is governed by the laws of Delaware, USA, without regard to its conflict of laws provision. By using our services you consent to the exclusive jurisdiction of the courts [ of Delaware ] in connection with any action or dispute arising between the parties under or in connection with this Privacy Policy except for those individuals who may have rights to make claims under the EU/UK/Switzerland-U.S. Privacy Framework. EngagedMD is also subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC).
EngagedMD complies with the U.S. Health Insurance Portability and Accountability Act (HIPAA) and is able to process, maintain and store protected health information for any entities governed by HIPAA. On request, EngagedMD will sign a business associate agreement (BAA) with your organization.
We may disclose your information (including personal information) if we believe in good faith that we are required to do so in order to comply with an applicable statute, regulation, rule or law, a subpoena, a search warrant, a court or regulatory order, or other valid legal process. We may disclose personal information in special circumstances when we have reason to believe that disclosing this information is necessary to identify, contact or bring legal action against someone who may be violating the EngagedMD Terms of Service, to detect fraud, or to protect the safety and/or security of our users, the EngagedMD website, or the general public. We also may be required to disclose an individual’s personal information in response to a lawful request by public authorities, including to meet national security or law enforcement requirements.
EU/UK/Switzerland-U.S. Privacy Framework
EngagedMD complies with the EU, UK, Swiss-U.S. Privacy Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information from European Union (EU) member countries, as well as the United Kingdom (UK) and Switzerland. EngagedMD has certified to the Department of Commerce that it adheres to the Privacy Principles. If there is any conflict between this privacy policy and the Privacy Principles, the Privacy Principles shall govern. To learn more about the Privacy program, and to view our certification page, please visit https://www.dataprivacyframework.gov/s/.
Our agreements with our Customers and Subcontractors provide that personal information may only be collected and used for limited and specified purposes consistent with your consent and that these entities will also provide the same level of protection as the Privacy Framework requires, and that they will notify EngagedMD if they make a determination that they can no longer meet this obligation. Our agreements with these entities provide that if and when such a determination is made, the other entity shall cease processing or otherwise take reasonable and appropriate steps to remediate.
In cases of onward transfer to third parties (e.g., EngagedMD’s Customers or Subcontractors) of personal information of EU, UK, or Swiss individuals received pursuant to the Privacy Framework, EngagedMD is potentially liable.
In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, EngagedMD commits to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities (DPAs) and the UK Information Commissioner’s Office (ICO) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF. EngagedMD commits to resolve complaints about your privacy and our collection or use of your personal information. EU, UK, and Swiss individuals with inquiries or complaints regarding this privacy policy should first contact EngagedMD.
Please note that if your complaint is not resolved through these channels, under limited circumstances, a binding arbitration option may be available under a Privacy Framework panel.
Sale of Business
We reserve the right to transfer information to a third party in the event of a sale, merger or other transfer of all or substantially all of the assets of EngagedMD or any of its Corporate Affiliates (as defined herein), or that portion of EngagedMD or any of its Corporate Affiliates to which the Service relates, or in the event that we discontinue our business or file a petition or have filed against us a petition in bankruptcy, reorganization or similar proceeding, provided that the third party agrees to adhere to the terms of this Privacy Policy.
How will I know if there are any changes to this Privacy Policy?
We may revise this Privacy Policy from time to time without notice. Having said that, we will not make changes that result in significant additional uses or disclosures of your personal information without notifying you of such changes via email. We may also make non-significant changes to this Privacy Policy that generally will not significantly affect our use of your personal information, for which an e-mail is not required. We encourage you to check this page periodically for any changes. If any non-significant changes to this Privacy Policy are unacceptable to you, you must immediately contact us and, until the issue is resolved, stop using the EngagedMD website and any services we provide. Your continued use of our services and the EngagedMD website following the posting of non-significant changes to this Privacy Policy constitutes your acceptance of those changes.
Whom do I contact if I have any privacy questions?
If you have any questions or comments about this Privacy Policy or feel that we are not abiding by the terms of this Privacy Policy, please contact our Privacy Agent in any of by email or by postal mail or courier: Attn: Privacy Agent, EngagedMD, LLC, 1802 Vernon St. NW, #2503, Washington, DC 20009.