Privacy Policy

Introduction

Welcome to On Call People Inc, a website available at oncallpeople.com ([collectively], the “Site”). The Site and related services (collectively, the “Services”) are owned and operated by On Call People Inc (“OCP,” “we,” “us,” or “our”). We have developed this Privacy Policy to inform users (“User(s),” “you,” or “your”) about how we collect information in the course of conducting our business, including on the Site, how we use the collected information, and a User’s choices with respect to the collected information.

Please read this Privacy Policy carefully. If you do not agree to be bound by this Privacy Policy, then do not access or use the Site. By accessing and/or using the Services, you accept and agree to be bound by this Privacy Policy. This Privacy Policy is hereby incorporated by reference into the Terms of Use [see above]. Your use of our Services and any Personal Data (as defined below) you provide through the Site(s) is always subject to this Privacy Policy.

The Content PROVIDED BY OUR SERVICES is INTENDED SOLELY AS AN INFORMATIONAL REFERENCE TOOL FOR HEALTHCARE PROFESSIONALS AND IS not intended to be a substitute for the judgment of healthcare professionals nor to replace professional medical advice, diagnosis, or treatment. You must be at least 18 years old to access this site and use our services. If you are under 18 years old, you are not permitted to use this Site or any part of the Services for any reason. You must be of legal age required by the state or province you are in to use our Services. It is your responsibility to know whether you are legally able to use our Services.

Access to this Site is intended only for Users located within the United States. OCP MAKES NO REPRESENTATION OR WARRANTY OF ANY KIND THAT USE OF THIS SITE OUTSIDE OF THE UNITED STATES IS LAWFUL OR PERMISSIBLE. Those who access this Site from other jurisdictions are responsible for their compliance with local laws pertaining to the use of this Site and our Services. Your access to this Site and use of our Services is at your own risk and you are responsible for compliance with all applicable laws, rules, regulations, and treaties.

If you have any questions about this Privacy Policy, please contact us at hello@oncallpeople.com or at the contact information found below.

Data We Collect

When you use the Site, we collect and process the following types of information:

a. Non-Personal Data

We collect information about your use of our Services, including, but not limited to, your Internet connections, computer equipment, web browsers, sites visited before using or accessing our Site, sites visited after leaving our Site, and other similar information about traffic and usage, as you navigate to, through, and away from our Site. This is called “Non-Personal Data” because it does not identify you, but provides insights to us regarding your use of the Services.

We also use automated data collection tools, such as Cookies and Web Beacons, to collect certain types of Non-Personal Data. You can set your browser to reject Cookies, but that may limit your use of some convenience features on the Services.

Web Beacons are tiny graphics with a unique identifier that may be included on our Services for several purposes, including to deliver or communicate with Cookies, to track and measure the performance of our Services, and to monitor how many visitors view our Services. Unlike Cookies, which are stored on the device, Web Beacons are typically embedded invisibly on web pages or in e-mails.

Log Data refers to certain information about how a User (including both account holders and non-account holders) uses our Services. Log Data may include information such as a User’s Internet Protocol address, browser type, operating system, the pages or features of our Services to which a User browsed and the time spent on those pages or features, search terms, the links on our Services that a User clicked on, and other statistics.

b. Personal Data

When you register to use our Services, set up an account, respond to communications (e.g., requests for feedback), contact us via phone, e-mail, or postal mail, and so on, we will collect certain types of the information you provide to us. This includes your e-mail address and NPI number and, if you choose, your phone number and job title/role. This type of data is called “Personal Data” because it can be used to identify you.

You may not in any manner transmit or submit any content or data which personally identifies a patient, such as using a patient’s name or derivation thereof as a “Patient Identifier,” and/or which links any personally identifiable patient to any healthcare data which you have entered into the Services. WE WILL NEVER KNOWINGLY ACCEPT PERSONALLY IDENTIFIABLE INFORMATION ABOUT ANY PATIENT AND WE RESERVE THE RIGHT TO IMMEDIATELY TERMINATE ACCESS TO THE SERVICES AND TAKE ANY NECESSARY LEGAL ACTION AGAINST ANY USER WHO PROVIDES PERSONALLY IDENTIFYING INFORMATION ABOUT A PATIENT.

Collectively in this Privacy Policy, Personal Data and Non-Personal Data is referenced as “Data.”

c. Geolocation Data

You may choose to allow us to access your location by granting the Site access to your location when prompted or through your device’s location services settings. You may change these settings on your device.

When you connect to the Services, we are able to recognize the internet (IP) address of the computer providing you with internet access. Our use of this IP address may be to help diagnose problems with our server or otherwise administer our Services. This IP address may also be used to gather broad demographic information. Your IP address is never associated with you as an individual and is never provided to another company or organization.

d. Third-Party Social Networking Services.

Additionally, if you choose to access, visit, and/or use any third-party social networking services, such as Twitter, that may be integrated with our Services, we may receive your Personal Data and other information about you and your computer, mobile, or other device that you have made available to those social networking services, including information about your contacts on those services. Your decision to use a social networking service in connection with our Services is voluntary. However, you should make sure you are comfortable with the information your third-party social networking services may make available to our Services by visiting those social networking services’ privacy policies and/or modifying your privacy settings directly with those services.

Use of Data

We do not sell or rent Data to any third parties. We use information collected by clickstream data collection, web pixels, and cookies to improve website navigation, make personalized features and other services available to you, to generate statistical information, monitor and analyze User traffic and usage patterns, monitor and prevent fraud, investigate complaints and potential violations of our policies, to improve the our content and the materials and Services that we describe or make available through the Site and to otherwise help administer and improve the Services.

When you provide us with Personal Data to register an account, you acknowledge that you consent to our collecting such Personal Data and using it for that specific purpose only. If we ask for your Personal Data for a secondary purpose, such as marketing, we will either ask you directly for your express consent or provide you with an opportunity to opt out.

Except as otherwise stated, we may use Data we collect from you for the legitimate business purpose of providing our Services to you, including, but not limited to:

  • to respond to your requests and provide User support;
  • to evaluate and improve the content of our Services;
  • to customize the Services to your preferences;
  • to communicate information to you (where you have not expressed your preference otherwise, as described above);
  • to maintain record of activities in connection with your use of the Site;
  • to notify you of any changes to relevant agreements or policies;
  • to enforce our agreements, terms, conditions, and policies;
  • to prevent or investigate fraud (or for risk management purposes), or to comply with a legal obligation, court order, or in order to exercise our legal claims or to defend against legal claims;
  • to conduct aggregate analysis and develop business intelligence that helps us to enhance, operate, protect, make informed decisions and report on the performances of our Services;
  • to describe our Services to current and prospective business partners and to other third parties for other lawful purposes; and for other purposes identified to you and as requested by you (please note that you have the right to withdraw your consent to such use at any time by contacting us via the contact information below).

We may anonymize or aggregate Data that we collect from the use of the Services, such as de-identified location information, information about the computer or device from which you access the Services, market trends, and other analysis that we create based on the information we receive from you and other Users.

How We Share Data

We do not sell or rent Personal Data to marketers or third parties. We do not currently utilize the services of third-party service providers, however, if we do develop relationships with trusted third parties in the future, we shall update this Privacy Policy accordingly. Otherwise, we will not share any Personal Data that we have collected from or regarding you except as described below:

  • Third parties in the event of any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock (including in connection with any bankruptcy or similar proceedings), in which case we will require the recipient to use such information in accordance with this Privacy Policy; and
  • • As we believe necessary: (i) under applicable law; (ii) to enforce applicable terms and conditions; (iii) to protect our rights, privacy, safety or property, and/or that of our affiliates, you, or others; (iv) to detect, prevent, or otherwise address fraud, security or technical issues; (v) to respond to claims that contact information (e.g. name, e-mail address, etc.) of a third-party has been posted or transmitted without their consent or as a form of harassment and (vi) to respond to requests from courts, law enforcement agencies, regulatory agencies, and other public and government authorities, which may include authorities outside your country of residence.

Third-Party Tracking

We do not serve targeted advertising; however, when you use the Internet, unaffiliated parties such as ad networks, web analytics companies, and social networking platforms may collect information about your online activities over time and across our and other websites. This information may be used to provide advertisements for products and services that may interest you, and those companies may use Cookies, clear GIFs, and other tracking technologies. We do not track your activity across different websites or online services.

Data Security

We take reasonable steps online and offline to safeguard the Personal Data that you provide to us. All Data is encrypted at rest and in transit and all communication between Users and our Site is done through Secure Sockets Layer (SSL) encrypted connections (HTTPS). Data stored in our databases and the disks on each of our servers are encrypted using industry-standard encryption. We also require unique account identifiers and passwords that must be entered each time users access the Services.

Nonetheless, it is common knowledge that transmission of information via the internet is not wholly secure and we cannot guarantee the security of your Personal Data or any other information transmitted to or through any of our Services. Any transmission of Personal Data or other information is at your own risk. By using our Services, you acknowledge and accept these risks. As a result, we cannot guarantee or warrant the security of any information you disclose or transmit to us or that is otherwise provided to us and we cannot be responsible for the theft, destruction, or inadvertent disclosure of information. It is your responsibility to safeguard any passwords, ID numbers, or other special access features associated with your use of the Services. Any transmission of information is at your own risk. By using our Services, you acknowledge and accept these risks.

If you have any questions about security on our Services or if you become aware of any unauthorized use of an account, loss of your account credentials, or suspect a security breach, notify us immediately via e-mail at hello@oncallpeople.com. If our security system is breached, we will notify you of the breach only if and to the extent required under applicable law.

Choices and Rights to Your Personal Data

You may change, edit, update, or delete the information you provided when you set up your account through our Services and at any time within through your account settings. You may also request the deletion of this information by sending an e-mail to hello@oncallpeople.com.

If we have received express consent, we do send e-mails to Users with information about our Services, industry news and developments, and other updates that we believe may be of interest to you. Users may opt out of receiving these e-mail messages by contacting us via e-mail at hello@oncallpeople.com or by clicking on the “unsubscribe” link found at the bottom of every e-mail that we send. Please note that if you opt-out of receiving marketing-related e-mails from us, we may still send you important administrative messages, such as information pertaining to your purchase order, that are required to provide you with our Services, as applicable.

Policies and Procedures for Protected Health Information

Protected Health Information (PHI) refers to all information (oral, paper-based documents, and electronic documents) that relates to an individual including but not limited to:

  • Medical information
  • Billing information
  • Financial information
  • Names and other identifying information such as:
    • Telephone numbers
    • Fax numbers
    • Electronic Mail addresses
    • Social security numbers
    • Medical record numbers
    • Birth date
    • Date of death
    • Health plan beneficiary numbers
    • Account numbers
    • Certificate/license numbers
    • Vehicle identifiers and serial number, including license plate numbers
    • Device identifiers and serial numbers
    • Full face photographic images and any comparable images
    • Any other unique identifying number characteristic, or code

1. Minimum Necessary

a. When using or disclosing protected health information, we will take reasonable efforts to limit protected health information to the minimum necessary to accomplish the intended purpose of the use, disclosure, or request.

b. Minimum Necessary provisions will not apply in the following circumstances:

  • Uses or Disclosures that are required by law
  • Uses or Disclosures made to the individual
  • Uses or Disclosures made pursuant to an authorization
  • Disclosures to a health care provider for treatment purposes
  • Disclosures to the Secretary of Health and Human Services for enforcement purposes
  • Uses or Disclosures that are required for compliance with HIPAA requirements

c. Before using or disclosing information we will consider two basic questions:

  • How much information is needed to fulfill the purpose of the request?
  • Are we about to provide information that is not necessary to fulfill the purpose of the request?

2. Specified Use in Business Associate Contract

We will only use PHI given to us by a covered entity (healthcare provider, health plan, or healthcare clearinghouse) in accordance with the specific use and purpose specified in the Business Associate Contract with the covered entity. The use and purpose will be confined to purposes of treatment, payment, or healthcare operations for the covered entity or for uses and disclosures for which the covered entity has specific authorization from the individuals (to whom the PHI belongs) to do so.

3. Disclosure for a Deceased Individual

We may use and disclose a deceased individual’s PHI to family members and others who were involved in an individual’s care, unless doing so is inconsistent with any prior expressed wishes or preferences of the deceased individual.

4. To Avert a Serious Threat to Health or Safety

We may use and disclose PHI about individuals when necessary to prevent a serious threat to the individual’s health and safety or the health and safety of the public or another person. Any disclosure, however, would only be to someone able to help prevent the threat.

5. Lawsuits and Disputes

PHI may be disclosed in response to a subpoena, discovery request, or other lawful order from a court.

6. As Required by Law

We will disclose PHI about individuals when required to do so by federal, state, or local law.

7. As Permitted by Law

To the extent that the law permits us to release information, we may disclose PHI if asked to do so by a law enforcement official as part of law enforcement activities; in investigations of criminal conduct or of victims of crime; in response to court orders; in emergency circumstances.

Data Use Policy

1. We are obtaining following information related to patient from EHR Software:

  • a) Patient FHIR Id
  • b) Patient MRN
  • c) Patient’s Full name
  • d) Age
  • e) Sex
  • f) Race
  • g) Marital Status
  • h) Patient’s Primary Care Provider Name

We are not writing any data to EHR Software.

2. We take 2 data sets from Epic. Dataset 1 is the Epic user information so we can allow them to use Single-Sign-On and easily launch our solution from within Epic. Dataset 2 is patient information excluding any clinical information allowing the providers to add soft-notes and hand-over patients when their shifts complete.

3. We do retain data processed by Our App for 18 months and then delete it unless the customer wishes for the information to be removed quicker. Customer can request for data retention for more than 18 months to maximum 60 months and it will be mentioned in BAA.

4. We keep the information for 18 months and then delete it unless the customer wishes for the information to be removed quicker. Customer can request for data retention for more than 18 months to maximum 60 months and it will be mentioned in BAA.

5. We or our App neither do share or transfer any data with any third-party or third-party product nor give an access to any third-party or third-party product.

Children's Privacy

In accordance with the Children’s Online Privacy Protection Act (“COPPA”), we will never knowingly request or solicit Personal Data from anyone under the age of thirteen (13) without verifiable parental consent. In the event that we receive actual knowledge that we have collected such Personal Data without the requisite and verifiable parental consent, we will delete that information from our database as quickly as is practical.

Data Retention

Unless otherwise described or requested by you, we will retain your Data only for as long as necessary to fulfill the purpose(s) for which it was collected, provide our Services, resolve disputes, establish legal defenses, conduct audits, pursue legitimate business purposes, enforce our agreements, and comply with applicable laws. At any time, users may request deletion of their accounts by e-mailing hello@oncallpeople.com. When you delete your account, it cannot be recovered.

Please note that we do retain Non-Personal Data, including aggregated, de-identified data for the purposes described in the section titled, “Use of Data.”

Links to Third Party Sites

Our Services may contain links to other sites that are not operated by us. If you click on a third-party link, you will be directed to that third party’s site. Such links do not constitute an endorsement by us of those other websites, their content or services, or the persons or entities associated with those websites. This Privacy Policy does not apply to third-party websites. We have no control over, and assume no responsibility for, the content, privacy policies, or practices of any third-party sites or services. We encourage you to review the privacy policies and terms of all third-party websites or services that you may visit.

Your California Privacy Rights

California Civil Code Section 1798.83 permits California residents to request and obtain a list of what Personal Data (if any) we disclosed to third parties for direct marketing purposes in the preceding calendar year and the names and addresses of those third parties. Requests may be made only once a year and are free of charge. Under Section 1798.83, California residents are entitled to request and obtain such information, by e-mailing a request to hello@oncallpeople.com.

Changes in the Privacy Policy

We reserve the right to modify and update this Privacy Policy at any time by posting an amended version of the statement on our Site. Please refer to this policy regularly. If at any time we decide to use Personal Data in a manner different from that stated at the time it was collected, we will notify you either on the panel home page of our Site or via e-mail.

How to Contact Us

Because protecting your privacy is important to us, you may always submit concerns regarding our Privacy Policy on the contact us page. We will attempt to respond to all reasonable concerns and inquiries expeditiously.

If you have any questions or comments about our Privacy Policy, please contact us at:

By e-mail: hello@oncallpeople.com

By regular mail:

On Call People, Inc

5000 Centre Green Way, Suite 500

Cary, North Carolina 27513

REQUEST DEMO