BlueButtonPRO™ Privacy Policy

 Effective Date: February 7, 2019

 

To review material modifications and their effective dates scroll to the bottom of the page.

 

Darena Solutions LLC (“Darena” or “We”) owns software, technology, and content that enables Darena’s BlueButtonPRO services, more particularly identified on the website that are accessible through a downloaded and installed application on a desktop or a mobile device (collectively the “App”). Darena collects data about the user’s device and operating system when the App is downloaded. Darena may also receive technical data about the user’s device and app software that is gathered to manage updates and resolve App errors. This information does not identify the user. 

We respect and are committed to protecting your privacy. You can use the App in a “Device Mode” (defined below) without giving us any information about yourself. When you choose to provide us with your PII (defined below), this Privacy Policy describes how we collect, use and disclose your PII and individually identifiable health information submitted by you in the course of using the App.

The App contains features designed to inter-operate with third party services (including but not limited to CMS Blue Button 2.0) (“Third-Party Services”). To use such features, you may be required to obtain access to such Third-Party Services, or App may be required to obtain access to such Third-Party Services on your behalf from the providers of such Third-Party Services. You are solely responsible for compliance with the terms and conditions applicable to any Third-Party Services accessed by you through the App and will indemnify Darena from any and all harm, damages, costs, and expenses incurred by Darena in connection with a breach of the foregoing. Darena shall not be responsible for any disclosure, modification, or deletion of data resulting from any such access to Third-Party Services and their providers. If the provider of any Third-Party Service ceases to make the application available for inter-operation with the corresponding feature of the App on reasonable terms, Darena may cease providing such features without entitling User to any refund, credit, or other compensation. Any acquisition or use of Third-Party Services and any exchange of information between an end user and any third party is directly between the end users and the applicable third party. DARENA EXPRESSLY DISCLAIMS RESPONSIBILITY AND LIABILITY FOR ANY CLAIMS OR DAMAGES ARISING IN CONNECTION WITH OR RELATING TO ANY END USER INTERACTIONS WITH THE APP OR ANY THIRD-PARTY SERVICES.

 

Device Mode

When you download the App, it is in the “Device Mode” by default. The “Device Mode” allows you to connect and download your data from CMS Blue Button 2.0 API. All information downloaded from CMS Blue Button 2.0 API resides on your device and is not accessible by Darena. For iPhone users, you can also access information stored in your Apple® HealthKit account on the device through the App. You may edit or delete any or all information through the App at any time. You understand that information pertaining to your medical treatment will be stored on your device. You are responsible to protect the information on the device. We are not responsible for any unauthorized access by any third party to such information on your device. The information is encrypted with a password selected by you. You should use a strong password and should not share the password with others. You should make sure that the App is closed on the device when you are not using it.

 

Cloud Mode

Personal Identifiable Information ("PII") means any information that may be used to identify an individual, including, but not limited to, a first and last name, email address, a home, postal or other physical address, and phone number. We collect your PII when you register for a “Cloud Account” through the App. Cloud Account allows you to use the App on multiple devices and sync your data across all of them. After registering for a Cloud Account, you may create one or more FHIR accounts for one or more individuals to manage individually identifiable healthcare data (“Healthcare Data”) for yourself or others.

 

Information Sharing by You

You can share information through our App by (i) exporting a copy of your Healthcare Data as a “FHIR Bundle”, (ii) sending your Healthcare Data to third parties such as your providers integrated with the App, and (iii) other features that may be offered through our App. You provide consent to sharing through the settings in the App. The third parties may store, process or use your Healthcare Data differently than from what we describe in our Privacy Policy.

 

Information Sharing By Darena

Your PII and Healthcare Data is not shared without your permission, except as described below. 

a.       Information Shared with Our Services Providers. We engage third-party services providers to work with us to administer and provide the hosting services for the App. These third-party service providers have access to your PII and Healthcare Data only for the purpose of performing services on our behalf and are expressly obligated not to disclose or use your PII and Healthcare Data for any other purpose. 

b.       Information Shared with Third Parties. We do not sell, lease, or rent your individual-level information to any third party, including our customers except as described in this privacy policy. We may share your aggregated information and non-identifying information with third parties to conduct on-going quality improvement activities, or for industry research and analysis, demographic profiling and other similar purposes. 

c.       Information Disclosed for Our Protection and the Protection of Others. We cooperate with government and law enforcement officials or private parties to enforce and comply with the law. We may disclose any information about you to government or law enforcement officials or private parties as we, in our sole discretion, believe necessary or appropriate: (i) to enforce our Terms of Service, (ii) to respond to claims, legal process (including subpoenas); (iii) to protect our property, rights and safety; and the property, rights and safety of a third party, our users, or the public in general; (iv) to stop any activity that we consider illegal, unethical or legally actionable activity; and (v) as required in accordance with HIPAA or related applicable local, state or federal laws.

 

Data Security

Your Cloud Account information is password-protected for your privacy and security. We safeguard the security of the information you provide to us with physical, electronic, and managerial procedures. We use industry-standard SSL-encryption to enhance the security of data transmissions. While we strive to protect your PII and Healthcare Data, we cannot ensure the security of the information you transmit to us, and so we urge you to take every precaution to protect your information when you are on the Internet. Change your passwords often, use a combination of letters and numbers, and make sure you use a secure browser.

 

Opt Out

We may periodically send you free newsletters and e-mails that directly promote our App. When you receive such promotional communications from us, you will have the opportunity to "opt-out" (either through your account or by following the unsubscribe instructions provided in the e-mail you receive). We do need to send you certain communications regarding the App and you will not be able to opt out of those communications – e.g., communications regarding updates to our Terms of Service or this Privacy Policy or information about billing.

 

Children and Privacy

Our App does not target and are not intended to attract children under the age of 13. We do not knowingly solicit PII from children under the age of 13 or send them requests for PII. If we learn that we have collected PII of a child under 13 directly from that child we will take steps to delete such information from our files as soon as possible. Notwithstanding the foregoing, we may collect PII about children under 13 that parents or guardians provide to us when establishing an account for their children’s records.

 

Account Closure

You may close your account and delete all your Healthcare Data at any time. Please note that deletion of Healthcare Data through the App does not include any information that you previously provided to a third party through our App. You must contact third parties separately regarding controls and choices for the personal information that you shared.  

We may retain your PII in backup copies as required by law or contractual obligations with third parties or as needed for accounting, audit, and compliance purposes.

 

Questions or Suggestions

If you have questions or concerns about our collection, use, or disclosure of your PII or Healthcare Data, please email us at support@darenasolutions.com.  You may also contact us by writing to Darena Solutions, 167 Lamp and Lantern Vlg., Suite 164, Chesterfield, MO 63017.

Material Modifications Since February 7, 2019:  None