We appreciate the trust that you place in Ciox Health and in our responsibility to protect your privacy. As part of this responsibility, we let you know what information we collect when you use our website, why we collect it and how we use it.
Ciox Health is proud of its SOC 1 Type II, SOC 2 Type II, and HITRUST certifications, which means that Ciox and its systems have been stringently audited and tested by outside auditors to ensure that appropriate access controls are in place and perform as they should.
Although Ciox Health does not maintain a data base of medical records (any such records stored are at the express request of a healthcare provider who owns the record, and stored for only a limited period of time), we want you to know what information we do maintain, and in what way:
- We use information to provide our clients with valuable services.
- We develop services and policies that reflect strong privacy standards and practices.
- We are a responsible steward of the information we process and/or hold.
We may collect the following types of information:
Information you provide – If you sign up for a HealthPortConnect Account or fill out a survey or a form on our website, we may ask you for personal information. For certain services, we may give you the opportunity to opt out of providing such information.
Cookies – When you visit cioxhealth.com, we send one or more cookies to your computer or other device to improve the quality of our service (including for storing your preferences, improving results, and tracking trends).
Log information – When you access our services via a browser or application, our servers automatically record certain information. Called “server logs,” they may include information such about your request, your interaction with the website, your Internet Protocol address, browser type, browser language, the date and time of your request, and one or more cookies that may uniquely identify your browser or your account.
User communications – When you send email or other online communications to us, we may retain those communications in order to process your inquiries, respond to your requests and improve our services.
We also may use the information we collect to protect the rights or property of HealthPort or its clients. If we use this information in a manner different than the purpose for which it was collected, then we will ask for your consent prior to such use.
Ciox Health processes personal information on our own servers, all located in the USA.
Most browsers are initially set up to accept cookies, but you can reset your browser to refuse all cookies or to indicate when a cookie is being sent. NOTE: some features and services may not function properly if cookies are disabled.
Ciox Health does not share personal information with other companies or individuals outside of Ciox Health except in the following limited circumstances:
- If we have a good faith belief that access, use, preservation or disclosure of such information is reasonably necessary to (a) satisfy an applicable law, regulation, legal process or governmental request, (b) investigate potential violations thereof, (c) detect, prevent, or otherwise address fraud, security or technical issues, or (d) protect against harm to the rights, property or safety of Ciox Health, its clients, or the public as required or permitted by law.
If Ciox Health is involved in a merger, acquisition, or any form of sale of some or all of its assets, we will ensure the confidentiality of any personal information involved in such transactions.
We take appropriate security measures to protect against unauthorized access to or unauthorized alteration, disclosure or destruction of data. These include ongoing internal reviews of our data collection, storage and processing practices and security measures, including appropriate encryption and physical security measures to guard against unauthorized access to systems where we store personal data.
Electronic information in Ciox Health’s care is encrypted so that all information is protected from access by anyone without the encryption “key” (which enables only authorized persons to read the data). This makes data obtained by any third party from any instance of hacking, or of theft/loss of any mobile storage device, from being readable.
We restrict access to personal information to our employees or contractors who need to know that information in order to process it for the transaction you expect with Ciox Health. These individuals are bound by confidentiality obligations and are subject to discipline, up to and including termination and criminal prosecution, if they fail to meet these obligations.