Privacy Policy for Client Solutions

Overview

This privacy policy describes the policies and practices of TeleTracking Technologies, Inc., together with its wholly owned subsidiary TeleTracking International Ltd. (“TeleTracking,” “we,” “us,” “our”) in relation to our client-facing software solutions. TeleTracking provides on-premise and cloud-based software solutions and accompanying services to hospitals, health systems and other such healthcare provider organizations (“client-facing software solutions”). TeleTracking software processes and uses the personal data of both healthcare provider employees and their patients to enable more efficient and effective move movement of patients across the care continuum. Employee data is collected by TeleTracking at implementation or otherwise by healthcare provider system administrators to provide access to end users of the system and to provide support. TeleTracking does not operate its systems for its end user clients. Patient data is collected by and provided by health care provider software users using TeleTracking’s client-facing software solutions for purposes of informing and improving patient flow and care. Patients do not interface with TeleTracking client-facing software solutions. TeleTracking does not offer patient-facing software solutions in the EU or UK.

Definitions

Agent – A company or individual acting on behalf of TeleTracking.

Controller - Person or organization which, alone or jointly with others, determines the purposes and means of the processing of Personal Data.

Data Subject - Individual to whom any given EU or UK Personal Data covered by this Privacy Policy refers.

Personal Data – Information relating to an individual residing in the EU or UK that can be used to identify that individual either on its own or in combination with other readily available data (e.g., the individual’s name, title, work location, home address, date of birth, compensation, benefits, or family members).

Processor - Any natural or legal person, public authority, agency or other body that processes Personal Data on behalf of a Controller.

Sensitive Personal Data – means Personal Data regarding any of the following:

  • Health or medical condition;
  • Racial or ethnic origin;
  • Political opinions;
  • Religious or philosophical beliefs;
  • Trade union membership;
  • Sex life; or
  • Criminal convictions or indictments.

Personal Data Collection and Use

TeleTracking collects and processes its clients’ data, including any Personal Data contained therein. TeleTracking collects several types of information from its clients and their employees, agents and patients, including:

  • Name
  • Birth Date
  • Medical Record Number or Hospital Number or other identifier
  • Location
  • Admit and discharge times
  • Gender
  • Healthcare data related to operational decisions
  • Healthcare or medical condition-related Sensitive Personal Data

The purposes for which TeleTracking collects and uses such Personal Data includes, but is not limited to:

  • Providing software products and related services to healthcare provider clients, including customization and development of those products and services;
  • Responding to questions and comments for healthcare provider clients and otherwise providing information requested;
  • Enabling the coordination of care for healthcare provider clients;
  • Providing support to healthcare provider clients;
  • Performing legitimate everyday business operations; and
  • Other purposes as required or permitted 1) by the underlying agreement with client or 2) by law.

TeleTracking may disclose Personal Data to the following types of third parties:

  • Third party cloud-hosting hardware and service providers for the purpose of delivering products and services.
  • Third party software solution providers that enhance the functionality of our solutions as permitted by the underlying agreement with client.

Information Collected Using Cookies

TeleTracking may use “cookies” to enhance your experience with its solutions. When you communicate with us, your web browser places cookies on your hard drive for record-keeping purposes and sometimes to track information about you. Cookies help to collect information such as your browser name, type of computer, and technical information about your means of connection, such as the operating system and the Internet service providers utilized and other similar information. You may choose to configure your web browser to refuse cookies, or to alert you when cookies are being sent. However, doing so may cause some parts of the solution to function improperly.

Onward Transfers

TeleTracking Technologies, Inc. complies with the notice and contractual assurances provided to a Data Subject for all onward transfers of Personal Data from the EU or UK.

In the event TeleTracking Technologies, Inc. transfers Personal Data to non-Agent third parties, we will do so consistent with any notice provided to Data Subjects and any consent they have given, and only if the third party has given us contractual assurances that it will (i) process the Personal Data for limited and specified purposes consistent with any consent provided by the Data Subjects, (ii) provide at least the same level of protection to that Personal Data as is required by the notice provided to you and notify us if it makes a determination that it cannot do so; and (iii) cease processing of the Personal Data or take other reasonable and appropriate steps to remediate if it makes such a determination. If TeleTracking Technologies, Inc. has knowledge that a non-Agent third party is processing Personal Data in a way that is contrary to the notice and/or contractual assurances, TeleTracking Technologies, Inc. will take reasonable steps to prevent or stop such processing.

With respect to agents of TeleTracking Technologies, Inc., we will transfer only the Personal Data needed for an Agent to deliver to TeleTracking Technologies, Inc. the requested service. Furthermore, we will (i) permit the Agent to process such Personal Data only for limited and specified purposes; (ii) require the Agent to provide at least the same level of privacy protection to that Personal Data as is required by the notice and/or assurances provided to you ; (iii) take reasonable and appropriate steps to ensure that the Agent effectively processes the Personal Data transferred in a manner consistent with TeleTracking Technologies, Inc.’s obligations under the notice and/or contractual assurances ; and (iv) require the Agent to notify TeleTracking Technologies, Inc. if it makes a determination that it can no longer meet its obligation to provide the same level of protection to the Personal Data as is required by the notice and/or contractual assurances . Upon receiving notice from an Agent that it can no longer meet its obligation to provide the same level of protection as is required by the notice and/or contractual assurances , TeleTracking will take reasonable and appropriate steps to stop and remediate unauthorized processing.

TeleTracking Technologies, Inc. remains liable if an Agent processes Personal Data in a manner inconsistent with the notice and/or contractual assurances, except where TeleTracking is not responsible for the event giving rise to the damage.

In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

Individual Notice and Choice

Data covered by this Privacy Policy is collected and processed only as permitted by the notice and/or contractual assurances provided to you. Notice to individuals regarding the Personal Data collected from them and how that information is used may be provided by your healthcare provider, through this Privacy Policy, through other TeleTracking website notices, or through other direct forms of communication with appropriate parties, such as contracts or agreements. Where necessary and appropriate, consent for Personal Data to be collected, used, and/or transferred may also be obtained through these same means of communication (including opt-in consent for Sensitive Personal Data).

Should you no longer wish to receive information or future communications about our relevant services, please contact us using one of the following options. You may send your request via email stating your desire to opt out of further communications to Privacy@TeleTracking.com.

We also provide an opt-out option with all marketing email communications by either clicking the unsubscribe link at the bottom of the email or replying to the email stating your request to opt-out of further communications. If we intend to use, or share with third parties other than our agents, Personal Data in a manner different from that stated within this Privacy Policy or as otherwise previously notified, we will notify all affected users; users will be able to opt out of any new use of their Personal Data.

Access and Rights

Data Subjects whose Personal Data is covered by this Privacy Policy have the right to access the Personal Data that TeleTracking Technologies, Inc. maintains about them as specified in the notice and/or contractual assurances. Data Subjects may contact us to correct, amend, delete or stop processing such Personal Data if it is inaccurate or has been processed in violation of the notice and/or contractual assurances (except when the burden or expense of providing access, correction, amendment, or deletion would be disproportionate to the risks to the individual’s privacy, or where the rights of persons other than the individual would be violated). Requests for access, correction, amendment or deletion should be sent to Privacy@TeleTracking.com.

TeleTracking commits to attempt to resolve complaints about our collection or use of your Personal Data. Individuals with inquiries or complaints regarding this Privacy Policy should first contact TeleTracking at Privacy@TeleTracking.com. TeleTracking has a policy of responding to individuals within forty-five (45) days of an inquiry or complaint.

Security

TeleTracking uses a combination of industry best practice process, technology and physical security controls to help protect Personal Data in its possession to ensure a level of security appropriate to the risk of loss, misuse, unauthorized access, disclosure, alteration, and destruction. These measures consider the nature of the Personal Data and the risks involved in its processing.

TeleTracking employees are trained in-line with and required to adhere to the principles of the applicable data protection laws in their country of employment.

Data Integrity and Purpose Limitation

TeleTracking limits the collection of Personal Data to information that is relevant for the purposes of processing. Personal Data covered by this Privacy Policy that is collected, processed, and maintained by TeleTracking shall be kept and used for its intended purpose. TeleTracking takes reasonable steps to ensure that the Personal Data is used for its intended purpose(s), and is accurate, complete, and current. Personal Data is retained in an identifiable form only as long as it serves a purpose of processing, unless a longer retention period is permitted by law, and it adheres to the notice and/for contractual assurances provided to the Data Subject for as long as it retains such Personal Data.

Changes to this Policy

This Privacy Policy may be amended from time to time. Appropriate notice will be given concerning such amendments.

Effective: November 27th, 2019

Last Updated: August 24, 2020