Effective on: October 26, 2012

  1. Purpose:

This Privacy Policy (“Policy”) discloses the policies and practices of Clearwater Compliance, LLC (“Clearwater”) with respect to maintaining the privacy of organizational and personal information collected and stored by Clearwater in relation to individuals who have:

  • registered to have access to a Clearwater web site;
  • submitted an inquiry or request to Clearwater via a Clearwater web site;
  • registered to attend an event via a Clearwater web site;
  • subscribed to a Clearwater newsletter or publication;
  • downloaded material from a Clearwater web site;
  • purchased a product or service from Clearwater or one of its authorized resellers; or
  • been authorized as a user of a Clearwater Software-as-a-Service product.

This Policy applies to all web sites operated by Clearwater for the purpose of the provision of information about its products, solutions and services or general information pertaining to HIPAA and HITECH regulations, compliance, enforcement and best practices.

Clearwater recognizes that the protection of the privacy of personal and organizational data and information received and stored by it is important. As a company that provides services and solutions to assist organizations with their compliance with HIPAA and HITECH security and privacy regulations, Clearwater is especially cognizant of its duty to safeguard such information against inappropriate use and disclosure, and to the rights of individuals and organizations to maintain control over their organizational and personal data while accessing Clearwater’s resources. Due to the Children’s Online Privacy Protection Act of 1998, users must be at least thirteen (13) years of age to use the services and we ask that minors (under the age of 18) do not submit any personal information to Clearwater or use the services. Clearwater will not knowingly collect information from users in this age group.

This Policy sets out the following:

  1. The type of information collected and stored by Clearwater
  2. How such information is utilized by Clearwater
  3. With whom Clearwater shares the information
  4. Clearwater’s policy regarding correcting and updating personally identifiable information
  5. Clearwater’s policy regarding deleting or deactivating personally identifiable information Clearwater’s database
  1. Types of Data and Information Collected and Stored by Clearwater

Clearwater collects and stores some or all of the following information about individuals:

  • Organization name, address, and phone number of the organization’s primary location and details of any additional locations provided to Clearwater
  • Names, job titles, email addresses, and other contact details of individuals provided to Clearwater by those individuals

 

  1. Correct or Update Information

All individuals for whom Clearwater has collected or stored such Information may provide updates or request that Clearwater delete such Information at any time by emailing Clearwater at info@clearwatercompliance.com and providing adequate identifying details for Clearwater to search and find such Information.

 

  1. Use of Information by Clearwater

Generally-speaking, Clearwater uses the Information to respond to requests and inquiries made to it; to communicate with correspondents about products, services, and information that may be of interest; and to conduct market research. All Information is considered to be confidential and Clearwater shall protect the confidentiality of such Information. It is Clearwater’s policy to not disclose Information to or share Information with third parties for any reason except as may be required by law.

 

Clearwater may also de-identify the Information and aggregate it with other de-identified data  anonymously and in aggregate and combined with other individuals’ anonymous data to improve Clearwater’s offerings and to further evaluate the HIPAA and HITECH compliance market outlook, provided that such use will not, under any conditions, reveal the identity of the individual or the organization.

 

  1. Use of Email Addresses

With respect in particular to email addresses, Clearwater may contact individuals directly for such purposes as: a) to inquire as to such individuals’ satisfaction with their interaction with Clearwater, its web sites and/or its solutions and services, and b) to provide newsletters and/or information about other products and services from Clearwater that may be of interest. Upon receipt of written notice from any such individual, that he/she is no longer interested in receiving such contact or information, Clearwater shall cease such contact with that individual within 30 days.

 

  1. Links to External Web Sites

Clearwater’s web sites may contain links to external web sites owned and maintained by third parties. When individuals click on one of these links, he/she is opening a session to another web site. While such external web sites are vetted and believed by Clearwater to follow appropriate information security and privacy policies, Clearwater does not accept liability or responsibility for any web site to which Clearwater may link, and Clearwater encourages individuals to read the privacy statements of such linked sites, as their privacy policies may differ.

 

  1. Use of Cookies

Clearwater uses software tags known as “cookies” within certain functions of its web sites to remember its visitors’ preferences and to maximize the performance of the site and the individual’s experience. Access to certain functionality may not be available to individuals that do not give their consent to the data processing carried out through cookies or whose browsers are set to reject all cookies.

 

  1. Information Security

All Information is stored and maintained in secure facilities that limit access to authorized personnel only. As part of Clearwater’s continuous risk management process, its web sites are regularly tested to assess vulnerabilities and controls, remediate deficiencies, and to ensure that all Information is secure from unauthorized access or modification. Information is protected in transit via HTTPS and SSL security. Data is backed up routinely at an off-site remote location consistent with Clearwater’s business continuity plan. While Clearwater will exert all commercially reasonable efforts to protect the confidentiality, integrity and availability of the Information, Clearwater cannot guarantee that such efforts will prevent an unauthorized breach of the Information.

 

  1. Testimonials

Clearwater may post an individual’s feedback on its web sites or in material promoting or describing Clearwater and its solutions and services. Prior to publishing any such feedback that includes individual or organizational identifying details, Clearwater will obtain written consent from the individual and organization.

 

  1. Retention of Information

Clearwater will retain the Information for as long as an individual has not requested that his/her Information be deleted from Clearwater’s database. Clearwater shall securely erase Information from any equipment it retires or transfers.

 

  1. Legal Disclaimer

Clearwater’s exercise of this Policy with respect to the Information is subject to existing laws and legal process, and nothing contained in this Policy is in conflict with Clearwater’s right to comply with governmental, court, and law enforcement requests or requirements relating to the Information. In the event of a third party request for the Information, to the extent permitted by law Clearwater will provide the individual or organization with prompt notice of such request so that the individual or organization may take such actions it may deem appropriate to protect the confidentiality of such Information and/or oppose the request.

 

  1. Changes to this Privacy Policy

Clearwater may update this Policy at any time by providing notice of such update on its web site.

 

If anyone should have any questions or suggestions regarding this Policy, the individual should contact Clearwater by emailing: info@clearwatercompliance.com.