PRIVACY POLICY

Effective: April 28, 2019

Power2Practice ("P2P"), a division of Forum Health Technology, LLC, is a confidential Internet application service provider that enables healthcare providers and their patients to communicate through a physician portal - Power2Practice.net . P2P requires all persons using its services to adhere to this Privacy Policy and accept the Terms of Use. This Privacy Policy only applies to those P2P services, which are provided through a subscription agreement with patient’s physician or medical practice ("Provider").

P2P respects patient’s privacy and takes Internet privacy very seriously. By accepting P2P's Terms of Use, you consent to the use and disclosure of personally identifiable information provided to us as outlined in this Privacy Policy. P2P will operate in compliance with the Health Insurance Portability and Accountability Act of 1996, as amended from time to time ("HIPAA"), and the HIPAA implementing regulations regarding privacy and security at 45 Code of Federal Regulations ("C.F.R.") Parts 160-164, as promulgated by the United States Department of Health and Human Services ("HHS") and as amended from time to time ("Privacy and Security Rules").

Collecting Information

P2P provides you ("Provider") and patient(s), designated users or authorized member of a physician's practice (individually and collectively, "Provider") with the ability to communicate with each other regarding medical issues and/or general health matters. Because P2P provides a service for Web-based communication between you and patient(s), we ask you for personal information your Provider's office needs to provide appropriate care and treatment. Certain Patient contact information is collected during registration (for example name, email address, home address, zip code, date of birth, etc). Since P2P is an interactive communication platform, P2P collects patient’s information at several points during patient’s subscription.

P2P will not sell, share or rent patient’s information that is collected in the P2P service to others in ways different than from what is disclosed in this policy.

  • Patient Contact Information .

    • Information Request . If patient wishes to request more information about P2P prior to registering, patients are required to provide contact information so that P2P can contact you about our services. It is optional for patients to provide additional contact information (for example, health plan and physician).

    • Pre-Registration . With patient’s consent, Provider or a member of Provider's staff will pre-register patients for P2P. The pre-registration process consists of the Provider assisting in selecting a unique patient identifier (i.e. sign-in name - "Patient ID") and being provided an initial password. In addition, Provider will obtain patient’s contact information, and may request additional information, such as home phone number, email address, home address, health plan information, etc). This information will be used by P2P to contact patients about our services. In order to complete the pre-registration process to use P2P, patient will be asked to agree to P2P's Terms of Use.

    • Registration . Upon patient’s initial log-in to P2P using the Patient ID and initial password, patient(s) will be required to select a new password that will not be shared with patient’s Provider. Upon registration, patients are asked to provide contact information directly, if this information was not entered during pre-registration, and to provide additional information of patient’s health status. In order to complete registration, patients are asked to agree to P2P's Terms of Use before being able to use P2P.

  • Patient Medical Information .

    • Provider-Patient Communications . P2P offers various messaging platforms relating to specific requests and/or purposes to facilitate communications (for example, Referral Requests, Prescription Renewal Request; Appointment Request). Either you or patient’s Provider can initiate such messages and/or communications. Patient’s response and/or provision of information regarding these communications is voluntary; therefore, you have a choice whether or not to disclose this information. Information provided via these communications may be used to update patient’s Health Record. In addition, by initiating and/or responding to such communications, patient’s Health Record will be accessible to patient’s Provider. All communication using P2P will be recorded and maintained in patient’s Health Record. P2P will not edit the content of the communication between you and patient’s Provider. P2P considers these communications to be personal and private and will not use or disclose these communications except as provided for in this Privacy Policy or where required by law. However, P2P may block or remove certain communications materials (for example, offensive or otherwise unacceptable materials for which a complaint has been reported). P2P does not capture and will not record any electronic communication (e.g. email, text, etc) between you and patient’s Provider that occurs outside of P2P, such as via Google mail, or SMS tex.

    • Health Record . The Health Record is a tool that permits you to provide and store health information online, including health conditions, allergies and medications. You have the ability to enter information into patient’s Health Record directly. Patient’s Provider will be able to enter information into patient’s Health Record.

    • Pre-Filled Health Record . At patient’s option and based upon consents received from you by patient’s Provider, patient’s Provider may elect to pre-fill medical information and create a Health Record for you via P2P. The creation of a Health Record may include the collection of contact information, as well as certain health information about you, including health conditions, medications and allergies. This information may be used by P2P to contact you about our services. In order to register to use P2P, you will be asked to confirm the information provided, review patient’s Health Record and agree to P2P's Terms of Use. You have the ability to request not to receive information from P2P at any time.

    • Patient Intake Questionnaire . The Intake Questionnaire is a voluntary interactive interview guiding a patient through clinically relevant questions based on clinical care algorithms to aid the Provider in making an accurate and thorough medical assessment of patient’s condition. Once you initiate P2P, you will be asked to complete the Intake Questionnaire. Information provided by you via a Intake Questionnaire will be used to update patient’s Health Record. Patient’s Provider will have access to patient’s Health Record, including the Intake Questionnaire.

    • Patient Log Files . P2P collects and stores the Internet Protocol (IP) address of the computer you are using; the name of the domain and host from which you access the Internet; the browser software you use and patient’s operating system; the date and time you access the service; and the Internet address of the Web site from which you directly linked to P2P. P2P uses this log file information to analyze trends, administer the service, and monitor service traffic and usage patterns for internal security purposes and to help make the P2P service more useful.

  • Provider Information.

    • Provider Registration . When Provider arrives at P2P, we require the collection of certain contact information as part of the Provider registration process (for example, name, office address, office zip code, office fax, e-mail address).

    • Provider-Designated User Registration . We require the collection of certain contact information as part of the registration process for any person designated by the Provider to engage with P2P (for example, name, user function, office zip code, office fax, e-mail address). All Provider designated users must agree to P2P's Terms of Use before being able to use P2P.

    • Provider Log Files . P2P collects and stores the Internet protocol address of the computer Provider is using; the name of the domain and host from which Provider accesses the Internet; the browser software Provider used and Provider's operating system; the date and time Provider accesses the service; and the Internet address of the Web site from which Provider directly linked to P2P. P2P uses this log file information to analyze trends, administer the service, and monitor service traffic and usage patterns for internal security purposes and to help make the P2P service more useful.

Use And Disclosure of Information

Except as specifically set forth in this Policy, patient’s information, including patient’s Health Record, will only be used and disclosed in accordance with the Notice of Privacy Practice provided to you by patient’s Provider. A copy of patient’s Provider's policies may be obtained by contacting patient’s Provider.

  • Use of Patient Information .

    • Identifying and providing educational materials, sending appointment reminders and wellness information;

    • Send prescription information to pharmacies, and updating patient’s Health Record based upon interactive communications and patient’s use of P2P (including prescription information);

    • Providing you with appointment reminders, educational materials, and wellness information;

    • Providing information as required by law.

  • Disclosure of Patient Information .

    • Health Record .Patient’s Provider may review patient’s Health Record and adjust it and respond to patient’s messages. In addition, any person authorized by you to use patient’s Patient ID and password ("Patient Authorized User") may access patient’s Health Record, those individuals authorized by you will also have the ability to review and enter information into patient’s Health Record.

    • Health Record Changes . If you would like to update or change information in patient’s Health Record, you can send a message to patient’s Provider stating the change or correction you think is needed or you may update portions of patient’s Health Record directly.

    • Provider Referrals . Where patient’s Provider determines that it is clinically appropriate, they may send a referral message to another provider and/or refer you as a patient to another provider. This referral message may include personally identifiable medical and/or health information about you, including, but not limited to, patient’s Health Record. Although the consulting provider may be able to view this information, they are not able to update and/or edit patient’s Health Record.

    • Sharing of Information with Providers . P2P may disclose the contact, billing and/or health information provided by patient(s) in our service to provide you or other healthcare provider with updated and/or supplemental information for their files or systems about patient(s).

    • Compliance with Laws . P2P will not disclose personal information (contact, health and/or billing) to third parties other than as provided for in this Privacy Policy, in accordance with patient’s Provider's Notice of Privacy Practices, and applicable state and Federal laws, including HIPAA.

    • Pharmacies and Pharmacy Benefits . When you or patient’s Provider use the P2P service to send patient’s prescription to a pharmacy, we will release patient’s name, address, prescription information and insurance plan information to the pharmacy. In addition, we may disclose certain necessary claims data to other entities (for example, the provider of patient’s drug benefit) as required to facilitate and/or coordinate patient’s pharmacy benefits (for example, health plan, mailing address, billing information for copayment purposes).

    • Diagnostic Clinical Laboratories . When you or patient’s Provider use the P2P service to send patient’s test order/requisition to or receive results from a clinical laboratory, P2P will release patient’s name, address, test order information and insurance plan information to the clinical laboratory.

  • Aggregate Data

    P2P may use non-identifiable anonymous data that is taken from patient’s Health Record and combine it with other anonymous data to create what is referred to as "aggregate data" that may be disclosed to third parties. Aggregate data is information that describes the conditions, treatments, habits, usage patterns, demographics and/or such other health related information of users as a group but does not reveal the identity or locator information of particular users. Locator information is patient’s name, electronic messaging address, physical address, or other data that enables someone to personally identify you. This data will not identify you but will be used as statistical information to determine such things as user demographics and usage patterns of our services. P2P may use aggregate data within P2P to conduct research in order to understand the needs and activities of the P2P community of users. Aggregate data may be provided or sold to third parties. P2P may use this aggregate data to give potential users, providers, or business partners a picture of the P2P community and services. P2P and patient’s Internet Access Provider may use Locator Information as is necessary to enforce any of the terms of the P2P Terms of Use.

Deactivation of Patient’s Health Record

Patient’s Health Record with P2P may be deactivated by (i) providing notice of patient’s request to patient’s Provider in accordance with patient’s Provider's Notice of Privacy Practices (ii) by patient’s Provider providing notice to P2P, or (iii) by P2P in the event that you violate the Terms of Use or the Privacy Policy or patient’s Provider ceases to be a subscriber to P2P. P2P will forward to patient’s Provider an electronic copy of patient’s Health Record and thereafter P2P will deactivate patient’s access to P2P and patient’s Health Record will be securely archived. P2P retains archived information for a period of ten years (or longer if required by law) as necessary to comply with legal obligations, resolve disputes, enforce our agreements, or other authorized uses under this Policy. Patient’s archived information will remain available for use as aggregate data.

Storage and Maintenance of Information

P2P stores and maintains all electronic communications sent via P2P, the content of all Patient Questionnaires, patient’s Health Record, contact information, financial information and all attachments and/or files uploaded or posted to P2P for the duration of patient’s Provider's subscription agreement with P2P. At the expiration or termination of patient’s Provider's subscription agreement with P2P, P2P will forward to patient’s Provider an electronic copy of patient’s Health Record and thereafter P2P will deactivate patient’s access to P2P and patient’s Health Record.

Security

P2P takes all reasonable measures to secure patient’s data on our servers, in our data center in accordance with our Security Policy. For more information, please refer to P2P's Security Policy.

Protecting Patient’s Privacy

In order to protect patient’s privacy while you can:

Never share your or patient’s sign in name or password.

Always sign out when you are finished using the service .

Changes to this Privacy Policy

Although P2P is required to adhere to the terms of patient’s Provider's Notice of Privacy Practices, P2P reserves the right to change the terms of this Privacy Policy at any time by posting those changes on our services so that you are always aware of our processes related to collection, use and disclosure of information. We will inform you of any material change to our Privacy Policy that involves the use of patient’s personal health information in order to give you the opportunity to choose to terminate patient’s Health Record with P2P.

Questions

If you have any questions about this Privacy Policy or the use of patient’s information via P2P, please contact us at practicesupport@power2practice.com .





The Power2Practice service is a secure site which respects your privacy.
© 2019 Power2Practice and its affiliates. All rights reserved.