Download:
pdf |
pdfBirch Health
Birch
Facts about your personal information
Health
Why do we provide you this information?
We provide this information because we want you to clearly understand Birch Health’s policies, practices, and
procedures for using, securing, and protecting the personal information in your PHR. The table below provides you
a snapshot. You can link to more detailed information by clicking on any of the areas below.
PHR Facts At-A-Glance
Our Practices
PHR Type
Provided by
Healthcare provider
Fee
None
You
Yes
Family and friends
With your permission
Healthcare providers
With your permission
Insurers
With your permission
Employers
No
Pharmacies
With your permission
Who can view
your personal
information?
T
F
Additional health programs and services With your permission
How may we use
your personal
information?
A
R
Birch Health
Yes
Others
Yes
For Birch Health’s business practices
Yes (You may not opt out.)
For marketing
Aggregate information only (You may opt out.)
For medical research
Aggregate information only (You may opt out.)
For selling to others
Aggregate information only (You may opt out.)
For legal reasons
Yes (You may not opt out.)
What are our
policies about
closing your PHR?
Ability to close PHR
Yes
Data retention by Birch Health
90 days
Ability to transfer to another PHR
Yes
When will you be
notified?
If Birch Health is sold/merged/out of
business
Yes
If there is a change in these policies
Yes
If there is a security breach
Yes
How do we store and
protect your personal
information?
Geographic location of data storage
USA only
Log of all PHR views for customer
review
Yes
Full printable version
http://www.BirchPHR.com/fullversion
Contact information
info@BirchPHR.com
D
| Home | Terminology | Contact Us |
Disclaimer: “Birch Health” is a fictional company. This document is a preliminary draft that is under
development and provided solely for informational purposes. The information in this draft document may not
be complete, comprehensive, or represent all of the legal obligations with which an entity needs to comply.
Any reliance on the presentation or content provided in this document, in its current form, may pose legal risk.
Page 1
Birch Health
Birch
Facts about your personal information
Health
What is personal information?
You store personal information in your PHR as a way to help better manage your health. Personal
information is information about you that includes contact information, demographic information,
health information, and financial information. Examples are listed below:
Contact Information (e.g., for use in the event of an emergency or to speed up registering
with a new physician)
• name
• address
• email address
• phone number
• social security number
• emergency contact
T
F
Demographic Information (e.g., to inform your physician of potential risk factors)
• age
• gender
• ethnicity
• occupation
A
R
Health Information (e.g., to better manage a health condition)
• medical conditions
• medications (over-the-counter and prescription)
• lab/test results
• doctor’s contact information
• immunizations
• disease management charts
• injury management
D
Financial Information (e.g., to keep track of your health care expenses)
• healthcare bills
• health insurance
• healthcare savings account (HSA) information
Disclaimer: “Birch Health” is a fictional
company. This document is a preliminary
draft that is under development and
provided solely for informational
purposes. The information in this
draft document may not be complete,
comprehensive, or represent all of the
legal obligations with which an entity
needs to comply. Any reliance on the
presentation or content provided in this
document, in its current form, may pose
legal risk.
| Home | Terminology | Contact Us |
Page 2
Birch Health
Birch
Facts about your personal information
Health
What PHR type are we?
PHR Type
Birch Health is a Healthcare Provider. Knowing the PHR type we provide will
help you understand our policies, practices, and procedures.
Who can view your
personal information?
How may we use your
personal information?
What are our policies
about closing
your PHR?
When will you be
notified?
How do we store and
protect your personal
information?
PHR provided by
Description
Employer
Some large employers offer
PHRs as a feature of a benefits
plan. More...
Healthcare Provider
Some healthcare providers
offer PHRs as a way to
provide patients with health
information from the clinicians’
record. More...
Health Insurer
(PPO or HMO)
Some health insurers offer
PHRs to provide consumers
with information from health
insurance claims. More...
Contact information
Disclaimer: “Birch Health” is a fictional
company. This document is a preliminary
draft that is under development and
provided solely for informational
purposes. The information in this
draft document may not be complete,
comprehensive, or represent all of the
legal obligations with which an entity
needs to comply. Any reliance on the
presentation or content provided in this
document, in its current form, may pose
legal risk.
A
R
Independent
D
Full printable version
Do you
pay a
fee?
No
T
F
Some independent internet
companies offer PHRs
directly to consumers. Some
Employers, Healthcare
Providers, and Health Insurers
may also have partnerships
with independent internet PHR
companies. More...
| Home | Terminology | Contact Us |
Page 3
Birch Health
Birch
Facts about your personal information
Health
Who can view your personal information?
PHR Type
When you set up your PHR, you may be able to give permission to certain
people or groups to view some or all of your personal information.
Who can view your
personal information?
Can they view
information?
Can they add
information?
Can they edit
information?
You (PHR customer)
Yes
Yes
Yes, self-entered
information
Your family and
friends
With your
permission
With your
permission
With your
permission
Your healthcare
providers
With your
permission
With your
permission
No
Your health insurer
With your
permission
With your
permission
No
Your employer
No
No
No
Your pharmacy
With your
permission
No
Additional health
programs and
services
With your
permission
With your
permission
No
Birch Health and its
employees
Yes
No
No
Companies doing
work for Birch
Health to operate
and manage the
systems
Yes
No
Birch Health’s
business and
advertising partners
No
No
No
Law enforcement for When legally
legal investigations
required
No
No
Government for
national security
When legally
required
No
No
The public (through
chat rooms and
forums)
With your
permission
No
No
Your health partners
How may we use your
personal information?
What are our policies
about closing
your PHR?
When will you be
notified?
How do we store and
protect your personal
information?
D
Full printable version
Contact information
Disclaimer: “Birch Health” is a fictional
company. This document is a preliminary
draft that is under development and
provided solely for informational
purposes. The information in this
draft document may not be complete,
comprehensive, or represent all of the
legal obligations with which an entity
needs to comply. Any reliance on the
presentation or content provided in this
document, in its current form, may pose
legal risk.
A
R
Birch Health
T
F
No
No
Others
| Home | Terminology | Contact Us |
Page 4
Birch Health
Birch
Facts about your personal information
Health
Who can view your personal information?
PHR Type
When you set up your PHR, you may be able to give permission for certain
people or groups to view some or all of your personal information.
Who can view your
personal information?
Can they view
information?
Can they add
information?
Can they edit
information?
You (PHR customer)
Yes
Yes
Yes, self-entered
information
Your family and
friends
With your
permission
With your
permission
With your
permission
Your healthcare
providers
With your
permission
With your
permission
No
Your health insurer
With your
permission
With your
permission
No
Your employer
No
No
No
Your pharmacy
With your
permission
No
Additional health
programs and
services
With your
permission
With your
permission
No
Birch Health and its
employees
Yes
No
No
Companies doing
work for Birch
Health to operate
and manage the
systems
Yes
No
Birch Health’s
business and
advertising partners
No
No
No
Law enforcement for When legally
legal investigations
required
No
No
Government for
national security
When legally
required
No
No
The public (through
chat rooms and
forums)
With your
permission
No
No
Your health partners
How may we use your
personal information?
What are our policies
about closing
your PHR?
When will you be
notified?
How do we store and
protect your personal
information?
D
Full printable version
Contact information
Disclaimer: “Birch Health” is a fictional
company. This document is a preliminary
draft that is under development and
provided solely for informational
purposes. The information in this
draft document may not be complete,
comprehensive, or represent all of the
legal obligations with which an entity
needs to comply. Any reliance on the
presentation or content provided in this
document, in its current form, may pose
legal risk.
A
R
Birch Health
Duplicate
Page
with
Rollover
Some examples of
additional health
programs and services
that work with the PHR
include fitness activity
journals, weight loss
programs, and glucose
monitoring services.
T
F
No
No
Others
| Home | Terminology | Contact Us |
Page 5
Birch Health
Birch
Facts about your personal information
Health
How may we use your personal information?
PHR Type
Birch Health uses the personal information in your PHR for certain reasons.
Who can view your
personal information?
How may we use your
personal information?
What are our policies
about closing
your PHR?
When will you be
notified?
How do we store and
protect your personal
information?
Common uses of personal information
in a PHR
Does Birch
Health do this?
Can you
opt out?
Process exchanges between your PHR
and healthcare providers
Yes, with your
permission
Yes, you choose
sharing-levels.
Process exchanges between your PHR
and labs, pharmacists, health plans, etc.
Yes, with your
permission
Yes, you choose
sharing-levels.
Communicate with you
Yes
You may not
opt out.
Maintain and improve Birch Health’s PHR
systems
Yes
Manage Birch Health’s security systems
(such as against spam, misuse, and
criminal activity)
Yes
Birch Health’s marketing purposes – to
offer our health-related products and
services to you
Yes
Birch Health’s marketing purposes – to
offer our non-health-related products and
services to you
No
For you and your health needs
Birch Health’s everyday business practices
D
Full printable version
Contact information
A
R
T
F
You may not
opt out.
You may not
opt out.
You may opt out
by changing your
preferences.
N/A
Sharing and selling for marketing
Your personal information to our business
and advertising partners
No, we do not
share or sell
N/A
Anonymized information to our business
and advertising partners
Yes, we sell
You may opt out
by changing your
preferences.
Anonymized information for Birch Health
to market itself to business partners
Yes, we share
You may opt out
by changing your
preferences.
Your personal information for medical and
public health research
No, we do not sell
or share
N/A
Anonymized information for medical and
public health research
Yes, we share
You may opt out
by changing your
preferences.
Sharing and selling for medical research
Click here for more about our sharing and selling
Disclaimer: “Birch Health” is a fictional
company. This document is a preliminary
draft that is under development and
provided solely for informational
purposes. The information in this
draft document may not be complete,
comprehensive, or represent all of the
legal obligations with which an entity
needs to comply. Any reliance on the
presentation or content provided in this
document, in its current form, may pose
legal risk.
For legal reasons
Comply with subpoenas, court orders, and
Yes
search warrants
| Home | Terminology | Contact Us |
You may not
opt out.
Page 6
Birch Health
Birch
Facts about your personal information
Health
How may we use your personal information?
PHR Type
Birch Health uses the personal information in your PHR for certain reasons.
Who can view your
personal information?
How may we use your
personal information?
What are our policies
about closing
your PHR?
When will you be
notified?
How do we store and
protect your personal
information?
Common uses of personal information
in a PHR
Does Birch
Health do this?
Can you
opt out?
Process exchanges between your PHR
and healthcare providers
Yes, with your
permission
Yes, you choose
sharing-levels.
Process exchanges between your PHR
and labs, pharmacists, health plans, etc.
Yes, with your
permission
Yes, you choose
sharing-levels.
For you and your health needs
Birch Health’s everyday business practices
Communicate with you
Yes
Maintain and improve Birch Health’s PHR
systems
Yes
Manage Birch Health’s security systems
(such as against spam, misuse, and
criminal activity)
Yes
Birch Health’s marketing purposes – to
offer our health-related products and
services to you
Yes
Birch Health’s marketing purposes – to
offer our non-health-related products and
services to you
No
D
Full printable version
Contact information
A
R
You may not
opt out.
T
F
You may not
opt out.
You may not
opt out.
You may opt out
by changing your
preferences.
N/A
Sharing and selling for marketing
Anonymized information
does not include specific
contact information or other
information that may make it
easy to know who you are.
Your personal information to our business
and advertising partners
No, we do not
share or sell
N/A
Anonymized information to our business
and advertising partners
Yes, we sell
You may opt out
by changing your
preferences.
Anonymized information for Birch Health
to market itself to business partners
Yes, we share
You may opt out
by changing your
preferences.
Your personal information for medical and
public health research
No, we do not sell
or share
N/A
Anonymized information for medical and
public health research
Yes, we share
You may opt out
by changing your
preferences.
Sharing and selling for medical research
Disclaimer: “Birch Health” is a fictional
company. This document is a preliminary
draft that is under development and
provided solely for informational
purposes. The information in this
draft document may not be complete,
comprehensive, or represent all of the
legal obligations with which an entity
needs to comply. Any reliance on the
presentation or content provided in this
document, in its current form, may pose
legal risk.
Duplicate
Page
with
Rollover
Birch Health only
shares or sells
anonymized
information...etc.
Click here for more about our sharing and selling
For legal reasons
Comply with subpoenas, court orders, and
Yes
search warrants
| Home | Terminology | Contact Us |
You may not
opt out.
Page 7
Birch Health
Birch
Facts about your personal information
Health
What are our policies about closing your PHR?
PHR Type
Birch Health has specific policies if you close your PHR.
Who can view your
personal information?
Common closing questions
Your options
Can you close your PHR?
Yes. You must
contact us.
How may we use your
personal information?
Is your personal information
permanently removed from Birch
Health’s systems?
Yes, after 90 days
What are our policies
about closing
your PHR?
How long does Birch Health keep
your personal information?
90 days
Will all authorized users’ access be
immediately terminated?
Yes. Here’s how.
Can you transfer your PHR data to
another PHR?
Yes. Here’s how.
When will you be
notified?
How do we store and
protect your personal
information?
D
Full printable version
Contact information
Disclaimer: “Birch Health” is a fictional
company. This document is a preliminary
draft that is under development and
provided solely for informational
purposes. The information in this
draft document may not be complete,
comprehensive, or represent all of the
legal obligations with which an entity
needs to comply. Any reliance on the
presentation or content provided in this
document, in its current form, may pose
legal risk.
A
R
| Home | Terminology | Contact Us |
T
F
Page 8
Birch Health
Birch
Facts about your personal information
Health
When will you be notified?
PHR Type
Birch Health contacts you by email for certain reasons.
Who can view your
personal information?
How may we use your
personal information?
What are our policies
about closing
your PHR?
When will you be
notified?
How do we store and
protect your personal
information?
Reasons you may
be notified
Can you
opt out?
Your options once
notified
Yes
You may not
opt out.
If you do not agree with the
changes, you have 10 days
to close your PHR.
If Birch Health is
sold, merges with
Yes
another company, or
goes out of business.
You may not
opt out.
Changes to Birch
Health’s policies,
practices, and
procedures
Contact information
Disclaimer: “Birch Health” is a fictional
company. This document is a preliminary
draft that is under development and
provided solely for informational
purposes. The information in this
draft document may not be complete,
comprehensive, or represent all of the
legal obligations with which an entity
needs to comply. Any reliance on the
presentation or content provided in this
document, in its current form, may pose
legal risk.
If you do not wish to remain
a customer, you must
contact us to close your
PHR.
T
F
Yes
You may not
opt out.
If you do not wish to remain
a customer, you must
contact us to close your
PHR.
Changes to PHR
services, such as
new features
Yes
You may not
opt out.
N/A
Changes to the
type of information
available to or
through your PHR
Yes
You may not
opt out.
N/A
Newsletters and
optional surveys
Yes
You may
opt out.
You may change your
preferences.
Marketing materials
from Birch Health
and associates
Yes
You may
opt out.
You may change your
preferences.
A
R
In the event of a
security breach
D
Full printable version
Will Birch
Health
notify
you?
| Home | Terminology | Contact Us |
Page 9
Birch Health
Birch
Facts about your personal information
Health
How do we store and protect your personal
information?
PHR Type
Birch Health uses physical, technical, and procedural safeguards to protect your
personal information from unauthorized access or use.
Who can view your
personal information?
How may we use your
personal information?
What are our policies
about closing
your PHR?
Common protections of online and
health information
Legal protections
HIPAA Privacy and Security Rules for health
information
Privacy certifications
{ List other privacy certifications it must follow in
additional rows.}
How do we store and
protect your personal
information?
Contact information
A
R
Computer network and data processing protections
Log of all PHR views (audit trail) for your review
D
Full printable version
As a Healthcare Provider PHR,
we are legally required to follow
the HIPAA Privacy and Security
Rules.
{List other laws it must follow in additional rows.}
CCHIT Certified status for health information
technology
When will you be
notified?
Does Birch Health do this?
T
F
Yes
Yes
All data processed in USA
Yes
User ID and password
Yes
Time-out your PHR access when your
computer is idle
Yes
Data storage protections
Disclaimer: “Birch Health” is a fictional
company. This document is a preliminary
draft that is under development and
provided solely for informational
purposes. The information in this
draft document may not be complete,
comprehensive, or represent all of the
legal obligations with which an entity
needs to comply. Any reliance on the
presentation or content provided in this
document, in its current form, may pose
legal risk.
All data storage in USA
Yes
Geographically diverse data storage locations
Yes, in two corporate facilities
within the USA
Data storage power supply redundancy,
environmental controls, and a security system
Yes
| Home | Terminology | Contact Us |
Page 10
Birch Health
Birch
Facts about your personal information
Health
Contact Information
PHR Type
Web: http://www.BirchPHR.com/contactform
Email: info@BirchPHR.com
Who can view your
personal information?
Privacy Officer: Birch Health Privacy Officer
Write: Birch Health, 123 Main St., Birch Park, MT 23456
Call:
1-800-XXX-XXXX
How may we use your
personal information?
What are our policies
about closing
your PHR?
When will you be
notified?
How do we store and
protect your personal
information?
D
Full printable version
Contact information
Disclaimer: “Birch Health” is a fictional
company. This document is a preliminary
draft that is under development and
provided solely for informational
purposes. The information in this
draft document may not be complete,
comprehensive, or represent all of the
legal obligations with which an entity
needs to comply. Any reliance on the
presentation or content provided in this
document, in its current form, may pose
legal risk.
A
R
| Home | Terminology | Contact Us |
T
F
Page 11
Birch Health
Birch
Facts about your personal information
Health
Terminology
PHR Type
Who can view your
personal information?
How may we use your
personal information?
What are our policies
about closing
your PHR?
When will you be
notified?
How do we store and
protect your personal
information?
D
Full printable version
Contact information
Disclaimer: “Birch Health” is a fictional
company. This document is a preliminary
draft that is under development and
provided solely for informational
purposes. The information in this
draft document may not be complete,
comprehensive, or represent all of the
legal obligations with which an entity
needs to comply. Any reliance on the
presentation or content provided in this
document, in its current form, may pose
legal risk.
A
R
| Home | Terminology | Contact Us |
T
F
Page 12
File Type | application/pdf |
File Title | Sample PHR Mock Notice OMB 8 5 09 |
Author | Seleda.Perryman |
File Modified | 2009-09-22 |
File Created | 2008-12-12 |