PRIVACY POLICY

Updated November 18, 2020

At Universal EHR, Inc. ("we", "us"), we respect your privacy. This policy explains how we collect and use your personal information.

By using our websites, web applications, web services, or application programming interfaces (collectively, our "Sites"), or by submitting information to us, either through our Sites, by email, or by other means, you are accepting the terms of this Privacy Policy. Each time you visit or use our Sites or provide information to us, you agree to our use of the information you provide, including our use to contact you using the information provided, as defined in this policy. We reserve the right to update these terms at any time, without notice. Any changes that we make will be effective immediately upon posting. The most current version of our Privacy Policy can be viewed by clicking on the "Privacy Policy" link at the bottom of our web pages.

Our Sites are hosted in the USA and follow the laws of this country regarding the processing of your personal information. By personal information, we are referring to information that personally identifies you, such as your name, address, email address, phone number and information related to our business relationship. We also collect information that is non-personal that we may associate with your personal information.

Our business is not directed toward children, nor are our products. We will remove from our user databases any personal information that we become aware pertains to a child under the age of 18, and will terminate any associated user accounts.

Universal EHR, Inc. collects the following information about you:

1. During registration for an account with us or to verify your identity, we may collect your name and/or the name of your organization, including previous names or assumed names (such as "doing business as" names), your business address, email address, requested account username, phone number, fax number, other financial or utility account information, government identifiers such as driver's license number, social security number, or passport number, date of birth, current or previous home address, and other personal information as necessary to verify your identity. For healthcare professionals and organizations, we may also collect National Provider Identifier (NPI) numbers.

2. Due to the sensitive nature of health information, and in the interest of fraud prevention and transaction documentation, during registration and at other times when you accept legal agreements, use or otherwise transact through our Sites, we record the IP address from which the agreement or transaction originates, and we may record additional information about transactions such as what information was authorized and what information was requested.

3. When you send us information by email, through our Sites, or by other means, we may collect any personal information that you submit to us in the body, headers, or attachments to your message or request, as well as additional information that we may require to complete a request from you.

We may store and use the information we collect in order to set up and maintain your account with us, to verify your identity and document identity proofing events, to provide our services to you, to configure additional products or services for you, for customer service purposes, to communicate with you regarding your account and information about our programs, and for legal and regulatory purposes. If you enter into a separate agreement for additional software or services offered by us, then the terms of those agreements will govern the use of personal information as it relates to those services and products. Towards our goal of improving healthcare interoperability, in addition to publishing your public Direct certificate in DNS or LDAP for discovery in accordance the Direct protocols, Universal EHR, Inc. may publish your information in one or more directories; the published information may include name, NPI number, any information in publicly available National Provider Identifier records, public digital certificates, or other publicly-available records, for you, your organization, or your authorized users, if applicable, any associated Direct addresses or application programming interface endpoints, and any other information submitted to us by you or your organization for inclusion in a directory. The published information will not include your non-Direct email address, name of your authorized representative, financial or utility account information, government identifier number, date of birth, or home address, unless otherwise permitted by this privacy policy.

By initiating registration for an account, or by sending personal information to us by email or other means, you consent to receive communications from us. You agree that we may contact you by mail, email, phone (including voice, SMS or facsimile), using the information provided by you or any other publicly available contact information.

We use "cookies" on our Sites to maintain a single user session. These cookies are essential to the proper operation of our Sites and are not used to track you. Your browser may offer a Do Not Track (DNT) feature that lets you communicate to websites that you do not wish to be tracked around the web. There is no consensus among industry participants as to what to do when a DNT signal is received. We do not alter our practices when we receive such a signal from your browser.

We also collect information in our server log files when you visit or use our Sites. This information consists of information such as your IP address, your client application or browser type, your username, your internet service provider, referring/exit pages, resources requested or retrieved, date/time, and operating system. We may associate this information with your account in order to provide our services to you, for troubleshooting purposes, or to improve your user experience. We may also use or share this data in the aggregate, or in a non-personally-identifiable manner, for improvement of our web services or other purposes. Except as described above, we do not associate this information with other personally identifiable information you submit to us.

We may share personal information if we have a good faith belief that disclosure of the information is reasonably necessary to meet any applicable law, regulation, legal process or enforceable governmental request, to enforce applicable terms of use, or to detect, prevent, or otherwise address fraud, security, or technical issues. When you apply for digital credentials with us, we may also share the information you submit to verify your identity with a third party identity verification service. We may also share the information you submit to us to process payment through a third party payment processor, or to attempt to complete requests that you make through our system for data held by a third party. Any personal information disclosed to these third parties will be governed by the respective vendor's privacy policy. The names of these third party vendors are available on request. Third party applications or services that you use to connect to our systems are not covered under this Privacy Policy.

You may contact us regarding this Privacy Policy using the information below:

Universal EHR, Inc.
admin@universalehr.com
9191 Westminter Blvd
Garden Grove, CA 92844

Copyright Notice: ©2020 Universal EHR, Inc.