Last Updated: July 30, 2018
Information Process Solutions (IPS) is committed to conducting its business according to legal, social, and technological requirements. We are staunch believers of ensuring privacy and security of information about our visitors, clients, and patients as much as possible and as applicable. This policy statement gives the details of how IPS USA collects, uses, secures, and shares protected personal information. In the following page the words “We, Us, Our or the company” may be used to refer to Information Process Solutions, USA. The “You” will be used to refer to “Website visitors, Clients, Patients and all others whose information is secured and used by IPS USA.”
By using our website, our services, or by submitting your or your client’s personal information, you expressly consent to the use, retention, and security policy of the company as outlined in this document. If you have any concern about any part of this policy or would like customization specific to your requirements, you may contact us through the contact information provided at the end of the policy statement. We may make adjustments to the policy depending on the significance of the request; however, the final judgment resides solely by the company.
What Information Do We Collect?
We employ the “legitimate interest principle” for collecting and processing whatever personal information that we attain. To provide our services effectively, we may receive specific information from our users, and the amount and type of information collected may differ according to various requirements. This information may include names, dates of birth, email addresses, phone numbers, postal addresses, credit/debit card information, Job titles, medical practice NPI numbers, patients’ protected and unprotected health information, etc. We only utilize this information for legitimate purposes and according to the various regulatory requirements within the United States. We adhere to the International legal requirements where information pertains to non-US citizens.
How We Utilize the Information We Collect?
The information we collect from various sources may be used for the following purposes:
- To provide you with the services you have requested;
- To improve and/or personalize our services and for your specific requirements;
- To respond to any questions or queries, you may have;
- To bill and collect payments for services provided;
- For sending marketing information, special offers and the like, which can be stopped at any time in the future upon request;
- To share with trusted vendors, associates, and other business partners, with whom we have strict confidentiality agreements, for helping us deliver our services;
- To comply with court orders or to establish and defend our legal rights;
- To prevent and investigate any fraudulent activities and security breaches;
- To use in an anonymous form for in-house or third-party research or other purposes that are considered legal under the U.S. laws.
Cookies are small files generated by a website or its vending partners for tracking user navigation patterns on and through a site. They are downloaded on to the user’s computer, tablet, or a mobile device upon the first visit, and may be stored only until the session ends or may be persistent for recording revisit.
You may be able to restrict permission of cookies by changing the browser settings. You may block the cookies permanently or set your web browser to alert you when a website asks for permission to send cookies. You may also delete cookies from time to time. However, blocking cookies is not recommended by us since it will reduce the functionality of our website.
Server Log Files
While cookies are files stored on the client computers or mobile devices, we also utilize server-side data files that store log details of our users. This information may include your IP address, the URLs of the website through which you accessed our site, browser types, time-stamps, and so on. All the information collected is non-personally identifiable. The IP address is dynamic in most cases, that is, it changes every time you connect to the internet.
This information serves many purposes. For one, it helps us diagnose server problems and troubleshooting. Second, it helps us determine the fastest route for transferring information from the server to a user’s computer. Third, it also helps us prevent data breaches and fraudulent activities.
The emails sent by us to prospective clients may contain email tracking tools which allow us to determine the percentage and type of emails being read and the click-through-rate of the emails. This information helps us improve our email marketing strategy. You can unsubscribe to the emails very easily through a link provided with every email.
We continuously receive sensitive information (e.g., Credit/Debit Card Information, Social Security Numbers, or Patient Health Information) from our current and prospective clients. Such information is always transmitted using secure encryption mechanism such as SSL. Once received, the information is stored on secure servers, and all steps are taken to ensure the maximum possible security of the data. IPS USA employs state-of-the-art hardware and software technology to protect data from loss, misuse or unlawful access. We try to pseudonymize data as much as possible while applying multiple layers of protection. Our staff may access the data to the limit that is required to perform their specific job requirements. However, they are bound by strict confidentiality job contracts.
IPS USA also provides medical billing solutions to healthcare service providers as a business associate. In doing so, we may process personally identifiable patient health information (PHI). We ensure appropriate organizational, technical, and procedural safeguards as required by the HIPAA and other relevant US laws.
Despite all the measures undertaken, 100 percent data security cannot be guaranteed, especially for data transferred over the internet. Thus, while we take every possible step to secure client and patient data, the clients need to be aware of the potential security threats and understand the associated risks. We maintain an active incident response policy and will comply with the US laws in case of a security breach. In case of any unforeseen event, we will notify the clients and or patient whose information was compromised as soon possible, while taking suitable actions to improve future security.
The information that we collect from various sources is kept stored for various periods of time until we have a legitimate reason to do so in accordance with the law. We review the data stored under our supervision at least once a year. If the data is not relevant anymore or is not necessary to perform our operations, it is deleted. Data that is requested to forgotten by a client may be removed if it does not comprise important business information.
Transfer of Information in Case of Merger or Acquisition
Third Party Links
Surveys, Reviews, and Ratings
From time-to-time, we may conduct surveys or ask for feedback or ratings, directly or through third-party researchers to under your needs and desires. You may provide us with feedback by other means as well, i.e., through direct email, posting on our social media platforms or any other source. Participation in these surveys is voluntary; however, once you provide us the information, it will be considered public information. Any surveys we conduct will include a specific privacy statement about the survey. In any case, your personally identifiable information will not be disclosed without a formal consent.
Your Rights under US Law
Under the United States law, claims in advertisements must be evidence-based. In all our advertisements and promotions we stick to this general rule and only use fair and reliable facts to justify our claims.
Advertising to minors and compliance with COPRA
The services of IPS are not intended for minors (under the age of 18) and thus we do not target individuals through social media or any other means of advertising. We do not knowingly collect any personally identifiable information about them. If you are under the age of 18, please do not fill in any forms or provide us with any information related to you or anyone else. Since we do not collect or target individuals under 18, this effectively makes us compliant with the Children’s Online Privacy Act, which only requires compliance for children under the age of 13.
The Federal Trade Commission in its Telemarketing Sales Rule bans all fraudulent telemarketing calls and asks the law-abiding telemarketers to respect the consumer’s request for entry into “national do not call list.” We are aware of the legal requirements and adhere to the law, in letter and spirit.
Right to Access and GDPR
Although IPS USA is primarily focused on delivering services to its clients from the USA, clients from other parts of the world may also contact us for services. We abide all the International laws relating to privacy, copyrights, and patents that may relate to us.
If you are a European Union resident, you have the following rights according to the GDPR law:
- Right to transfer personal data to another data processor (data portability);
- Directly to access your information;
- Right to correction or changing personal information;
- Right to be forgotten (erasure);
- Right to explicit consent before using your information.
While the citizens of the United States and other countries do not have such specific protections under current laws, we respect user privacy in all aspects. If you have any concerns or request about any of the above rights, you may contact us through the contact information provided at the end. We will consider all requests whether they are from the EU, the US or anywhere else. We will forward your requests to our Data Protection Officer, and each case will be considered upon its merits.
Business Address: 473 E. Carnegie Drive, Suite 200, San Bernardino, California, 92408, United States of America
Mailing Address: 473 E. Carnegie Drive, Suite 200, San Bernardino, California, 92408, United States of America