Privacy Policy – GDPR – HIPAA

This privacy policy (“Privacy Policy”) forms a binding agreement between IPCWell, LLC, an Arizona limited liability company (“IPCWell”, “IPC”, “we”, or “us”) and you (“User”).

This Privacy Policy describes the types of information we may collect from you or that you may provide when you visit the Website or use the Platform, each defined in the AUP, collectively referred to as the Services, and as further defined in any applicable Terms of Service (as defined below), and our practices for collecting, using, maintaining, protecting, and disclosing that information. The privacy practices of this Privacy Policy apply to activities accessed through the Services.

This Privacy Policy does not apply to the content that customers store on our system, including any personal information of their end users. We will not disclose, move, access, or use customer content except as provided in a separate Cloud Platform Terms of Services (the “Terms of Service”) entered between a customer and IPC For more information on how we handle content you store on our systems, please see your Terms of Service with IPC In the event of conflict between this Privacy Policy and the Terms of Service, the Terms of Service shall control. 

Your use of the Services is voluntary; if you do not agree with the terms of this Privacy Policy, you should not provide us with any personal information, and you should discontinue your use of the Services. By accessing or using the Services, you agree to be bound by the terms and conditions of this Privacy Policy. This Privacy Policy may change from time to time. Your continued use of the Services after it is updated is deemed to be acceptance of those changes, so please check the Privacy Policy periodically for updates. All updates are effective immediately.

For more information or if you have any questions about this privacy policy, please contact us at Drbuffy@IPCWell.com

  1. Personal Information 

Your privacy is very important to all of us at IPCWell. We have established this Privacy Policy to explain to you how your personal information is protected, collected, and used. Personal information is information about you that is personally identifiable, such as your name, company name, title, phone number, and email address, that you provide to IPC in connection with your request for information about IPC (“Personal Information”). 

  1. Information Collection and Use

IPCWell collects Personal Information from you through the Services for sales purposes. We only collect Personal Information about you that we consider necessary for achieving this purpose.

In general, you can browse our site and “opt-out” from providing us with any Personal Information.  Once you agree to provide us with Personal Information, you are no longer anonymous. If you choose to use and/or purchase our Services we may require you to provide contact and identity information, billing information, and other identifying Information as indicated on the forms. Where possible, we indicate which fields are required and which are optional. You always have the option to not provide information by choosing not to use or purchase a particular service.

We collect several types of information from and about users of our Services, including:

  • Personal Information.
  • Information that is about you but individually does not identify you; and/or
  • Information about your internet connection, the equipment you use to access our Services and usage details.

We collect this information:

  • Directly from you when you provide it to us.
  • Automatically as you navigate through the Services. Information collected automatically may include usage details, IP addresses, and information collected through cookies, web beacons, and other tracking technologies.

The information we collect on or through our Services may include:

  • Information that you provide by filling in forms provided through our Services. This includes information provided at the time of requesting information about our service, subscribing to our service, or requesting further services. We may also ask you for information when you report a problem with our Services.
  • Records and copies of your correspondence (including email addresses), if you contact us.

We may track certain information based upon your behavior while using the Services. We use this information to do internal research on our users’ demographics, interests, and behavior to better understand our customers. This information may include, but not be limited to, the URL that you just came from, which URL you go to next, your computer browser information, and your IP address.  

If you send us personal correspondence, such as emails or letters, or if other users or third parties send us correspondence about your activities or postings on IPCWell, we may collect and retain such information in a file specific to you.

All information collected by IPC is used for internal purposes of providing the Services, to support customers, and to improve the Services. Aggregating non-identifying information supplied by customers allows IPC to understand its customer base and provide improvements. All customers may opt to remove their Personal Information from our live database by contacting IPCWell in writing and canceling its use of the Services.  

  1. Use of Personal Information 

We use your Personal Information, and other information we obtain from your current and past activities on IPC to: present our Services and its contents to you; resolve disputes; troubleshoot problems; measure consumer interest in our products and services; inform you about online and offline offers, products, services, and updates; customize your experience on IPC; detect and protect us against error, fraud and other criminal activity; provide you with notices about your account/subscription, including expiration and renewal notices; to carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection; enforce our Terms of Service; and as otherwise described to you at the time of collection. We may compare and review your Personal Information for errors, omissions, and accuracy.

You agree that we may use your Personal Information, including your email address, to improve our marketing and promotional efforts, to analyze IPCWell usage, to improve the Services, and to customize IPC’s content, layout, and services. These uses improve our Services and better tailor it to meet your needs, so as to provide you with a smooth, efficient, safe, and customized experience.

IPC does not share Personal Information except: (1) as requested by law enforcement agencies or required by law; (2) to maintain the security of the Services, network, and data, including by assisting third party claimants in investigating security breaches; (3) to collect money owed to IPC, including through legal proceedings; (4) to identify, contact, or take legal action against customers or third parties violating the Acceptable Use Policy, the property rights of others, or otherwise violating the law; and (5) to employ independent contractors to help run the Services, and such contractors may have access to data, similar to the access we give our employees. 

  1. Information Sharing and Disclosure 

As a matter of policy, we do not sell, rent, or share any of your Personal Information, including your email address, to third parties for their marketing purposes without your explicit consent. However, you acknowledge and agree that IPC may occasionally send you administrative communications regarding your account via email. Additionally, the following describes some of the ways that your Personal Information may be disclosed in the normal scope of business to provide our Services and products to customers:

  • Purpose: We may disclose your Personal Information to fulfill the purpose for which it is provided. 

  • External Service Providers: There may be separate services offered by third parties that we refer to as external service providers (“ESP”) that may be complementary to your use of the Services. If you choose to use these separate services or products, disclose information to the ESP, and/or grant them permission to collect information about you, then their use of your information is governed by their privacy policy. We do not disclose your Personal Information, including your email address, to ESP unless you provide your explicit consent. With your consent, we may provide some of your Personal Information to the ESP offering such services, for your convenience. To prevent our disclosure of your Personal Information to an ESP, you can decline such consent or simply not use their services or products. Because we do not control the privacy practices of these third parties, you should evaluate their practices before deciding to use their services. 

 

  • Internal Service Providers: We may use third parties that we refer to as internal service providers (“ISP”) to facilitate or outsource one or more aspects of the business, product, and service operations that we provide to you. Therefore, we may provide some of your Personal Information, including your email address, directly to these ISP’s. These ISPs are subject to confidentiality agreements with us and other legal restrictions that prohibit their use of the Personal Information provided to them for purposes other than to facilitate the outsourced IPCWell operation. However, you may provide the ISP with permission to use the Personal Information for additional uses. If you provide additional information to an ISP directly, then their use of your Personal Information is governed by their applicable privacy policy.

 

  • Buyers or Successors: We may disclose your Personal Information to a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of IPC assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by IPC about our Services users is among the assets transferred.

 

  • Legal Requests: We will cooperate with law enforcement inquiries, as well as other third parties to enforce laws, such as: intellectual property rights, fraud and other rights, to help protect you, other users, and IPC from bad actors. Therefore, in response to a verified request by law enforcement or other government officials relating to a criminal investigation or alleged illegal activity, we can (and you authorize us to) disclose your name, city, state, telephone number, email address, username history, and fraud complaints without a subpoena. Without limiting the above, in an effort to respect your privacy, we will not otherwise disclose your Personal Information to law enforcement or other government officials without a subpoena, court order or substantially similar legal procedure, except when we believe in good faith that the disclosure of information is necessary to prevent imminent physical harm or financial loss, or report suspected illegal activity.

 

  • Deep Packet Inspection.  We may track the IP addresses of computers communicating with our customers’ systems and inspect data packets (also known as “Deep Packet Inspection” or “DPI“) solely for the purpose of identifying and preventing specific threat types. Data described in the preceding sentence may include Personal Information, including information belonging to our customers’ own customers and their virtual machine users. We use this data solely to maintain the security of the Service. We may also block access to websites, email content and internet content which shows potential for harming our Service. We also use an intrusion protection system to actively block connections from certain computers which have shown attempts to gain access into the system surreptitiously.  

 

  • Aggregate Information: We may disclose aggregated information about our Customers, and information that does not identify any individual, without restriction.

 

  • Other Disclosures: We may also disclose your Personal Information: (1) to enforce or apply our Acceptable Use Policy and other agreements; or (2) if we believe disclosure is necessary or appropriate to protect the rights, property, or safety ofIPC, our customers, or others. 

Due to the existing regulatory environment, we cannot ensure that all of your private communications and other Personal Information will never be disclosed in ways not otherwise described in this Privacy Policy. By way of example (without limiting the foregoing), we may be forced to disclose Personal Information, including your email address, to the government or third parties under certain circumstances, third parties may unlawfully intercept or access transmissions or private communications, or users may abuse or misuse your Personal Information that they collect from IPC Therefore, although we use industry standard practices to protect your privacy, we do not promise, and you should neither rely upon nor expect, that your Personal Information or private communications will always remain private.

  1. Data Protection and Security 

We follow generally accepted industry standards to protect Personal Information, including your email address, submitted to us, both during transmission and once we receive it. Although we make good faith efforts to store collected information in a secure operating environment not available to the public, no method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, while we strive to use commercially acceptable means to protect your Personal Information, we cannot guarantee its absolute security. Any transmission of personal information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures.

  1. Reporting Misuse of Data 

Customers and other third parties should contact us as soon as there is any suspected misuse of their Personal Information or other data. All such inquiries or complaints should be directed to us via email to Drbuffy@IPCWell.com.

7.Not Applicable to Hosted Data

This Privacy Policy does not apply to data stored by IPC on behalf of its customers who enter into a Services Agreement with IPC for IPC to host their data. IPC is not responsible for use or misuse of data by any third party.

  1. Links to Other Company Platforms 

The Services may contain links to other websites that are not owned or under IPC control. Please be aware that we are not responsible for the privacy practices of such third parties. We encourage you to read the privacy statements of each and every third-party platform that collects Personal Information. This Privacy Policy applies only to information collected by IPC

  1. Service Providers

IPC does not disclose Personal Information to third parties, except when IPC may need to provide a User’s Personal Information to third parties to deliver specific services to the User. These third parties have their own privacy policies and IPC does not monitor, verify, or otherwise control the use or implementation of any third party’s privacy policy.

  1. User information updates or Removal 

You may, at any time, choose to correct or update the information you have submitted to IPC, by contacting IPC regarding web related matters at Drbuffy@IPCWell.com.

  1. Children Under the Age of 13  

We do not collect any information from children under the age of 13. If you believe that a child has provided us with Personal Information without the consent of his or her parent or guardian, please contact us at Drbuffy@IPCWell.com.

If we become aware that a child under age 13 has provided us with Personal Information, we will delete it.

 

  1. Notice to Residents of Countries outside the United States of America

IPC is headquartered in the United States of America. Personal Information may be accessed by us or transferred to us in the United States or to our affiliates, business partners, or service providers elsewhere in the world. By providing us with Personal Information, you consent to this transfer. We will protect the privacy and security of Personal Information according to this Privacy Policy, regardless of where it is processed or stored.

  1. Choices About How We Use and Disclose Your Information

We strive to provide you with choices regarding the Personal Information you provide to us. We have created mechanisms to provide you with the following control over your information:

 

  • Tracking Technologies and Advertising. You can set your browser to refuse all or some browser cookies, or to alert you when cookies are being sent. To learn how you can manage your Flash cookie settings, visit the Flash player settings page on Adobe’s website. If you disable or refuse cookies, please note that some parts of this Site may then be inaccessible or not function properly.
  • Disclosure of Your Information for Third-Party Advertising. If you do not want us to share your Personal Information with unaffiliated or non-agent third parties for promotional purposes, you can opt-out by using the opt-out method. You can also always opt-out by sending us an email stating your request to Drbuffy@IPCWell.com.



  • Promotional Offers from the Company. If you do not wish to have your email address/contact information used by us to promote our own or third parties’ products or services, you can opt-out by sending us an email stating your request to Drbuffy@IPCWell.com. If we have sent you a promotional email, you may send us a return email asking to be omitted from future email distributions. This opt out does not apply to information provided to us as a result of a product purchase, warranty registration, product service experience, or other transactions.
  • Targeted Advertising. If you do not want us to use information that we collect or that you provide to us to deliver advertisements according to our advertisers’ target-audience preferences, you can opt-out by contacting us at Drbuffy@IPCWell.com. For this opt-out to function, you must have your browser set to accept browser cookies.  We do not control third parties’ collection or use of your information to serve interest-based advertising. However, these third parties may provide you with ways to choose not to have your information collected or used in this way. You can opt out of receiving targeted ads from members of the NAI on its website at www.networkadvertising.org.
  1. Rights to Access and Control Your Personal Information

Any personal data that we collect is based upon your consent as detailed in this Privacy Policy.  You have many choices concerning the collection, use, and sharing of your data, including the ability to:

  • Delete Data: You may request that we delete your Personal Information. Please note that we cannot delete your Personal Information except by also deleting your user account.

 

  • Change or Correct Data: You can also ask us to change, update, or fix your data in certain cases, particularly if it’s inaccurate. We may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect.

  • Object to, or Limit or Restrict, Use of Data: You may request that we do not use your Personal Information, but keep in mind that this will terminate our ability to provide any Service(s) to you.

  • Right to Access and/or Take Your Data: You can ask us for a copy of your Personal Information.

You may send us an email at Drbuffy@IPCWell.com. to request access to, obtain copies of, correct, or delete any Personal Information that you have provided to us.

  1. Your California Privacy Rights  

California Civil Code Section § 1798.83 permits Users of our Services that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please send an email to Drbuffy@IPCWell.com. or write us at: 

What is the legal address we should use?

 

Questions

Users with questions, concerns, disputes, or complaints about this Privacy Policy and any of the aforementioned statements may contact either via email: Drbuffy@IPCWell.com. or via snail mail: IPCWell, LLC, Attn: 4320 E Catalina Dr, Phoenix, AZ 85018

 

HIPAA COMPLIANCE

To ensure we are compliant with HIPAA and HITECH Act, ensure that we have the required safeguards in place to protect ePHI, and demonstrate HIPAA compliance to our clients:

IPCWell have developed and implemented a comprehensive HIPAA Compliance Program following the HIPAA Privacy and HIPAA Security Rule – focusing on the administrative, physical and technical requirements of the HIPAA Security Rule as it applies to any potential risk associated with the use of PHI in our business.

IPCWell have a designated HIPAA Privacy and Security Compliance Officer

IPCWell has provided every member of our staff which also includes new hires, annual training.

IPCWell has a formal established Employee Sanctions Policy should any HIPAA compliance violations occur.

IPCWell ensures technological protocols such as: tight access controls, integrity procedures, firewalls, information systems activity monitoring and other audit mechanisms to record access in information systems that use ePHI, use of encryption, automatic logoffs, password management procedures, and VPN tunnel.

IPCWell have conducted a formal risk assessment to identify and document any area of risk associated with the storage, transmission, and processing of ePHI and have analyzed the use of our administrative, physical, and technical controls to eliminate or manage vulnerabilities that could be exploited by internal or external threats.

We are Dedicated to:

Ensuring we are compliant with the regulatory requirements of HIPAA/HITECH Continuing to develop our safeguards to prevent unauthorized access to PHI. Adhering to the requirement to encrypt PHI

Maintaining PHI in a secure environment

Monitoring access to both the secure environment and the data

Our HIPAA policies include, but are not limited to, the following key areas:

Security Management Policy Risk Analysis Policy

Risk Management Policy

HIPAA Compliance Officer Job Description Workforce Security Policy

Authorization and Supervision of Staff Procedure Workforce ePHI Access Authorization Procedure Termination Procedure

Business Associate Policy

Information Access Management Access to ePHI Modification

Security Awareness Training Security Training

Password Management

Oral Disclosures of PHI Security Incident Procedures

Incident Investigation Procedure Contingency Plan

Backup Plan

Disaster Recovery Plan Emergency Mode Operation Applications and Criticality Analysis

Evaluation of the HIPAA policies and procedures Business Associates

Physical Safeguards Standards and Policy Workstation Use

Device and Media Controls Disposal of ePHI

Media Re-Use Accountability

Data Backup and Storage

Technical Safeguards Standards Policy Access Control

Unique User Identification Emergency Access Procedure Automatic Logoff

Encryption

Antivirus and Firewalls

VPN Protocol

Additional Safeguards Employed

Audit Controls Sanctions Policy

We are Confident that Our Comprehensive HIPAA Policies and Procedures Will:

Ensure the confidentiality, integrity, and availability of all e-PHI we receive, maintain or transmit Identify and protect against reasonably anticipated threats to the security or integrity of the information Protect against reasonably anticipated, impermissible uses or disclosures

Ensure compliance of our workforce. 

 

© 2021 IPCWell