Date Last Revised: March 18, 2013
- Security of your Personal Health Information is our top priority
- How we secure and protect your information
- How we use your non-Personal Health Information
- Your online navigation activity is only used to improve your experience
- We limit sharing your information with third parties
- You can easily access, update, and delete your personal information
- Contact us if you have any questions or concerns
1. SECURITY OF YOUR PERSONAL HEALTH INFORMATION IS OUR TOP PRIORITY
Privia Health will never disclose your personally identifiable “protected health information” (“PHI”) (as that term is defined in the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) and its implementing regulations) without your direct authorization.
If you join Privia Health, you will provide limited authorization to Privia Health and its employees, contractors, and authorized partners for the use of your PHI. This authorization will be governed by the terms of your Membership Agreement, and by any associated “Authorizations for Release of Health Information” which you may provide Privia Health. We will not share your PHI for any other purposes than normal, routine health care operations.
2. HOW WE SECURE AND PROTECT YOUR INFORMATION
Providing security for personal information is a top priority of Privia Health. We spend a great deal of time, attention, and resources to help protect your privacy. Here are some of the security procedures we employ:
- We use one of the highest standards of Secure Socket Layer (SSL) encryption technology in transmitting Personally Identifiable Information to our servers with a 256 Bit Extended Validation security certificate.
- We require both a username and password for users to access their information.
- Our servers are located in state-of-the-art secure data centers designed to protect some of the country’s most sensitive data, with professional security measures such as:
- 24×7×365 security guards
- 24×7×365 interior and exterior video surveillance
- 24×7×365 network operations monitoring center and on-site network engineering support
- Biometric security access through hand scanners
- Servers located in locked cages
- Hurricane proof buildings
- Redundant electrical systems and redundant emergency power generators
- Redundant HVAC systems
- We use firewalls to protect the information held in our servers.
- We back-up our systems and data regularly.
- We maintain audit trails of all activity on our servers.
- We provide a secure messaging tool so that your communications with your health team are sent through a secure, encrypted connection.
- We closely monitor the limited number of Privia Health employees who have potential access to your Personally Identifiable Information.
Despite Privia Health’s efforts to protect your Personally Identifiable Information and Personal Health Information, there is always some risk that an unauthorized third party may find a way around our security systems or that transmissions of your information over the Internet may be intercepted. You should always use caution when submitting personal information online.
3. HOW WE USE YOUR NON-PERSONAL HEALTH INFORMATION
4. YOUR ONLINE NAVIGATION ACTIVITY IS ONLY USED TO IMPROVE YOUR EXPERIENCE
When you visit our Site, we may collect certain non-personally identifiable information, such as your computer’s Internet protocol address, type of browser, and pages viewed. We use this information to understand how visitors navigate through our Sites and to enhance visitor experience.
5. WE LIMIT SHARING YOUR INFORMATION WITH THIRD PARTIES
Privia Health uses third party vendors and hosting partners to provide the necessary hardware, software, networking, storage, printing, packaging, mailing, customer service tools, and related technology to run our services. If we provide personal information to third parties, we only provide the personal information needed to deliver the service. They are required to maintain high standards of confidentiality and security when using personal information, and are explicitly prohibited from using that information for any other purpose.
We will also share your personal information if we are required to do so by law, or if we believe that doing so is necessary in order to conform to the law, cooperate with law enforcement agencies, comply with legal process served on Privia Health, or otherwise protect Privia Health’s legal rights.
6. YOU CAN EASILY ACCESS, UPDATE, AND DELETE YOUR PERSONAL INFORMATION
You are in control of your information. Privia Health’s personal health record tools allow you to update or review information that is submitted by, but not limited to, you, your doctor, your doctor’s electronic medical record, or Privia Health.
If you terminate your membership with Privia Health and want access to your personal information, we will provide you reasonable access to your personally identifiable information, at no cost to you, within 30 days of your access request. If we cannot provide access within the 30-day period, we will tell you when we will provide access. In the unlikely event that we cannot provide you access to this information, we will explain why we cannot do so.
If you terminate your membership with Privia Health and ask to delete your information, we will attempt to delete your profile and associated PHI. We may store your information in an inactive back-up medium for a period of not less than six (6) years, based on recommended guidelines for medical providers. If you specifically direct us to erase you record from our back-up medium, we will attempt to do so to the point it is reasonable and technically feasible. Note that it’s not technically feasible for us to remove from our servers every record of the information.
To request access to or deletion of your personally identifying information, contact us by email at email@example.com or by writing us at the following address:
8. CONTACT US IF YOU HAVE ANY QUESTIONS OR CONCERNS
950 N Glebe Rd, Suite 4000
Arlington, VA 22203
If you have technical difficulty using our websites, please contact Privia Support at firstname.lastname@example.org