HIPAA Compliance Policy Updated September 2013
Under the HIPAA privacy rules Episode Alert, LLC. is considered a Business Associate.
We have taken the necessary steps to assure Episode Alert is compliant as follows:
Accounting of disclosures and audit trail issues:
We are appointed by and contracted to the Covered Entity to assist in the payment process and are considered part of the treatment, payment, or health care operations (TPO).
A Covered Entity is not required by HIPAA regulation to keep an accounting of anyone within their own organization who has received (or had access to) medical information. The accounting provision only covers "disclosures," which are defined as the sharing of health information with someone outside of an organization that is not a part of the TPO. See Section 164.528(a) (right to accounting of disclosures) and Section 164.501 (definition of "disclosure"). The regulation specifically states that a Covered Entity does not have to keep an accounting of information disclosed to someone outside of the organization or the purposes of treatment, payment, or health care operations. See Section 164.528(a)(1)(i). The result of these exclusions are that a Covered Entity is required to account for only a narrow category of disclosures that primarily are not related to health care, such as those made to law enforcement personnel or pursuant to a request for documents in a lawsuit.
Privacy / Compliance Policy
Thank you for visiting the Episode Alert Web sites.
Episode Alert recognizes that it is important for individuals and businesses to be confident that their
privacy is protected when they visit any Episode Alert Web site.
Consistent with the provisions of the Internet Security and Privacy Act, the Freedom of
Information Law and the Personal Privacy Protection Law, this policy describes Episode Alert's privacy
practices regarding information collected from users of its Web site. This policy describes what
including government agency Web sites, that you access using this Web site.
For purposes of this policy, "personal information" means any information concerning a natural
person which, because of name, number, symbol, mark, or other identifier, can be used to
identify that natural person. Episode Alert does not collect any personal information about you during
your visit to its Web sites unless you provide that information voluntarily; for example, by
sending such information in an e-mail or by providing it in connection with an online form or
Information Collected Automatically When You Visit this Web site
When visiting Episode Alert web sites, Episode Alert automatically collects and stores the following
information about your visit:
- The Internet Protocol address and domain name used, but not the e-mail address.
The Internet Protocol address is a numerical identifier assigned either to your
Internet service provider or directly to your computer;
- The type of browser and operating system used;
- The date and time you visited this site;
- The Web pages or services you accessed at this site;
- Any form, publication or document which you download; and
- Depending on how you access Episode Alert's site, Episode Alert may also, on occasion, capture
the Web site you visited prior to coming to Episode Alert's Web site.
None of the foregoing information is deemed to constitute personal information.
The information that is collected automatically is used to improve the Web site's content and to
help Episode Alert understand how users are interacting with its Web sites. This information is
collected for statistical analysis, to determine what information is of most and least interest to
our users, and to improve the utility of the material available on its Web sites. The information
is not collected for commercial marketing purposes and Episode Alert is not authorized to sell or
otherwise disclose the information collected from its Web sites for commercial marketing
cookies. Cookies are small files stored on your computer by your Web browser to provide a
means of distinguishing among users of the Web site. The cookies Episode Alert utilizes do not contain
personal information and do not compromise your privacy or security.
The software and hardware you use to access the Episode Alert Web sites allow you to refuse new
cookies or delete existing cookies. Refusing or deleting cookies may limit your ability to take
advantage of some features of the Episode Alert Web sites.
Information Collected When You Send Episode Alert an E-mail or Conduct an Online Transaction
through its Web sites
During your visit to Episode Alert Web sites you may send an e-mail to Episode Alert. Your e-mail address
and the contents of your message will be collected. Your e-mail address and the information
included in your message will be used to respond to you, to address issues you identify, or to
improve the Episode Alert Web sites. Your e-mail address is not collected for commercial purposes
and Episode Alert is not authorized to sell or otherwise disclose your e-mail address for commercial
During your visit to Episode Alert Web sites you may conduct an online transaction. This includes, for
example, contracting for online services, filling out an online survey or order form or utilizing
any of Episode Alert's online services. The information, including personal information and customer
information, provided by you in conducting the transaction is used by Episode Alert to operate Episode Alert
programs, which include the provision of services and information. The information collected
by Episode Alert may, to the extent permitted by law, be disclosed by Episode Alert for those purposes that
may be reasonably ascertained from the nature and terms of the transaction in connection with
which the information was submitted.
Episode Alert does not knowingly collect personal information from children or create profiles of
children through its Web sites. Users are cautioned, however, that the collection of personal
information submitted in an e-mail will be treated as though it was submitted by an adult, and
may, unless exempted from access by federal or State law, be subject to public access. Episode Alert
strongly encourages parents and teachers to be involved in children's Internet activities and to
provide guidance whenever children are asked to provide personal information online.
Information and Choice
As noted above, Episode Alert does not collect any personal information about you during your visit to
its Web sites unless you provide that information voluntarily by sending an e-mail or conducting
an online transaction. This includes, for example, contracting for services online, filling out an
online survey or order form or utilizing any of Episode Alert's online services. You may choose not to
send an e-mail, not to contract for services, not to fill out a survey or online order form and/or
not to utilize any of Episode Alert's online services. Your choice not to participate in these activities
may limit your ability to receive specific services through the Episode Alert Web sites.
Disclosure of Information Collected Through this Web site
The collection of information through the Episode Alert Web sites and the disclosure of that
information are subject to the provisions of the Internet Security and Privacy Act. Episode Alert will
only collect personal information through its Web sites or disclose personal information
collected through its Web sites if the user has consented to the collection or disclosure of such
personal information. The voluntary disclosure of personal information to Episode Alert by the user,
whether solicited or unsolicited, constitutes consent to the collection and disclosure of the
user's information by Episode Alert for the purposes for which the user disclosed the information to
Episode Alert, as was reasonably ascertainable from the nature and terms of the disclosure.
Further, the disclosure of information, including personal information, collected through this
Web site is subject to the provisions of the Freedom of Information Law, the Personal Privacy
Protection Law and conforms to the rules and regulations of the HEALTH INSURANCE
PORTABILITY ACCOUNTABILITY ACT ("HIPAA").
The transfer of information by a user on individuals through an upload of such information
pursuant to a contract between the user and Episode Alert will not be disclosed by Episode Alert except to
such providers as necessary to fulfill the contractual obligation between Episode Alert and the user.
Such disclosure of information collected through this website shall be subject to the provisions
of the Internet Security and Privacy Act, the Freedom of Information Law, the Personal Privacy
Protection Law and of the HEALTH INSURANCE PORTABILITY ACCOUNTABILITY ACT ("HIPAA").
Episode Alert may disclose personal information to federal or state law enforcement authorities to
enforce Episode Alert's rights against unauthorized access or attempted unauthorized access to
Episode Alert's information technology assets.
Retention of Information Collected Through this Web site
In general, the Internet services logs of Episode Alert, comprising electronic files or automated logs
created to monitor access and use of Episode Alert services provided through this Web site, are
retained for at least three months. Information, including personal information, that you
submit in an e-mail or when you conduct an online transaction is retained in accordance with
the records retention and disposition schedule established for the records of the program unit
to which you submitted the information.
Confidentiality and Integrity of Personal Information and Collected Through this Web site and
Uploads made through this Web site
Episode Alert is committed to protecting personal information collected through its Web sites and
Uploads made through its Web sites against unauthorized access, use or disclosure.
Consequently, Episode Alert limits access to personal information collected through its Web sites to
only those employees or subcontractors who need access to the information in the
performance of their official duties. Employees and subcontractors who have access to this
information follow appropriate procedures in connection with any disclosures of personal
In addition, Episode Alert has implemented procedures to safeguard the integrity of its information
technology assets including, but not limited to, authentication, monitoring, auditing, and
encryption. These security procedures have been integrated into the design, implementation,
and day-to-day operations of its Web sites as part of Episode Alert's continuing commitment to the
security of electronic content as well as the electronic transmission of information.
For Web site security purposes and to maintain the availability of its Web sites for all users,
Episode Alert employs software to monitor traffic to identify unauthorized attempts to upload or
change information or otherwise damage its Web sites.
legal, or other advice, or warranting as fail proof, the security of information provided via the
Episode Alert Web sites.