Agent – A company or individual acting on behalf of TeleTracking.
Controller - Person or organization which, alone or jointly with others, determines the purposes and means of the processing of Personal Data.
Personal Data – Information relating to an individual residing in the EU or UK that can be used to identify that individual either on its own or in combination with other readily available data (e.g., the individual’s name, title, work location, home address, date of birth, compensation, benefits, or family members).
Processor - Any natural or legal person, public authority, agency or other body that processes Personal Data on behalf of a Controller.
Sensitive Personal Data – means Personal Data regarding any of the following:
- Health or medical condition;
- Racial or ethnic origin;
- Political opinions;
- Religious or philosophical beliefs;
- Trade union membership;
- Sex life; or
- Criminal convictions or indictments.
Personal Data Collection and Use
TeleTracking collects and processes its clients’ data, including any Personal Data contained therein. TeleTracking collects several types of information from its clients and their employees, agents and patients, including:
- Birth Date
- Medical Record Number or other identifier
- Admit and discharge times
- Healthcare data related to operational decisions
- Healthcare or medical condition-related Sensitive Personal Data
The purposes for which TeleTracking collects and uses such Personal Data includes, but is not limited to:
- Providing software products and related services to healthcare provider clients, including customization and development of those products and services;
- Responding to questions and comments for healthcare provider clients and otherwise providing information requested;
- Enabling the coordination of care for healthcare provider clients;
- Providing support to healthcare provider clients;
- Performing legitimate everyday business operations; and
- Other purposes as required or permitted 1) by the underlying agreement with client or 2) by law.
TeleTracking may disclose Personal Data to the following types of third parties:
- Third party cloud-hosting hardware and service providers for the purpose of delivering products and services.
- Third party software solution providers that enhance the functionality of our solutions as permitted by the underlying agreement with client.
Information Collected Using Cookies
TeleTracking Technologies, Inc. complies with the Privacy Shield Principles for all onward transfers of Personal Data from the EU or UK, including the onward transfer liability provisions.
In the event TeleTracking Technologies, Inc. transfers Privacy Shield Personal Data to non-Agent third parties, we will do so consistent with any notice provided to Data Subjects and any consent they have given, and only if the third party has given us contractual assurances that it will (i) process the Privacy Shield Personal Data for limited and specified purposes consistent with any consent provided by the Data Subjects, (ii) provide at least the same level of protection to that Privacy Shield Personal Data as is required by the Privacy Shield Principles and notify us if it makes a determination that it cannot do so; and (iii) cease processing of the Privacy Shield Personal Data or take other reasonable and appropriate steps to remediate if it makes such a determination. If TeleTracking Technologies, Inc. has knowledge that a non-Agent third party is processing Privacy Shield Personal Data in a way that is contrary to the Privacy Shield Principles, TeleTracking Technologies, Inc. will take reasonable steps to prevent or stop such processing.
With respect to agents of TeleTracking Technologies, Inc., we will transfer only the Privacy Shield Personal Data needed for an Agent to deliver to TeleTracking Technologies, Inc. the requested service. Furthermore, we will (i) permit the Agent to process such Privacy Shield Personal Data only for limited and specified purposes; (ii) require the Agent to provide at least the same level of privacy protection to that Privacy Shield Personal Data as is required by the Privacy Shield Principles; (iii) take reasonable and appropriate steps to ensure that the Agent effectively processes the Privacy Shield Personal Data transferred in a manner consistent with TeleTracking Technologies, Inc.’s obligations under the Privacy Shield Principles; and (iv) require the Agent to notify TeleTracking Technologies, Inc. if it makes a determination that it can no longer meet its obligation to provide the same level of protection to the Privacy Shield Personal Data as is required by the Privacy Shield Principles. Upon receiving notice from an Agent that it can no longer meet its obligation to provide the same level of protection as is required by the Privacy Shield Principles, TeleTracking will take reasonable and appropriate steps to stop and remediate unauthorized processing.
TeleTracking Technologies, Inc. remains liable under the Privacy Shield Principles if an Agent processes Privacy Shield Personal Data in a manner inconsistent with the Privacy Shield Principles, except where TeleTracking is not responsible for the event giving rise to the damage.
In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
Individual Notice and Choice
Should you no longer wish to receive information or future communications about our relevant services, please contact us using one of the following options. You may send your request via email stating your desire to opt out of further communications to Privacy@TeleTracking.com.
Access and Rights
TeleTracking uses a combination of industry best practice process, technology and physical security controls to help protect Personal Data in its possession to ensure a level of security appropriate to the risk of loss, misuse, unauthorized access, disclosure, alteration, and destruction. These measures consider the nature of the Personal Data and the risks involved in its processing.
TeleTracking employees are trained in-line with and required to adhere to the principles of the applicable data protection laws and Privacy Shield Principles in their country of employment.
Data Integrity and Purpose Limitation
For EU and UK Individuals: Privacy Shield
TeleTracking is subject to the investigatory and enforcement powers of the Federal Trade Commission and any other applicable U.S. authorized statutory body. TeleTracking acknowledges that its failure to provide an annual self-certification to the U.S. Department of Commerce will remove it from the Department’s list of Privacy Shield participants, and thereafter transfers of Personal Data will not be allowed unless TeleTracking otherwise complies with EU data protection law.
TeleTracking has further committed to refer unresolved privacy complaints under the Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU Privacy Shield, operated by BBB National Programs, Inc. If you do not receive timely acknowledgement of your complaint, or if your complaint is not satisfactorily addressed, please visit https://www.bbb.org/EU-privacy-shield/file-a-complaint/ for more information or to file a complaint. This service is provided free of charge to you.
If your Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See Privacy Shield Annex 1, located here.
Changes to this Policy
Effective: November 27th, 2019