ClearCut ORTHO, LLC (“CCO”), as well as our vendors, partners, consultants, and affiliates respect the privacy of its members and users of the Website. Our policy regarding privacy information that is collected and how that data is used is outlined below.
CCO, via www.clearcutortho.com, is hosted on Shopify Inc. They provide us with the online e-commerce platform that allows us to sell our eBook products to you. Your data is stored through Shopify’s data storage, databases, and the general Shopify application. They store your data on a secure server behind a firewall.
If you choose a direct payment gateway to complete your eBook purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted. All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers. For more insight, you may also want to read Shopify’s Terms of Service (https://www.shopify.com/legal/terms) or Privacy Statement (https://www.shopify.com/legal/privacy).
CCO, via www.clearcutortho.securevideo.com, also interfaces with the technology systems provided by third party provider SecureVideo, who manages the data security for CCO Telehealth Services. Any website with a ClearCut ORTHO URL will be referred to as (“CCO Website”) or (“Website”) in general. Unless otherwise specified, (“CCO Services”) or (“Services”) will describe eBook sales, use of Website information and Content, and Telehealth Consultations.
All data for Telehealth Services is stored in an encrypted format that meets standards defined by HIPAA (Health Insurance Portability and Accountability Act). All data transfer is executed using similar standards that meet or exceed HIPAA requirements, and no data is transferred to users that do not have specific data access keys.
The importance of security for all personal information associated with you, your family, and that which you share with our Providers, is of extreme concern to us. Personal information collected by our Website is stored in secure operations environments that are not available to the public; and firewalled. Only those employees who require access to your information in order to do their jobs are allowed access, and each have signed a confidentiality agreement that is on-file. Any employee who violates our privacy or security policies is subject to disciplinary action, up to, and including, termination and civil and/or criminal prosecution.
CCO is the sole owner of the information collected on this site. We will not sell, share or lease this information to others. CCO does not sell customer lists, e-mail addresses, cookies or other data. Any information that you submit to us via our Website - whether a survey, registration form, personal history form, or e-mail will be used exclusively by the consulting Physical Therapists and only for the specific reason for which they were submitted. We take every reasonable precaution to protect your personal information including encryption and passwords.
If our store is acquired or merged with another company, your information may be transferred to the new owners so that we may continue to sell products to you.
In addition, CCO urges you to take precautionary measures in maintaining the integrity of your data. Please be responsible for making sure no one can see or access your account and log-in/password information.
If you use our services through a potentially non-secure Internet connection, such use is at your own risk. It is your responsibility to check beforehand on your employer’s or such other site’s privacy and security policy with respect to Internet use.
CCO is not responsible for your handling, sharing, re-sharing and/or distribution of your protected health information (“PHI”) or your personally identifiable information (“PII”). Moreover, if you forward private information electronically to another person on or off the services, we are not responsible for any harm or other consequences from third party use or re-sharing of your information.
USE OF CCO SERVICES
By using this Website, you represent that you are of legal age OR have the permission of your parent(s)' or legal guardian(s)' permission to access and use this Website, to register on the Website, to enroll for Consultations of this site, and/or to use all CCO Services offered. Access to a CCO Telehealth Consultation is not intended to be used by, and is not directed to, anyone less than 18 years of age. If you register for, enroll for, purchase and/or use CCO Services, you represent you are at least 18 years of age, or have a parent or legal guardian present during all CCO Services. You represent that if you are acting on behalf of an entity, you have the authority to bind such entity.
PHI is information that includes, but is not limited to, identifying data such as name, social security number, address, contact information, as well as information about personal health issues submitted through our Services. PII is any data that can be used to contact, locate, or identify a specific individual. CCO collects PHI and other PII that you voluntarily submit. Privacy is of the utmost importance so we are committed to protecting and keeping confidential all PHI and PII that identifies an individual whether or not it relates to an individual’s past, present, or future physical or mental health condition.
Currently, our main focus is providing a platform to allow individuals to receive eBook Products and Telehealth Services for Pain Consultations. CCO collects information solely for the purposes of providing the Services, marketing and promoting our Services to you, and for market research data. We use this information ourselves and share it as needed with our partners solely for their performance of contracted services for us. We may also collect PII for marketing, user experience monitoring and improvement and related business purposes.
CCO assumes you are giving consent to this information collection and use, but we also give you the opportunity to “opt out” of receiving direct marketing or market research information by emailing us at firstname.lastname@example.org.
CCO maintains web logs to record data about all visitors who use the Website and interact with the Services and we will store this information. These logs may contain IP address information, the type(s) of operating system(s) you use, the date and time you visited the Website, and information about the type of device you use to connect to the Services and the Website pages you visited. Our store also uses Google Analytics to help us learn about who visits our site and what pages are being looked at.
All Website logs are stored securely and are accessible to a very limited number of employees and contractors, who have to adhere to strict guidelines regarding user data security and privacy.
SHARING OF INFORMATION
CCO employs other companies and individuals to perform functions on our behalf. Examples include technical assistance, analyzing data, and providing marketing assistance. They have access to anonymized and personal information needed to perform their functions, but may not use it for other purposes. Access to this information will permit them to provide services more efficiently and effectively to you and to us.
For example: your IP address may be used to estimate your location and personalize your experience with the Services; we may share information such as IP address, user name, email address and cookie and web beacon information with third parties in order to tailor advertising to our various market segments; your IP address and email address and the page you are viewing may be shared with a third party that operates the “chat” feature for our Services; and aggregate data about IP addresses, pages loaded, time to load pages and errors encountered may be used by third-party performance monitoring and improvement products.
These third parties may be required to disclose information, as described in the section below entitled “Disclosures in Accordance with Law.”
THIRD PARTY SITES/TRUSTED RELATIONSHIPS
Our Website contains links to other sites. We do not share your PHI or PII with those sites (unless you specifically authorize such sharing) and are not responsible for their privacy procedures. We seek to work with trusted partners and organizations that will adhere to similar privacy and ethical standards.
In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us.
However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions.
For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.
In particular, remember that certain providers may be located in or have facilities that are located a different jurisdiction than either you or us. So if you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located. As an example, if you are located in Canada and your transaction is processed by a payment gateway located in the United States, then your personal information used in completing that transaction may be subject to disclosure under United States legislation, including the Patriot Act.
DISCLOSURES IN ACCORDANCE WITH LAW
“COOKIES” AND INTERNET TAGS
CCO may collect and process information about your use of the Services, such as the Website pages you visit, the website you came from and some of the searches you perform. Such information is used by us to help improve the contents of the Website and the Services and to compile aggregate statistics about individuals using our Website and Services for internal, market research purposes. In doing this, we may install “cookies” that collect the domain name of the user, your Internet service provider, your operating system, and the date and time of access. A cookie is a small piece of information, which is sent to your browser and stored on your computer or other device. Cookies do not damage your device. You can set your browser to notify you when you receive a cookie. This will enable you to decide if you want to accept it or not. If you do not accept cookies, you may not be able to use all functionality of your browser software or this Website. We may obtain the services of outside parties to assist us in collecting and processing information collected through cookies.
Here is a list of many of the cookies that we use. We’ve listed them here so you that you can choose if you want to opt-out of cookies or not.
[_session_id]=unique token, sessional, Allows Shopify to store information about your session (referrer, landing page, etc).
[_shopify_visit]=no data held, Persistent for 30 minutes from the last visit, Used by our website provider’s internal stats tracker to record the number of visits.
[_shopify_uniq]=no data held, expires midnight (relative to the visitor) of the next day, Counts the number of visits to a store by a single customer.
[cart], unique token, persistent for 2 weeks, Stores information about the contents of your cart.
[_secure_session_id]=unique token, sessional.
[storefront_digest]=unique token, indefinite If the shop has a password, this is used to determine if the current visitor has access.
[PREF]=persistent for a very short period, Set by Google and tracks who visits the store and from where.
CCO may also use internet tags (also known as action tags, web beacons, single-pixel GIFs, clear GIFs, invisible GIFs and 1-by-1 GIFs) and cookies through the Services and may deploy these tags/cookies through a third-party advertising partner or a web analytical service partner which may be located and store the respective information (including your IP address) in a foreign country. These tags/cookies may be placed both on online advertisements that bring users to the Services and on different pages of the Website. We use this technology to measure the visitors’ responses to the Website and Services and the effectiveness of our advertising campaigns (including how many times a page is opened and what information is consulted) as well as to evaluate your use of the Services. The third-party partner or the web analytical service partner may be able to collect data about visitors to the Website and other sites because of these Internet tags/cookies, may compose reports regarding the Website’s activity for us and may provide further services which are related to the use of the Website and the Internet. They may provide such information to other parties, if there is a legal requirement that they do so, or if they hire the other parties to process information on their behalf. If you would like more information about web tags and cookies associated with on-line advertising or to opt-out of third-party collection of this information, please visit the Network Advertising Initiative website http://www.networkadvertising.org. (We are not affiliated with the Networking Advertising Initiative in any way.) If you opt out, please be advised that your user experience will be affected.
CCO may use non-personal information to analyze data into useful information. This process of data mining is done in the aggregate, is non-personal, and allows CCO to find correlations and patterns in the data.
CCO does not provide any personal information to third party sites that display our interest-based ads. However, third parties (including the ad networks, ad-serving companies, and other service providers they may use) may assume that users who interact with or click on a personalized ad or content are part of the group that the ad or content is directed towards (for example, users in the South who have experienced shoulder injuries). Also, some third parties may provide us information about you (such as the sites where you have been shown ads or demographic information) from offline and online sources that we may use to provide you more relevant and useful advertising.
NOTICE OF HIPAA PRIVACY PRACTICES
THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED, AND DISCLOSED, AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY AND REPORT ANY ISSUES, OR CONCERNS, TO: INFO@CLEARCUTORTHO.COM
The Health Insurance Portability & Accountability Act of 1996 (HIPAA) is a federal program requiring that all medical records and other individually identifiable health information used, or disclosed, by us in any form, whether electronically, on paper, or orally, are kept properly confidential. This Act gives you, the Patient, significant new rights to understand and control how your health information is used. HIPAA provides penalties for covered entities that misuse personal health information.
We have prepared this "Notice of HIPAA Privacy Practices" to explain how we are required to maintain the privacy of your health information and how we may use and disclose your health information.
We may use and disclose your medical information for each of the following purposes: consultation, payment, and health care operations:
CONSULTATION means providing, coordinating, or managing orthopedic educational information and related services by one or more providers.
PAYMENT means such activities as obtaining payment or reimbursement for services or utilization reviews.
HEALTH CARE OPERATIONS include managing your Electronic Medical Record to facilitate diagnostic Telehealth Consultations with associated Physical Therapists, as well as conducting quality assessment reviews and service improvement planning activities, auditing functions, cost-containment analysis, and customer service.
We may also create and distribute de-identified health information by removing all references to individually identifiable information. For example, to track overall incidence of certain diagnoses to employers, insurance companies, or health sharing companies in the event that they are paying for subscriptions for their employees, or for research purposes.
We may contact you to provide information about our services or other health-related services that may be of interest to you.
Any other uses and disclosures will be made only with your written authorization. You may revoke such authorization in writing and we are required to honor and abide by that written request, except to the extent that we have already taken actions relying on your authorization.
You have the right to ask for restrictions on the ways we use and disclose your health information for treatment, payment, and healthcare operations. You may also request that we limit our disclosures to persons assisting your care. We will consider your request, but are not required to accept it.
You have the right to request that you receive communications containing your protected health information from us by alternative means or at alternative locations. For example, you may ask that we only contact you at home or by mail.
Except under certain circumstances, you have the right to inspect and copy medical, billing and other records used to make decisions about you.
If you believe that information in your records is incorrect, or incomplete, you have the right to ask us to correct the existing information, or add missing information. You have a right to receive a list of certain instances when we have used or disclosed your medical information.