Privacy Policy and Notice Effective: March 2014
Rev: April 2020
THIS POLICY DESCRIBES HOW YOUR MEDICAL AND PRODUCT DIAGNOSTIC AND USAGE INFORMATION MAY BE USED AND DISCLOSED, AND HOW YOU CAN ACCESS THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.
PART I: Protected Health Information
In the course of providing services or products to you, it is necessary for us to obtain personal medical or other relevant information about you. Government regulations define how this information may be used or disclosed to others. Lingraphica is required by law to maintain the privacy of protected health information (PHI) and to provide individuals with notice of its legal duties and privacy practices with respect to PHI. This notice describes how information which you provide may be used. We are required to abide by the terms of this notice. Lingraphica reserves the right to change the terms of its notice and to make the new notice provisions effective for all PHI that we maintain, regardless of when it was created or received. If there is a change in the way that your information will be used, we are responsible to notify you of the change. Such notification may be made by mail, electronic communication, or other form of communication directed to you. We will also post the current notice on our website.
I. Lingraphica must provide to you notice of our privacy practices to use or disclose medical information as described below. You may request restrictions on how your medical information will be used or disclosed. Lingraphica may or may not agree with your requested restriction. But if we agree to your requested restriction, we must honor your request.
A. Upon providing Privacy Notice, Lingraphica is permitted to use and disclose your health information as summarized below:
- Your information may be disclosed to you.
- Your information may be disclosed to your personal representative or to your parent or guardian if you are a minor.
- Your information may be used or disclosed for the purposes of providing medical treatment, receiving payment for services provided, and for administration of healthcare operations related to your care.
– Examples of such disclosures for treatment purposes include use of your health information by primary and consulting physicians, X-ray or other diagnostic lab tests, and nursing care.
– Examples of disclosure for healthcare operations may include disclosure to a pharmacy for prescriptions.
– Examples of disclosure for payment may include patient billing and insurance claim processing.
- Your information may be used or disclosed pursuant to an agreement with you in compliance with any current or prior written authorization.
- Your information may be used or disclosed without your consent if consent is not required.
– Examples of such instances include emergency treatment, or instances when we are required by law to provide treatment, or in situations where there is an inability to communicate, or where there is an indirect treatment relationship, or if information is created for the treatment of an inmate of a correction facility.
- Your information may be used or disclosed for non-medical purposes pursuant to and in compliance with your written privacy authorization.
- Your information may be used or disclosed in the reporting of a crime.
B. Lingraphica is required to disclose PHI as summarized below:
- To you upon your request.
- To the Secretary of Health and Human Services when required to investigate compliance with government regulations.
- When required by law or legal process.
C. When using or disclosing your medical information to others, we will de-identify personal information when possible, and we will make a reasonable effort to limit disclosure to the minimum degree necessary for the purpose of the disclosure.
D. We are required by law to notify you in the case of a breach of your unsecured (not encrypted or masked by some technology) PHI when it has been or is reasonably believed to have been accessed, acquired, or disclosed as a result of a breach.
II. Lingraphica must obtain your written authorization to use or disclose medical information for any other use or disclosure not set forth in this notice. Written authorization is a separate form which you must sign and date. The authorization must identify the person or entity making the disclosure, identify the person or entity receiving the disclosure, describe the purpose for the disclosure, the nature of the information being disclosed, and the expiration date of the disclosure. You have the right to refuse to sign the authorization and you have the right to revoke an authorization. You may request to inspect or to copy the information being disclosed, and you may request to receive a copy of the authorization. You must recognize that any information provided to others through the authorization may not be subject to privacy protections. When your authorization is provided, we must use or disclose your information in a manner that complies with your authorization. We may not condition the provision of treatment, products, or services on your authorization.
Upon receiving your authorization, Lingraphica is permitted to use and disclose your health information as summarized below:
- Your authorization is required for any use or disclosure of psychotherapy notes.
- Your authorization is required for any non-medical use or disclosure of your health information or for reasons not related to carrying out treatment, payment, or healthcare operations.
III. Lingraphica may use or disclose certain information without consent or authorization provided that you are informed in advance and given an opportunity to agree or object to such use or disclosure of health information in the circumstances described below:
- We may use or disclose your information in emergency circumstances if we believe it is in the best interest for your treatment or care, and such disclosure is consistent with any prior expressed preference.
- We may disclose information to your family members involved in your care.
- We may disclose information to your next of kin.
- In providing treatment or services to you when you are present and have the capacity to make a sound decision, we may request your consent or provide an opportunity to object to certain use or disclosure of information, or if we reasonably infer from the circumstances that you do not object to the disclosure.
- In providing treatment or services to you when you are not present or do not have the capacity to make a sound decision, we may make a decision to use or disclose information which we feel is in your best interest to an authorized public or private entity.
- In providing treatment or services to you when you are not present or do not have the capacity to make a sound decision, we may make a decision to use or disclose information to an authorized public or private entity when such disclosure is necessary for disaster relief.
IV. Lingraphica may use or disclose certain information without consent or authorization or opportunity to agree or object, as described below:
- We may use or disclose information as required by law.
- We may use or disclose information as required for public health purposes including disclosure subject to the following requirements:
– Report of child abuse
– Jurisdiction of Food and Drug Administration
– Exposure to communicable disease
– To employer for a job-related accident report or exam, if Lingraphica has been requested by the employer to provide you with healthcare
– Information about victims of abuse, neglect or violence
– Such disclosures are made to the extent required by law, but you will be notified of such disclosures
- We may disclose information for health agency oversight purposes such as accrediting, auditing or inspections.
- We may disclose information in the course of judicial or administrative proceedings in response to a court order or subpoena or other lawful process.
- We may disclose information to law enforcement officials for law enforcement purposes or for reporting a victim of crime.
- We may use or disclose information when necessary to avert a serious threat to health or safety.
- We may use or disclose information on military personnel to the respective military command structure or in cases of national security.
V. Device Usage Information
To help improve our products and services for all users, we may also automatically collect and store information about the computer, mobile device, or other devices you use to access our products and services and about how you use them.
- Example: we collect the number of times the various features of the communication device are accessed and used by customers, so we can understand their wants/needs and better inform future product updates.
We reserve the right to email you to confirm transactions, address account issues, inform you of product updates and new services, or upon your request to reset your password.
We also reserve the right to use non-personal information (e.g., de-identified or aggregate data) for any purpose. We may disclose performance statistics to third-party collaborators, for example universities, to evaluate, study, and improve the effectiveness of our services. In these situations, all data is disclosed either in aggregate form or without information that can identify you. In addition, when we work with collaborators, we contractually prohibit them from attempting to re-identify individuals from data that has been de-identified.
VI. Third-Party Web-Applications
There are several third-party web applications to which customers are automatically enrolled and connected when receiving their communication devices. These third-party web-applications include:
- TalkPath Therapy: an online speech and language therapy platform
- TalkPath News: an online news source designed specifically for individuals with speech and cognitive impairments
- ACE Program: an educational website that offers training videos for Lingraphica device customers
Connection to these third-party applications requires a unique user name and password, which is automatically created by Lingraphica before the device is shipped to the customer. This enables the applications to be immediately ready for use upon receiving the device.
If customers choose to remove and replace the default Lingraphica account with one which they created independently (before or after receiving the device), they are opting out of the security controls outlined in this Privacy Policy.
VII. Lingraphica May use or Disclose Your Health Information
- We may use or disclose your health information for any of the activities described below:
– We may contact you to provide appointment reminders or information about treatment alternatives or other health-related benefits and services.- We may contact you to inform you of other products and services available from our company.- We may disclose information to the sponsor of the health plan, or health insurance issuer or HMO.
- You have the following individual rights with respect to privacy of PHI. You have the right to:
– Request restrictions on certain uses and disclosures of PHI, but Lingraphica is not required to agree to a requested restriction.
– Grant and revoke authorization for certain non-medical uses and disclosures of protected health information.- Receive confidential communications of PHI.- Inspect and copy PHI.- Amend PHI.- Get a list of those with whom we’ve shared your information within the last six years.- Receive a paper copy of this Privacy Notice, even if you have already agreed to receive this notice electronically.- File a complaint with us or the Secretary of the U.S. Department of Health and Human Services if you believe that your privacy rights were violated.
- Complaints – In the event that you have a complaint about our handling of your private information, you may contact our Privacy Officer at 609-275-1455 (direct and confidential telephone line). You may also contact the government: Secretary of the U.S. Department of Health and Human Services, 200 Independence Ave., Washington, D.C. 20201. You will not be retaliated against in any way as a result of filing a complaint.
PART II: Diagnostic and Usage Information
Lingraphica knows your privacy is important, and we are committed to providing a safe and secure user experience. This portion of the Privacy Policy describes how we collect, use, secure, and share diagnostic and usage information about our users and individuals (collectively, “you”) who use one of our communication devices, create a Lingraphica/TalkPath account, or submit payment information on any of the following access venues: therapy.aphasia.com, lingraphica.com, aacdevice.com or on mobile devices (collectively, “Services”).
I. Information You Provide
You are required to create a Lingraphica account to gain access to many of our Services. If you do create an account, we ask for certain information to process your registration, including an email address and password. If you subscribe to a paid account, we request additional information, including your full name and payment method details. If you create an account to participate in our continuing education (CE) programs, a valid American Speech-Language-Hearing Association (ASHA) member identification number is required.
To help improve our Services for all users, we also ask for certain, limited demographic information, including your name, gender, date of birth, and information about your condition (where applicable). Providing most of this information is optional.
II. Data We Collect
In addition to the information you provide us, when you use our Services, we may also automatically collect and store information about the computer, mobile device, or other devices you use to access our Services and about how you use them. Here are two examples of information we collect and store from our Services:
- Communication or AAC Device: we collect the number of times the various features of the device are accessed and used by customers, so we can understand their wants/needs and better inform future product updates.
- TalkPath Therapy: we track the tasks you complete and your performance in those tasks, so we can determine what exercises are most popular and which may be confusing. We may also collect and store information such as your browser type, IP address, language, operating system, unique device identifier, the date and time of your visit, and the pages you view.
III. Our Use of Cookies for Web-based Services
To collect information, we use cookies and other standard web technologies (e.g., pixel tags). Cookies are small text files placed on the browser of your computer or mobile device when you visit a website that collects non-personal information. We use “persistent cookies” to save your login information for future logins to our Services. We use “session ID cookies” to enable certain features of TalkPath Therapy, to better understand how you interact with the Service, and to monitor aggregate usage and web traffic routing on the Service. Most browsers automatically accept cookies but allow you to disable cookies through the “options” or “preferences” menu of your browser. Please be aware that disabling cookies could interfere with the functionality of many of our Services.
Third parties whose products or services are accessible in our Services (i.e., via an unlocked communication device), including social networking services like Facebook, may also use cookies or similar tools. Please review their privacy policies for information about their cookies and other privacy practices.
IV. How We Use Your Information at Lingraphica
We use the information we collect to operate and provide you with our Services. This includes, but is not limited to:
- Authenticating your login and processing your payments.
- Personalizing your experience and customizing your device or plan and allowing your clinician to customize your device or plan on your behalf.
- Allowing you and/or your clinician to monitor your performance and progress in TalkPath Therapy, by, for example, presenting charts and graphs of your performance.
- Protecting our intellectual property or other rights.
- Managing and improving our business, our games, and our training.
We reserve the right to email you to confirm transactions, address account issues, such as when you make a purchase, inform you of product updates and new services or of your request to reset your password.
We also reserve the right to use non-personal information (e.g., de-identified or aggregate data) for any purpose. We may disclose performance statistics to third-party collaborators, for example universities, to evaluate, study, and improve the effectiveness of our Services. In these situations, all data is disclosed either in aggregate form or without information that can identify you. In addition, when we work with collaborators, we contractually prohibit them from attempting to re-identify individuals from data that has been de-identified.
V. No Disclosure to Third Parties for Their Own Marketing Purposes
We believe in protecting your privacy, and therefore do not provide your personal information to third parties for their marketing purposes.
VI. When We Share Your Personal Information with Third Parties
We may share your personal information in the following ways:
- Service providers and agents. We may share your information with certain third parties selected by us to help support our operations. These include, for example, services that help us process payments, analyze web traffic, send emails, and track customer service requests.
- We may disclose your information when we believe we have your consent to do so, such as when you contact customer service and ask us about your account, when your account is linked to another user’s account, or when we have the consent of someone we believe is authorized to consent on your behalf, such as the individual associated with the payment method for your account. If you have expressly agreed to participate in a research study with us or with a third party that incorporates your personal information collected by our Services, we also may disclose your information for the purpose of facilitating the research to which you have consented.
- We may disclose your information to third-parties with whom we have a partnered in order to deliver a product or service.
VII. Accessing, Reviewing, and Deleting Your Information
You can access, review, and correct the registration and demographic information we have collected about you by logging into your account and navigating to the Account page.
VIII. Security of Personal Information
We have implemented and maintain reasonable security practices to protect against the unauthorized access, use, modification, destruction, or disclosure of your personal information. For example, we use one or more of SSL encryption, firewalls, and antivirus software. However, no method of transmission or storage is completely secure, and therefore, we cannot guarantee absolute security.
IX. Outside the United States Consent to Processing and Transfer of Information
If you access our Services outside of the United States, you fully understand and unambiguously consent to the transfer of your personal information to, and the collection and processing of such personal information in, the United States.
X. Contact Information
In the event that you have a complaint about our handling of your private information, you may contact our Privacy Officer at 609-275-1455 (direct and confidential telephone line).