Health Gorilla IAS (Patient Access) Privacy Notice
Last Updated: March 20, 2023
Health Gorilla IAS (Patient Access) Privacy Notice
HIPAA
This Health Gorilla is a HIPAA-covered entity?
- No
Use: How we use your data internally due
Primary Service: Our app or technology is used primarily to allow you to query and obtain your medical records through our national network.
We collect and use your identifiable data1 to:
- Provide the primary service of the app or technology
- Support company operations (e.g., quality control or fraud detection)
- Develop and improve new and current products and services (e.g., analytics4)
Share: How we share your data externally with other companies or entities
We share your identifiable data1 to:
- Provide the primary service of the app or technology in querying your medical records from participants in our national network.
- Support company operations (e.g., quality control or fraud detection)
- Develop and improve new and current products and services (e.g., analytics4)
Store: How we store your data
We store your data through an outside cloud computing services provider.
Encryption2: How we encrypt your data
We encrypt your data in the system.
- Yes, automatically
We encrypt your data when stored on our company servers or with an outside cloud computing3 services provider.
- Yes, automatically
We encrypt your data while it is transmitted
- Yes, automatically
Privacy: How this technology accesses other data
The technology or app requests access to other device data or applications, such as your phone’s camera, photos, or contacts
- Yes, only with your permission. It connects to an identification /authentication application.
- Camera
User Options: What you can do with the data that we collect
The technology or app allows you to access, edit, share, or delete the data we have about you
- Yes, you can access your data.
- Export your data to share it from the XML file
- Delete your data through a manual request process.
Deactivation4: What happens to your data when your account is deactivated
When your account is deactivated/terminated by you or the company, your data is…
- Retained and used until you request deletion
Policy Changes: How we will notify you if our privacy policy changes
Any policy changes that are applicable to Individual Access Services in Patient Access will be posted and consumers can find such changes on our website here.
Breach5: How we will notify you and protect your data in case of an improper disclosure
Health Gorilla complies with all applicable laws regarding breaches. Under HIPAA, Health Gorilla is a business associate, not a covered entity. We will comply with the terms and conditions of the applicable business associate agreement regarding your breach notification.
How to Contact Us - Patient Access Users
Health Gorilla, Inc.
Email: support@healthgorilla.com
Phone: 1-844-446-7455
2” Encryption” means: a method of converting an original message of regular text into encoded text in such a way that only authorized parties can read it.
3“Cloud computing” means: a kind of Internet-based computing that provides shared processing resources and data to computers and other devices on demand.
4“Deactivation” means: an individual takes action or a company ceases operation or deactivates an individual’s account due to inactivity.
5“Breach” means: an unauthorized disclosure of the acquisition, access, use, or disclosure of protected health information in a manner not permitted under subpart E of the HIPAA Privacy Rule which compromises the security or privacy of the protected health information.