Health eTools for Schools ("this Site") is powered by Population Health Innovations, LLC. We take the issue of privacy very seriously. We want to assure Users of this Site (meaning any individual, including site visitors as well as those individuals who provide personal information via this Site) that their information is secure and maintained in confidence, consistent with applicable state and federal laws.
Non-Personal Information We Collect about You. We also collect Non-Personal Information about your use of this Site, and special promotions and newsletters, if applicable.
Web Beacons. We also might use Web Beacons to collect Non-Personal Information about your use of this Site. The information collected by Web Beacons (i) allows us statistically to monitor how many people are using this Site, (ii) how many people open our emails, and (iii) for what purposes these actions are being taken. These Beacons are not used to track your activity outside of this Site. We do not link Non-Personal Information from Web Beacons to Personally Identifiable Information without your permission and do not use Web Beacons to collect or store Personal Health Information about you.
Emails to You. After registration, you might receive email from this Site that deal with site support matters and/or directly from third parties. These emails will not contain Personal Health Information.
In some cases, when you click on a link, your browser might be momentarily directed to the web site of a third party which, acting on behalf of this Site (see Disclosure to Third Party Contractor Web sites, below), notes or "counts" your response to the e-mail before re-directing your browser to your selected destination; this re-direction process will not be apparent to you.
Any information shared (including Personally Identifiable and Personal Health Information) that you reveal in a chat room, message board, or online discussion is, by design, open to the public, and is not a private, secure service. You should think carefully before disclosing any Personally Identifiable or Personal Health Information in any public forum. What you write might be seen, disclosed to, or collected by third parties and might be used by others in ways we are unable to control or predict, including to contact you for unauthorized purposes.
Market Research. From time to time our market research department, or our operations contractors acting on our behalf, will conduct online research surveys in order to gather feedback about this Site and opinions on important issues, through email invitations, pop-up surveys, and online focus groups.
Registration, Use, and Tools. This Site provides you a secure place to store Personal Health Information and provides tools and services in order better to manage the health of students in your school.
Secure Message Center. This Site has the ability to use Personally Identifiable Information that you provide to send you personalized emails or secure electronic messages. If you decide that you would prefer not to receive personalized email or secure electronic messages from this Site, you can "Opt-out" of the service by clicking on the settings tab on your home page and changing your email preference. If your employer has implemented this Site on your behalf, you will receive email at your work-related email address that has been authorized by your employer but to which you have not specifically Opted-in. These emails will be sent in accordance with instructions from your employer and you are not able to Opt-out of receiving such emails.
Spyware. This Site does not knowingly engage in business with a company that uses Spyware, nor do we provide Users with downloadable software that collects or uses any PII without full disclosure and consent
Disclosure of Aggregate Information. We might provide Aggregate Information to third parties. For example, we might inform third parties regarding the number of users of this Site and the activities they conduct while on this Site. Depending on the circumstances, we might or might not charge third parties for this Aggregate Information. We require parties with whom we share Aggregate Information to agree that they will not attempt to make this information personally identifiable, such as by combining it with other databases.
How We Handle Privacy And Security Internally. Listed below are some of
the security procedures that we use to protect privacy:
· Require both a personal username and a password in order for users to access Personally Identifiable Information or Personal Health Information.
· Use firewalls to protect information held in our servers.
· Utilize Secure Socket Layer (SSL) encryption in transmitting Personally Identifiable Information to our servers. In order to take advantage of encryption technology, you must have an Internet browser which supports 128-bit encryption.
· Closely monitor the limited number of our employees who have potential access to Personally Identifiable Information.
· Back up our systems to protect the integrity of your Personally Identifiable and Personal Health Information.
· Require our employees, by written confidentiality statements, corporate policies, and state or federal laws and regulations, to maintain the confidentiality of personal information and to use strict standards of care in handling the information. Employees who do not conform to these confidentiality requirements are subject to disciplinary sanctions that may include dismissal.
additional protection for Personal Health Information as follows:
· Provide secure messaging within this Site so that information related to personal health related characteristics is sent through a secure, encrypted connection.
· Limit access to Personally Identifiable Information to authorized users
Despite our efforts to protect Personally Identifiable Information and Personal Health Information, there is always some risk that an unauthorized third party might find a way around our security systems or that transmissions of information over the Internet might be intercepted.
Updating Information and Contacting This Site
Updating Personally Identifiable Information. This Site's tools that collect and store self-reported data allow you to correct, update, or review information you have submitted by going back to the specific tool, logging in, and making the desired changes, as long as that file remains active.
Removing your Personal Information. If you have a
complaint or problem, please contact our customer service department. We try to answer every email within 48 business
hours, but might not always able to do so. If you want to (1) delete Personally Identifiable Information from our
systems, or (2) update Personally Identifiable Information that you have provided to us, you can email us at firstname.lastname@example.org.
If you do not receive adequate resolution of a privacy related problem, you might write to our Privacy Help Desk at:
Population Health Innovations.
Attn: Chief Privacy Officer
313 West Liberty Street, Suite 350
Lancaster, PA 17603
Or call: 866.522.5487
Limitations on Removing or Changing Information. Upon your request, we will delete Personally Identifiable or Personal Health Information from our active databases and where feasible from our back-up media. You should be aware that it is not technologically possible to remove each and every record of the information you have provided to this Site from our servers.
Aggregate Information or Data: As a web site gathers individual pieces of Non-Personal Information (see definition below) from its users, it might combine similar data from many or all the users of the web site into one big "batch." For example, the site might add up the total number of people in Peoria, Illinois, (but not their names) who are seeking information about weight loss and compare that to the number of people in Petaluma, California seeking the same information.
This sort of statistical information is called Aggregate Data because it reflects the habits and characteristics of a large group of anonymous people. Web sites might use aggregate data or share it with their business partners so that the information and services they provide best meet the needs of the users. Aggregate Data also helps advertisers and sponsors on the Web know how effectively they are reaching and meeting the needs of their target audience.
Browser: Short for web browser, a browser is software application used to locate and display web (Internet) pages. The most popular browsers are Mozilla Firefox and Google Chrome. In addition, most modern browsers can present multimedia information, including sound and video, though they require plug-ins for some formats.
Cache (also called cache memory): Once this browser accesses a web page, it references that page and the graphics on it within your computer's "cache" (or more simply, your computer takes a "snapshot" of every page you visit and stores it in the "cache.") The next time you visit that same page, your download time will be quicker as the images and much of the page is already available on your computer for your browser to reference instantly instead of waiting for the page and images to download again. This Site does not cache pages.
Click Stream Information: A record of all the pages you have visited during your visit to a particular Web site or the services you accessed from the site or from an email. Click Stream Information is associated with your browser and not with you personally. It records the archives of your browser.
Cookie: A small data file that is stored on the hard drive of the computer you use to view a Web site. Cookies are placed by that site or by a third party with a presence on the site, such a partner using a Web Beacon (see definition below) and are accessible only by the party or site that placed the Cookie (i.e. a Cookie placed on your computer by this Site isn't accessed by any other site you visit but a Cookie placed on your computer by an outsider might be accessed by any site on which that same party has a presence). Cookies can contain pieces of Personally Identifiable Information (PII). This Site encrypts any PII it stores in its Cookies. These Cookies often are used to make the site easier to use. For example, if you check a box to ask that we store your user name on your computer so that you don't have to enter it each time you visit the site, it's stored in a Cookie on your computer.
Encryption: The translation of data into a secret code. Encryption is the most effective way to achieve data security. To read an encrypted file, you must have access to a secret key or password that enables you to decrypt it. This is typically done by secure computer systems.
Firewall: A system designed to prevent unauthorized access to or from a public or private network. Firewalls can be implemented in both hardware and software, or a combination of both. Firewalls are frequently used to prevent unauthorized Internet users from accessing private portions of public networks. All messages entering or leaving the network pass through the firewall, which examines each message and blocks those that do not meet the specified security criteria.
Non-Personal Information: Information that is not traceable back to any individual and cannot be used to identify an individual. For example, Click Stream Information is Non-Personal Information, as is information such as gender, age, city, and state when not linked with other Personally Identifiable Information.
Opt-In: Means you are actively indicating your preference to participate in a program, email, feature, tool, or enhancement on a Web site. Typically, if you "Opt-in" you must provide certain information, usually Personally Identifiable Information, to the Web site or otherwise actively indicate your choice or preference to participate in the Web site program.
Opt-Out: Means that if you do not take some action you are indicating your preference to participate in a program, email, feature, tool, or enhancement on a Web site. Typically, if you "Opt-out" you must uncheck a box next to a stated preference or otherwise take some indicate action to indicate your preference not to participate in a program.
Password: A secret series of characters, typically alphanumeric (meaning it consists of both letters and numbers) that enables a user to access a file, computer, or program. The user must enter his or her password before the computer or system will respond to commands. The password helps ensure that unauthorized users do not access the system. In addition, data files and programs might require a password.
Ideally, the password should be something that nobody could guess. In practice, many people choose a password that is easy to remember, such as their name or their initials. This is one reason it is relatively easy to break into many computer systems.
Personal Health Information (PHI): This arises when your Personally Identifiable Information (PII) is combined with known health characteristics.
Personally Identifiable Information (PII) (also called Personal Information): Information that can be traced back to an individual (contrast with Non-Personal Information and Aggregate Information). Examples of PII include your name, home address, telephone number, email address, and Social Security number.
If other pieces of information are linked to PII, they also become PII. For example, if you use a nickname to chat online and give out your real name while chatting, your nickname becomes PII when linked with other PII.
Server: A computer that provides services to other computers. A "web server" stores web site files and "serves" them to people who request them.
SSL (Secure Sockets Layer): A security protocol developed by Netscape for transmitting private information via the Internet. SSL works by using a private key to encrypt data that's transferred over the SSL connection. Both Mozilla Firefox and Google Chrome support SSL and many Web sites use the protocol to obtain confidential user information, such as credit card numbers. By convention, URLs that utilize an SSL connection start with "https" instead of "http."
Username: A name used to gain access to a computer system or program. Usernames, and often passwords, are required in shared systems, such as the Internet. In most such systems, users can choose their own usernames and passwords.
Virus: A program or piece of code that is loaded onto your computer without your knowledge and runs against your wishes. Viruses can also "replicate" themselves by copying their code to other computers. All computer viruses are manmade. A simple virus that can make a copy of itself over and over again is relatively easy to produce. Even such a simple virus is dangerous because it will quickly use all available memory and bring the system to a halt. An even more dangerous type of virus is one capable of transmitting itself across networks and bypassing security systems. There are numerous virus protection programs available.
Web Beacons (also often referenced as "clear GIFs", "web bugs", "1-by-1 GIFs", "Single-Pixel GIFs", "1 x 1 Pixels", or "clear Pixels"): Tiny graphic image files, imbedded in a web page in GIF, jpeg, or HTML format, that provide a presence on the web page and send back to its home server (which can belong to the host site, a network advertiser or some other third party) information from the users' browser, such as the IP address, the URL of the page on which the beacon is located, the type browser that is accessing the site, and the ID number of any Cookies on the Users' computer previously placed by that server. Web Beacons can also be used to place a Cookie on the Users' browser.
PLEASE NOTE: This Site does not provide medical advice, diagnosis, or treatment. The information described in these Web pages is accurate, to the best of our knowledge, at the time of publication. It should be noted that this information is provided for informational purposes only and is not a substitute for medical, legal, or other professional advice. Population Health Innovations, LLC. shall not be liable to any person or entity for any damages of any kind for any reason pursuant to any legal theory, incurred by the User as a result of its/her/his use or reliance on the information.