Patientstar, LLC's Global Privacy and Safe Harbor Policy is intended to cover internet and call center activities where personal identifiable information and personal identifiable health information exists.
This Privacy Policy describes how Patientstar, LLC collects, uses and protects personal confidential information, such as your name, birth date, email address, mailing address, telephone numbers and health and medication information ("Personal Information").
If you do not agree to the terms of this Privacy Policy, please do not access or use Patientstar, LLC.
You may opt-out of having your information used by Patientstar, LLC, its research sponsors and others. See Section 12 below.
1.1. This Privacy Policy is intended to ensure that your Personal Information, including Personally Identifiable Health Information (as defined in Section 3 below), obtained by Patientstar, LLC in the performance of subject recruiting and retention call center and related services, is maintained and transmitted with appropriate measures to protect your privacy.
1.2. Patientstar, LLC does not collect Personal Information, including Personally Identifiable Health Information, other than information that you supply to Patientstar, LLC on a voluntary basis. Patientstar, LLC does not use Personal Information, including PIHI, except in a manner consistent with this Privacy Policy.
2.1. This Privacy Policy:
2.1.1 establishes safeguards to protect the privacy of Personal Information; and
2.1.2 sets rules for the use and release of Personal Information and records.
2.2. For prospective, current or former research subjects, this Privacy Policy:
2.2.1 restricts the use and disclosure of your Personal Information to particular situations, except as specifically authorized by the research subject;
2.2.2 limits the use and disclosure of your Personal Information to the minimum reasonably necessary to conduct the research for which the information is collected, except as otherwise specifically authorized by the research subject; and
2.2.3 provides for information of how your Personal Information will be disclosed.
2.3. For prospective, current or former research subjects, this Privacy Policy:
2.3.1 provides for appropriate administrative, technical, and physical safeguards to protect the privacy of Personal Information collected by Patientstar, LLC, including under Patientstar, LLC’s Security Policy;
2.3.2 authorizes our Acting Privacy Officer to receive and document complaints and develop appropriate sanctions for failure to comply with this policy;
2.3.3 requires adequate and timely training of appropriate members of Patientstar, LLC’s Workforce on its policies and procedures for dealing with Personal Information collected by Patientstar, LLC; and
2.3.4 prohibits action to intimidate, threaten, coerce, discriminate against, or retaliate against any individual for exercising the rights under this policy.
3.1. In this Privacy Policy, the following definitions apply:
3.1.1 Covered Entity. An institution, organization or other entity that is subject to the rules of the Health Insurance Portability and Accountability Act of 1996. Covered entities include: (1) a health plan, (2) a health care clearinghouse and (3) a health care provider who transmits any personally identifiable health information in electronic form in connection with a transaction covered by the Act.
3.1.2 De-Identified Information. Health information that does not identify an individual. Health information can be rendered de-identified either by removal of 18 specific kinds of information, about the individual and the individual's relatives, employers, or household members. De-identified information is not subject to Patientstar, LLC's privacy requirements.
3.1.3 Global Operations Leader and Acting Privacy Officer. The senior Patientstar, LLC official with authority and responsibility for call center operations and activities including the implementation and enforcement of Patientstar, LLC's privacy policies and procedures.
3.1.4 Institutional Review Board (IRB). A committee established to review and approve research and related material, including study questionnaires, involving human subjects in accordance with FDA (21 CFR Part 56) and DHHS (45 CFR Part 46) Human Subject Protection regulations.
3.1.5 Minimum Necessary Standard. Reasonable efforts to use, disclose, or request the least amount of information needed for the intended purpose.
3.1.6 Personally Identifiable Health Information. Any information, including demographic information collected from an individual, that:
3.1.6.1. relates to (a) the past, present, or future physical or mental health or condition of an individual; (b) the provision of health care to an individual; or (c) the past, present or future payment for the provision of health care to the individual; and
3.1.6.2. identifies the individual or there is a reasonable basis to believe it can be used to identify the individual.
3.1.6.3. personally Identifiable Health Information does not include education records, or medical records covered by the Family Educational Rights and Privacy Act or employment records held by Patientstar, LLC in its role as an employer.
3.1.7 Prospective Research Subject. Prospective Research Subjects are individuals who:
3.1.7.1. called Patientstar, LLC’s call center or otherwise contacted Patientstar, LLC to inquire about a specific clinical research study, or
3.1.7.2. were contacted by Patientstar, LLC on behalf of a clinical research site, organization or sponsor to inform them of upcoming research studies.
Contact by or to Patientstar, LLC includes contact by or to affiliated or third party websites, mobile phone applications, social networking sites, and the like.
3.1.8 Re-Identification. Use of a code or other means designed to enable coded or otherwise de-identified information to be rendered identifiable. Personally Identifiable Health Information that is re-identified is subject to Patientstar, LLC's privacy requirements.
3.1.9 Use. The sharing, employment, application, utilization, examination, or analysis of Personally Identifiable Health Information within the entity holding the information.
3.1.10 Workforce. Means employees, independent contractors, interns, trainees, and other persons whose conduct, in the performance of work for Patientstar, LLC, is subject to Patientstar, LLC’s privacy policy, whether or not they are paid by that entity.
4.1. Scope and Application: This Privacy Policy applies to all members of Patientstar, LLC's Workforce engaged in subject recruiting and retention call center activities for human subject research.
4.2. Institutional Review Board: Patientstar, LLC shall use the appropriate IRBs for approval of study questionnaires and other material as needed. The specific IRB used may depend on the clinical research sites involved. In many cases, Patientstar, LLC is not directly responsible for obtaining IRB approval for a specific study questionnaire.
4.3. Training and Education: Patientstar, LLC shall ensure the training of all members of its Workforce engaged in subject recruiting and retention for clinical research on its policies and procedures for dealing with Personal Information.
5.1. Minimum Necessary Information: Use and disclosures of Personally Identifiable Health Information are limited to the Minimum Necessary Information needed to accomplish the intended purpose of the subject recruiting and pre-screening effort for a clinical research project. This includes using study questionnaires that ask only health and medical related questions that are directly associated with the inclusion/exclusion criteria as specified in the IRB approved protocol. Personally Identifiable Health Information may not be used or disclosed to the research site for research purposes unless oral or other authorization has been obtained from the Prospective Research Subject.
5.2. Business Associate: Although Patientstar, LLC is not a Covered Entity, Personally Identifiable Health Information may be obtained from Covered Entities for subject recruiting, retention and other purposes. In these situations, research subject authorizations must satisfy the requirements of the Covered Entities and conform to the HIPAA privacy regulations.
5.3. Exceptions: Personally Identifiable Health Information may be disclosed where required by law or regulation. The following are examples of when such disclosure is permitted:
5.3.1. for public health activities as conducted or directed by a Public Health or other government authority including:
5.3.1.1. prevention or control of disease, injury or disability
5.3.1.2. reporting of disease, injury, birth, death, or other vital event
5.3.1.3. public health surveillance, investigations; or interventions
5.3.1.4. reporting of child abuse or neglect, other abuse or neglect, or domestic violence
5.3.2. to avert a serious threat to individual or public health or safety
5.3.3. to coroners and medical examiners or for cadaveric organ, eye, or tissue donation
5.3.4. for judicial and administrative proceedings in response to (i) an order of a court or administrative tribunal; or (ii) a civil or criminal subpoena, discovery request, other lawful process, such as grand jury investigations and subpoenas
5.3.5. for specialized government functions and workers' compensation
5.3.6. by workforce members who are whistleblowers or victims of a criminal act
6.1. The collected data will be transferred to the indicated clinical research site only with the prospective research subject’s prior oral or other authorization. PIHI transferred to clinical research sites will be done so using secure and/or encrypted protocols including
6.1.1. secure Fax-to-secure fax machine
6.1.2. secure FTP
6.1.3. encrypted or password protected email
6.1.4. direct access through a secure, password protected portal
6.2. Information provided to other entities for operational tracking purposes will be De-Identified prior to transmission.
6.3. The collected data will be transferred into an archive at regular intervals. Data that is archived may be destroyed without notice at any time. Patientstar, LLC reserves the unlimited right to destroy collected data at any time and without prior notification.
6.4. Users who have voluntarily subscribed to receive more information about upcoming clinical trials will receive information if and when this material becomes available. You will not be contacted for any other purpose unless you explicitly request that we do so.
6.5. Please take into consideration that the World Wide Web is a publicly accessible system. Each time information is made available online this is done at your own risk. Your data might be lost or become accessible to unauthorized third parties.
6.6. Patientstar, LLC may communicate with you using text messages, email messages and other electronic means that may be unsecure, including in circumstances when your telephone, tablet, computer or other electronic device is accessible by others.
7.1. All PIHI data collected by Patientstar, LLC in connection with subject recruiting for a clinical research study is captured electronically and transmitted through a secure network connection to a secure database. Patientstar, LLC’s data security policies are consistent with GCP and HIPAA standards. Patientstar, LLC maintains a separate Security Policy for Information Technology and physical security.
8.1. The Health Insurance Portability and Accountability Act (HIPAA) of 1996 and subsequent regulations published by the Department of Health and Human Services (DHHS) impose restrictions on other institutions (Covered Entities) which may be covered under the Act with respect to your relationships with Patientstar, LLC. Patientstar, LLC may, in providing subject recruiting call center services for one of these institutions, be required to comply with certain aspects of HIPAA in the conduct of human subjects research activities.
8.2. Although Patientstar, LLC is not a Covered Entity as defined in the HIPAA privacy regulations, our policies and procedures, which govern the privacy rights of its research participants included in this privacy policy, are compatible with those required by HIPAA for Covered Entities, and will become standard for research activities involving PIHI.
9.1. Log Files. Patientstar, LLC will record the following information from visitors to its site: browser type, IP address, domain name, access time, and operating system. This aggregate data helps Patientstar, LLC have a “macro-view” of the visitor traffic and understand what sections of the site the users visit most. Patientstar, LLC also uses this information to determine what kind of technology is available on the visitors' computers so it can better serve them by utilizing more advanced technologies (e.g., Macromedia Flash). None of this information is linked to any Personal Information.
9.2. Cookies. Patientstar, LLC uses cookies to record user-specific information on what pages users access or visit, record past activity and session management and personalization. Patientstar, LLC’s use of cookies allows it to provide better service when visitors return to the Patientstar, LLC website.
9.3. External Links. This website may contain link to other websites. Please note that when you click on one of these links, you are then accessing the other website. We encourage you to read the privacy statements of these linked sites as their privacy policy may differ from ours.
10.1. Patientstar, LLC complies with the U.S.-EU Safe Harbor Framework and the U.S. - Swiss Safe Harbor framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries and Switzerland. Patientstar, LLC has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Safe Harbor program, and to view our certification page, please visit http://www.export.gov/safeharbor/. You may also read our Safe Harbor Policy by clicking here http:/www.Patientstar.com/Safe_Harbor_Policy.html.
11.1. Initial Complaints. In compliance with the Safe Harbor Principles, Patientstar, LLC commits to resolve complaints about your privacy and our collection or use of your personal information. European Union citizens and Swiss citizens with inquiries or complaints regarding this privacy policy should first contact Patientstar, LLC at info@patientstar.com.
11.2. Unresolved Complaints. Patientstar, LLC has further committed to refer unresolved privacy complaints under the US-EU Safe Harbor Principles to an independent dispute resolution mechanism, the BBB EU SAFE HARBOR, operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed by Patientstar, LLC, please visit the BBB EU SAFE HARBOR web site at www.bbb.org/us/safe-harbor-complaints for more information and to file a complaint.
12.1. Permissions and authorizations are obtained orally or electronically from all prospective research subjects, where applicable, in three specific areas:
12.1.1. Once the prospective research subject has been provided basic information regarding the clinical research study, that subject’s permission and authorization is required to proceed with asking for health information.
12.1.2. Once the prospective research subject’s PIHI has been collected and where the subject has prequalified for a specific research study, the subject’s permission and authorization is required to transmit PIHI to the indicated clinical research site.
12.1.3. Under any situation where PIHI has been collected from a prospective research subject, the subject will be required to provide his or her permission and authorization (“opt-out”) to maintain PIHI for the purpose of contacting the subject about future studies. If no authorization is sought, or if authorization is not given when asked, all identifiers will be deleted (“De-Identified”) from the records within two business days.
12.2. A valid authorization must be presented in language which is easily understood and must fully inform the prospective research subject of the intended use and disclosure of the PIHI.
Patientstar, LLC reserves the right, in its sole discretion, to change, add or remove portions of this privacy policy from time to time without any individual notice. Patientstar, LLC will place notice of any changes to this prvacy policy on its home page.
Please check this page periodically for any changes. Your continued use of Patientstar, LLC following the posting of any changes to these terms shall mean that you have accepted those changes. If you have any questions or concerns, please email us at info@Patientstar.com.
Each use of CliniCalRN will be subject to the most current version of this privacy policy at the time of surch use. The date of the current version is shown on the first page of this policy.