Our Commitment to Privacy
Information We Collect
The following are some examples of when Medgate may require that you provide personally identifiable information: (1) To complete an online form for a product or service surveys (if you do not wish to complete an online form, we will always provide an option for you to complete an order by calling a phone number); (2) To request more information about new or current Medgate products or services. We use the information to contact customers to further discuss customer interest in our company, the services that we provide, and to send information regarding our company. Medgate does not sell or provide personal data to third parties, except for data processors for our hosted product as noted below.
Respect of the Rights of Individuals
Customers of Medgate hosted software services will be using Medgate-provided infrastructure to host data and information. Medgate will not release such customer employee data except on the explicit written instructions of an approved officer of the Customer or as otherwise required by law. Individual records may at times be viewed or accessed by Medgate to resolve a problem, provide user support, to investigate a customer’s compliance with our terms and conditions, or as may be required by law.
Customers are responsible for compliance with applicable privacy laws, including:
- obtain employee’s informed and signed consent on the transmission of personal heath data to the Medgate’s hosting services
- restricting access to their personal data
- maintaining the confidentiality and security of their employee data, user registrations and passwords
Medgate will not share personally identifiable information with third parties unless stated at the time of collection and except as follows: Medgate may store customer data with third party data centers or managed service platforms as part of Medgate’s hosted software offering, but only with third parties that meet Medgate’s information security standards, as evidenced by certifications for their information security management system (ISO 27001, SAS 70).
When you view one of our web sites or advertisements, we may store some information on your computer. This information will be in the form of a “Cookie” or similar file and will be used to determine ways to improve our Web sites, advertisements, products or services. For example, Cookies allow us to tailor a Web site to better match your interests and preferences.
Security of your Personal Data
Medgate has achieved ISO 27001 certification for Information Security Management Systems. As part of its compliance with this rigorous information security system, Medgate has implemented appropriate technical and organizational security measures to prevent (1) unauthorized or unlawful disclosure or access to personal data; (2) accidental or unlawful loss, destruction, alteration, or unauthorized disclosure of your personal data; and (3) accidental damage to your personal data. These measures ensure an appropriate level of security in relation to the risks inherent in the processing and the nature of the personal data to be protected. Your securely held personal data will only be accessible by select authorized members of staff within Medgate.
For Switzerland – U.S. data transfers, Medgate adheres to the Safe Harbor Principles, which are available at http://www.medgate.com/privacy-policy/safe-harbor-statement/
For European Union – U.S. data transfers, Medgate also adheres to the Privacy Shield Principles, which are available at http://www.medgate.com/privacy-policy/privacy-shield-statement/
Who to Contact
Should you have other questions or concerns about these privacy policies, please contact Medgate’s Chief Security Officer at 416-863-6800 or send us an email at firstname.lastname@example.org.