zHealthEHR - Privacy Policy

Privacy Policy

Protecting your privacy on our website

What this privacy policy covers

This privacy policy pertains to the use of the zHealth website at zHealthehr.com. This privacy policy covers how zHealth, Inc. ("zHealth", "We", "Us", or "Our") treats personal information that zHealth collects and receives through the website zhealthehr.com and zHealth Basic, Advanced, Standard, as well as the zHealth Patient Portal (collectively, the "Service" or "Services"). It also describes the choices available to you regarding our use of your personal information and how you can access and update this information. Personal information is information about you that is personally identifiable like your name, address, email address or phone number. Children under 13 are not permitted to use the Service, and so this privacy policy makes no provision for children's use of the site.

Information collection and how it is used

General Information

You do not have to give us any personal information, such as your name, e-mail address or Social Security number, to visit the product information portion of our website.

zHealth collects personal information when you sign up for a paid subscription to the zHealth Service. When you sign up, we ask for your name, email address, phone number and your company's demographic and financial information such as credit card information.

When you sign up for a paid subscription, we will ask you to enter your credit card or ACH information. This information is encrypted on computer systems that are secured in a locked cage at a data center co-location facility rented by zHealth.

zHealth automatically receives and records information on our server logs from your browser, including your IP address and the page you request.

zHealth uses information for the following general purposes: products and services provision, billing, identification and authentication, services improvement, contact, research, and anonymous reporting.

zHealth will send you strictly service-related announcements on rare occasions when it is necessary to do so. For instance, if our Service is temporarily suspended for maintenance, we might send you an email. Generally, you may not opt-out of these communications, which are not promotional in nature. If you do not wish to receive them, you have the option to deactivate your account.

If you wish to subscribe to our newsletter, we will use your name and email address to send the newsletter to you. Out of respect for your privacy, we provide you a way to unsubscribe by clicking on the link within the email.

IP Addresses

IP Addresses are automatically reported by your browser each time you view a web page or use our Service.

IP addresses may be used for various purposes, including:
- To diagnose or service technology problems reported by our users or engineers that are associated with the IP addresses controlled by a specific Web company or ISP.
- To estimate the total number of users visiting zHealth from specific geographical regions.

Cookies and Other Tracking Technologies

A cookie is a small amount of data, which often includes an anonymous unique identifier that is sent to your browser from a website's computers and stored on your computer's hard drive. We do link the information we store in cookies to personal information you submit while on our website.

zHealth uses both "session" cookies and "persistent" cookies. A session ID cookie will get removed automatically when you close your Web browser. We may use session cookies to make it easier for you to navigate our website. A persistent cookie remains on your hard drive for an extended period of time. We may also set a persistent cookie to store your passwords, so you don't have to enter it more than once if you so choose. We have cookies on our site but the data is only collected in the aggregate. We use a third-party tracking service that uses cookies and other tracking technologies to track non-personally identifiable information about visitors to our site in the aggregate.

If you reject cookies, you may still use our website, but your ability to use some areas of our site, such as contests or surveys, will be limited.

Web Beacons / Gifs

zHealth uses software technology called clear gifs or Web beacons to help us better manage content on our website by informing us what content is effective. These technologies are tiny graphics with a unique identifier, similar in function to cookies, and are used to track the online movements of Web users. In contrast to cookies, which are stored on a user's computer hard drive, clear gifs are embedded invisibly on Web pages and are about the size of the period at the end of this sentence. In some cases, we tie information gathered by clear gifs to our customers' personal information; an example would be tracking emails that have been opened by recipients which allows us to measure the effectiveness of our communications and marketing campaigns.

3rd Party Tracking

The use of cookies by any tracking utility company is not covered by our privacy policy. We do not have access or control over these cookies. Tracking utility company may use session ID cookies and/or persistent cookies.

We use Local Storage, such as HTML5, to store content information and preferences. Third parties with whom we partner to provide certain features on our website or to display advertising based upon your Web browsing activity also use HTML5 to collect and store information. Various browsers may offer their own management tools for removing HTML5.

Behavioral Targeting / Re-Targeting

We partner with a third party ad network to either display advertising on our website or to manage our advertising on other sites. Our ad network partner uses cookies and Web beacons to collect information about your activities on this and other websites to provide you targeted advertising based upon your interests. If you wish to not have this information used for the purpose of serving you targeted ads, you may opt-out by sending an email to privacy@zHealthehr.com. Please note this does not opt you out of being served advertising. You will continue to receive generic ads.

Protected Health Information

If you are a patient using the website, please do not provide zHealth with Protected Health Information (PHI).

If you are a patient using zHealth Basic, Advanced, or Standard, the information you provide to us through those Services may be considered PHI and will be protected by zHealth as required by federal and state laws.

Information sharing and disclosure

zHealth may be required to disclose personally identifiable information or protected health information under special circumstances, such as to comply with subpoenas or when your actions violate the zHealth Terms of Service. zHealth may share demographic information with business partners, such as "7% of zHealth customers are in the San Francisco region" or the like. No personally identifiable information or protected health information will ever be used without your permission (i.e., we will ask you before using a quote or testimonial). Third party vendors, including Google, show our ads on sites on the Internet. Third party vendors, including Google, use cookies to serve ads based on a user's prior visits to our website. Users may opt out of Google's use of cookies by visiting the Google advertising opt-out page. zHealth does not rent, sell, or share personal information about you with other people or nonaffiliated companies for promotional purposes except to provide products or services you've requested or when we have your permission. With your consent, we do share your name and email with certain partners we may work with. If you would not like your information shared with these partners, uncheck the box when asked this option or notify us via privacy@zHealthehr.com. It may be necessary to share information in order to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of zHealth's terms of use, or as otherwise required by law. We will transfer information about you if zHealth is acquired by or merged with another company. In this event, zHealth will notify you by email or by putting a prominent notice on the zHealth website before information about you is transferred and becomes subject to a different privacy policy. We use other third parties such as a chat service provider to provide customer service to you, and a credit card processing company to bill you for goods and services, an email service provider to send out emails on our behalf. When you sign up for these services, we will specify what personally identifiable information is being shared as necessary for the third party to provide that service.

Accessing, updating, or correcting your personal information

If your personally identifiable information changes, or if you no longer desire our Service, you may correct it or request deletion by contacting us by telephone or postal mail at the contact information listed below. We will respond to your request to access within a reasonable timeframe. We will retain your information for as long as your account is active or as needed to provide you services. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

Security

The security of your personal information is important to us. When you enter sensitive information such as credit card number on our registration or order forms, we encrypt that information using secure socket layer technology (SSL). While we follow generally accepted industry standards to protect the personally identifiable information submitted to us, both during transmission and once we receive it, no method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, while we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security. If you have any questions about security on our website, you can contact us at privacy@zHealthehr.com.

Customer testimonials, comments and reviews

We post customer testimonials, comments and reviews on our website which may contain personal information. We do obtain the customer's consent to post their name along with their testimonial via email prior to posting the testimonial. If you wish to update or delete your testimonial, you can contact us at privacy@zHealthehr.com. You should be aware that any personal information you submit on blogs on this site and others can be read, collected, or used by other users of these forums, and could be used to send you unsolicited messages. We are not responsible for the personal information you choose to submit in these forums. To request removal of your personal information from our blog, contact us at privacy@zHealthehr.com. In some cases, we may not be able to remove your personal information, in which case we will let you know if we are unable to do so and why.

Links to other sites

If you click on a link to a third party site, you will leave this site and go to the site you selected. Because we cannot control the activities of third parties, we cannot accept responsibility for any use of your personally identifiable information by such third parties, and we cannot guarantee that they will adhere to the same privacy practices as us. We encourage you to review the privacy policies of any other service provider from whom you request services.

Referrals

If you choose to use our referral service to tell a friend about our website, we will ask you for your friend's name and email address. We will automatically send your friend a one-time email inviting him or her to visit the website. zHealth stores this information for the sole purpose of sending this one-time email. Your friend may contact us at privacy@zHealthehr.com to request that we remove this information from our database.

Collection and Use of 3rd Party Personal Information

You may also provide personal information about other people, such as their name, email address and phone number. It is your responsibility to get permission from anyone whose personal information you provide to us. We will only use that personal information for the purpose of completing your request.

Social Media Widgets

Our website includes Social Media Features, such as the Facebook Like button and Widgets, such as the Share this button or interactive mini-programs that run on our website. These Features may collect your IP address, which page you are visiting on our website, and may set a cookie to enable the Feature to function properly. Social Media Features and Widgets are either hosted by a third party or hosted directly on our website. Your interactions with these Features are governed by the privacy policy of the company providing it.

Our Policy for Google Calendar

This section describes how zHealth collects and uses the information you provide in your Google Calendar account via the zHealth "View zHealth Calendar in Google Calendar" feature. It also describes the choices available to you regarding our use of your information and how you can access and update this information.

Information sharing and disclosure

zHealth recognizes the critical importance of preserving the confidentiality and security of your personally identifiable information (PII) and protected health information (PHI). Nonetheless, certain circumstances may necessitate the disclosure of such information:

1. User Control - You have control over your data and may request us to disclose information to others, especially when using zHealth Websites, Mobile Apps, Products or Services, such as zHealth Support Portal's community feature or programs requiring third-party sharing. You can modify your preferences anytime through your account settings or by contacting us at privacy@zhealthehr.com.

2. Legal Compliance - We may share Personal Data, PII, or PHI as required by law, court requests, legal proceedings, or when we believe in good faith that disclosure is necessary to investigate unlawful activities, defend against third-party claims, or protect the security and integrity of our Services. We will notify you of any legal proceedings requiring access to your Data, unless prohibited by law. If a court order specifies a non-disclosure period, we will send you a deferred notification after its expiration. Information may be disclosed to investigate, prevent, or address illegal activities, suspected fraud, threats to physical safety, or violations of zHealth's terms of use, as mandated by law. zHealth may disclose PII or PHI when required to comply with legal mandates, such as subpoenas, or in instances where user actions contravene zHealth's Terms of Service.

3. Demographic Information - We may share demographic data with business associates to provide insights into customer distribution, such as geographical demographics. However, under no circumstances will PII or PHI be utilized without explicit user consent.

4. Third-Party Vendors - Third-party applications or vendors, including but not limited to Google, may utilize cookies to display zHealth advertisements based on users previous website interactions. Users may opt out of Google's use of cookies by visiting the Google advertising opt-out page

5. Internal Sharing - Personal Data may be processed by zHealth employees and its subsidiaries within their respective responsibilities and solely for the purposes outlined in this Policy.

6. Promotional Use - zHealth pledges not to lease, sell, or disseminate personal information for promotional endeavors without user consent, unless necessary to fulfill requested products/services or with explicit authorization.

7. Corporate Changes - In the event of zHealth's acquisition or merger with another entity, users will receive prior notification via email or prominent website announcement. Users' information will remain subject to existing privacy standards unless explicitly stated otherwise.

8. Service Providers - zHealth may engage third-party service providers, such as chat service providers and email service providers, to deliver customer support and billing services. When enrolling in these services, users are informed of the specific PII shared, as required for service provision.

Data Retention

a. Retention Period - The duration for retaining data varies based on its type, purpose, or legal requirements. Upon your request, zHealth will delete your data from its servers and instruct its partners and third-party vendors involved in processing to do the same. We employ subcontractors to manage backup data, which is utilized in case of operational issues to ensure service continuity. It's important to note that, for security reasons, modifications or deletions of data on existing backups cannot be reflected to safeguard backup data integrity.

b. Inactive User Account - Your zHealth account, created via Websites or Mobile Apps, will be deemed inactive if there has been no activity on the mobile apps or web applications/software systems for a period of 3 years. You will receive an email notification 90 days before your account is deemed inactive, affording you the opportunity to maintain your zHealth experience. Failure to take action will result in the deletion of your account and associated data in accordance with this Privacy Policy.

c. Anonymized Data - zHealth may anonymize your data in compliance with applicable security standards and regulations. Once anonymized, the data no longer identifies you and ceases to be considered Personal Data. zHealth utilizes anonymized data for participation in research projects.

d. Data Shared with Third Parties - If you have opted to share your data from zHealth Websites, Mobile Apps, Products, and Services with third parties, we cannot guarantee the deletion or anonymization of such data. We encourage you to reach out to the respective third party for further clarification.

Accessing, updating, or correcting your personal information

If your personally identifiable information changes, or if you no longer desire our Service, you may correct it or request deletion by contacting us by telephone or postal mail at the contact information listed below. We will respond to your request to access within a reasonable timeframe.

We will retain your information for as long as your account is active or as needed to provide you services. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

Security

The security of your personal information is important to us. When you enter sensitive information such as credit card number on our registration or order forms, we encrypt that information using secure socket layer technology (SSL).

While we follow generally accepted industry standards to protect the personally identifiable information submitted to us, both during transmission and once we receive it, no method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, while we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security. If you have any questions about security on our website, you can contact us at privacy@zHealthehr.com.

Customer testimonials, comments and reviews

We post customer testimonials, comments and reviews on our website which may contain personal information. We do obtain the customer's consent to post their name along with their testimonial via email prior to posting the testimonial. If you wish to update or delete your testimonial, you can contact us at privacy@zHealthehr.com.

You should be aware that any personal information you submit on blogs on this site and others can be read, collected, or used by other users of these forums, and could be used to send you unsolicited messages. We are not responsible for the personal information you choose to submit in these forums. To request removal of your personal information from our blog, contact us at privacy@zHealthehr.com. In some cases, we may not be able to remove your personal information, in which case we will let you know if we are unable to do so and why.

Links to other sites

Referrals

Exercising Your Rights

You may exercise your rights by contacting us at privacy@zhealthehr.com

a. Right of Access - You can access the Personal Data about you processed, collected or stored by zHealth. You can find this information directly from your zHealth account (created through Websites or Mobile Apps) or via zHealth Customer Support.

b. Right of rectification - If you find that the data about you is inaccurate, you have the right to request its correction. Some personal data can be changed directly from your zHealth account.

c. Right of Limitation and Right to Object - If you find that any data about you is inaccurate, you may ask us to stop processing that data until the situation is corrected. You may also ask Us to stop processing Data relating to you.

d. Right to Erasure - You may request the deletion of Personal Data relating to you. We will assist you in deleting Personal Data from your zHealth account (created through Websites or Mobile Apps) or via zHealth Customer Support

d. Right to Portability - You may request that we send you the Personal Data relating to you so that you can share it with another company. To learn more about the details on how to exercise your right to portability, contact us at privacy@zhealthehr.com.

You may exercise your rights at any time by writing to privacy@zhealthehr.com. Proof of identity may be requested if we have no other way to verify that you are the owner of the account to which the data relates.

Patient Privacy Policy

Specific provisions regarding the collection and use of your Personal Information, its security, and sharing with third parties apply to you if you use our zHealth Mobile Apps, Websites, and zHealth Software, and Services.

a. Applicability to Patient Users - We also collect and use the Personal Data relating to you in the context of the use of the zHealth Mobile Apps, Websites, and zHealth Software, and Services. in the context of the services we offer. This Privacy Policy applies to Personal Data that We collect from Patient Users.

b. Patient Users Terms of Use - This Privacy Policy is part of the zHealth Patient Users Terms of Use available here. By accessing or using our zHealth Mobile Apps, Websites, and zHealth Software, and Services, you acknowledge that you have read and agree to the applicable click Terms of Service and Terms and Conditions. If you do not agree, you must cease using our Mobile Apps, Websites, and Software, and Services. We will notify you if there are any changes to Our zHealth Patient Privacy Policy.

c. Patient Users Rights - Some information is sent by your healthcare provider and is therefore not directly under our control. Questions or concerns about your health records or Personal Information provided to us by your healthcare provider should be directed to your healthcare provider. This information is not under the direct control of zHealth.

Collection and Use of 3rd Party Personal Information

Social Media Widgets

Our Policy for Google Calendar

Collection and Use

We do not collect any personal information from your Google Calendar account. zHealth will create a separate Calendar 'zHealthCalendar' in Google Calendar where all your appointments will be added. We add/import the following information from your zHealth's account to your Google Calendar account:

Event name
Event date
Event time
Event description
Event resource name

We use this information to:

Populate your zHealth appointment data in your Google Calendar account. Keep your Google Calendar in sync with your zHealth Calendar but not vice-versa.

Disclosure to Third Parties

We do not share or sell your personal information to third parties.

Security

The security of your Google Calendar personal information is important to us. We take commercially reasonable measures and follow generally accepted standards to protect the information you provide us, both during transmission and once we receive it. For example, the information you provide is transmitted via encryption using technologies such as secure socket layer technology (SSL).
No method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, we cannot guarantee the absolute security of your information.

Accessing Your Information

To review, correct, or update your appointment information, you can use the zHealth Calendar or you can update this information directly from Google Calendar. If you directly add, edit. delete the event/appointment on Google Calendar we will not be able to sync it back.

If you wish to close your account or request that we no longer use your Google Calendar you can contact us to disable that. We will also provide a way in which you can disable it from your account. If you no longer are using zHealth services and hence not adding new appointments, you will not see any new event on Google Calendar from zHealth.

Information Related to Data Collected through the zHealth Services

Information Related to Data Collected for our Customers

zHealth may collect information under the direction of its Customers and has no direct relationship with the individuals whose personal information it processes. If you are a customer of one of our Customers and would no longer like to be contacted by one of our Customers that use our Service, please contact the Customer that you interact with directly. We may transfer personal information to companies that help us provide our Service. Transfers to subsequent third parties are covered by the service agreements with our Customers.

Access and Retention of Data Controlled by our Customers

zHealth has no direct relationship with the individuals whose personal information it processes. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data should direct his query to the zHealth Customer (the data controller). If requested to remove data, we will respond within 45 days, subject to any permissible extensions. If the Customer is a Covered Entity under HIPAA, your rights with respect to your protected health information are governed by HIPAA as well as our Business Associate Agreement with that Customer. We will retain personal information we process on behalf of our Clients for as long as needed to provide services to our Customer. zHealth will retain this personal information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

Data Aggregation Services & De-identified Data

To the extent we receive protected health information from Customers that are Covered Entities under HIPAA, we may use such information to provide data aggregation services (as that term is defined by HIPAA) and to create de-identified data in accordance with 45 CFR 164.514(a)-(c) retaining any and all ownership claims relating to the de-identified data zHealth creates from protected health information. zHealth may use, during and after this agreement, all aggregate non-identifiable information and de-identified data for purposes of enhancing the Software and Service, technical support and other business purposes, all in compliance with the HIPAA Privacy Standards, including without limitation the limited data set and de-identification of information regulations.

California Privacy Rights

If you are a California resident, please see our Supplemental Notice for more information about the personal information we collect about California consumers and the rights afforded to you under the California Consumer Privacy Act.

Changes to this privacy policy

zHealth may update this privacy statement to reflect changes to our business or this app as it pertains to the information collected from you and our use of it. If the change impacts how we use or handle information collected from you, we will email you, or post a notice prior to the change becoming effective. We encourage you to periodically review this page for the latest information on our privacy practices.

Questions

If you have questions or suggestions you can contact us at:

zHealth Privacy
333 1st St, #N705
San Francisco, CA 94105
Phone: 800-939-0319
Email: privacy@zHealthehr.com

Last Updated

This policy was last updated on May 29, 2024.

For the Terms of Service governing zHealth Managed Billing Customers, click here