A Business Associate Agreement sample can be accessed here.
Terms used, but not otherwise defined, in this Agreement shall have the same meaning as those terms in the HIPAA Privacy, Security, Breach Notification and Enforcement Rules at 45 CFR Part 160 and 164.
PHI USE AND DISCLOSURE
We may collect personal identification information from Users in a variety of ways, including, but not limited to, when Users visit our site, register on the site, place an order, fill out a form, respond to a survey, and in connection with other activities, services, features or resources we make available on our Site. Users may be asked for, as appropriate, name, email address, mailing address, phone number. Users may, however, visit our Site anonymously. We will collect personal identification information from Users only if they voluntarily submit such information to us. Users can always refuse to supply personal identification information, except that it may prevent them from engaging in certain Site related activities.
NON-PHI USE AND DISCLOSURE
We may collect non-personal identification information about Users whenever they interact with our Site. Non-personal identification information may include the browser name, the type of computer and technical information about Users means of connection to our Site, such as the operating system and the Internet service providers utilized and other similar information.
PHI ACCESS CONTROL
SET SEG assigns a unique user ID to identify and track Users’ navigation of www.setseg.org. This access control measure is designed to protect Users and their employees from the unauthorized access or use of PHI. Users are granted access to www.setseg.org when they are designated by the respective district as the appropriate manager of PHI. Once a User is reported to SET SEG as no longer being the appropriate manager of district’s PHI, SET SEG will revoke that User’s access to www.setseg.org.
After 30 minutes of inactivity, users are automatically logged out of a session.
WEB BROWSER COOKIES
HOW WE USE COLLECTED INFORMATION
SET SEG Insurance Services Agency may collect and use Users’ personal information for the following purposes:
To run and operate our Site
We may need your information to display content on the Site correctly.
To improve customer service
Information you provide helps us respond to your customer service requests and support needs more efficiently.
To personalize user experience
We may use information in the aggregate to understand how our Users as a group use the services and resources provided on our Site.
To improve our Site
We may use feedback you provide to improve our products and services.
To process payments
We may use the information Users provide about themselves when placing an order only to provide service to that order. We do not share this information with outside parties except to the extent necessary to provide the service.
To send periodic emails
We may use the email address to send User information and updates pertaining to their order. It may also be used to respond to their inquiries, questions, and/or other requests.
HOW WE PROTECT YOUR INFORMATION
We adopt appropriate data collection, storage and processing practices and security measures to protect against unauthorized access, alteration, disclosure or destruction of your personal information, username, password, transaction information and data stored on our Site.
SHARING YOUR PERSONAL INFORMATION
We do not sell, trade, or rent Users’ personal identification information to others. We may share generic aggregated demographic information not linked to any personal identification information regarding visitors and users with our business partners, trusted affiliates and advertisers for the purposes outlined above. We may use third party service providers to help us operate our business and the Site or administer activities on our behalf, such as sending out newsletters or surveys. We may share your information with these third parties for those limited purposes provided that you have given us your permission.
If User decides to opt-in to our mailing list, they will receive emails that may include company news, updates, related product or service information, etc. If at any time the User would like to unsubscribe from receiving future emails, we include detailed unsubscribe instructions at the bottom of each email or User may contact us via our Site. We may use third party service providers to help us operate our business and the Site or administer activities on our behalf, such as sending out newsletters or surveys. We may share your information with these third parties for those limited purposes provided that you have given us your permission.
THIRD PARTY WEBSITES
Users may find content on our Site that links to the sites and services of our partners, suppliers, sponsors, licensors, and other third parties. We do not control the content or links that appear on these sites and are not responsible for the practices employed by websites linked to or from our Site. In addition, these sites or services, including their content and links, may be constantly changing. These sites and services may have their own privacy policies and customer service policies. Browsing and interaction on any other website, including websites which have a link to our Site, is subject to that website’s own terms and policies.
COMPLIANCE WITH CHILDREN’S ONLINE PRIVACY PROTECTION ACT
Protecting the privacy of the very young is especially important. For that reason, we never collect or maintain information at our Site from those we actually know are under 13, and no part of our website is structured to attract anyone under 13.
YOUR ACCEPTANCE OF THESE TERMS
By using this Site, you signify your acceptance of this policy. If you do not agree to this policy, please do not use our Site. Your continued use of the Site following the posting of changes to this policy will be deemed as your acceptance of those changes.
This Policy was last updated on November 20, 2017