Privacy Policy

Protecting your private information is our priority. This Statement of Privacy applies to Extended Care Pro, its websites and applications and governs data collection and usage. For the purposes of this Privacy Policy, unless otherwise noted, Extended Care Pro, its website(s) and applications will be referred to as ECP. ECP SaaS (Software as a Service) Medical Records application. By using ECP, you consent to the data practices described in this statement.
 
What is private information?
Information that is used to distinguish a person from other individuals (e.g., social security number, credit card information, routing and checking information or insurance policy number) is private. Such information can be used to identify an individual (e.g., a person who works at a healthcare facility, or a resident or patient in a healthcare facility). Certain information may be used to contact a person directly (e.g., an email address, home mailing address or home telephone number).
 
Collection of your Private Information
This Policy also will apply to non-personal information if such information can be used in combination with other Personal Information or non-personal information to identify an individual.
 
Please be aware that this Policy only covers information manually submitted to, or automatically collected by, us through use of the Application and/or the Services. If you contact or exchange information with another ECP customer or business partner in person or through a means other than through the Application or Services, such activity is not covered by this Policy. Additionally, if you are not a customer or a business partner of ECP by way of written agreement, and are contacting us out of interest in the Services, a business partnership or a job opportunity, please be aware that the information that you share with us is not covered by this Policy, unless required by law.
Personal Information Collected by the Services
There are two ways Personal Information can be submitted to us. The first is through direct submission or what we call ‘Manual Submission’ and the second is by way of ‘Automated Submission’ triggered by any interaction with the Application through a computer, workstation station, mobile device or tablet.
 
Manual Submission
Personal Information can be submitted to us directly when you communicate with us offline (in person or by telephone), via email or via the Application (by entering data or uploading files) or when you authorize ECP to access, retrieve and/or import Personal Information from another user or third party on your behalf. Additionally, if you become a customer of ECP, you will be required to register by submitting Personal Information via the Application, email or offline. This could include name, email address, mailing address, telephone numbers and other contact and billing information.
 
Automatic Submission
Whenever your computer, mobile device or tablet visits, logs in or otherwise interacts with the Application, we gather data from your device and the operating software of your device transmits device and usage data to us. That transmission includes non-personal information that is necessary to identify and route the information your device is requesting. This communication is necessary for all Applications and Internet services.
 
We also use cookies. Cookies are files that web browsers place on a computer’s hard drive that tell us whether customers or visitors have been to the Application previously. Data collected in this way can include:
 

• Date and time a ‘request’ is transmitted through the Application
• The model of the device making the request
• The type and version of the operating software running on the device
• The web browser used on the device and making the request
• IP address
• Geographic location

Purpose
ECP is a cloud-based Software-as-a-Service (SaaS) platform designed to help long-term, senior living providers manage aspects of residents and patients in their care and to connect ECP customers with a variety of related healthcare networks and service providers. We will collect Personal Information only as necessary to communicate with you and/or to provide the Services.
 
Personal Information and non-personal information may be used for the following reasons:

• to register customer accounts
• to contact customers to discuss their experience with the Services, current and future needs as a customer, or to communicate future promotions or special events which might benefit them
• to provide our Services
• to operate, maintain, manage and administer the Services, including processing registrations and payments, and diagnosing technical problems
• to respond to questions and communications
• to make announcements to customers about unscheduled downtime or new features, services, products, functionality, terms, or other aspects of the Services
• to perform audits, research, measurements and analyses in an effort to maintain, administer, support, enhance and protect the Services, including determining usage trends and patterns and measuring the effectiveness of content, advertising, features or services
• to create new features, products or services
• to provide tracking solutions*

 
We may track and analyze non-identifying, aggregate usage, and volume statistical information from our visitors and customers and may provide such information to third parties. We are committed to ensuring privacy and protecting Personal Information. We also are committed to providing valuable insights and analytics to enable better performance and quality.
 
We use cookies to enhance the quality of the Services by, for example:

• saving user preferences
• preserving session settings and activities
• providing limited auto-fill functionality
• analyzing various features and content of the Services

 
ECP may use a persistent cookie to help save and retrieve information for a user who has accessed the Services. Session cookies are used to record encrypted authentication information for the duration of a specific session. The session cookie does not include the username or password of a customer. For user convenience, in relation to touchscreen logins, we also use a non-session-based cookie to store a user’s ID; however, this is configurable. We do not store passwords in session cookies, persistent cookies or headers. If a cookie is rejected, access to and usage of the Services will be denied.
 
ECP Forums and Surveys
From time to time, we may ask customers to complete surveys or ratings about our Services or of their own health care practices and operations. Any Personal Information you provide will be maintained in confidence.
 
Consent and Authorization
By using our Services or Applications, you are consenting to the use of your Personal Information when provided. On occasion, we may request additional consent in connection with the use or sharing of Personal Information for a purpose not stated in this Policy or because the law requires such consent.
 
If you are a customer or business partner of ECP, we will never use your Personal Information in a manner not otherwise provided for in our written contracts with you, authorization forms you provide to us, or this Policy.

Protecting Health Information
As a provider of hosted, electronic health record solutions, ECP customers are health care providers and subject to laws and regulations governing the use and disclosure of Private Health Information. In the United States, the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), the Health Information Technology for Economic and Clinical Health of 2009 (“HITECH”), along with the regulations adopted under those statutes, and similar state laws (where those laws are more stringent than HIPAA) govern the handling of Personal Health Information. Health care providers are considered to be Covered Entities under HIPAA and are subject to its rules regarding Personal Health Information. If a provider delegates some of its work to a third party, and that party must access Personal Health Information in order to perform the work, then such party is considered by HIPAA to be a Business Associate and is subject to the same rules regarding the protection of Personal Health Information as the Covered Entity. To enforce protection, HIPAA requires Covered Entities to execute a “Business Associate Agreement” or ”BAA” with each of its Business Associates. As a Business Associate, we are required to use reasonable and appropriate measures to safeguard the confidentiality, integrity and accessibility of Personal Health Information that is stored and processed on behalf of Covered Entities. From time to time, the terms of ECP’s standard BAA may be posted on the Application.
 
Sharing Information with Third Parties
ECP does not sell, rent or lease its customer lists to third parties.
 
ECP may share data with trusted partners to help perform statistical analysis, send you email or postal mail, provide customer support, or arrange for deliveries. All such third parties are prohibited from using your personal information except to provide these services to ECP, and they are required to maintain the confidentiality of your information.
 
ECP may disclose your personal information, without notice, if required to do so by law or in the good faith belief that such action is necessary to: (a) conform to the edicts of the law or comply with legal process served on ECP or the site; (b) protect and defend the rights or property of ECP; and/or (c) act under exigent circumstances to protect the personal safety of users of ECP, or the public.
 
Tracking User Behavior
ECP may keep track of the pages our users visit within ECP, in order to determine what ECP services are the most popular. This data is used to deliver customized content and advertising within ECP to customers whose behavior indicates that they are interested in a particular subject area.
 
Automatically Collected Information
Information about your computer hardware and software may be automatically collected by ECP. This information can include: your IP address, browser type, domain names, access times and referring website addresses. This information is used for the operation of the service, to maintain quality of the service, and to provide general statistics regarding use of the ECP website.
 
Use of Cookies
ECP may use “cookies” to help you personalize your online experience. A cookie is a text file that is placed on your hard disk by a web page server. Cookies cannot be used to run programs or deliver viruses to your computer. Cookies are uniquely assigned to you, and can only be read by a web server in the domain that issued the cookie to you.
 
One of the primary purposes of cookies is to provide a convenience feature to save you time. The purpose of a cookie is to tell the Web server that you have returned to a specific page. For example, if you personalize ECP pages, or register with ECP site or services, a cookie helps ECP to recall your specific information on subsequent visits. This simplifies the process of recording your personal information, such as billing addresses, shipping addresses, and so on. When you return to the same ECP website, the information you previously provided can be retrieved, so you can easily use the ECP features that you customized.
 
Links
This website contains links to other sites. Please be aware that we are not responsible for the content or privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of any other site that collects personally identifiable information.
 
Security of your Personal Information
ECP secures your personal information from unauthorized access, use, or disclosure. ECP uses the following methods for this purpose:
 
All data is secured while in transit using 256 bit RSA SSL encryption, and secured at rest using 256 bit AES encryption.
 
When personal information (such as a credit card number) is transmitted to other websites, it is protected through the use of encryption, such as the Secure Sockets Layer (SSL) protocol.
 
We strive to take appropriate security measures to protect against unauthorized access to or alteration of your personal information. Unfortunately, no data transmission over the Internet or any wireless network can be guaranteed to be 100% secure. As a result, while we strive to protect your personal information, you acknowledge that: (a) there are security and privacy limitations inherent to the Internet which are beyond our control; and (b) security, integrity, and privacy of any and all information and data exchanged between you and us through this Site cannot be guaranteed.
 
Children Under Thirteen
ECP does not knowingly collect personally identifiable information from children under the age of thirteen. If you are under the age of thirteen, you must ask your parent or guardian for permission to use this website.
 
Changes to this Statement
ECP reserves the right to change this Privacy Policy from time to time. We will notify you about significant changes in the way we treat personal information by sending a notice to the primary email address specified in your account, by placing a prominent notice on our site, and/or by updating any privacy information on this page. Your continued use of the Site and/or Services available through this Site after such modifications will constitute your: (a) acknowledgment of the modified Privacy Policy; and (b) agreement to abide and be bound by that Policy.