You are in control of your information
- You control who can access your personal health information or such information in your charge. By default, you are the only user who can view and edit your information. If you choose to, you can share your information with others. Such sharing is controlled by you and is at your decision.
- We will not sell, rent your information. We will not share your information (identified or de-identified) without your explicit consent, except in the limited situations described in this Policy document, for example when we believe it is required to do so by law.
- You can completely delete your information at any time. Deletion will be initiated immediately, and your information will be purged from your account and our systems shortly thereafter. Additional backup copies of deleted information may persist for a short time. Since deleted data will not be restored, you may want to print information before deleting it.
How Cimar UK uses your information
- To store your information in on our systems, you will need a Cimar Account. When you create a Cimar Account, we asks for your email address and a password, which is used to protect your account from unauthorised access. You can use an existing Cimar Account or create a new one specifically for this purpose.
- Cimar’s servers automatically record and log information about your use of the system (such as number of sign-ins and number of times a link was clicked). This information is temporarily stored in association with your Account for two weeks, at which point it is aggregated with other data and is no longer associated with your account. The log information will be used to operate and improve the service and will not be correlated with your use of other Cimar services.
- We periodically publish trend statistics and associations. We may use data from your account as part of an aggregated data set when publishing these trends statistics and associations (e.g., Cimar has found that one gender uses some modalities more than the other gender). These aggregated data sets do not contain any personally identifiable information.
- Certain features of our web service can be used in conjunction with other Cimar products, and those features may share information to provide a better user experience and to improve the quality of our services.
Sharing your information with people and services you trust
- If you share your information with others, you can view a list of who has access to your information and you can revoke sharing privileges at any time. When you revoke someone’s ability to read your health information, that party will no longer be able to read your information, but may have already seen or may retain a copy of the information.
- Our services contains links to third-party service providers that are capable of securely sending information to us. These service providers (which may include your medical providers such as PACS vendors) may provide information about certain medical conditions or extend the functionality of our service in other ways. By creating a link to these service providers, you give them permission to send your information such as medical records, prescription histories, or test reports to your Cimar account.
- Some of these third-party service providers will be covered by prevailing health privacy laws (such as the Insurance Portability and Accountability Act, or “HIPAA”), and those laws will govern how they may use and share your information. HIPAA requires (as do we) that you must authorise these providers to send information to your Cimar account. With that authorisation, you also give them permission to send certain especially sensitive types of health information (such as mental health or substance abuse records) that are protected by National laws and require special authorisation. When you ask us to send your health information to others, you will also be giving us permission to send those sensitive types of health information. We cannot and do not determine which of your data you do and don’t wish to share. This decision and the responsibility for sharing any patient or other data is entirely yours.
- All entities or business associates covered by HIPAA are contractually required to comply with HIPAA's rules related to collection, use, and sharing of your information. All other third-party service providers are contractually required to abide by our Developer Policies, which require that they comply with strict privacy standards for how they collect, use, or share your information.
We comply with the US-EU Safe Harbour Framework as set forth by the European Parliament regarding the collection, use, and retention of personal information from European Union member countries. We have certified that we adhere to the Safe Harbour Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Safe Harbour program, and to view our certification page, please visit http://www.export.gov/safeharbor/.
Cimar UK Ltd
(Suite 701), Kemp House,
152 - 160 City Road,
London EC1V 2NX. United Kingdom
We have further committed to refer unresolved privacy complaints under the US-EU Safe Harbour Principles to an independent dispute resolution mechanism, the BBB EU SAFE HARBOR, operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgement of your complaint, or if your complaint is not satisfactorily addressed by us, please visit the BBB EU SAFE HARBOR web site at www.bbb.org/us/safe-harbor-complaints for more information and to file a complaint.
If you have additional questions, please contact us any time. Or write to us at:Cimar UK Ltd
(Suite 701), Kemp House,
152 - 160 City Road,
London EC1V 2NX.
Tel: +44 (0) 800 093 0913