Last Updated: March 1, 2019
Welcome to Spect Inc., (“Spect”, “We”, “Us”, “Our”), a medical device and software company that enables medical professionals to assess ophthalmologic and retinal health in patients through the use of Our patented hardware and software (“Services”), provided by website located at www.getspect.com (“Site”), Our mobile ophthalmoscope hardware (“MOH” or “Hardware”), and Our EyeLogic software platform (“Software” or “Platform”, or “Application”) (collectively referred to as “Spect Services”).
For the purposes of this Agreement, any terms not specifically defined in this Agreement shall have the meaning and definition given to them under the Health Insurance Portability and Accountability Act (HIPAA). Should You not understand Your obligations under HIPAA, if any, or Business, You are not authorized to use the Spect Services. If you do not agree with the terms of this Agreement, You shall not access and/or use the Services, nor interact with Our Website or any related Services.
We require that all healthcare providers, medical clinics, physicians, hospitals, medical staff and their personnel, employees, agents, vendors, and affiliates who use the Spect Services comply with this Policy, and all federal, state, or local government law, statute, rule, code, regulation, permit, ordinance, authorization, order, judgment or similar governmental requirement, including without limitation the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act, Civil Code §56, et seq.
We are not a “covered entity” pursuant to HIPAA. However, pursuant to 45 CFR 160.103, We may be a “business associate” to Our Medical Clinics (defined below), who may be a “covered entity” and who may possess Individually Identifiable Health Information that is protected under HIPAA, the Privacy Rule, the Security Rule, and the HITECH Standards.
Protected health information (PHI) does not include information that has been de-identified in accordance with HIPAA ("De-Identified Health Information"), and does not include information that You submit to Us for purposes other than connecting You with the Medical Clinics.
As a Business Associate to Our Medical Clinics, We will appropriately safeguard the protected health information We receive and/or create on behalf of the covered entity and/or Medical Clinics. We will use the Data and information collected by the Medical Clinics only for the purposes of providing the Spect Services to the Medical Clinics and its Patients (defined below). We will safeguard the Data information from misuse, and will help the Medical Clinics comply with some of the their duties as a covered entity under the Privacy Rule. Medical Clinics that qualify as a covered entity, may disclose protected health information to Us in Our role as a Business Associate only to help the Medical Clinic carry out its health care functions, not for Our independent use or purposes, except as needed for the proper operations, management, research, development and administration of Spect Services.
Under HIPAA, a "covered entity" is required to provide its patients a Notice of Privacy Practices that describes how the covered entity uses and discloses PHI. As a result, the Medical Clinics shall provide Patients who use Spect Services a HIPAA Notice of Privacy Practices that describes how the Medical Clinics may use or disclose Patients’ PHI (the "Medical Clinic’s Notice of Privacy Practices").
You hereby agree, that if We are a Business Associate of Our Medical Clinics, We shall have the right to access, collect, acquire, analyze, retain, and use the Data that We are provided through the Medical Clinic’s use of the Spect Services, solely for business purposes, including, without limitation, referrals, patient timelines, patient notifications, future prescription recommendations, and research and development for further features, services, and/or products. We will never sell Your Data to third parties, vendors, and/or partners without Your prior written consent.
There are two types of users that may register, use and have access to certain applicable services of the Spect Services;
If You are a Medical Clinic, We may collect information through Your access and/or use of the Spect Services. The information We collect from You will only be used for furthering and bettering Our business analytics, methods, processes, customer services, product design and functionality, new features, new products, research and development and the like. We do not store personally identifiable information, PHI, or ePHI for purposes other than operating the Spect Services and complying with legal regulations and the law. Some of the information We may collect includes, without limitation:
If You are a Patient, We may collect information through Your access and/or use of the Spect Services. We will also collect Your Patient Information from the Medical Clinic You are a patient to in order to provide the Spect Services to You and the Medical Clinic. The information We collect from You will only be used to provide You with the Spect Services, for furthering and bettering Our business analytics, methods, processes, customer services, product design and functionality, new features, new products, research and development and the like. We do not store personally identifiable information, PHI, or ePHI for purposes other than operating the Spect Services and complying with legal regulations and the law. Some of the information We may collect includes, without limitation:
We may collect Data submitted by You when You:
Spect collects Data through various methods including, without limitation:
Spect takes Your privacy seriously, and We maintain strict HTTPS / SSL-enabled use of the Site, which ensures Data is encrypted. Furthermore, We keep up to date with the latest and legally required protocols and best practices with respect to HIPAA compliance. As We understand the protection of PHI is critical, and that only those whom are authorized should be able to access and use such information, Our systems are built to facilitate and maintain this protection.
Regarding the collection, storage, processing, and securing practices and measures to protect against unauthorized access to Data, Spect implements commercially reasonable technical and organizational measures to protect Data against unauthorized access, alteration, disclosure, or destruction of Data stored on Our Site, Application or Hardware.
We do not accept liability for unintentional disclosure. In addition, persons with access to Your computer, phone, or other mobile or other devices may be able to access the Spect Service and information about You contained in the Service. It is Your responsibility to keep Your computer, phone, and devices safe and secure. We are not liable for any unauthorized use of Your Account or Data that is not directly caused by Us.
We may use Data that We collect to:
We encourage You to review the Notice of Privacy Practices and the privacy policies of each website and application You visit and use.
Despite taking industry standard and commercially reasonable methods to safeguard the Data collected through Spect Services, there is no guarantee that such information will remain protected, unhacked, or otherwise compromised due to reasons beyond Our reasonable control.
Spect shall store and retain Data collected until the User cancels its account with Us, or We believe the User Account is in breach of this Agreement or inactive, or the User Account has been suspended by Us. Upon cancellation and/or deletion, Data and personally sensitive information is immediately deleted to comply with HIPAA, unless it is required to be retained by law. Upon cancellation and/or deletion of a User Account, We will retain Navigational Information for analytics purposes for a period of eighteen (18) months from the date of account cancellation.
If You have elected to receive marketing communications from Us, We retain information about Your marketing preferences for a reasonable period of time from the date You last expressed interest in Our content, Products, or Services, such as when You last opened an email from Us or ceased using Your User Account. We retain information derived from cookies and other tracking technologies for a reasonable period of time from the date such information was created.
We will communicate with You through the information You have provided to Us, including, email, phone, fax, text messages and in-application/web portal notifications, if applicable. Should You want to unsubscribe or opt-out of any communication with Spect, You may do so by clicking the unsubscribe button at the bottom of all emails, or by sending Us an email at: firstname.lastname@example.org.
We may pass Your Personal Data to third party providers (which may include Google Analytics and Amazon Web Services) of content available on the Site or Platform to enable those providers to:
Generate general statistical information about the Spect Services user base, sales patterns, traffic volumes and related matters to reputable third parties, but these details will not include information personally identifying You
We may disclose part or all information collected through the Services, if (1) required by law; (2) if We believe that disclosure is necessary to comply with the law; (3) to enforce Our intellectual property rights; (4) to protect the rights, property or safety of Us and Our employees or agents; and (5) if necessary to defend against third-party claims. We may also disclose information collected on the Site when requested to comply with a court order, investigation, subpoena or governmental request. We will notify You of such use, either by a notification on the Site or by email to Our Users.
We may disclose some of Your Data to Our third-party service providers that provide services such as the hosting of the Service, data analysis, IT services and infrastructure, customer service, e-mail delivery, auditing, payment processing, and other similar services.
We may disclose some of Your Data to schedule and fulfill appointments and provide healthcare services on behalf of the Patient and/or Medical Clinic;
We may disclose some of Your Data to the Medical Clinic or its affiliates for Patient referrals, treatment, payment or healthcare operations purposes;
If and when We share Your Data with third parties, contractors, service providers as affiliated with Us, We only provide information necessary and required to perform their service(s), and We require that they protect Your information and not use it for any other purpose.
When using the Spect Service, You may choose not to provide Us with certain information, but this may limit the features You are able to use or may prevent You from using the Spect Service all together.