Privacy Policy
Last updated 02/04/2025
1. Introduction
This Privacy Policy (our “Privacy Policy”) supplements Nosis Health, Inc.’s (“Company,” “we,” “us,” and “our”) Terms of Service and describes how Company and Provider Groups collect, use, maintain, protect, and disclose Personal Data about you through the use of the Services. By “Personal Data,” we mean information that is personally identifiable to you.
Please read this Privacy Policy carefully to understand our policies and practices regarding your Personal Data and how we will treat it. If you do not agree with this Privacy Policy, your choice is not to use the Services. By accessing or using the Services, you agree to this Privacy Policy. This Privacy Policy may change from time to time. Your continued use of the Services after we make changes is deemed to be acceptance of those changes, so please check this Privacy Policy periodically for updates.
Please read this Privacy Policy carefully to understand our policies and practices regarding your Personal Data and how we will treat it. If you do not agree with this Privacy Policy, your choice is not to use the Services. By accessing or using the Services, you agree to this Privacy Policy. This Privacy Policy may change from time to time. Your continued use of the Services after we make changes is deemed to be acceptance of those changes, so please check this Privacy Policy periodically for updates.
2. Protected Health Information
Please see the Provider Groups’ Notice of Privacy Practices to understand how we protect, use and disclose your protected health information as defined under the Health Insurance Portability and Accountability Act of 1996 and related laws and regulations (“HIPAA”). If your Personal Data is protected health information, we treat the protected health information in accordance with HIPAA and the Notice of Privacy Practices. If the protected health information is related to diagnosis, treatment, or referral for a substance use disorder, the information is also protected by 42 CFR Part 2 (“Part 2”). To the extent this Privacy Policy conflicts with our HIPAA or Part 2 obligations or the Notice of Privacy Practices, we comply with HIPAA and Part 2 obligations or the Notice of Privacy Practices.
3. Children Under the Age of 13 and Majority
The Services are not intended for children under the age of 13. Children under the age of 13 are strictly prohibited from using the Services. We do not knowingly collect Personal Data from persons who are under the age of 13. If you are under the age of 13, do not use or provide any information on the Services or on or through any of their features, including your name, address, telephone number, email address, or any screen name or user name you may use. If we learn we have collected or received Personal Data from a child under the age of 13, we will delete that information. If you believe we might have any Personal Data from a child under the age of 13, please contact us at compliance@nosis.health.
If you access or use the Services, you represent and warrant that you are either at least 18 years old or otherwise have adequate authority and capacity to consent to use the Services under applicable state laws, federal laws or the authorization of a parent or legal guardian who agrees to be bound by the Terms and this Privacy Policy. If you are under 18 and lack sufficient authority to access or use the Services, do not use or provide any information on the Services.
If you access or use the Services, you represent and warrant that you are either at least 18 years old or otherwise have adequate authority and capacity to consent to use the Services under applicable state laws, federal laws or the authorization of a parent or legal guardian who agrees to be bound by the Terms and this Privacy Policy. If you are under 18 and lack sufficient authority to access or use the Services, do not use or provide any information on the Services.
4. Personal Data We Collect About You
We collect different types of Personal Data about you. This section is intended to describe the Personal Data that we may collect about you. We collect the following types of Personal Data from and about Users of the Services:
• name, postal address, billing address, shipping address, e-mail address, mobile telephone number, driver’s license (or other government identification) information, including number, photo, and other associated information, date of birth, credit or debit card number (for payment purposes only), photos of you, your medical history, and health information;
• traffic data, location data, logs, referring/exit pages, date and time of your visit to the Services, error information, clickstream data, and other communication data and the resources that you access and use on the Services; and
• your Internet connection, the equipment you use to access the Services, and usage details.
• name, postal address, billing address, shipping address, e-mail address, mobile telephone number, driver’s license (or other government identification) information, including number, photo, and other associated information, date of birth, credit or debit card number (for payment purposes only), photos of you, your medical history, and health information;
• traffic data, location data, logs, referring/exit pages, date and time of your visit to the Services, error information, clickstream data, and other communication data and the resources that you access and use on the Services; and
• your Internet connection, the equipment you use to access the Services, and usage details.
5. How We Collect Your Personal Data
We collect Personal Data:
• directly from you when you provide it to us, such as:
◦ information that you provide by filling in forms on the Services (this includes information provided at the time of registering to use the Services, using Provider Group’s consultation services, purchasing products, reporting a problem with the Services, or requesting further services), and your User Contributions (as described in Section 8);
◦ records and copies of your correspondence (including email addresses), if you contact us; and
◦ details of transactions you carry out through the Services and of the fulfillment of your requests (you may be required to provide financial information before placing a request through the Services).
• automatically as you navigate through the Services (information collected automatically may include usage details, IP addresses, and information collected through cookies, web beacons, and other tracking technologies) – see additional detail in Section 6 below; and
• from third parties, for example, our business partners.
• directly from you when you provide it to us, such as:
◦ information that you provide by filling in forms on the Services (this includes information provided at the time of registering to use the Services, using Provider Group’s consultation services, purchasing products, reporting a problem with the Services, or requesting further services), and your User Contributions (as described in Section 8);
◦ records and copies of your correspondence (including email addresses), if you contact us; and
◦ details of transactions you carry out through the Services and of the fulfillment of your requests (you may be required to provide financial information before placing a request through the Services).
• automatically as you navigate through the Services (information collected automatically may include usage details, IP addresses, and information collected through cookies, web beacons, and other tracking technologies) – see additional detail in Section 6 below; and
• from third parties, for example, our business partners.
6. Personal Data Collected Through and Use of Automatic Data Collection Technologies
As you navigate through and interact with the Services, we may use automatic data collection technologies to collect certain information about your equipment, browsing actions, and patterns, specifically:
• details of your visits to the Services, such as traffic data, location data, logs, referring/exit pages, date and time of your visit to the Services, error information, clickstream data, and other communication data and the resources that you access and use on the Services; and
• information about your computer, mobile device, and Internet connection, specifically your IP address, operating system, and browser type.
The information we collect automatically may include Personal Data or we may maintain it or associate it with Personal Data we collect in other ways or receive from third parties. It helps us to improve the Services and to deliver a better and more personalized service by enabling us to:
• estimate our audience size and usage patterns;
• store information about your preferences, allowing us to customize the Services according to your individual interests; or
• recognize you when you return to the Services.
The technologies we use for this automatic data collection include, among others:
• Cookies (or browser cookies). A cookie is a small file placed on the hard drive of your computer or mobile device. On your computer or device, you may refuse to accept browser cookies by activating the appropriate setting on your browser, and you may have similar capabilities on your mobile device in the preferences for your operating system or browser. However, if you select this setting, you may be unable to access certain parts of the Services. Unless you have adjusted your browser or operating system setting so that it will refuse cookies, our system will issue cookies when you direct your browser to the Services. Please refer to our Cookies Policy for more information your options to activate and deactivate certain cookies.
• Pixels. Pixels are transparent images embedded in a website, email, or ad, and which contain a link to an external server. When a User interacts with an email, navigates to our Services, or views an ad, the User’s browser downloads the invisible image file. That action triggers a request from the pixel server, providing the server owner with knowledge of who downloaded the pixel as well as information like the operating system used, the type of browser used, the time the pixel was interacted with, the IP address, and more.
• Google Analytics. We use Google Analytics, a web analytics service provided by Google, Inc. (“Google”) to collect certain information relating to your use of certain parts of the Services. Google Analytics uses cookies and other tracking technologies to help the Services analyze how users use the Services. You can find out more about how Google uses data when you visit the Services by visiting “How Google uses data when you use our partners' sites or apps”, (located at www.google.com/policies/privacy/partners/). For more information regarding Google Analytics please visit Google's website, and pages that describe Google Analytics, such as www.google.com/analytics/learn/privacy.html.
• details of your visits to the Services, such as traffic data, location data, logs, referring/exit pages, date and time of your visit to the Services, error information, clickstream data, and other communication data and the resources that you access and use on the Services; and
• information about your computer, mobile device, and Internet connection, specifically your IP address, operating system, and browser type.
The information we collect automatically may include Personal Data or we may maintain it or associate it with Personal Data we collect in other ways or receive from third parties. It helps us to improve the Services and to deliver a better and more personalized service by enabling us to:
• estimate our audience size and usage patterns;
• store information about your preferences, allowing us to customize the Services according to your individual interests; or
• recognize you when you return to the Services.
The technologies we use for this automatic data collection include, among others:
• Cookies (or browser cookies). A cookie is a small file placed on the hard drive of your computer or mobile device. On your computer or device, you may refuse to accept browser cookies by activating the appropriate setting on your browser, and you may have similar capabilities on your mobile device in the preferences for your operating system or browser. However, if you select this setting, you may be unable to access certain parts of the Services. Unless you have adjusted your browser or operating system setting so that it will refuse cookies, our system will issue cookies when you direct your browser to the Services. Please refer to our Cookies Policy for more information your options to activate and deactivate certain cookies.
• Pixels. Pixels are transparent images embedded in a website, email, or ad, and which contain a link to an external server. When a User interacts with an email, navigates to our Services, or views an ad, the User’s browser downloads the invisible image file. That action triggers a request from the pixel server, providing the server owner with knowledge of who downloaded the pixel as well as information like the operating system used, the type of browser used, the time the pixel was interacted with, the IP address, and more.
• Google Analytics. We use Google Analytics, a web analytics service provided by Google, Inc. (“Google”) to collect certain information relating to your use of certain parts of the Services. Google Analytics uses cookies and other tracking technologies to help the Services analyze how users use the Services. You can find out more about how Google uses data when you visit the Services by visiting “How Google uses data when you use our partners' sites or apps”, (located at www.google.com/policies/privacy/partners/). For more information regarding Google Analytics please visit Google's website, and pages that describe Google Analytics, such as www.google.com/analytics/learn/privacy.html.
6. Personal Data Collected Through and Use of Automatic Data Collection Technologies
As you navigate through and interact with the Services, we may use automatic data collection technologies to collect certain information about your equipment, browsing actions, and patterns, specifically:
• details of your visits to the Services, such as traffic data, location data, logs, referring/exit pages, date and time of your visit to the Services, error information, clickstream data, and other communication data and the resources that you access and use on the Services; and
• information about your computer, mobile device, and Internet connection, specifically your IP address, operating system, and browser type.
The information we collect automatically may include Personal Data or we may maintain it or associate it with Personal Data we collect in other ways or receive from third parties. It helps us to improve the Services and to deliver a better and more personalized service by enabling us to:
• estimate our audience size and usage patterns;
• store information about your preferences, allowing us to customize the Services according to your individual interests; or
• recognize you when you return to the Services.
The technologies we use for this automatic data collection include, among others:
• Cookies (or browser cookies). A cookie is a small file placed on the hard drive of your computer or mobile device. On your computer or device, you may refuse to accept browser cookies by activating the appropriate setting on your browser, and you may have similar capabilities on your mobile device in the preferences for your operating system or browser. However, if you select this setting, you may be unable to access certain parts of the Services. Unless you have adjusted your browser or operating system setting so that it will refuse cookies, our system will issue cookies when you direct your browser to the Services. Please refer to our Cookies Policy for more information your options to activate and deactivate certain cookies.
• Pixels. Pixels are transparent images embedded in a website, email, or ad, and which contain a link to an external server. When a User interacts with an email, navigates to our Services, or views an ad, the User’s browser downloads the invisible image file. That action triggers a request from the pixel server, providing the server owner with knowledge of who downloaded the pixel as well as information like the operating system used, the type of browser used, the time the pixel was interacted with, the IP address, and more.
• Google Analytics. We use Google Analytics, a web analytics service provided by Google, Inc. (“Google”) to collect certain information relating to your use of certain parts of the Services. Google Analytics uses cookies and other tracking technologies to help the Services analyze how users use the Services. You can find out more about how Google uses data when you visit the Services by visiting “How Google uses data when you use our partners' sites or apps”, (located at www.google.com/policies/privacy/partners/). For more information regarding Google Analytics please visit Google's website, and pages that describe Google Analytics, such as www.google.com/analytics/learn/privacy.html.
• details of your visits to the Services, such as traffic data, location data, logs, referring/exit pages, date and time of your visit to the Services, error information, clickstream data, and other communication data and the resources that you access and use on the Services; and
• information about your computer, mobile device, and Internet connection, specifically your IP address, operating system, and browser type.
The information we collect automatically may include Personal Data or we may maintain it or associate it with Personal Data we collect in other ways or receive from third parties. It helps us to improve the Services and to deliver a better and more personalized service by enabling us to:
• estimate our audience size and usage patterns;
• store information about your preferences, allowing us to customize the Services according to your individual interests; or
• recognize you when you return to the Services.
The technologies we use for this automatic data collection include, among others:
• Cookies (or browser cookies). A cookie is a small file placed on the hard drive of your computer or mobile device. On your computer or device, you may refuse to accept browser cookies by activating the appropriate setting on your browser, and you may have similar capabilities on your mobile device in the preferences for your operating system or browser. However, if you select this setting, you may be unable to access certain parts of the Services. Unless you have adjusted your browser or operating system setting so that it will refuse cookies, our system will issue cookies when you direct your browser to the Services. Please refer to our Cookies Policy for more information your options to activate and deactivate certain cookies.
• Pixels. Pixels are transparent images embedded in a website, email, or ad, and which contain a link to an external server. When a User interacts with an email, navigates to our Services, or views an ad, the User’s browser downloads the invisible image file. That action triggers a request from the pixel server, providing the server owner with knowledge of who downloaded the pixel as well as information like the operating system used, the type of browser used, the time the pixel was interacted with, the IP address, and more.
• Google Analytics. We use Google Analytics, a web analytics service provided by Google, Inc. (“Google”) to collect certain information relating to your use of certain parts of the Services. Google Analytics uses cookies and other tracking technologies to help the Services analyze how users use the Services. You can find out more about how Google uses data when you visit the Services by visiting “How Google uses data when you use our partners' sites or apps”, (located at www.google.com/policies/privacy/partners/). For more information regarding Google Analytics please visit Google's website, and pages that describe Google Analytics, such as www.google.com/analytics/learn/privacy.html.
7. How We Use Your Personal Data
We use your Personal Data for the business purposes described below:
• provide the Services to you;
• provide products and Services to you;
• provide you with information you request from us;
• enforce our rights arising from contracts;
• to carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection;
• notify you about changes;
provide you with newsletters, advertisements, and other promotional communications (with your consent);
• to contact you in response to a request;
• to fulfill any other purpose for which you provide it;
• for any other purpose with your consent; and
• provide you with notices about your Account.
With your consent, we may also use your information to contact you about goods and services that may be of interest to you, including through newsletters. If you wish to opt-out of receiving such communications, you may do so at any time by clicking unsubscribe at the bottom of these communications or by contacting us at compliance@nosis.health.
• provide the Services to you;
• provide products and Services to you;
• provide you with information you request from us;
• enforce our rights arising from contracts;
• to carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection;
• notify you about changes;
provide you with newsletters, advertisements, and other promotional communications (with your consent);
• to contact you in response to a request;
• to fulfill any other purpose for which you provide it;
• for any other purpose with your consent; and
• provide you with notices about your Account.
With your consent, we may also use your information to contact you about goods and services that may be of interest to you, including through newsletters. If you wish to opt-out of receiving such communications, you may do so at any time by clicking unsubscribe at the bottom of these communications or by contacting us at compliance@nosis.health.
8. Disclosure of Your Personal Data
We do not share, sell, or otherwise disclose your Personal Data for purposes other than those outlined in this Privacy Policy.
We may disclose Personal Data that we collect or you provide as described in this Privacy Policy:
• to service providers and other third parties we use to support our business (the services provided by these organizations include providing IT and infrastructure support services, and ordering, marketing, and payment processing services);
• to a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which Personal Data held by Company about the Service Users are among the assets transferred;
• to fulfill the purpose for which you provide it (for example, we may disclose your personal information to a health care provider);for any other purpose disclosed by us when you provide the information; andwith your consent.
We may also disclose your Personal Data:
• to comply with any court order, law, or legal process, including to respond to any government or regulatory request;
• to enforce or apply our Terms and other agreements, including for billing and collection purposes; and
• if we believe disclosure is necessary or appropriate to protect the rights, property, or safety of Company, our customers, or others (this includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction).
In addition, we may disclose aggregated information about our Users, and information that does not identify any individual, without restriction.
You also may provide information (hereinafter, “posted”) to other users of the Services or third parties (collectively, “User Contributions”). Your User Contributions are posted on and transmitted to others at your own risk. Although we limit access to certain pages, please be aware that no security measures are perfect or impenetrable.
We may disclose Personal Data that we collect or you provide as described in this Privacy Policy:
• to service providers and other third parties we use to support our business (the services provided by these organizations include providing IT and infrastructure support services, and ordering, marketing, and payment processing services);
• to a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which Personal Data held by Company about the Service Users are among the assets transferred;
• to fulfill the purpose for which you provide it (for example, we may disclose your personal information to a health care provider);for any other purpose disclosed by us when you provide the information; andwith your consent.
We may also disclose your Personal Data:
• to comply with any court order, law, or legal process, including to respond to any government or regulatory request;
• to enforce or apply our Terms and other agreements, including for billing and collection purposes; and
• if we believe disclosure is necessary or appropriate to protect the rights, property, or safety of Company, our customers, or others (this includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction).
In addition, we may disclose aggregated information about our Users, and information that does not identify any individual, without restriction.
You also may provide information (hereinafter, “posted”) to other users of the Services or third parties (collectively, “User Contributions”). Your User Contributions are posted on and transmitted to others at your own risk. Although we limit access to certain pages, please be aware that no security measures are perfect or impenetrable.
9. Choices About How We Use and Disclose Your Personal Data
We offer you choices on how you can opt out of our use of tracking technology, disclosure of your Personal Data for our advertising to you, and other targeted advertising.
We strive to provide you with choices regarding the Personal Data you provide to us. We have created mechanisms to provide you with control over your Personal Data:
• Tracking Technologies and Advertising. You can set your browser or operating system to refuse all or some cookies or to alert you when cookies are being sent. In addition, you can activate or deactivate certain cookies through our Cookie policy. If you disable or refuse cookies, please note that some parts of the Services may then be inaccessible or not function properly.
• Promotional Offers from Company. If you do not wish to have your email address used by Company to promote our own products and services, you can opt-out at any time by clicking the unsubscribe link at the bottom of any email or other marketing communications you receive from us or by contacting us. This opt-out does not apply to information provided to Company as a result of a Service purchase or your use of our Services.
• Targeted Advertising. To learn more about interest-based advertisements and your opt-out rights and options, visit the Digital Advertising Alliance and the Network Advertising Initiative websites (www.aboutads.info and www.networkadvertising.org). Please note that if you choose to opt out, you will continue to see ads, but they will not be based on your online activity. We do not control third parties’ collection or use of your information to serve interest-based advertising. However, these third parties may provide you with ways to choose not to have your information collected or used in this way. You can also opt out of receiving targeted ads from members of the NAI on its website.
We do not control the collection and use of your information collected by third parties as described in our Terms. These third parties may aggregate the information they collect with information from their other customers for their own purposes.
We strive to provide you with choices regarding the Personal Data you provide to us. We have created mechanisms to provide you with control over your Personal Data:
• Tracking Technologies and Advertising. You can set your browser or operating system to refuse all or some cookies or to alert you when cookies are being sent. In addition, you can activate or deactivate certain cookies through our Cookie policy. If you disable or refuse cookies, please note that some parts of the Services may then be inaccessible or not function properly.
• Promotional Offers from Company. If you do not wish to have your email address used by Company to promote our own products and services, you can opt-out at any time by clicking the unsubscribe link at the bottom of any email or other marketing communications you receive from us or by contacting us. This opt-out does not apply to information provided to Company as a result of a Service purchase or your use of our Services.
• Targeted Advertising. To learn more about interest-based advertisements and your opt-out rights and options, visit the Digital Advertising Alliance and the Network Advertising Initiative websites (www.aboutads.info and www.networkadvertising.org). Please note that if you choose to opt out, you will continue to see ads, but they will not be based on your online activity. We do not control third parties’ collection or use of your information to serve interest-based advertising. However, these third parties may provide you with ways to choose not to have your information collected or used in this way. You can also opt out of receiving targeted ads from members of the NAI on its website.
We do not control the collection and use of your information collected by third parties as described in our Terms. These third parties may aggregate the information they collect with information from their other customers for their own purposes.
10. Your Rights Regarding Your Personal Data
You can review and change your Personal Data by logging into the Services and changing your Account information. You may also contact us at compliance@nosis.health regarding any of your rights under applicable state laws; any changes or errors in any Personal Data we have about you to ensure that it is complete, accurate, and as current as possible; or to delete your Account. We may not be able to accommodate your request if we believe it would violate any law or legal requirement or cause the information to be incorrect.
See state-specific sections below on your rights under specific state laws.
See state-specific sections below on your rights under specific state laws.
11. Do Not Track Signals
We currently do not use automated data collection technologies to track you across websites.
We currently do not honor do-not-track signals that may be sent by some browsers.
Some web browsers permit you to broadcast a signal to websites and online services indicating a preference that they “do not track” your online activities. At this time, we do not honor such signals.
We currently do not honor do-not-track signals that may be sent by some browsers.
Some web browsers permit you to broadcast a signal to websites and online services indicating a preference that they “do not track” your online activities. At this time, we do not honor such signals.
12. Data Security
Information transmitted over the Internet is not completely secure, but we do our best to protect your Personal Data. The safety and security of your information also depends on you. Where you have chosen a password for the use of the Services, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.
We have implemented measures designed to secure your Personal Data from accidental loss and from unauthorized access, use, alteration, and disclosure. We use encryption technology for information sent and received by us.
Although we do our best to protect your Personal Data, we cannot guarantee the security of your Personal Data transmitted to the Services. Any transmission of Personal Data is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Services or in your operating system.
We have implemented measures designed to secure your Personal Data from accidental loss and from unauthorized access, use, alteration, and disclosure. We use encryption technology for information sent and received by us.
Although we do our best to protect your Personal Data, we cannot guarantee the security of your Personal Data transmitted to the Services. Any transmission of Personal Data is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Services or in your operating system.
12. Data Security
Information transmitted over the Internet is not completely secure, but we do our best to protect your Personal Data. The safety and security of your information also depends on you. Where you have chosen a password for the use of the Services, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.
We have implemented measures designed to secure your Personal Data from accidental loss and from unauthorized access, use, alteration, and disclosure. We use encryption technology for information sent and received by us.
Although we do our best to protect your Personal Data, we cannot guarantee the security of your Personal Data transmitted to the Services. Any transmission of Personal Data is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Services or in your operating system.
We have implemented measures designed to secure your Personal Data from accidental loss and from unauthorized access, use, alteration, and disclosure. We use encryption technology for information sent and received by us.
Although we do our best to protect your Personal Data, we cannot guarantee the security of your Personal Data transmitted to the Services. Any transmission of Personal Data is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Services or in your operating system.
13. Utah Residents
The Utah Consumer Privacy Act protects consumer health data that is not protected under HIPAA, such as consumer health data collected by your fitness trackers.
Please see our Notice of Privacy Practices for information about how we protect your protected health information, and the rest of this Privacy Policy for information about how we protect other personal information about you.
Please see our Notice of Privacy Practices for information about how we protect your protected health information, and the rest of this Privacy Policy for information about how we protect other personal information about you.
14. Individuals in Other States
You may have rights under other state consumer privacy laws, including California, Colorado, Connecticut, Nevada, Oregon, Texas, and Virginia.
We do not currently operate in these states. Please contact us at compliance@nosis.health if you have questions or would like to exercise a right under these laws.
We do not currently operate in these states. Please contact us at compliance@nosis.health if you have questions or would like to exercise a right under these laws.
15. International Users
The Services are controlled and operated by us from the United States and are not intended to subject us to the laws or jurisdiction of any state, country or territory other than that of the United States. Any information you provide to us through use of the Services may be stored and processed, transferred between and accessed from the United States and other countries that may not guarantee the same level of protection of personal data as the one in which you reside. However, we will handle your Personal Data in accordance with this Privacy Policy regardless of where your Personal Data is stored/accessed.
16. Changes to Our Privacy Policy
We may change this Privacy Policy at any time. If we make material changes to how we treat our Users’ Personal Data, we will notify you by email to the email address specified in your account and/or through a notice on the Services’ home page and invite you to review (and accept, if necessary) the changes. The date this Privacy Policy was last revised is identified at the top of the page. You are responsible for ensuring we have an up-to-date active and deliverable email address for you and for periodically visiting the Services and reviewing this Privacy Policy to check for any changes.
17. Contact Information
If you have any questions, concerns, complaints, or suggestions regarding our Privacy Policy or otherwise need to contact us, you may contact us at the contact information below.
How to Contact Us:
Notice of Privacy Practices
Last updated: 02/04/2025
This Notice describes:
• HOW PROTECTED HEALTH INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED
• YOUR RIGHTS WITH RESPECT TO YOUR PROTECTED HEALTH INFORMATION
• HOW TO FILE A COMPLAINT CONCERNING A VIOLATION OF THE PRIVACY OR SECURITY OF YOUR PROTECTED HEALTH INFORMATION, OR OF YOUR RIGHTS CONCERNING YOUR INFORMATION
YOU HAVE A RIGHT TO A COPY OF THIS NOTICE (IN PAPER OR ELECTRONIC FORM) AND TO DISCUSS IT WITH DUFFY FALLON AT COMPLIANCE@NOSIS.HEALTH IF YOU HAVE ANY QUESTIONS.
This Notice of Privacy Practices (the “Notice”) describes how Provider Groups including but not limited to Nosis Zion Group LLC (collectively, “we” or “our”) may use and disclose your protected health information to carry out treatment, payment, or business operations and for other purposes that are permitted or required by law. “Protected health information” is information about you, including demographic information, that may identify you and that relates to your physical health or condition, treatment or payment for health care services.
This Notice also describes your rights to access and control your protected health information.
The Provider Group will abide by the terms of the Notice currently in effect.
USES AND DISCLOSURES OF PROTECTED HEALTH INFORMATION:
Your protected health information may be used and disclosed by our health care providers, our staff, and others outside of our office that are involved in your care and treatment for the purpose of providing health care services to you, to support our business operations, to obtain payment for your care, and any other use authorized or required by law.
TREATMENT:
We will use and disclose your protected health information to provide, coordinate, or manage your health care and any related services. This includes the coordination or management of your health care with a third party. For example, your protected health information may be provided to any other health care provider with whom you have an existing treatment relationship to ensure the necessary information is accessible to diagnose or treat you.
PAYMENT:
Your protected health information may be used to bill or obtain payment for your health care services. For example, we may use your protected health information in connection with processing payments for services provided to you.
HEALTH CARE OPERATIONS:
We may use or disclose, as needed, your protected health information in order to support our business activities. These activities include, but are not limited to, improving quality of care, providing information about treatment alternatives or other health-related benefits and services, development or maintaining and supporting computer systems, legal services, and conducting audits and compliance programs, including fraud, waste and abuse investigations. We may de-identify and anonymize your information such that it is no longer considered protected health information or personally identifiable information and as such, will not contain any reference to you. In that instance, we may modify or create derivative works which contain this de-identified and anonymized information and may use that information as may be necessary to enhance the services we are providing. In addition, we may use this de-identified information for any lawful purpose including but not limited to analytics, research, preparation of case studies and other educational and research related publication and usage.
USES AND DISCLOSURES THAT DO NOT REQUIRE YOUR AUTHORIZATION
We may use or disclose your protected health information in the following situations without your authorization. These situations include the following uses and disclosures: for treatment, payment and health care operations (as described above), as required by law; for public health purposes; for health care oversight purposes; for abuse or neglect reporting; pursuant to Food and Drug Administration requirements; in connection with legal proceedings; for law enforcement purposes; to coroners, funeral directors and organ donation agencies; for certain research purposes; for certain criminal activities; for certain military activity and national security purposes; for workers’ compensation reporting; relating to certain inmate reporting; and other required uses and disclosures. Under the law, we must make certain disclosures to you upon your request, and when required by the Secretary of the Department of Health and Human Services to investigate or determine our compliance with the requirements of applicable law, including HIPAA. State laws may further restrict these disclosures.
USES AND DISCLOSURES THAT REQUIRE YOUR AUTHORIZATION:
Other permitted and required uses and disclosures will be made only with your consent, authorization or opportunity to object unless permitted or required by law. In such cases, without your authorization, we shall not use or disclose your protected health information.
You have the right to receive an accounting of certain disclosures of your protected health information that we have made, paper or electronic, except for certain disclosures which were pursuant to an authorization, for purposes of treatment, payment, healthcare operations (unless the information is maintained in an electronic health record), or for certain other purposes.
You have the right to request a restriction or limitation on the protected health information we use or disclose about you for treatment, payment or health care operations or to persons involved in your care. While we will consider all requests for additional restrictions carefully, we are not required to agree to a requested restriction. If we do agree, we will comply with your request unless the information is needed to provide you emergency treatment, or the disclosure is for one of the purposes described above. To request restrictions, you must make your request in writing to us.
REVISIONS TO THIS NOTICE:
We reserve the right to revise this Notice and to make the revised Notice effective for protected health information we already have about you as well as any information we receive in the future. You are entitled to a copy of the Notice currently in effect. Any significant changes to this Notice will be posted on the Services. You then have the right to object or withdraw as provided in this Notice.
We will notify you if a reportable breach of your unsecured protected health information is discovered.
Notification will include a brief description of how the breach occurred, the protected health information involved and contact information for you to ask questions.
CONFIDENTIALITY OF SUBSTANCE MISUSE OR SUBSTANCE USE DISORDER PART 2 RECORDS AND HOW WE MAY USE AND DISCLOSE THESE RECORDS:
If you have received treatment, diagnosis, or referral for treatment from our drug or alcohol use programs as defined in 42 CFR Part 2, the confidentiality of drug or alcohol use records is protected by federal law (at 42 U.S.C. § 290dd-2) and regulations (at 42 CFR part 2). As a general rule, we may not tell a person outside the programs that you participated in any of these programs, or share any information identifying you as an individual with substance misuse and/or an alcohol or drug use disorder, unless the disclosure has been made in either one or more of the following instances (the following categories describe various ways that we use and disclose protected health information):
• you have consented/authorized in writing;
• made between or among personnel having a need for the information in connection with their duties that arise out of the provision of diagnosis, treatment, or referral for treatment. For example, our staff, including doctors, nurses, and clinicians, will use your protected health information to provide your treatment care. Your protected health information may be used in connection with billing statements we send you and in connection with tracking charges and credits to your account. We may use and disclose your protected health information in order to conduct our healthcare business and to perform functions associated with our business activities, including accreditation and licensing;
• authorized by a court order;
• made to medical personnel in a medical emergency;
• made for research, audit, or program evaluation purposes and other permitted oversight purposes;
• made to qualified service organizations that provide services to the program such as data processing, bill collecting, medical staffing or other professional services;
• made to report suspected child abuse or neglect;
• made to report a crime or a threat to commit a crime on program premises or against program personnel;
• made to qualified service organizations that are contracted by us to perform services on our behalf which may involve receipt, use or disclosure of your protected health information. All of our qualified service organizations must agree to: be bound by 42 CFR Part 2; and if necessary, resist in judicial proceedings any efforts to obtain access to patient records except as permitted by law;
• made for research if certain requirements are met, such as approval by an Institutional Review Board;
• made for reporting of death; or
• as required by law;
COMPLAINTS:
Complaints about this Notice or how we handle your protected health information should be directed to our Privacy Officer. If you are not satisfied with the manner in which a complaint is handled you may submit a formal complaint to the Secretary of the Department of Health and Human Services , Office for Civil Rights by sending a letter to 200 Independence Avenue, S.W., Washington, D.C. 20201, calling 1-877-696-6775, or visiting www.hhs.gov/ocr/privacy/hipaa/complaints/. We will not retaliate against you for filing a complaint.
We must follow the duties and privacy practices described in this Notice. If you have any questions about this Notice, please contact us at compliance@nosis.health and ask to speak with our Privacy Officer.
You have the right to obtain a paper copy of this Notice, upon request, even if you have previously requested its receipt electronically by e-mail.
This Notice describes:
• HOW PROTECTED HEALTH INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED
• YOUR RIGHTS WITH RESPECT TO YOUR PROTECTED HEALTH INFORMATION
• HOW TO FILE A COMPLAINT CONCERNING A VIOLATION OF THE PRIVACY OR SECURITY OF YOUR PROTECTED HEALTH INFORMATION, OR OF YOUR RIGHTS CONCERNING YOUR INFORMATION
YOU HAVE A RIGHT TO A COPY OF THIS NOTICE (IN PAPER OR ELECTRONIC FORM) AND TO DISCUSS IT WITH DUFFY FALLON AT COMPLIANCE@NOSIS.HEALTH IF YOU HAVE ANY QUESTIONS.
This Notice of Privacy Practices (the “Notice”) describes how Provider Groups including but not limited to Nosis Zion Group LLC (collectively, “we” or “our”) may use and disclose your protected health information to carry out treatment, payment, or business operations and for other purposes that are permitted or required by law. “Protected health information” is information about you, including demographic information, that may identify you and that relates to your physical health or condition, treatment or payment for health care services.
This Notice also describes your rights to access and control your protected health information.
The Provider Group will abide by the terms of the Notice currently in effect.
USES AND DISCLOSURES OF PROTECTED HEALTH INFORMATION:
Your protected health information may be used and disclosed by our health care providers, our staff, and others outside of our office that are involved in your care and treatment for the purpose of providing health care services to you, to support our business operations, to obtain payment for your care, and any other use authorized or required by law.
TREATMENT:
We will use and disclose your protected health information to provide, coordinate, or manage your health care and any related services. This includes the coordination or management of your health care with a third party. For example, your protected health information may be provided to any other health care provider with whom you have an existing treatment relationship to ensure the necessary information is accessible to diagnose or treat you.
PAYMENT:
Your protected health information may be used to bill or obtain payment for your health care services. For example, we may use your protected health information in connection with processing payments for services provided to you.
HEALTH CARE OPERATIONS:
We may use or disclose, as needed, your protected health information in order to support our business activities. These activities include, but are not limited to, improving quality of care, providing information about treatment alternatives or other health-related benefits and services, development or maintaining and supporting computer systems, legal services, and conducting audits and compliance programs, including fraud, waste and abuse investigations. We may de-identify and anonymize your information such that it is no longer considered protected health information or personally identifiable information and as such, will not contain any reference to you. In that instance, we may modify or create derivative works which contain this de-identified and anonymized information and may use that information as may be necessary to enhance the services we are providing. In addition, we may use this de-identified information for any lawful purpose including but not limited to analytics, research, preparation of case studies and other educational and research related publication and usage.
USES AND DISCLOSURES THAT DO NOT REQUIRE YOUR AUTHORIZATION
We may use or disclose your protected health information in the following situations without your authorization. These situations include the following uses and disclosures: for treatment, payment and health care operations (as described above), as required by law; for public health purposes; for health care oversight purposes; for abuse or neglect reporting; pursuant to Food and Drug Administration requirements; in connection with legal proceedings; for law enforcement purposes; to coroners, funeral directors and organ donation agencies; for certain research purposes; for certain criminal activities; for certain military activity and national security purposes; for workers’ compensation reporting; relating to certain inmate reporting; and other required uses and disclosures. Under the law, we must make certain disclosures to you upon your request, and when required by the Secretary of the Department of Health and Human Services to investigate or determine our compliance with the requirements of applicable law, including HIPAA. State laws may further restrict these disclosures.
USES AND DISCLOSURES THAT REQUIRE YOUR AUTHORIZATION:
Other permitted and required uses and disclosures will be made only with your consent, authorization or opportunity to object unless permitted or required by law. In such cases, without your authorization, we shall not use or disclose your protected health information.
You have the right to receive an accounting of certain disclosures of your protected health information that we have made, paper or electronic, except for certain disclosures which were pursuant to an authorization, for purposes of treatment, payment, healthcare operations (unless the information is maintained in an electronic health record), or for certain other purposes.
You have the right to request a restriction or limitation on the protected health information we use or disclose about you for treatment, payment or health care operations or to persons involved in your care. While we will consider all requests for additional restrictions carefully, we are not required to agree to a requested restriction. If we do agree, we will comply with your request unless the information is needed to provide you emergency treatment, or the disclosure is for one of the purposes described above. To request restrictions, you must make your request in writing to us.
REVISIONS TO THIS NOTICE:
We reserve the right to revise this Notice and to make the revised Notice effective for protected health information we already have about you as well as any information we receive in the future. You are entitled to a copy of the Notice currently in effect. Any significant changes to this Notice will be posted on the Services. You then have the right to object or withdraw as provided in this Notice.
We will notify you if a reportable breach of your unsecured protected health information is discovered.
Notification will include a brief description of how the breach occurred, the protected health information involved and contact information for you to ask questions.
CONFIDENTIALITY OF SUBSTANCE MISUSE OR SUBSTANCE USE DISORDER PART 2 RECORDS AND HOW WE MAY USE AND DISCLOSE THESE RECORDS:
If you have received treatment, diagnosis, or referral for treatment from our drug or alcohol use programs as defined in 42 CFR Part 2, the confidentiality of drug or alcohol use records is protected by federal law (at 42 U.S.C. § 290dd-2) and regulations (at 42 CFR part 2). As a general rule, we may not tell a person outside the programs that you participated in any of these programs, or share any information identifying you as an individual with substance misuse and/or an alcohol or drug use disorder, unless the disclosure has been made in either one or more of the following instances (the following categories describe various ways that we use and disclose protected health information):
• you have consented/authorized in writing;
• made between or among personnel having a need for the information in connection with their duties that arise out of the provision of diagnosis, treatment, or referral for treatment. For example, our staff, including doctors, nurses, and clinicians, will use your protected health information to provide your treatment care. Your protected health information may be used in connection with billing statements we send you and in connection with tracking charges and credits to your account. We may use and disclose your protected health information in order to conduct our healthcare business and to perform functions associated with our business activities, including accreditation and licensing;
• authorized by a court order;
• made to medical personnel in a medical emergency;
• made for research, audit, or program evaluation purposes and other permitted oversight purposes;
• made to qualified service organizations that provide services to the program such as data processing, bill collecting, medical staffing or other professional services;
• made to report suspected child abuse or neglect;
• made to report a crime or a threat to commit a crime on program premises or against program personnel;
• made to qualified service organizations that are contracted by us to perform services on our behalf which may involve receipt, use or disclosure of your protected health information. All of our qualified service organizations must agree to: be bound by 42 CFR Part 2; and if necessary, resist in judicial proceedings any efforts to obtain access to patient records except as permitted by law;
• made for research if certain requirements are met, such as approval by an Institutional Review Board;
• made for reporting of death; or
• as required by law;
COMPLAINTS:
Complaints about this Notice or how we handle your protected health information should be directed to our Privacy Officer. If you are not satisfied with the manner in which a complaint is handled you may submit a formal complaint to the Secretary of the Department of Health and Human Services , Office for Civil Rights by sending a letter to 200 Independence Avenue, S.W., Washington, D.C. 20201, calling 1-877-696-6775, or visiting www.hhs.gov/ocr/privacy/hipaa/complaints/. We will not retaliate against you for filing a complaint.
We must follow the duties and privacy practices described in this Notice. If you have any questions about this Notice, please contact us at compliance@nosis.health and ask to speak with our Privacy Officer.
You have the right to obtain a paper copy of this Notice, upon request, even if you have previously requested its receipt electronically by e-mail.