|
|
Zoa Cell is committed to ensuring compliance with many organizations that govern
our industries. This document describes the high-level compliance efforts that each
user of our site, by using these site(s), agrees to allow for regulatory and compliance
driven efforts to collect information, store potentially sensitive information and
protect that information in good faith for any term deemed necessary by regulatory
bodies and Zoa Cell Policies.
Public Information
Content that is deemed as public knowledge or freely available via the internet,
to include content from other sites is delivered as is to the consumer. Static content
displayed on web pages in our public areas, to include news links consolidated for
your ease of use is considered public domain.
Basic Personal Information
All Basic Personal Information will be stored in a secure area of our site that
can only be accessed by login and password verification. This information will only
be made available to parties requiring access and performing a role in which that
information is deemed important by Zoa Cell to service that user. This information
is basic contact information, to include but not limited to demographic, email and
phone information used to uniquely identify you in our systems.
You as a user accept the responsibility to NOT share your login and password with
ANY individual without first verifying their identity and providing consent.
Zoa Cell and its partners will NOT ask for your user name or password via electronic
means, to include emails and postings on our site(s). If for any reason Zoa Cell
requires your login credentials, you will be contacted directly using your provided
telephone number by a verifiable person to obtain this secure information, including
a verification step that you will be able to ensure the person contacting you is
in fact a valid Zoa Cell Contact.
Global Patient Medical File (GMF)
All disease specific information, treatment records, lab reports, documents containing
personal medical information will be stored in an encrypted, secured manor that
will restrict access to only those person(s) that are required to view that information
to perform services through Zoa Cell, medical services relating to your treatment
and to perform follow-up care and/or answer specific questions presented by you.
This information will be kept on file for not less than 3 years in encrypted, secured
formats and will never be passed to anyone outside Zoa Cell without your specific
consent.
Non-user identifiable statistics regarding treatment, results or trends will from
time to time need to be performed to ensure trends, reports and disease specific
statistics are maintained by Zoa Cell. No person identifiable data will be published
in any way without specific consent.
Third Party Access will only be granted to those individuals required to deliver
service under the Zoa Cell family of providers. That access will be limited to ONLY
that information required to deliver service, provide updates to your GMF or to
review procedures or processes from an audit standpoint, required by law.
All Zoa Cell servers used to provide services relating to the GMF will be solely
controlled, managed and maintained by Zoa Cell authorized personnel only. Physical
access to these servers will be restricted to only those individuals required to
properly maintain the integrity of the data, the hardware availability and security.
All access to GMF information will be performed using SSL secured web access. At
no time will any page containing sensitive information be displayed, transmitted
or accept information form a user without an HTTPS (SSL) verified connection.
You as a patient agree to provide Zoa Cell the rights to view your data, use that
data for service and reporting related tasks in limited formats during your association
with Zoa Cell. Should you decide to discontinue your relationship with Zoa Cell,
your information will be provided to you, should you request it in electronic form.
All records created, edited or placed on our servers will remain on those servers
until such time regulatory guidelines allow us to remove that information.
General Compliance
All information from outside sources, patient included, will be placed in a quarantined,
segmented area of Zoa Cell’s systems and scanned for unwanted or potentially dangerous
virus or malware signatures. Any files determined by our security scans to contain
a suspected or verified virus or malware pattern will be rejected prior to being
officially placed in the GMF system. The user supplying that information will be
notified of the threat found and asked to supply a new threat free document. Users
of Zoa Cell systems that submit virus or malware threat signature documents will
be placed into a probationary status for not less than 30 days. Repeated submissions
may cause that account to be suspended until appropriate steps can be taken to ensure
the safety and security of information from that user.
Zoa Cell provides 256 bit encryption of documents and sensitive data that utilizes
the highest possible security measures available. If new or additional security
practices are required or become available as technology advances, Zoa Cell will
update that security model as needed to ensure your continued safety and security.
Zoa Cell will employ real-time virus checks and security audits for all activities
between and among patients, treatment providers and Zoa Cell staff.
Zoa Cell disaster recovery and security policies will be made available for review
based on regulatory guidelines.
Zoa Cell provides a dedicated Security Director to oversee and manage physical,
data, systems and process security. This person will also perform Quarterly Security
audits which may be performed internally and through third party security audit
firms to ensure our systems maintain the highest possible protection.
|
|
|
|