MedeFile - Information for Life

Privacy is our top priority at MedeFile. Users of our web site learn about health, perhaps for themselves, perhaps on behalf of someone else. At MedeFile, we understand that health is a very personal, private subject and we want you to feel as comfortable as possible visiting our web site and using its services. This Privacy Policy will tell you what information we collect, how we protect it and what choices you have about how that information is used. We urge you to read our Privacy Policy so that you will understand both our commitment to you and your privacy and how you can participate in that commitment.
Personal Information We Collect
We collect information in three distinct areas:
    (1) Registration
    (2) Member Profile
    (3) The Digital Health Profile.

We also collect information that you voluntarily provide to us through responses to surveys, questionnaires and through your use of information storage facilities on our sites. MedeFile is a service that allows you to view personal health information on a voluntary basis on servers maintained by MedeFile or on its behalf. MedeFile is structured to allow access only by means of a sophisticated security system, including a USB token, and the use of advanced security services. Whenever you submit or modify your information in MedeFile, we will send such information over the Internet using Secure Socket Layer, ("SSL") encryption technology. The information you submit to MedeFile will be stored on a secure separate server as an additional security precaution. However, we do not warrant or represent that the information you submit to MedeFile will be protected against, loss, misuse or alteration by third parties.

We may also collect information about you and your use of our site through the use of Cookies. "Cookies" are small computer files that we transfer to your computer's hard drive which allow us to know how often someone visits our site and the activities they conduct while on our site. This information helps us dynamically generate advertising and content on web pages specifically designed for you and also allows us to statistically monitor how many people are using our site and for what purposes. Sponsors and advertisers may also use Cookies when you select their advertisement; we are unable to control their use of Cookies or how they manage the information they gather.  
Disclosure of Your Information
Except as set forth in this paragraph, MedeFile will not disclose to unaffiliated companies any information it gathers from you which could be used to identify or contact you ("Personal Information"). Any Personal Information provided to entities affiliated with MedeFile will be treated in accordance with the terms of this Privacy Policy, unless you are otherwise notified. In the following limited circumstances we will consider, and may release, Personal Information to third parties: (1) to comply with valid legal requirements such as a law, regulation, search warrant, subpoena or court order; or (2) in special cases, such as a physical threat to you or others. We also provide Personal Information to our vendors and suppliers where it is necessary for them to provide us with products and services related to better operation and maintenance of our web site ("Vendors"). We will attempt to require that each of these Vendors not further use or disclose your Personal Information for any purpose other than providing us or you with products and services. Of course, we cannot guarantee their compliance with these restrictions.

MedeFile may provide information about you that does not allow you to be identified or contacted ("Aggregate Information") to third parties. For example, we might inform third parties regarding the number of users of our site and the activities they conduct while on our site.

Except as provided in the first paragraph of this section, MedeFile will not disclose to unaffiliated companies any Personal Information that you store in MedeFile. The MedeFile service is a powerful storage tool that we hope you will use. However, please note that you are responsible for taking all reasonable steps to ensure that no unauthorized person shall have access to your MedeFile password or account. It is your sole responsibility to (1) control the dissemination and use of activation codes and passwords; (2) authorize, monitor and control access to and use of your MedeFile account and password; (3) promptly inform MedeFile of any need to deactivate a password. You grant MedeFile and all other persons or entities involved in the operation of the MedeFile web site and its services the right to receive, transmit, monitor, retrieve, store and use your Personal Information, including information which may be privileged and confidential under applicable state and federal laws, in connection with the operation of MedeFile. MedeFile cannot and does not assume any responsibility or liability for any information you submit to MedeFile or your or any third parties' use or misuse of information transmitted or received using MedeFile.
How MedeFile Handles Privacy Internally
MedeFile wants your personal information to remain as secure as reasonably possible. This is why we have a two-tier system at MedeFile that combines leading technical safeguards and a code of conduct for those employees that are permitted to access our customers' personal information. On the technical side, MedeFile uses SSL to help ensure the integrity and privacy of the Personal Information you provide to us via the Internet. As an additional security measure, your Personal Information is also kept physically separate on a separate server where your password is encrypted and stored on a database. On the personnel side, only authorized MedeFile employees are permitted to access your personal information. All MedeFile employees must abide by our Privacy Policy and those who violate our Privacy Policy are subject to disciplinary action, up to and including termination. Access by authorized personnel is controlled by two-factor authentication (i.e., a token and a thumbprint).
Your Privacy Choices
When you complete Registration or your Member Profile, you may be given the option of receiving recurring informational/promotional emails from MedeFile and/or third parties. You may choose not to receive these emails when you provide the information or by changing your preferences within your Member Profile at any time. We ask for contact information (such as name and email address) if you wish to subscribe to various newsletters. You can remove your subscription from such newsletters very easily. When you have received a newsletter you wish to stop, click on the "reply" button in your mail program, then type in the word "UNSUBSCRIBE" in the "Subject" field and send. MedeFile Customer Service will unsubscribe you from that newsletter in two to three business days.


This privacy statement applies only to the MedeFile web site. The MedeFile site does contain links to other sites. Please be aware that MedeFile is not responsible for the privacy practices of other such sites. We encourage you to read the privacy statements of each and every web site that collects personal information from you.
Updating Your Personal Information and Contacting MedeFile
You can always contact us in order to (1) delete your Personal Information from our systems, (2) update the Personal Information that you have provided to us, and (3) change your preferences with respect to marketing contacts, by emailing us at [email protected]. MedeFile may change this Privacy Policy at any time by posting revisions to our web site. Your use of the site constitutes acceptance of the provisions of this Privacy Policy and your continued usage after such changes are posted constitutes acceptance of each revised Privacy Policy. If you do not agree to the terms of this Privacy Policy or any revised policy, please exit the site immediately.
HIPAA Readiness
MedeFile has made a corporate commitment to be HIPAA compliant and is compliant to stage two of HIPAA. MedeFile will also assist our customers in becoming compliant.

We realize that privacy and security are critical to our business as well as our customers. Our HIPAA industry activities include:
  tracking and participating in the regulatory process.
  responding to proposed rules.
  working with industry groups to educate our staff and others.
  providing testimony at public hearings.
  developing educational tools for providers.
     developing implementation guides for us all.

We have developed a corporate infrastructure poised to implement the final regulations by providing staff education and awareness programs, designating a corporate HIPAA compliance team, and conducting business and impact analyses.

The key to privacy and security is our MedeFile corporate core values that require a commitment to excellence and service with integrity, ethics and respect to the community.


Copyright 2006 MedeFile International, Inc.  All rights reserved.