Privacy & HIPAA Disclosures
Apex EDI Inc. (Apex) is committed to providing the highest level of security and privacy regarding the collection and use of its online electronic service customers’ information, as well as that of all visitors to its Web Site. Apex’s corporate policy is to protect the privacy and confidentiality of its customers and those individuals whose healthcare information may be identified within the transaction data services supplied by Apex to its customers. This Privacy Statement describes what information Apex collects and how that information is protected and used.
Apex operates under the following privacy principles:
|Information supplied by a visitor that could be used to identify or contact that visitor, such as name, e-mail address or other similar information (“Personal Information”), will not be disclosed to anyone unless the visitor indicates that Apex may do so.|
|Apex may share statistical information about its visitors as a group, such as usage habits, demographics and similar information that cannot be used to identify or contact visitors (“Aggregate Information”), with any partner of Apex. However, Apex will not share Personal Information about a visitor at any time without the visitor’s permission.|
|The only information Apex obtains about an individual visitor to its Web Site is information supplied voluntarily by that visitor.|
|Personal Information about an individual contained within electronic health transactions, reports and other summaries derived from electronic health transactions, or within administrative information necessary to conduct electronic health transactions, that can be used to identify or contact that individual will be protected by Apex as “Individually Identifiable Health Information” in accordance with the requirements and definitions of the Health Insurance Portability and Accountability Act (HIPAA) of 1996 (Public Law 104-191) and any implementing regulations.|
|Apex will also observe all other state and federal laws relating to transmission, storage, and access to medical records and other healthcare data|
Disclosure of Personal Information
Except as set forth herein, Apex will not disclose any Personal Information about its visitors and customers to unaffiliated companies. Any Personal Information provided to entities affiliated with Apex will be treated in accordance with the terms of this Privacy Statement.
Except as set forth herein, Apex will not disclose any Personal Information contained within payment processing or electronic health transactions to unaffiliated companies. Any Personal Information provided to entities affiliated with Apex will be treated in accordance with the terms of this Privacy Statement.
Apex will consider, and may release, Personal Information to third parties to comply with law or to protect the rights, property or safety of Apex and its customers.
Apex may provide to third parties Aggregate Information that does not allow the individuals to be identified or contacted.
The Apex Site may require visitors to register either before accessing the Web Site or as a requirement to access specific portions of the Web Site. Registration may include the collection of contact information such as visitor name, e-mail address, phone, and fax numbers.
An IP address is a number assigned to a computer for accessing the Internet. All computer identification on the Internet is conducted with IP addresses, which allow computers and servers to recognize and communicate with each other. Apex collects IP addresses in order to conduct system administration, report aggregate information to sponsors and advertisers, and to conduct site analysis. If a visitor requests pages from the Apex Web Site, the Apex servers enter the visitor’s IP address into a log. To maintain visitor anonymity, Apex does not associate IP addresses with records containing Personal Information. However, Apex will use IP addresses to identify any visitors who refuse to comply with Apex terms of service, and to identify visitors who threaten its service, site, or customers.
Payment Processing and Electronic Health Transactions
Some Apex Site features may use applications to collect data to facilitate a payment processing or electronic health transactions. Apex will obtain the user’s explicit permission to transfer this data to the third party to facilitate this transaction as part of the transaction processing service agreement voluntarily entered into with Apex.
Apex may store this information to verify the transaction for customer service and accounting reasons and may use this information to help personalize the experience on the Apex Site. Apex may also share this information with other third parties on an aggregate basis, but not in any manner that would permit the third party to identify or contact individual users of its Site.
Apex will maintain and protect “Individually Identifiable Health Information” that it receives in connection with electronic health transactions in accordance with the requirements of the Health Insurance Portability and Accountability Act (HIPAA) of 1996 (Public Law 104-191). Obtain a HIPAA Business Associate Agreement.
In order to provide visitors with greater value, Apex may provide links to various third party web sites. However, even if a third-party affiliation exists between Apex and that destination site, APEX EXERCISES NO AUTHORITY OVER LINKED SITES, EACH OF WHICH MAINTAINS INDEPENDENT PRIVACY AND DATA COLLECTION POLICIES AND PROCEDURES. APEX ASSUMES NO RESPONSIBILITY OR LIABILITY FOR THESE INDEPENDENT METHODS OR ACTIONS AND IS NOT RESPONSIBLE FOR THE INDEPENDENT POLICIES OR PROCEDURES OF DESTINATION SITES. SIMILARLY, APEX CANNOT TAKE RESPONSIBILITY FOR THE PRIVACY INITIATIVES OR THE CONTENT OF SUCH WEB SITES. THESE DESTINATION LINKS ARE PROVIDED ONLY FOR CONVENIENCE, AND AS SUCH, THEY ARE ACCESSED AT THE USER’S OWN RISK. However, Apex wishes to protect the integrity of the Apex Web Site and its destination links, so any comments pertaining to the Apex Web Site or any sites accessed through Apex links would be appreciated.
Apex combines industry-standard technical safeguards with employee policies to help prevent the loss, misuse or alteration of Personal Information under its control. Only authorized Apex employees, agents or independent contractors are permitted to access Personal Information, and all such employees, agents and independent contractors must agree in writing to abide by the Apex Privacy Statement. Those who violate the Privacy Statement are subject to disciplinary action, up to and including termination. Apex employs strict security measures to safeguard online transactions; Personal Information is stored in secured systems and is always encrypted when sent via Internet channels.
Despite these security measures, APEX DOES NOT REPRESENT OR WARRANT THAT PERSONAL INFORMATION WILL BE PROTECTED AGAINST LOSS, MISUSE OR ALTERATION BY THIRD PARTIES.
Privacy Statement Changes
Apex may change this Privacy Statement at any time by posting revisions to its Web Site. The use of the Site constitutes acceptance of the provisions of this Privacy Statement and the continued usage after such changes are posted constitutes acceptance of each revised Privacy Statement. If the user does not agree to the terms of this Privacy Statement or any revised statement, then they should exit the Site immediately.
Contacting the Web Site
If there are any questions about this privacy statement, the practices of this Web Site, or the interaction with this Web Site, please contact: