Upstate Caring Partners Privacy Policy

PRIVACY INFORMATION

At Upstate Caring Partners, we understand that information about you and your family is personal. We are committed to protecting your privacy and that of your records.

Information is shared only when authorized, when is necessary for treatment, or as mandated by State or Federal Law. In accordance with the Health and Insurance Portability and Accountability Act (HIPAA), our privacy commitment to you is:

  • All people involved in your care will protect your privacy and information will be shared only with the persons/organizations that you have authorized to view the information.
  • Protected Health Information (PHI) includes records we keep or create that are related to your health care or treatment. This includes your medical information, treatment plan, name, address, birth date and social security number.
UPSTATE CARING PARTNERS IS REQUIRED BY LAW TO
  • Maintain the privacy of your records.
  • Give you notice of our legal duties and practices concerning your health information.
  • Follow the rules contained in this notice.
  • Based on our right to revise the privacy notice, Upstate Cerebral Palsy will inform you of any changes in privacy practice.
YOUR HEALTH/CLINICAL INFORMATION RIGHTS

You have the right to:

  • Review your health/clinical records and obtain a copy of the record. Your request to obtain a copy should be put in writing to the program administrator. He or she will provide you with a release form that you must complete. We will respond to your request within ten days.
  • Records that may not be released include: incident reports, investigation reports and information compiled for use in court or administrative hearings.
  • If your request to access information is denied by the program administrator, you may ask for a review of your request for information from other professional staff members not involved with the denial. Denials will be explained in writing.
  • You may request that Upstate Cerebral Palsy change or amend your health information if you believe it is incorrect or incomplete. However, Upstate Cerebral Palsy may deny this request if we believe that the information is accurate. Information in reports not created by Upstate Cerebral Palsy may not be changed. If the amendment is approved, your record will be changed and we will inform others that need to know.
  • You may request that Upstate Cerebral Palsy limit how we disclose or use your health information, however Upstate Cerebral Palsy is not legally bound to agree to this restriction.
  • You may request a list of disclosures Upstate Cerebral Palsy has made of your health information. The list of disclosures will not include disclosures for treatment, payment, or health care operations within Upstate Cerebral Palsy or disclosures made to yourself. Disclosures will be recorded from 4/13/03. Your request for disclosures may cover a period of six years prior to the request. We will respond to your request within 60 days.
  • You have a right to receive a copy of the Upstate Cerebral Palsy privacy policy.
  • To request any of these rights, please contact the program administrator.
USES AND DISCLOSURES THAT REQUIRE YOUR AGREEMENT AND AUTHORIZATION

Upstate Caring Partners may release your health information following notification to you, if you agree:

  • To family members and personal representatives who are involved in your care.
  • To representatives of disaster relief organizations that may need to contact your family in an emergency situation.
HOW WE USE AND DISCLOSE HEALTH INFORMATION

Upstate Cerebral Palsy may use and disclose health information without your permission only in the following situations:

  • Treatment and service purposes within Upstate Cerebral Palsy and to outside health care providers who are part of your care. For example, Upstate Cerebral Palsy clinicians may discuss your health information with involved Upstate Cerebral Palsy staff or staff of other organizations who are providing care.
  • Upstate Cerebral Palsy may provide health information needed to obtain payment for our services. For example, we may provide information to a funder, i.e. Medicaid, Medicare, or to your insurance company.
  • Appointment reminder notifications.
  • Upstate Cerebral Palsy may disclose information to determine your eligibility or to determine your ability to pay for services provided. Examples of this would be disclosures to the Social Security Administration or to Medicaid.
  • Upstate Cerebral Palsy may disclose information within organization for administrative operations such as quality assurance activities, health oversight activities, treatment reviews and service reviews.
  • Information in a summary format may be used to describe the scope of agency services for public relations, fund raising and/or grant applications.
  • Information that identifies specific individuals is restricted unless Upstate Cerebral Palsy receives prior authorization from you.
  • Information may be released when required by federal or state law or when requested by authorized federal officials for intelligence or national security.
  • Information may be released to report possible domestic violence, abuse or neglect.
  • Upstate Cerebral Palsy may release information for judicial, law enforcement or administrative proceedings.
  • Information may be released to coroners, medical examiners or funeral directors so they may carry out their duties.
  • Workers compensation cases may require the disclosure of health information.
  • Upstate Cerebral Palsy may disclose health information for research studies only if you have agreed to participate in these studies and the use of your health information has been approved by an institutional review board by the agency conducting the research.
  • To correctional institutions or law enforcement officials if you are an inmate and the information is necessary for your care or health of others.
AUTHORIZATION REQUIRED FOR ALL OTHER USES AND DISCLOSURES

For all other types of uses and disclosures not described in this notice, Upstate Cerebral Palsy will use or disclose health information only with a written authorization signed by you or your authorized personal representative. The disclosure authorization form may be obtained from your program administrator. Written authorization is always required for use/disclosure of psychotherapy notes and for marketing purposes which identify an individual.

You may revoke your authorization at any time but you must do so in writing. If you revoke your authorization in writing we will no longer use or disclose your information for the reasons stated in the authorization. We cannot retrieve any disclosures made prior to revoking your authorization. We must also retain your health information that indicated the services we have provided to you.

Note: If you cannot give permission due to an emergency, Upstate Cerebral Palsy may release health information in your best interest.

Questions or concerns about Upstate Cerebral Palsy privacy policy, privacy practices or access to health information may be forwarded to the Upstate Cerebral Palsy Hotline at (315) 724-6907 ext. 7006.

YOU MAY CONTACT THE DEPARTMENT OF HEALTH AND HUMAN SERVICES AT 877-696-6775 OR AT:

Department of Health and Human Services
200 Independence Ave. SW
Washington, DC 20201

YOU MAY FILE A GRIEVANCE WITH THE OFFICE OF CIVIL RIGHTS BY CALLING 866-627-7748 OR 866-788-4989 (TTY), OR AT THE FOLLOWING ADDRESS:

Office of Civil Rights
Region II
Federal Building
26 Federal Plaza, Room 3312
New York, NY 10278

All complaints made by telephone must be followed with a written complaint. You will NOT be penalized for filing a complaint.

All content on this website is the property of Upstate Cerebral Palsy. All rights reserved.

3. EMBEDDED CONTENT

Pages on this site may include embedded content, like YouTube videos, for example. Embedded content from other websites behaves in the exact same way as if you visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged-in to that website. Below you can find a list of the services we use:

FACEBOOK

The Facebook page plugin is used to display our Facebook timeline on our site. Facebook has its own cookie and privacy policies over which we have no control. There is no installation of cookies from Facebook and your IP is not sent to a Facebook server until you consent to it. See their privacy policy here: Facebook Privacy Policy .

TWITTER

We use the Twitter API to display our tweets timeline on our site. Twitter has its own cookie and privacy policies over which we have no control. Your IP is not sent to a Twitter server until you consent to it. See their privacy policy here: Twitter Privacy Policy .

YOUTUBE

We use YouTube videos embedded on our site. YouTube has its own cookie and privacy policies over which we have no control. There is no installation of cookies from YouTube and your IP is not sent to a YouTube server until you consent to it. See their privacy policy here: YouTube Privacy Policy.

4. COOKIES

This site uses cookies – small text files that are placed on your machine to help the site provide a better user experience. In general, cookies are used to retain user preferences, store information for things like shopping carts, and provide anonymized tracking data to third party applications like Google Analytics. Cookies generally exist to make your browsing experience better. However, you may prefer to disable cookies on this site and on others. The most effective way to do this is to disable cookies in your browser. We suggest consulting the help section of your browser.

NECESSARY COOKIES (ALL SITE VISITORS)
  • cfduid: Is used for our CDN CloudFlare to identify individual clients behind a shared IP address and apply security settings on a per-client basis. See more information on privacy here: CloudFlare Privacy Policy.
  • PHPSESSID: To identify your unique session on the website.
NECESSARY COOKIES (ADDITIONAL FOR LOGGED IN CUSTOMERS)
  • wp-auth: Used by WordPress to authenticate logged-in visitors, password authentication and user verification.
  • wordpress_logged_in_{hash}: Used by WordPress to authenticate logged-in visitors, password authentication and user verification.
  • wordpress_test_cookie Used by WordPress to ensure cookies are working correctly.
  • wp-settings-[UID]: WordPress sets a few wp-settings-[UID] cookies. The number on the end is your individual user ID from the users database table. This is used to customize your view of admin interface, and possibly also the main site interface.
  • wp-settings-[UID]:WordPress also sets a few wp-settings-{time}-[UID] cookies. The number on the end is your individual user ID from the users database table. This is used to customize your view of admin interface, and possibly also the main site interface.
5. WHO HAS ACCESS TO YOUR DATA

If you are not a registered client for our site, there is no personal information we can retain or view regarding yourself.

If you are a client with a registered account, your personal information can be accessed by:

  • Our system administrators.
  • Our supporters when they (in order to provide support) need to get the information about the client accounts and access.
6. THIRD PARTY ACCESS TO YOUR DATA

We don’t share your data with third-parties in a way as to reveal any of your personal information like email, name, etc. The only exceptions to that rule are for partners we have to share limited data with in order to provide the services you expect from us. Please see below:

ENVATO PTY LTD

For the purpose of validating and getting your purchase information regarding licenses for our theme, we send your provided tokens and purchase keys to Envato Pty Ltd and use the response from their API to register your validated support data. See the Envato privacy policy here: Envato Privacy Policy.

TICKSY

Ticksy provides the support ticketing platform we use to handle support requests. The data they receive is limited to the data you explicitly provide and consent to being set when you create a support ticket. Ticksy adheres to the EU/US “Privacy Shield” and you can see their privacy policy here: Ticksy Privacy Policy.

7. HOW LONG WE RETAIN YOUR DATA

When you submit a support ticket or a comment, its metadata is retained until (if) you tell us to remove it. We use this data so that we can recognize you and approve your comments automatically instead of holding them for moderation.

If you register on our website, we also store the personal information you provide in your user profile. You can see, edit, or delete your personal information at any time (except changing your username). Website administrators can also see and edit that information.

8. SECURITY MEASURES

We use the SSL/HTTPS protocol throughout our site. This encrypts our user communications with the servers so that personal identifiable information is not captured/hijacked by third parties without authorization.

In case of a data breach, system administrators will immediately take all needed steps to ensure system integrity, will contact affected users and will attempt to reset passwords if needed.

9. YOUR DATA RIGHTS
GENERAL RIGHTS

If you have a registered account on this website or have left comments, you can request an exported file of the personal data we retain, including any additional data you have provided to us.


You can also request that we erase any of the personal data we have stored. This does not include any data we are obliged to keep for administrative, legal, or security purposes. In short, we cannot erase data that is vital to you being an active customer (i.e. basic account information like an email address).

If you wish that all of your data is erased, we will no longer be able to offer any support or other product-related services to you.

GDPR RIGHTS

Your privacy is critically important to us. Going forward with the GDPR we aim to support the GDPR standard. ThemeREX permits residents of the European Union to use its Service. Therefore, it is the intent of ThemeREX to comply with the European General Data Protection Regulation. For more details please see here: EU GDPR Information Portal.

10. THIRD PARTY WEBSITES

ThemeREX may post links to third party websites on this website. These third party websites are not screened for privacy or security compliance by ThemeREX, and you release us from any liability for the conduct of these third party websites.

All social media sharing links, either displayed as text links or social media icons do not connect you to any of the associated third parties, unless you explicitly click on them.

Please be aware that this Privacy Policy, and any other policies in place, in addition to any amendments, does not create rights enforceable by third parties or require disclosure of any personal information relating to members of the Service or Site. ThemeREX bears no responsibility for the information collected or used by any advertiser or third party website. Please review the privacy policy and terms of service for each site you visit through third party links.

11. RELEASE OF YOUR DATA FOR LEGAL PURPOSES

At times it may become necessary or desirable to ThemeREX, for legal purposes, to release your information in response to a request from a government agency or a private litigant. You agree that we may disclose your information to a third party where we believe, in good faith, that it is desirable to do so for the purposes of a civil action, criminal investigation, or other legal matter. In the event that we receive a subpoena affecting your privacy, we may elect to notify you to give you an opportunity to file a motion to quash the subpoena, or we may attempt to quash it ourselves, but we are not obligated to do either. We may also proactively report you, and release your information to, third parties where we believe that it is prudent to do so for legal reasons, such as our belief that you have engaged in fraudulent activities. You release us from any damages that may arise from or relate to the release of your information to a request from law enforcement agencies or private litigants.

Any passing on of personal data for legal purposes will only be done in compliance with laws of the country you reside in.

12. AMENDMENTS

We may amend this Privacy Policy from time to time. When we amend this Privacy Policy, we will update this page accordingly and require you to accept the amendments in order to be permitted to continue using our services.

Upstate Caring Partners © 2024 All Rights Reserved.