NODE.Health is committed to being transparent about the ways in which we collect and process the information of our members, our researchers and any information we collect as part of our validation studies. This privacy statement (“Privacy Statement”) describes our practices for handling the information we collect about through our operations and services.
When this policy refers to ourselves as “we,” “our”, or “NODE.Health,” it means the NODE.Health Foundation inclusive of our board and our team.
1. Information We Collect
Depending on your relationship to NODE.Health, we may collect the following categories of information:
2. What We Collect
NODE.Health may collect information from members, researchers or from patients depending on the service or benefit we are providing. We may collect the following relevant information:
Members, identifiers such as profession, space of operation, and company so that we can target services and benefits more appropriately to you
Researchers, skills, licenses, interests, publications so that we can target services and benefits to you, and so that we can include you in particular research topics or NODE.Health projects and to direct research opportunities that may be relevant to you.
Patients, limited demographic and medical, health information if related to a research effort via our validation services. Information collected as part of these projects will be governed by specific data collection and security procedures as determined by the nature of the research project.
3. How Do We Collect Information?
4. How We Use Information?
We use and otherwise process each of the categories of information identified above for the following business purposes:
5. How We Share Information
We may share the information for research or legal purposes with your consent
6. Special Data Sharing for Validation Efforts
NODE.Health has special measures in place to govern information and data sharing during validation efforts. While these policies serve as broad mechanisms, each validation effort may also require a separate and specific data protection policy that is predicated on the nature of the research project.
Patient and Physician Consents
The patient, researcher and interviewee consent form will request permission for NODE.Health to disclose names and titles post engagement. NODE.Health provides this as an option to interviewees to expand the reach and quality of the experts we attract while also protecting them from direct contact regarding marketing or any additional demands for their time. We also limit direct outreach between NODE.Health client and interviewee or researcher while we are supporting a research study. We provide the option for the interviewee or researcher to reveal their name post research or validation. We have found that in most cases, the interviewee does not mind us sharing their name/contact post engagement.
Electronic Health Record (EHR) Extracts
Validation efforts that require data extracts from the EHR are arranged with the health systems individually and require specific data access agreements. If pulling information from EHRs is part of a research project, then NODE.Health may serve as an intermediary; this would need to be considered separately given its complexities. EHR extraction is sometimes considered as part of phase 2 (study design) and 3 (study) of our process should clients elect to proceed following phase 1 and given there is interest from the health-system. EHR extraction is not typically part of Phase 1 (design thinking/user feedback/discovery). If EHR extraction is necessary for the study then we work with the health systems that elects to proceed. This is considered at the end of each phase to give clients a chance to consider pros and cons.
7. Job Applicants and Contractors
If you have applied for employment or a contract position with NODE.Health, the information submitted in your job application and that we otherwise collect in evaluating your application will be used for recruitment and other customary human resources purposes including any required government reporting and recordkeeping obligations. This information may include criminal record information and federal exclusion list status, as applicable.
8. Data Security
We take reasonable steps to protect your information from unauthorized access. You should keep in mind, however, that no internet transmission is ever 100% secure or error free. In particular, email sent to or from a website or online resource may not be secure, and you should therefore take special care in deciding what information you send to us via email. Moreover, where you use user IDs and passwords to access the Services, it is your responsibility to safeguard your access credentials. Please note that information collected by third parties may not have the same security protections as information you submit to us, and we are not responsible for protecting the security of such information.
9. Links to Other Websites
While our Services may provide links to other third-party websites as a service to our visitors, we do not endorse, nor are we responsible for the content of such third-party sites. Furthermore, this Privacy Statement does not apply to third-party websites, even if they are accessed through a link from a NODE.Health website or online resource or otherwise directed to by one of our benefits. We encourage you to review the privacy policies of any third-party website before providing any personal information.
10. Contact Information
Questions about this Privacy Statement may be directed to: [email protected]
We reserve the right to amend this Privacy Statement at our discretion. When changes are made to this Privacy Statement we will post the updated policy and the date the last revisions were made. We encourage you to periodically review this page for the most current Privacy Statement.