Privacy & Security Overview
- You can authorize physicians and other providers to see your health information if you are connected to them on OnPulse. Physicians and providers who are connected to you also can share your health information with other physicians and providers if they are connected on OnPulse, such as when a referral or consultation is appropriate for your treatment.
- As a privacy precaution, we do not allow OnPulse users to send invitations to join or connection requests unless they already know the email address of the person they want to invite or connect with.
- Are you a HIPAA covered entity? If you provide OnPulse with protected health information, you have an obligation to ask us for a Business Associate Agreement. Click here for the OnPulse Business Associate Agreement.
OnPulse Security Statement
The security of your health information is important to you, and we want you to know it is important to us. That’s why we tell you about the security measures we have in place to protect your information. If you have any questions, please contact us.
Your user ID and password are your first line of defense to keep your information safe. We require everyone to use a unique user ID and password to access the restricted areas of this site. We require you to choose a strong password that includes letters and numbers. You should choose a password that would be hard to guess. You will have to use these log-in credentials to access your health information. You should never share your log-in credentials with anyone. If you decide to give other people, like your doctor or other providers, access to your health information, we require that you ask them to sign up to OnPulse so they will have their own individual log-in credentials and account. Likewise, if you are a physician or other practitioner, you may not share your credentials with anyone, including your colleagues or staff.
It is vital to our information security program that every authorized user have their own unique log-in credentials. For that reason, we require in our Terms of Service that each user have their own individual user name and password. We also require you to keep your credentials safe. You should not write them down, send them to yourself or others by email, or otherwise display them.
We restrict access to health information to only people who work for us, or people our users direct us to give access to (for example, when patients direct us to provide access to their physicians or other health care providers, or when physicians direct us to provide access to other physicians with whom they are consulting). People who work for us (including service providers) are not authorized to access your information unless they really need to in order to provide services or technical support.
When you submit information through our site, the data are encrypted. Encryption technology can render data inaccessible and is helpful to maintain data integrity. Our use of encryption was specifically verified by VeriSign, a third party assessor that reviewed our site. You can learn more about their certification by clicking on the VeriSign Trusted seal that appears on our site.
We maintain a detailed account of system activity so we can tell who accessed data, when, and what they changed. We provide you with access to system activity logs relevant to your account so you can also check on your account activity. If you see anything that looks amiss, please contact us immediately.
Sometimes scammers try to trick people into giving up personal information by sending an email that looks like it came from a company or website with which the person does business. That’s called “phishing.” Sometimes these same scams are conducted by phone. Please be assured that we will never send you an email or call you to ask you to provide your log in credentials or any personal information. You should always be suspicious of emails and callers who ask you to provide personal information. To learn more about protecting yourself against phishing, visit the FTC’s website.
What If Something Goes Wrong?
We try very hard to keep your information safe. But if anything happens that we think might put your information at significant risk, we will notify you promptly. We also require you to let us know if anything happens on your end, like if you lose your log-in credentials or think that they may have been stolen.