Medical Informatics Engineering, Inc. – Safe Harbor Privacy Policy

Privacy Policy Statement

Medical Informatics Engineering (MIE) offers a web-based suite of health information technology products that are easy to use, flexible and cost effective, including web-based electronic medical records that many Fortune 500 enterprise employee health clinics are employing ("Electronic Medical Records" or "EMR"). MIE strives to collect, use, and disclose personal information associated with its EMR product ("EMR Data") in a manner consistent with applicable laws as well as the requirements of its clients. MIE upholds a tradition of the highest ethical standards in its business practices. MIE is a "Business Associate" pursuant to the Health Insurance Portability and Accountability Act and its Privacy Rule and Security Rule provisions (collectively, "HIPAA") for many of its clients whose use of the EMRs are considered "Covered Entity" functions under HIPAA. As a HIPAA Business Associate with respect to the handling of the EMR Data of clients, MIE adheres to all HIPAA requirements, including the enhancements introduced by the HITECH Act of 2009, and its handling of the EMR Data is undertaken only as specified in the business associate agreements with its clients.

With respect to the receipt and processing of EMR Data from clients when the EMR Data originates in the EU/EEA, MIE hereby certifies that it adheres to the U.S./E.U. Safe Harbor Frameworks (i.e., Privacy Principles and the fifteen "Frequently Asked Questions"; hereinafter, collectively, the "Privacy Principles") as set forth by the U.S. Department of Commerce. MIE specifically certifies that it adheres to the relevant Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement in fulfilling its relevant contractual responsibilities assigned by the client for the receipt, processing, storage, and reporting of EMR Data as received from its clients. This Safe Harbor Privacy Policy does not apply to information or data other than the EMR Data from the EU/EEA that it receives from its clients.

This Safe Harbor Privacy Policy is publicly displayed at "http://www.mieweb.com". For more information about Safe Harbor Principles, visit the U.S. Department of Commerce's website at "http://export.gov/safeharbor/".

Any questions, concerns, or complaints regarding the use or disclosure of personal information should be directed to the MIE Privacy Officer at the address given below. Any MIE employee who receives a question, concern, or complaint regarding the use or disclosure of personal information will direct that information to MIE’s Privacy Officer. MIE will investigate and attempt to resolve complaints and disputes regarding use and disclosure of personal information in accordance with the principles contained in this Policy.

Medical Informatics Engineering, Inc. has further committed to refer unresolved privacy complaints under the Safe Harbor Principles to an independent dispute resolution mechanism, the BBB EU SAFE HARBOR, operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed by Medical Informatics Engineering, please visit the BBB EU SAFE HARBOR web site at www.bbb.org/us/safe-harbor-complaints for more information and to file a complaint.

Contact Information

Questions, comments, or complaints pertaining to this Policy should be submitted to the Medical Informatics Engineering Privacy Office by mail or e-mail at:


6302 Constitution Drive
Fort Wayne, Indiana 46804
Phone: 260-459-6270
Email: PrivacyOfficer@mieweb.com

Amendments

This Safe Harbor Policy may be amended from time to time consistent with requirements of the Safe Harbor Framework. We will post any revised policies on the MIE website.

Effective Date

December 1, 2011