Privacy Policy

Legal

MedPoint Digital uses the Internet to provide various information and resources to the professional healthcare community, including medical training and education courses. We rely on our users to provide data that includes mailing and e-mail addresses and other profile information. In addition, user feedback and course evaluation data allow us to better understand the specific needs of medical professionals. As a part of MedPoint Digital's training and education operations, we collect, and in some cases, disclose information about users. Please read the following Privacy Statement on MedPoint Digital's policies regarding the collection, use, disclosure, and protection of user information. If you are uncomfortable with the terms or policies described in this statement, you may discontinue use of our website and send confidential correspondence through the postal service to the address provided below. The privacy and security pertaining to the information that our users provide is a serious matter; therefore, MedPoint Digital has established this Privacy Policy for our organization and users.

Privacy

Children

This Website is for medical information and services and is not intended for children. MedPoint does not market any products or services to children under the age of thirteen or knowingly collect any information from children under the age of thirteen. If MedPoint becomes aware that information is or has been submitted by or collected from a child under the age of thirteen, this information will be deleted.

Logging and Cookies

As part of MedPoint services, we use cookies. A cookie is a message sent to your browser from a Web server that is stored on your computer's hard drive. The message is sent back to the Web server whenever the browser requests a page from that server. Many commercial Internet websites use cookies. While a code in the cookie file enables the website to label you as a particular user, it does not identify you by name or address unless you have provided the website with such information or set up preferences in your browser to do so automatically. You may opt out of accepting cookies by changing the settings on your browser. However, rejecting cookies may prevent you from using certain functions and you may have to repeatedly enter information to take advantage of services or promotions. In general, cookies allow us to identify you as a particular user; thus, providing you with a more customized service. We may also use cookies to track customer or user requests, inquiries and traffic patterns, or to determine audience size and repeated usage.

For more information see MedPoint Cookie Policy.

International Privacy Compliance

MedPoint Digital complies with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States, respectively. MedPoint Digital has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/.

MedPoint Digital strives to collect, use, and disclose personal information in a manner consistent with the laws of the countries in which we do business. This EU-US Privacy Shield Policy and Swiss-U.S. Privacy Shield Framework (see section below) sets forth the privacy principles that MedPoint Digital follows with respect to transfers of personal information between member states of the EU, Iceland, Liechtenstein, and Norway (the European Economic Area (EEA), Switzerland, and the US.

Definitions:
Description
Definition
Agent
Any third party that collects or uses personal information under the instructions of, and solely for, MedPoint Digital or to which MedPoint Digital discloses personal information for use on MedPoint Digitals behalf.
Health Care Professional (HCP)
Doctors, nurses, medical technicians, physician assistants, etc.
Personal Information
Information that is transferred from the European Union and Switzerland to the United States; is recorded in any form; is about or pertains to a specific individual; and can be linked to that individual.
Personally Identifiable Information (PII)
PII includes any information relating to an identified or identifiable natural person ('data subject'); an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his physical, physiological, mental, economic, cultural or social identity.

In addition, MedPoint will treat as sensitive personal information any information received from a third party where that third party treats and identifies the information as sensitive.
Sponsor
A pharmaceutical, device, or biotech company or their agents that contract with MedPoint Digital to provide user services.


MedPoint Digital and Its Agents and Program Sponsors

MedPoint Digital is a US based corporation, which also operates with several international agents and sponsors. MedPoint Digital requires all agents and sponsors to honor its Privacy Policies, including the EU-US Privacy Shield Policy principles and Swiss-U.S. Privacy Shield Framework principles for data received from the EU and Switzerland with respect to Notice; Choice; Accountability for Onward Transfer; Security; Data Integrity and Purpose Limitation; Access; and Recourse, Enforcement and Liability.

Information Collected

MedPoint Digital collects the domain name and email addresses of users, information volunteered by the user such as quiz/evaluation information, and/or website registrations. This information is used to send confirmations, reminders and follow-up email correspondence regarding meetings, web conferences and other activities; to notify users about updates; provide confirmation on course completions; to configure and customize user preferences to improve their program experiences, to evaluate training program effectiveness for the user and the program itself and to identify new issues and understandings in medical science and operations.

In some cases, additional information, such as institution location, curriculum vitaes (CVs), and certifications, is collected as part of the operational requirements to administer clinical trials (e.g., to build a training program suited to the individual). Those clinical trial portals are private, secure, by-invitation-only, membership-only websites that support a pre-existing contractual relationship between the study sponsor and the research study health care professionals (HCPs.)

MedPoint Digital provides users with the choice and means for limiting the use and disclosure of their PII in clear and conspicuous language during the registration process, and MedPoint will abide by those choices. Notice will be provided before MedPoint Digital uses or discloses the Information for a purpose other than for which it was originally collected.

Onward Transfers to Agents

MedPoint Digital may share some or all of your PII with agents and sponsors. MedPoint Digital will obtain assurances from its agents and sponsors that they will safeguard personal information consistent with this Policy. Examples of appropriate assurances that may be provided by agents include: a contract obligating the agent to provide at least the same level of protection as is required by the relevant EU-US Privacy Shield and Swiss-US Principles, being subject to EU Directive 95/46/EC (the Data Protection Directive), EU-US Privacy Shield certification by the agent, or being subject to another European Commission adequacy finding.

Where MedPoint Digital has knowledge that an agent is using or disclosing PII in a manner contrary to this Policy, MedPoint Digital will take reasonable steps to prevent or stop the use or disclosure.

MedPoint Digital's accountability for personal data that it receives under the Privacy Shield and subsequently transfers to a third party is described in the Privacy Shield Principles. In particular, MedPoint Digital remains responsible and liable under the Privacy Shield Principles if third-party agents that it engages to process the personal data on its behalf do so in a manner inconsistent with the Principles, unless MedPoint Digital proves that it is not responsible for the event giving rise to the damage.

Third Parties

MedPoint Digital does not release PII about users or their use of this website to any third party that does not comply with EU-US Privacy Shield and Swiss-US policies and without notification to the user. An example of a compliant third party is local event-management personnel at a hotel confirming your identity and authorization to attend a conference. Other third-party vendors and agents include, but are not limited to:

  • Voice-bridge service operators (for web conferences)
  • Technical support personnel (for web conferences)
  • Transcription services (for learning module Q & A sessions.)
  • Hotel and destination management service providers (for live events)
Choice

MedPoint Digital offers individuals the opportunity to choose (opt out) whether their PII is to be disclosed to a non-agent third party or to be used for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual. Users may send such opt-out requests via email to privacy@medpt.com. Choosing to opt-out may result in the cessation of registration process and prevent participation in the program.

For PII, MedPoint Digital gives individuals the opportunity to affirmatively and explicitly consent (opt in) to the disclosure of their information to a non-agent third party or the use of their information for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual.

Data Security

MedPoint Digital takes reasonable steps to protect the Information from loss, misuse and unauthorized access, disclosure, alteration, and destruction. MedPoint Digital has put in place appropriate physical, electronic, and managerial procedures to safeguard and secure the Information from loss, misuse, unauthorized access or disclosure, alteration, or destruction.

MedPoint Digital uses industry-standard data-encryption technology when transferring or receiving PII on any of the MedPoint Digital websites. We maintain appropriate security measures in our physical facilities to protect against loss, misuse, or alteration of information we have collected from you (users) on any of the MedPoint Digital websites.

MedPoint Digital uses a secure server and security protocol to safeguard the information users submit.

To help ensure the security of users personal and financial information (other than via an email message), MedPoint Digital uses security software to encrypt the information before and during its transmission through the Internet.

Email messages are frequently not secure. MedPoint Digital security software does not encrypt email messages. Email messages traveling through the Internet are subject to viewing, alteration and copying by potentially any party on the Internet. MedPoint Digital is not responsible for the security of confidentiality of communications sent to us through the Internet using email messages. Instead, MedPoint Digital may direct you to a secure website to read or send messages.

Data Integrity

MedPoint Digital only processes PII in a way that is compatible and relevant for the purpose for which it was collected or authorized by the individual. To the extent necessary for those purposes, MedPoint Digital takes reasonable steps to ensure that PII is accurate, complete, current, and reliable for its intended use.

Access

Upon request, MedPoint Digital grants individuals reasonable access to PII that it holds about them. In addition, MedPoint Digital takes reasonable steps to add, correct, or delete information that is demonstrated to be inaccurate or incomplete.

Options regarding correction or storage of your information

Users may obtain from us the information about them in our files. If you believe the information we have about you in our records or files is incomplete or inaccurate, you may request, via e-mail (or other form of communication), that we make any necessary additions or corrections or, to the extent that it is feasible, that we delete this information from our files. Users may send such requests via email or write to MedPoint at the address below.

MedPoint Digital, Inc.
Re: Privacy Shield
909 Davis Street, Suite 400/500
Evanston, Illinois 60201 USA

Privacy@medpt.com

If you would like a description of the required procedures for reviewing and requesting correction of this information, or if you would like a more complete description of the persons to whom MedPoint discloses information about you, or the circumstances which might warrant such disclosures, please contact MedPoint via email or write to the address below.

MedPoint Digital, Inc.
Re: Privacy Shield
909 Davis Street, Suite 400/500
Evanston, Illinois 60201 USA

Privacy@medpt.com

Enforcement

MedPoint Digital conducts compliance audits of its relevant privacy practices to verify adherence to this Policy. Any employee or agent that MedPoint Digital determines is in violation of this policy is subject to disciplinary action up to and including termination of employment or commercial engagement.

MedPoint Digital is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC).

EU-US Privacy Shield Dispute Resolution

In compliance with the EU-US Privacy Shield Principles, MedPoint Digital commits to resolve complaints about your privacy and our collection or use of your personal information. European Union or Swiss individuals with inquiries or complaints regarding this privacy policy should first contact MedPoint Digital at:

MedPoint Digital, Inc.
Re: Privacy Shield
909 Davis Street, Suite 400/500
Evanston, Illinois 60201 USA

Privacy@medpt.com

MedPoint Digital has further committed to refer unresolved privacy complaints under the EU-US and Swiss-US Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD, operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/EU-privacy-shield/for-eu-consumers/ for more information and to file a complaint.

Please note that if your complaint is not resolved through these channels, under limited circumstances, a binding arbitration option may be available before a Privacy Shield Panel (consisting of one or three arbitrators, as agreed by the parties).

Change of Ownership

In the event of change in ownership, or a direct merger or acquisition with another entity, we reserve the right to transfer all of MedPoint Digital user information, including Personal Data, to a separate entity which also abides by the EU-US Privacy Shield requirements. We will use commercially reasonable efforts to notify you (by posting on our website or issuing an e-mail to the e-mail address you provided when you registered) of any change of ownership; merger or acquisition of MedPoint Digital by a third party, and you may choose to modify any of your registration information at that time.

Swiss-U.S. Privacy Shield

MedPoint Digital complies with the Swiss-U.S. Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of PII from Switzerland. MedPoint Digital has certified that it adheres to the Swiss-U.S. Privacy Shield Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. If there is any conflict between the principles in this Policy and the Swiss-U.S. Privacy Shield Principles, the Swiss-U.S. Privacy Shield Principles shall govern. To learn more about the Swiss-U.S. Privacy Shield Framework and to view our certification page, please visit https://www.privacyshield.gov/Swiss-US-Privacy-Shield-FAQs.

Swiss-U.S. Privacy Shield Framework Dispute Resolution

In compliance with the Swiss-U.S. Privacy Shield Framework Principles, MedPoint Digital commits to resolve complaints about your privacy and our collection or use of your personal information. Swiss citizens with inquiries or complaints regarding this privacy policy should first contact MedPoint Digital at:

MedPoint Digital, Inc.
Re: Swiss-U.S. Privacy Shield
909 Davis Street, Suite 400/500
Evanston, Illinois 60201 USA

privacy@medpt.com

MedPoint Digital has further committed to refer unresolved privacy complaints under the Swiss-U.S. Privacy Shield Framework to an independent dispute resolution mechanism operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please www.bbb.org/EU-privacy-shield/for-eu-consumers/ for more information and to file a complaint.

Amendments

This Policy may be amended from time to time consistent with the requirements of the EU-US Privacy Shield and Swiss-U.S. Privacy Shield and their successors. We will post any revised policy on this website; please check frequently for changes.

Links

This website contains links to other websites. When users click on one of these links, they are moving to another website. Users should read the Privacy Statements of these linked websites.

Limitation on Application of Principles

Adherence by MedPoint Digital to these EU-US Privacy Shield Principles may be limited to the extent required to respond to a legal or ethical obligation; to the extent necessary to meet national security, public interest or law enforcement requirements; and to the extent expressly permitted by an applicable law, rule or regulation.

Contact Information

Questions, comments, or complaints regarding the Company's EU-US Privacy Shield Policy or data collection and processing practices can be emailed or mailed to:

Re: Privacy Shield
privacy@medpt.com
MedPoint Digital, Inc.
909 Davis Street, Suite 400
Evanston, Illinois 60201 USA

Phone: 847-869-4700
Fax: 847-869-4702