Privacy

Privacy Policy for MediScan AI

Effective Date: May 22, 2024

At MediScan AI, we are dedicated to safeguarding your privacy and ensuring the security of your personal information. This privacy policy outlines our practices regarding the collection, use, sharing, and protection of your information when you use our services.

Definitions

  • Personal Information: Any information that identifies or can be used to identify an individual, such as names, contact details, etc.
  • Medical Information: Information related to an individual's health, medical history, treatment, or diagnosis.
  • Technical Information: Data collected automatically, including IP addresses, device information, etc.

Your California Privacy Rights (CCPA Compliance)

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA):

  • Right to Know: You can request to know what personal information we collect, how we use it, and with whom we share it.
  • Right to Delete: You may request the deletion of your personal information, subject to certain exceptions.
  • Right to Opt-Out: If we sell or share your personal information, you have the right to opt-out. (Note: MediScan AI does not sell personal information.)
  • Right to Non-Discrimination: We will not deny you services, charge different prices, or provide a different level of service if you exercise your CCPA rights.

To exercise these rights, please contact us at compliance@mediscan.ai.

Categories of Personal Information We Collect

Under CCPA guidelines, we collect the following categories of personal information:

  • Identifiers: Name, contact details.
  • Medical Information: Patient records, diagnostic reports.
  • Internet Activity: IP addresses, device details, browser type, and usage data.
  • Commercial Information: Payment and transaction history (if applicable).
  • Professional Information: Medical professionals’ credentials and affiliations.

We collect this information through direct user input, from healthcare providers, and through automated means.

How We Use Your Information

We utilize the information we collect for the following purposes:

  • Providing and customizing services to meet your needs.
  • Enhancing the quality and functionality of our products and services.
  • Fulfilling legal obligations and regulatory requirements.
  • Communicating with users regarding service updates or important notices.
  • Safeguarding against unauthorized access, fraud, or misuse.
  • Conducting research and development to improve our offerings.

Information Sharing and Disclosure

We do not sell your personal information. However, we may share your information in the following circumstances:

  • With healthcare providers for patient care and treatment.
  • With trusted third-party service providers who assist us in delivering our services.
  • In response to valid legal requests, court orders, or regulatory obligations.
  • In connection with corporate transactions, such as mergers or acquisitions.

We employ stringent security measures to ensure the confidentiality and protection of shared information.

Business Associate Agreements (BAAs)

When medical providers or businesses providing services to medical providers use our technology, we request Business Associate Agreements (BAAs) to ensure compliance with HIPAA and other healthcare privacy laws.

Data Retention

We retain active customer data for as long as the user maintains an account with us. Users can delete their data from within their account settings at any time. Upon account termination, data is securely deleted within 90 days unless otherwise requested by the client.

Security Measures

MediScan AI employs robust security measures to safeguard your information against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data during transmission and storage.
  • Implementation of access controls and authentication mechanisms.
  • Regular security assessments and audits.
  • Ongoing employee training on data protection practices.



International Data Transfers / Data Privacy Framework (DPF) Compliance

MediScan AI, Inc. complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, as set forth by the U.S. Department of Commerce. We have certified to the U.S. Department of Commerce that we adhere to the EU-U.S. DPF Principles with regard to the processing of personal data received from the European Union and the United Kingdom. To learn more about the Data Privacy Framework (DPF) program and to view our certification, please visit: https://www.dataprivacyframework.gov.

We collect and process personal information for limited and specified purposes, such as providing our services, enhancing user experience, complying with legal obligations, and supporting healthcare workflows. We ensure that any onward transfers to third parties are subject to contracts that provide the same level of protection as the DPF Principles.

In compliance with the DPF Principles, MediScan AI commits to resolve complaints about our collection or use of your personal information. EU and UK individuals with inquiries or complaints regarding our handling of personal data should first contact us at:

Email: compliance@mediscan.ai / Cc Sean Podvent, Chief Operating Officer: sean@mediscan.ai 

MediScan AI has further committed to refer unresolved DPF complaints to the International Centre for Dispute Resolution–American Arbitration Association (ICDR–AAA), an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit https://go.adr.org/dpf_irm.html for more information or to file a complaint. The services of ICDR–AAA are provided at no cost to you.

In certain cases, if a complaint remains unresolved, you may be able to invoke binding arbitration under the DPF Panel. MediScan AI is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (FTC) with respect to its compliance with the DPF Principles.

MediScan AI remains liable under the DPF Principles in cases of onward transfers to third-party agents who process personal data on our behalf, unless we can prove we were not responsible for the event giving rise to the damage.

Children's Privacy
We do not knowingly collect personal information from children under the age of 13 without verifiable parental consent. If you believe that we have inadvertently collected information from a child without proper consent, please contact us immediately.


Changes to This Privacy Policy
We may update this privacy policy periodically to reflect changes in our practices or legal requirements. Significant revisions will be communicated to users through appropriate channels.


Contact Us
For any questions, concerns, or privacy requests, contact our privacy team at:
Email: compliance@mediscan.ai

How it works Pricing Support User GuidesFAQ Contact Privacy

Acceptable Use

Data Security
Terms

Sign in


Copyright © 2024. All rights reserved.