Orchestrate APIs Privacy Policy

Applicable only to Data collected related to the use of the Orchestrate Terminology, Convert, and Insight APIs.

The APIs will store the following “Data”:

Your Data:

Your Data Is Used For:

You may cancel your account and request data deletion at any time by contacting CareEvolution support.

CareEvolution uses acceptable industry standard physical, organizational, and technical safeguards to protect the confidentiality and integrity of the information we collect.


Last Update: February 2022

Overview

CareEvolution’s Orchestrate Terminology, Convert, and Insight APIs (“APIs”) enables healthcare applications ranging from consumer apps to population health analytics. Using the APIs, you can normalize and link inconsistently or uncoded source data to well-known reference coding systems, convert data between standard formats, and gain valuable insights like risk scores and condition profiles.

What do these Terms Cover?

CareEvolution (“We”) take your privacy very seriously and are conscious about how we handle your data. Your use of the APIs is voluntary. The set of policies here covers what kinds of information the APIs collect, how We store the Data, how We use the Data, and how We may share the Data. By using the APIs you acknowledge that you accept the terms and practices outlined here. You also consent that We collect, use, and share your information as described in these privacy terms.

Registering for the APIs

In order to use the APIs, you will create an account. To create an account, you must share certain identifying information (such as name and email address), and agree to the usage and privacy practices as detailed in these terms, which may be modified.

Information We Collect - the “Data”

The APIs will obtain information from you in two ways:

How We Secure Your Data

Your Data is maintained in the United States by us (CareEvolution) or our authorized partners.

We use appropriate physical, organizational, and technical safeguards designed to protect the confidentiality, integrity, and availability of the Data we collect. For example, your Data is encrypted both while it is stored and while it is transmitted in accordance with the security standards set forth by the National Institute of Standards and Technology’s (NIST) Federal Information Processing Standard (FIPS) Publication 140-2: Security Requirements for Cryptographic Modules. These are the standards mandated by the Department of Health and Human Services for securing health information. We cannot, however, fully guarantee the security of the Data or any information transmitted to us.

We strive to protect the privacy of the personal information we collect and hold, but we cannot guarantee complete security. Unauthorized entry or use, hardware or software failure, and other factors may compromise the security of your personal information at any time.

How We Use the Data

Your Data will never be sold or used for advertising.

The APIs collect your Data for the following purposes:

How We May Share the Data

Except as described in these privacy terms, we will not sell, rent, lease, give away, disclose, or share your contact information, and will not disclose the Data we collect through the APIs without your consent. Any information collected by the APIs will not be shared with or sold for advertising purposes.

We may combine your Data without identifying information (removing information such as name and email address) with others’ data (also without identifying information) for initiatives such as performance or product improvements.

We also reserve the right to disclose your information that we believe, in good faith, may be necessary to i) protect our intellectual property and other rights; iii) protect ourselves from fraudulent, abusive, or unlawful uses or activity; iii) investigate and defend ourselves against any third-party claims or allegations; or iv) protect the rights or safety of others.

When we work with third parties who provide services on our behalf, we take steps to limit the Data provided to them to that which is reasonably necessary for them to perform the functions for the allowable purposes listed above. We require them to agree to handle and process the information in accordance with our instructions and to maintain the confidentiality, integrity, and availability of the information by applying appropriate organizational and technical safeguards.

We reserve the right to disclose and otherwise transfer your Data to an acquirer, successor, or assignee as part of any merger, acquisition, debt financing, sale of assets, or similar transaction, or in the event of an insolvency, bankruptcy, or receivership in which information is transferred to one or more third parties as one of our business assets, to the extent and in the way as prescribed by applicable law.

Information You Can Access and Withdrawing From the APIs

The APIs enable you to view, edit, and share some of the Data collected.

You may request that your Data be deleted by contacting us at https://rosetta.careevolution.com/contact with the email address used to register your account.

In some circumstances, we may not delete all of your Data, and we may continue to use your Data if it is necessary to comply with our legal obligations (including law enforcement requests), to meet regulatory requirements, or to maintain our security program.

Data is deleted within 45 days of a deletion request, except where retention is necessary as described within these terms.

Changes to Our Privacy and Use Terms

We may change these privacy terms. Any changes will be posted on our website and will be effective when published at https://trust.careevolution.com/orchestrate/privacy.html.

Contact

If you have any questions, comments or requests regarding these terms or our handling of your Data, please contact us at https://careevolution.com/contact-us/.