ARMUS Patient Information Protection and Security
-
ARMUS’ policy is to comply fully with HIPAA administrative, technical, and physical safeguards to ensure confidentiality, integrity, and availability.
​
-
All ARMUS’ employees, interns, and volunteers must comply with the ARMUS’ HIPAA Privacy and Security Policies and Procedures, which includes participating in annual training.
​
-
Administrative Safeguards: ARMUS supports the necessary provisioning of access based on roles and responsibilities both for its staff and clients. Roles and privileges are created based on need for access to confidential data.
​​
-
Technical Safeguards: ARMUS employees have unique usernames and passwords to access the computer network. PHI is only stored in approved password protected and encrypted devices. In addition, all ARMUS clients have unique usernames and must adhere to strict password requirements to access the HYBRID applications.
​
-
Physical Safeguards: The ARMUS servers containing PHI data is kept in a secure facility in all locations, restricted to those with proper authorization. The HYBRID Cloud-based Service provides encryption for data both active and at rest.
​​
-
ARMUS employs external auditors to verify that they are in compliance with the HIPAA Privacy and Security Rules on an annual basis.
ARMUS Privacy Policy
This Privacy Policy will explain how our organization uses the personal data we collect from you when you visit and use our website.
Topics:
• What data do we collect?
• How do we collect your data?
• How will we use and share or disclose your data?
• How do we store your data?
• What are your data protection rights?
• What are cookies?
• How do we use cookies?
• How to manage cookies
• How Google uses information from sites or apps that use Google’s services
• Privacy policies of other websites
• Changes to our Privacy Policy
• How to contact us
​
What data do we collect?
This website collects the following data:​
-
Personally Identifiable information (“PII”) including but not limited to name, email address, phone number, etc.
-
IP Address
​
This website is not directed to minors. We will not knowingly collect PII from a minor through our website. If for any reason the performance of a contract with a client organization requires this, that client will provide notice to and obtain consent from the minor’s parent or guardian when necessary.
​
How do we collect your data?
You directly provide ARMUS Corporation with most of the data we collect. We collect data and process data when you:
-
Voluntarily complete a survey or questionnaire, provide feedback on any of our message boards or forms, or send us data via email.
-
Use or view our website via your browser’s cookies.
-
If your browser has been set to send Do Not Track signals, then we will not receive information from your browsing activities.
-
ARMUS Corporation may also receive your data indirectly from the following source:
-
Our client entering data or providing data in relation to a database we are managing on behalf of that client.
​
How will we use and share or disclose your data?
ARMUS Corporation collects, uses, and discloses your data so that we can:
-
Process your order, respond to your questions or requests, and to manage your account.P
-
Comply with and perform our legal obligations under contracts with our clients.
-
Comply with and perform our legal obligations under applicable law.
If your browser setting permit IP address collection, ARMUS Corporation will share your IP Address with our partner companies, so that they may offer you targeted products and services.
-
Google Analytics
​
How do we store your data?
ARMUS Corporation maintains appropriate technical, administrative, and physical safeguards to securely store your data in the cloud, which is kept separate from public data and is only accessible by authorized personnel.
ARMUS Corporation will keep PII for the minimum number of years required by our
legal obligations. Once this time period has expired, we will delete your data by multiple overwrites and secure deletion provided by our cloud hosting provider.
​
What are your data protection rights?
ARMUS Corporation would like to make sure you are fully aware of all of your data protection rights. Every site visitor is entitled to the following:
-
The right to access – You have the right to request that ARMUS Corporation provide you with copies of your personal data. We may charge you a small fee for this service under certain conditions when permitted by law.
-
The right to rectification – You have the right to request that ARMUS Corporation correct any information you believe is inaccurate. You also have the right to request ARMUS Corporation to complete the information you believe is incomplete.
-
The right to erasure – You have the right to request that ARMUS Corporation erase your personal data, under certain conditions.
-
The right to restrict processing – You have the right to request that ARMUS Corporation restrict the processing of your personal data, under certain conditions.
-
The right to object to processing – You have the right to object to our company’s processing of your personal data, under certain conditions.
-
The right to data portability – You have the right to request that ARMUS Corporation transfer the data that we have collected directly to you or to another organization, under certain conditions.
-
If you make a request, we have up to one-month to respond to you. If you would like to exercise any of these rights, please contact us:
By email: privacy@armus.com
By phone: 1-800-94-ARMUS (1-800-942-7687)
By mail: 950 Tower Ln, Suite 375, Foster City, CA 94404
​
What are Cookies?
Cookies are text files placed on your computer to collect standard Internet log information and visitor behavior information. When you visit our websites, we may collect information from you automatically through cookies or similar technology.
​
For further information, visit allaboutcookies.org.
​
How do we use cookies?
ARMUS Corporation uses cookies in a range of ways to improve your experience on our website, including:
-
Keeping you signed in.
-
Understanding how you use our website.
There are a number of different types of cookies you will encounter on our website, which are a mix of first party and third-party cookies:
-
First Party – ARMUS Corporation uses these cookies so that we recognize you on our website and remember your previously selected preferences. These could include what language you prefer and your general location.
-
Third-Party – Some third parties with whom we do business, such as Google, or to whom our website is linked, such as LinkedIn or Twitter, may also use cookies to track your visit to our site. However, we have neither access to nor control over these cookies.
-
In the case of Google Analytics, we receive aggregated demographic information from Google on the age, gender, and interests of our site visitors in order to better understand our audience. The aggregate data are summary statistics that are not linked to Personally Identifiable Information.
-
How to manage cookies
You can set your browser not to accept first-party, third-party, or specific cookies.
​
Privacy policies of other websites
The ARMUS Corporation website contains links to other websites. Our Privacy Policy applies only to our website. If you click on a link to another website, you should read that site’s privacy policy.
Changes to our Privacy Policy
ARMUS Corporation reserves the right to amend and modify this Privacy Policy at any time. ARMUS keeps its Privacy Policy under regular review and places any updates on this web page.
This Privacy Policy was first published on September 13, 2019
ARMUS Acceptable Use Policy
As a provider of application and database services, ARMUS Corporation offers its customers the means to acquire and disseminate electronic health data, files and information. ARMUS Corporation has developed this Acceptable Use Policy (this "Policy"), which supplements certain terms of each customer's respective service agreement and is intended as a guide to such customer's rights and obligations when utilizing ARMUS Corporation's services. By agreeing to use ARMUS Corporation’s application and database services, you are agreeing to this Policy. This Policy may be revised from time to time in ARMUS Corporation's sole discretion. A customer's use of ARMUS Corporation's services after changes to this Policy are posted on ARMUS Corporation's website constitutes, and shall be deemed to constitute, such customer's acceptance of any and all new or additional terms of this Policy.
​
You agree not to use, or allow access to, ARMUS Corporation services for the purposes of:
-
Spam or sending any unsolicited commercial messages.
-
Disrupting the performance of ARMUS Corporation servers or causing server-wide outages.
-
Advertising, transmitting, storing, posting, displaying, or otherwise making available materials that:
-
Violate any law, regulation, or other provision having the force of law, either intentionally or unintentionally;
-
Impersonate any person or entity or falsely state or otherwise misrepresent your affiliation with a person or entity;
-
Infringe or misappropriate the intellectual property rights of others;
-
Violate privacy, publicity, or other personal rights of others;
-
Falsify the origin of an email, either by forging the sender's address or email header, or otherwise;
-
Are of adult nature, pornographic, or harmful to minors;
-
Contain the images of children or disclose personally identifiable information belonging to children;
-
Are unlawful, harmful, vulgar, obscene, threatening, abusive, harassing, tortuous, unlawful, libelous; and/or
-
Are viruses, worms, trojan horses, or other destructive codes, files, or programs, or information regarding the creation of such material.
-
If ARMUS Corporation determines that you have violated the terms of this Policy, that determination, made in ARMUS Corporation's sole and absolute discretion, constitutes grounds for immediate termination of your ARMUS Corporation account without notice to you or penalty to ARMUS Corporation.