Effective: July 1, 2021
Who We Are
SMART Health IT (“SMART”) is a real-world software, specifications, and health systems engineering project that designs, builds and implements fundamental building blocks of a robust health information economy, and supports the world in using them.
SMART includes a set of websites that give consumers general information about SMART Health Cards in an effort to address common questions and help people learn more about getting, saving, and sharing their health information in a safe, secure, and verifiable way. SMART also includes information for institutions seeking to learn more about developing, issuing, and verifying SMART Health Cards.
SMART is managed by an office of Boston Children’s Hospital, an affiliate of Harvard Medical School. When we refer to “we,” “us,” “our” and “BCH” throughout this Policy, we are referring to The Children’s Hospital Corporation, doing business as Boston Children’s Hospital.
Scope of this Policy
- The websites that host this content (https://smarthealth.cards/, https://apps.smarthealthit.org/ and https://smarthealthit.org/) and
How We Collect and Use Personal Information
There are two categories of information that we collect through the Services.
- Personal Information You Provide
We collect the Personal Information that you provide to us, for example, when you enter the information into form fields on our Services. In particular, we may collect:
- Contact information, such as your name, email address and phone number, which we use to communicate with you and respond to your requests and inquiries;
- Communication preferences, which we use to manage how we engage with you; and
- Inquiries you make, including the content of your voice and email messages, which we use to respond to your inquiries.
- Information Collected Automatically
The technologies we use include the following:
Logging Functionality: As is true of most websites, we gather certain information automatically and store it in log files. This information may include IP addresses, browser type, internet service provider, referring/exit pages, operation systems, date/time stamp and/or clickstream data. We generally only use this data for purposes such as security, fraud detection and protecting our rights.
Most internet browsers allow you to remove or manage cookie functions and adjust your privacy and security preferences. For information on how to do this, access the “help” menu on your internet browser or visit http://www.aboutcookies.org/how-to-control-cookies/.
Analytics: We use analytics providers such as Google Analytics to help us evaluate and measure the use and performance of our Services. To opt out of the aggregation and analysis of the data collected about you on our Services by Google Analytics, visit https://tools.google.com/dlpage/gaoptout and download and install the Google Analytics Opt-out Browser Add-on.
Additional Uses of Personal Information
In addition to the uses described above, we may use Personal Information for the following purposes:
- Operating our SMART websites, maintaining, delivering and improving the Services, developing new products and services, and for any other lawful, legitimate business purposes;
- Contacting you to respond to your requests and inquiries;
- Preventing, investigating or providing notice of fraud, unlawful or criminal activity, or unauthorized access to or use of Personal Information, our website or data systems or to meet legal obligations; and
How We Share and Disclose Personal Information
We share your Personal Information with third parties in the following ways.
Service Providers: Third party service providers who perform services on our behalf may have access to your Personal Information in the course of providing the services to us. These providers include IT services and support providers, as well as analytics providers and services providers who help us with responding to your requests. We typically require these service providers by contract to keep information confidential, and to only use the information on our behalf.
Legal Process, Safety and Terms Enforcement: We may disclose your Personal Information to legal or government regulatory authorities in response to their requests for such information or to assist in investigations. We may also disclose your Personal Information to third parties in connection with claims, disputes or litigation, when otherwise required by law, if we determine its disclosure is necessary to protect the health and safety of you or us or to enforce our legal rights or contractual commitments that you have made.
Business Transfers: Your Personal Information may be disclosed as a part of a corporate business transaction, such as a merger, acquisition, joint venture or financing or sale of company assets, and could be transferred to a third party as one of the business assets in such a transaction. It may also be disclosed in the event of insolvency, bankruptcy, or receivership.
Our Services are not directed to, and we do not intend to, or knowingly, collect or solicit Personal Information online from children under the age of 13. We encourage parents or guardians to participate in and monitor their children’s online activity. If a child under 13 has provided Personal Information to us, we encourage the child’s parent or guardian to contact us as provided below to request that we remove the Personal Information from our systems. If you are under the age of 13, do not provide us with any Personal Information by any means.
How to Access, Update or Delete Your Information
How to Contact Us
|Boston Children’s Hospital 300 Longwood Avenue
Boston, MA 02115