What personal information do we collect from the people that visit our blog, website or app?
When ordering or registering on our site, as appropriate, you may be asked to enter your name, email address, mailing address, phone number or other details to help you with your experience.
When do we collect information?
We collect information from you when you register on our site, subscribe to a newsletter, respond to a survey, fill out a form, open a Support Ticket or enter information on our site. Provide us with feedback on our products or services
How do we use your information?
We may use the information we collect from you when you register, make a purchase, sign up for our newsletter, respond to a survey or marketing communication, surf the website, or use certain other site features in the following ways:
How do we protect your information?
Our website is scanned on a regular basis for security holes and known vulnerabilities in order to make your visit to our site as safe as possible. We use regular Malware Scanning. Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. In addition, all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology. We implement a variety of security measures when a user enters, submits, or accesses their information to maintain the safety of your personal information. All transactions are processed through a gateway provider and are not stored or processed on our servers.
Do we use 'cookies'?
You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser settings. Since browser is a little different, look at your browser's Help Menu to learn the correct way to modify your cookies. If you turn cookies off, some features will be disabled and may affect the user's experience.
We do not sell, trade, or otherwise transfer to outside parties your Personally Identifiable Information unless we provide users with advance notice. This does not include website hosting partners and other parties who assist us in operating our website, conducting our business, or serving our users, so long as those parties agree to keep this information confidential. We may also release information when the release is appropriate to comply with the law, enforce our site policies, or protect ours or others' rights, property or safety. However, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.
California Online Privacy Protection Act
According to CalOPPA, we agree to the following:
Users can visit our site anonymously.
Can change your personal information:
How does our site handle Do Not Track signals?
We honor Do Not Track signals and Do Not Track, plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place.
Does our site allow third-party behavioral tracking?
It's also important to note that we allow third-party behavioral tracking.
COPPA (Children Online Privacy Protection Act)
When it comes to the collection of personal information from children under the age of 13 years old, the Children's Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, United States' consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children's privacy and safety online. We do not specifically market to children under the age of 13 years old.
Fair Information Practices
The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information. In order to be in line with Fair Information Practices we will take the following responsive action, should a data breach occur:
We will notify you via email within 7 business days
We will notify you via phone call within 7 business days
We also agree to the Individual Redress Principle which requires that individuals have the right to legally pursue enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or government agencies to investigate and/or prosecute non-compliance by data processors.
The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.
We collect your email address in order to:
To be in accordance with CAN-SPAM, we agree to the following:
If at any time you would like to unsubscribe from receiving future emails, you can email us at
and we will promptly remove you from ALL correspondence.
Medical Data and Information Is Specially Protected and Not Collected on This Site
For All Medical Information We Collect in the Course of Your Care if You Are a Patient of Ours the Following Applies:
Federal confidentiality rules (42 CFR part 2) protect medical information and disclosure records. The Federal rules prohibit certain disclosure of this information unless further disclosure is expressly permitted by the written consent of the person to whom it pertains or as otherwise permitted by 42 CFR part 2. A general authorization for the release of medical or other information is NOT sufficient for this purpose. The Federal rules restrict any use of the information to criminally investigate or prosecute any alcohol or drug abuse patient. [52 FR 21809, June 9, 1987; 52 FR 41997, Nov. 2, 1987] Health care information is personal and sensitive. It is only transferred after appropriate authorization from the Individual or under circumstances that do not require Individual authorization. We, the recipient, are obligated to maintain this information in a safe, secure and confidential manner. Re-disclosure without additional consent or authorization of the Individual or as permitted by law is prohibited. Unauthorized redisclosure or failure to maintain the confidentiality of this information could subject you to penalties under Federal and/or State law. The information contained in this facsimile transmission is privileged and confidential and is intended only for the use of the recipient listed above. If you are neither the intended recipient or the employee or agent of the intended recipient responsible for the delivery of this information, you are hereby notified that the disclosure, copying, use or distribution of this information is strictly prohibited.
All users of this website have the right to direct Column Health to cease the collection, use, and/or disclosure of their personal information at any time. To exercise these rights, please contact Column Health by email, phone, or certified mail.
With limited exceptions, 42 CFR Part 2 requires patient consent for disclosures of protected health information for the purposes of treatment, payment, or health care operations. Consent for disclosure must be in writing. You will complete the appropriate disclosure forms during the intake process and may be asked to complete additional forms during your treatment if additional disclosures are needed.
Notice to accompany disclosure. Each disclosure made with the patient's written consent must be accompanied by the following written statement:
This information has been disclosed to you from records protected by Federal confidentiality rules (42 CFR part 2). The Federal rules prohibit you from making any further disclosure of this information unless further disclosure is expressly permitted by the written consent of the person to whom it pertains or as otherwise permitted by 42 CFR part 2. A general authorization for the release of medical or other information is NOT sufficient for this purpose. The Federal rules restrict any use of the information to criminally investigate or prosecute any alcohol or drug abuse patient. [52 FR 21809, June 9, 1987; 52 FR 41997, Nov. 2, 1987]
If you believe that Column Health has failed to adequately protect your privacy rights, please contact our Confidential Compliance Hotline: (339) 526-8971. If you need additional information or have any questions regarding our HIPAA policies or our privacy policies in general, please reach out to our Chief Operating Officer, Jim McIntyre at firstname.lastname@example.org. At any time you can also inspect, copy, change or remove your protected health information by contacting a Column Health team member at (339) 368-7696.