June 3, 2021
What we collect and what we do with it
BeWell Immediate Care (the practice) uses a Business Associate, NextPatient, to allow you to securely enter information about yourself and to book an appointment with one of our providers. If you are a patient who books an appointment online, your information will be saved in the NextPatient database and transferred to the electronic health record used by BeWell, DrChrono. No information about you will be stored outside of our relationship with our Business Associates. Our Business Associates have their own privacy policies which may pertain to you and can be found on their websites.
The combination of your name, email, phone number, and DOB will be used to uniquely identify you to the practice, which will allow them to determine if you are a new or existing patient.
Your “reason for visit” will be used by the practice to plan accordingly and confirm that the visit is appropriate.
We may use your phone number and email address to send appointment confirmations, reminders, and other messages related to your visit.
If we collect payment for a visit, we may send your information to financial partners to facilitate payment.
We do not:
- run ads on our platform
- sell patient or practice data to third parties
Business Associates will maintain practice data for at least as long as they provide services to BeWell.
Business Associates will maintain audit logs recording which practice employees accessed admin pages and which patient records were viewed.
If BeWell discontinues using the services of a Business Associate, we may request they delete all practice data beyond the practice’s name, contact information, service dates, payment history, and anything else needed to maintain a record of the practice as a customer. Note: practice data may be held for a longer period in backups maintained for disaster recovery. If BeWell does not request a deletion, the practice data may live in the Business Associate database indefinitely and can be made available to the practice upon request.
How your information is protected
All web traffic is encrypted is encrypted via SSL.
Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems.
When we send emails regarding appointments, we will include your name, email, and name of the practice, but we won’t include your date of birth or any medical information.
Your DOB and Reason for Visit will only be transferred to the medical practice over encrypted channels.
- Store login information that persists across the user’s session.
- Generate website traffic reports in Google Analytics (GA). GA uses their own cookies to provide this information.
If you disable cookies in your browser, you might not be able to book appointments.
Third Party Disclosure
We will not sell, trade, or transfer your personally identifiable information unless we provide you with advance notice. This does not include:
- any medical practices we are contacting on your behalf
- website hosting partners and other parties who assist us in operating our website, conducting our business, or servicing you, so long as those parties agree to keep this information confidential.
However, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.