iCareSync^™ Privacy Policy

Welcome

Welcome to the HealthXL LLC. (“HealthXL,” “Us”) iCareSync™ remote patient monitoring application platform (“Care App”). The iCareSync™ platform is subject to this Privacy Policy and the End User License Agreement available in the “Profile” section of the Care App. Receipt and use of individually identifiable personal information (“Personal Information”) by the iCare platform and collection and use of the vitals readings from your healthcare monitoring devices (“Device Readings”) through the Care App is subject to this Privacy Policy.

About this Policy

The purpose of this Privacy Policy is to tell you how HealthXL receives, uses, shares, and processes (“Uses”) your Personal Information, as well as the Device Readings collected through or related to the use of, the Care App. HealthXL provides its services and this Care App as authorized and directed by, and on behalf of your medical provider. Your medical provider’s Electronic Medical Record (“EMR”) system is the source for your Personal Information and your healthcare monitoring devices are the source for the Device Readings collected by the Care App for your records, as well as for transmission to the iCare platform so they can be made available to your medical provider.

Please read this Privacy Policy carefully. If you do not agree with HealthXL’s privacy practices, you may decide not to use the Care App. By using the Care App, you are agreeing to HealthXL’s receipt, use, disclosure, and other processing of your Personal Information and Device Readings as described in this Privacy Policy. We may update this Privacy Policy, so you should review it from time to time. We will update the Effective Date above when we update the Privacy Policy. The updated Privacy Policy will apply to actions related to Personal Information and Device Readings on and after the Effective Date.

HealthXL processes Personal Information and Device Readings to provide Medicare compliant remote patient monitoring services when it believes it has a necessary and legal basis to do so.

Our operations are based in, and are directed at individuals located in, the United States of America. The information we collect will be processed, stored, and used in the United States. Your Personal Information and Device Readings may be subject to access requests from governments, courts, law enforcement, or other third parties in the United States according to laws of the United States.

Certain laws protect categories of individuals, like minors or residents of certain states, or types of information, like health information, and we comply with those laws when they apply to the Care App.

This Privacy Policy covers Use of identifiable information. This Privacy Policy does not cover information that has had all identifiers removed (“De-Identified”). HealthXL may use De-Identified data as permitted by law, such as for HealthXL’s operations, for research, or to develop new services or products. HealthXL may also share De-Identified information with third parties, including researchers.

Personal Information Provided by your medical provider:

Your medical provider shares your Personal Information with Us in order for Us to provide the Care App services to you. This Personal Information may include the record id in your medical provider’s EMR, Name, Email Address, Phone Number, Age, Gender, Time Zone, and Other similar information.

Personal Information Utilized by the Care App:

The Personal Information provided by your medical provider is stored in our back-end platform and displayed in the Care App as part of the personalized experience. You do not have the ability to modify the Personal Information in the Care App. Any necessary changes to Personal Information must be communicated to your medical provider and/or HealthXL.

Device Readings You disclose to Us:

HealthXL collects Device Readings that you voluntarily provide to HealthXL when you interact with the Care App, such as when you use the Care App or the peripheral devices that share data to the Care App, or when you contact HealthXL.

The information that HealthXL receives depends on the context of your interactions with HealthXL and the Care App, the choices you make and the products and features you use. You may share information from the peripheral devices provided by HealthXL and connected to the iCareSync™ platform with HealthXL. The information may include, but is not limited to, your blood pressure, pulse, oxygen saturation levels, blood sugar levels, body temperature, and weight.

HealthXL’s use and disclosure of your Personal Information and Device Readings covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) will be governed by the Business Associate Agreement (BAA) in place between HealthXL and your medical provider. For information on how your medical provider handles your Personal Information and Device Readings, you may contact your medical provider.

HealthXL does not share, sell, or otherwise disclose your Personal Information for purposes other than those outlined in this Privacy Policy and permitted by applicable law. HealthXL may disclose your Personal Information to certain third parties, including:

• your medical provider that authorizes HealthXL to provide the Care App to you;
• third party service providers that we use to support the Care App;
• an organization that HealthXL merges with, acquires, or that buys HealthXL, or in the event of change in structure of HealthXL’s organization of any form;
• to comply with HealthXL’s legal obligations;
• to enforce HealthXL’s rights; and
• with your consent.

Automatic Information Collection and Tracking

When you download, access, and use the Care App, we automatically collect:

• Usage Details. When you access and use the Care App, we may automatically collect certain details of your access to and use of the Care App, including traffic data, location data, logs, and other communication data and the resources that you access and use on or through the Care App.
• Device Information. We may collect information about your mobile device and internet connection, including the device’s unique device identifier, IP address, operating system, and mobile network information.
• Reading Information and Files. The Care App also may access metadata and other information associated with other files stored on Your device, such as the Device Readings obtained from the peripheral devices and staged locally on your device.

In the course of providing our Care App’s service, we may use various technologies to collect and store information when you use our Care App. These technologies are designed to recognize your device, remember user preferences, help us understand Care App usage patterns and ultimately help us enhance the Care App’s functionality.

Third-Party Information Collection

When you use the Care App or its content, certain third parties that HealthXL does not control may use automatic information collection technologies to collect information about you or your device (“Third Parties”). These Third Parties may include:

• Analytics companies.
• Your mobile device manufacturer.
• Your mobile service provider.
• The manufacturer of the peripheral devices.

HealthXL does not control the Third Parties and they may use tracking technologies to collect information about you when you use this app. The information they collect may be associated with you or they may collect information about your online activities over time and across different websites, apps, and other online services websites. They may use this information to provide you with interest-based (behavioral) advertising or other targeted content. It is important that you read and understand any privacy policies published by the Third Parties to understand how they may collect and use data.

We do not control these third parties’ tracking technologies or how they may be used. If you have any questions about an advertisement or other targeted content, you should contact the responsible provider directly.

How We Use Your Information

HealthXL may use your information for the following purposes:

• To provide our services consistent with Medicare’s remote patient monitoring program and your medical provider’s requirements
• To present the Care App and its contents to you
• To protect your online security and/or prevent fraud
• To provide you with information, products, or services that you request from us
• To provide you with notices about your account or readings compliance
• To contact you through phone or email
• To contact you through text message when you provide us your consent
• To carry out our obligations and enforce our rights arising from any contracts entered into between you and HealthXL
• To respond to requests or messages submitted by you
• To monitor and improve user experience and troubleshoot issues with the Care App
• In any other way we may describe when you provide the information
• As otherwise required or permitted by applicable law, such as to permit us to comply with legal obligations
• For any other purpose with your consent

Security of Data

HealthXL has implemented safeguards designed to secure your information from accidental loss and from unauthorized access, use, alteration, and disclosure and entered into agreements as appropriate with your Provider governing the appropriate protection, use, and disclosure of your Personal Information and Device Readings. However, you understand that it is not possible to guarantee that any transfer of information over text messaging or e-mail is 100% secure. As a result, HealthXL cannot guarantee the absolute security of your information when it is sent via a text message or e-mail. By asking HealthXL to transmit information to you through text messaging or e-mail, you accept the risk that the transmission is not secure, and that your information may be exposed to a third party.

Data Retention Policy

HealthXL will retain your information for as long as is needed to provide services or comply with our legal obligations.

HealthXL will also retain usage data for internal analysis purposes.

HealthXL attempts to minimize the amount of Personal Information stored or retained on your device. Nevertheless, the Care App may:

• Store readings from your medical monitoring devices as part of staging the information prior to transmission to the iCare platform, and also to make historical readings available to you when your device is not connected to the internet.
• Temporarily store your Personal Information in memory or on your device while you use the Care App.
• Request information from servers and systems owned or operated by HealthXL and those servers and systems may record technical information about that request, such as an IP address and information related to the type of device, platform, and operating system you use with the Care App.

Data Deletion Policy

The app typically retains approximately three months of readings, subject to revision based upon input from medical providers. Please note that your account is not created by or in this app. A medical provider who chooses to use HealthXL, provides your data if you are eligible for Medicare’s remote patient monitoring program. Consistent with Medicare requirements, you are subsequently called and the account activated only upon explicit election by you to utilize these services. You can choose to discontinue use of the app at any time. Deinstalling the app will delete all local data. To terminate your participation in Medicare’s remote patient monitoring program, you can notify HealthXL or your medical provider at any time.

Disclaimer

HealthXL intends to keep the Care App updated. However, there is no guarantee or warranty related to the accuracy, reliability, or timeliness of any information published on the Care App or any website that links to or is linked from the Care App. Neither HealthXL nor any subsidiary or affiliate, nor any employee, owner, director, trustee, employee, or contractor shall be held liable for any losses caused by reliance on the accuracy, reliability, or timeliness of such information. If you rely on any information obtained using this Care App you do so at your own risk. While we exert reasonable efforts to maintain the privacy and security of all information that is accessible, or accessed, through the Care App, you acknowledge that electronic information is susceptible to unauthorized access, and that such information may be used, disclosed, modified, or corrupted without authorization or unintentionally.

Contact Information

If you have any questions about this Privacy Policy, the Care App, or your information, you may contact us by any of the following methods:

E-mail: Privacy@icaresync.com

Phone: (813) 953-0956

Mail: 500 Town Center Drive, Dearborn, MI 48126 (Attn: Privacy Officer, HealthXL)