Privacy Policy

Last Updated February 2, 2020

Your privacy is important to us at Baton. We want to be clear how we use your personal information as well as any Personal Health Information (PHI). This Policy may be periodically modified. Our Privacy Policy explains:

  • The information we collect and why we collect it.
  • How we use that information and when we disclose it
  • Third party applications and any data that is communicated with these applications
  • The steps we take to protect your information.

For the purposes of this document, the type of data we collect and store is broken down into two subsets: Personal Information and Personal Health Information (PHI).

Personal Information We Collect

Personal information refers to information that lets us know the specifics of who you are (as a partner or customer). Here are the ways in which we may collect personal information and the types of information you may submit.

Account and User Information

We collect information about you and your company when you register for an account, create or modify your profile, and agree to purchase our services. Information we collect includes, but is not limited to, your name, username, address, email address, phone number, and payment information.

Internet and Device Information

We record certain information and store it in log files when you visit our websites or utilize our applications. This information may include but is not limited to IP addresses and device identifiers, ISPs, browser type, Operating Systems, date/time stamp, mobile carrier, and system configuration information.

Cookies

We may use cookies that we save to your computer or mobile device. Cookies are small data files stored on your hard drive or in memory, and can help improve your experience (e.g. by allowing you to access and use our applications without re-entering your username or password). Information we store in cookies may be associated with personal information you submit while using our applications and websites. If you decline cookies on our site, you may not be able to use all aspects of our Services.

Customer support

We may use a 3rd-party service (Intercom) to provide customer support inside of our application. Information passed to Intercom may include username, email address, and first and last name. Furthermore, additional information about how users are interacting with Baton’s applications may be passed to Intercom in order for us to better understand application usage.

Personal Health Information (PHI)

PHI may be provided to Baton in the following 2 ways.

Direct user interaction with Baton Applications

Users will directly input PHI data into Baton’s application(s) in order for Baton to facilitate more efficient patient discharge. Baton will only prompt users for the minimum PHI data which is necessary for Baton’s functionality.

Interface with Redox

Baton will pull data from a third-party provider (Redox). Baton will only request from Redox the minimum PHI data necessary for application functionality. Also, Baton may transmit some PHI data input via users bacto to Redox under the following circumstance: The customer has decided that PHI data entered directly into Baton should be transmitted to the customer’s internal EHR (and we will use Redox to facilitate this transmission).

How we secure your data

  1. Baton will never share data with any third-parties, except for
    • In the fashion outlined above with Redox and Intercom;
    • If the customer grants express written approval to do so;
    • We believe that disclosure is reasonably necessary to comply with any applicable law, regulation, legal
    • process or governmental request;
    • To enforce our terms of service or to protect the security or integrity of Baton’s products and services;
    • To protect the property, rights, and safety of Baton
    • To protect our customers or the public
    • To prevent the death or serious bodily injury of any person
    • To defend ourselves against any possible third-party allegations, claims, or other litigation
  2. Baton’s application and web infrastructure is housed in AWS, and we have built our infrastructure to adhere to HIPAA standards for software and data, basing our overall architecture on the AWS HIPAA stack and ensuring that we are following government guidelines.
  3. Baton will anonymize PHI once it is no longer needed for our services to function properly (i.e. in a timely fashion after patient discharge). We will maintain some information included but not limited to: Length of patient stay, communication latency between stages of our process, and metrics around the effectiveness of our services. This information shall be anonymized in order that it may never be used to identify an individual.

Caveats

No transmission of data over the Internet or Wireless Networks can ever be guaranteed to be 100% secure. While we devote substantial effort and resources to protect personal information, as a customer you acknowledge that: Some security and privacy vulnerabilities of the Internet are beyond our control, we cannot 100% guarantee security when data in transit, and it is possible that data may be viewed or tampered by a third party.

Business Transfers

We may share or transfer any and all data in connection with, or during negotiations of, the event of any financing, merger, sale, or acquisition of all or a portion of our business to another company. If any such events occur, we will provide updates either via direct email and/or posts to our company website https://baton.health.

Contact Information

Please contact us with any questions about this Policy by email at info@baton.health.