Boston Scientific Corporation
Latitude Data Privacy Policy
Effective date: December 22, 2011Boston Scientific's mission is to improve the quality of patient care and the productivity of health care delivery through the development and advocacy of less-invasive medical devices and procedures. As part of this mission, Boston Scientific designed and implemented the LATITUDE Patient Management system (LPM). The LPM allows healthcare providers to remotely monitor Boston Scientific implantable cardiac medical devices. It is the policy of Boston Scientific to comply with all applicable laws governing the processing of personal information, including those associated with the safeguarding of sensitive or protected health information. Implementation of this policy is subject to specific laws in the countries where the patients reside. Boston Scientific complies with the U.S.-EU Safe Harbor Framework and the U.S.-Swiss Safe Harbor Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries and Switzerland. Boston Scientific has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Safe Harbor program, and to view Boston Scientific’s certification, please visit http://www.export.gov/safeharbor/. Furthermore, Boston Scientific abides by the Generally Accepted Privacy Principles (GAPP), as set forth below: Management:Boston Scientific has a program designed to protect personal information in its possession or control. This is done through a variety of privacy and security policies, processes and procedures. This program is overseen by Boston Scientific’s Chief Privacy Officer.Notice:Boston Scientific, through this policy, provides notice about its privacy practices. If Boston Scientific changes this policy, it will highlight the changes for at least 30 days.In addition to this policy, the personal information handling practices are also governed by the privacy policies of the Latitude-participating healthcare providers. The privacy practices on the LPM website are governed by the Boston Scientific website privacy policy. Choice and consent:Boston Scientific, through the healthcare provider, provides patients the ability to choose, where applicable, how personal information is handled. Note that a patient’s choice not to share his/her personal information with Boston Scientific will result in the patient not being enrolled or being removed if the patient is already enrolled.Collection:Boston Scientific collects personal information for the purpose of providing remote monitoring services for patients who have certain models of Boston Scientific implantable cardiac medical devices and have enrolled in LPM through their healthcare provider.Use, retention, and disposalBoston Scientific uses personal information for the management of its remote monitoring services, which includes customer and technical support, system maintenance, data compilation and analysis, data hosting, event reporting, program analysis and maintenance and other related purposes. Boston Scientific retains personal information for only as long as necessary to fulfill the stated purposes or as required by law or regulations and thereafter appropriately disposes of such information.Access:Patients enrolled in LPM can request access to their personal information for review and update by emailing Boston Scientific at latitudeprivacy@bsci.com. Patients may also make such requests by sending a letter to the address listed below. Furthermore, depending on applicable country laws, the participating healthcare provider may be required to provide patients access to their medical records, including information from LPM.Disclosure to third parties:Boston Scientific discloses personal information to the participating healthcare providers for remote monitoring of Boston Scientific implantable cardiac medical devices. Boston Scientific may also disclose personal information as needed to manage the remote monitoring services or as required by law. These third parties are required to handle personal information in a confidential manner and to maintain adequate security to protect the information from loss, misuse, unauthorized access or disclosure, alteration, and destruction.Security for privacy:Boston Scientific employs administrative, physical, and technical safeguards that reasonably and appropriately protect the confidentiality, integrity, and availability of the personal information that it creates, receives, maintains, or transmits.Quality:Boston Scientific maintains accurate, complete, and relevant personal information for the purposes of providing remote monitoring services. Boston Scientific relies on data integrity tools and processes along with timely and accurate updates from health care providers to ensure data quality.Monitoring and enforcement:Boston Scientific monitors compliance with its privacy policies and procedures and has procedures to address privacy related complaints and disputes.
To ask questions about Boston Scientific’s privacy practices, to lodge a complaint or to submit a patient access request, please contact us at:
|
||||||||||||||||||