For purposes of this document, PII means personally identifiable information of a User and may include a User’s first and last name, address, telephone number, email address, social security number, date of birth, credit card number, billing address, expiration date, and security code, and any other bank account or financial information provided by a User to InSight + Regroup.
For purposes of this document, PHI means medical and mental health information, history and records that You, your Provider, the Organization or Facilitator provides to us.
For purposes of this document, PFI means personal financial information as defined by the Fair Credit Reporting Act (FCRA) and the Gramm-Leach-Bliley Act (GLBA).
Children’s Online Privacy Protection Act
InSight + Regroup complies with the Children’s Online Privacy Protection Act of 1998 (“COPPA”).
COPPA requires that service providers never knowingly request, collect, store or use personally identifiable information from anyone under the age of 13 without first obtaining verifiable parental consent. In accordance with COPPA, before a User under the age of 13 commences use of the Inpathy Service or otherwise provides Inpathy with such User’s PII or PHI, we require permission from such User’s parent or legal guardian (a “Parent”) to do so, as set forth below.
Verifiable Parental Consent
Alternatively, a Parent may call the toll free number below to schedule a videoconferencing appointment with a trained InSight + Regroup representative to offer verifiable parental consent.
InSight + Regroup Contact Information
Please send all requests for Parental Consent to:
InSight + Regroup
1120 Rt 73, Suite 300
Mount Laurel, NJ 08054
1.800.442.8938, option 4
Parental Review and Access
A Parent may review the PII InSight + Regroup collects from that Parent’s child User and, upon request, may require InSight + Regroup to delete such PII from InSight + Regroup’s and its affiliates records and servers or otherwise correct such PII. A Parent may also contact InSight + Regroup to request that InSight + Regroup and its affiliates cease further collection or use of such Parent’s child User’s PII. To do so, please contact InSight + Regroup by mailing a request using the contact information provided below.
Retention of Information
InSight + Regroup and its affiliates will only retain a child User’s PII for as long as is necessary to allow the child User to use the Service or to otherwise comply with state, local and federal law. InSight + Regroup will use commercially reasonable efforts to delete a child User’s PII as promptly as possible after a child User has ceased use of the Service or upon request by a child User’s Parent.
What PII, PFI and PHI does InSight + Regroup collect?
InSight + Regroup may collect the following PII, PFI or PHI in connection with the Website or the provision of the Service:
3. Social Security Number
4. Phone Number
5. Medical History / Current Ailments
6. Physician Information
7. Email address
8. Financial or payment information including credit card information
11. Credit card information, insurance information or other information relating to payment
12. Other medical or clinically related information customarily included within a medical record
When does InSight + Regroup collect PII or PHI?
Except as otherwise provided herein, InSight + Regroup or its affiliates only collect PII or PHI that you provide voluntarily through the Website, the Service or to an employee, representative or agent of InSight + Regroup or its affiliates. Some examples of times when InSight + Regroup or its affiliates collect PII or PHI include when you:
- Create a User Account;
- Transmit PII or PHI through the Inpathy Service;
- Provide PII or PHI to your Provider, Facilitator or Organization and such Provider, Facilitator or Organization inputs such information via the Inpathy Service;
- Send an email to InSight + Regroup or otherwise contact InSight + Regroup or its employees, agents or representatives via the Website, the Service or otherwise;
- otherwise directly provide InSight + Regroup with PII or PHI; or
How does InSight + Regroup use your PII, PFI and PHI?
InSight + Regroup uses your PII, PFI and PHI for the following purposes:
- To respond to your emails or inquiries sent to InSight + Regroup, its representatives, agents, or employees;
- To conduct a transaction that you have authorized, such as the transfer of funds in connection with a subscription to the Inpathy Service;
- To provide you with information about InSight + Regroup and its products and services;
- To alert you to special events, volunteer opportunities, updated information and other news and information from InSight + Regroup;
- To provide your Facilitator, Organization and/or Provider with access to your PII and/or PHI via the Inpathy Service; and
In addition, InSight + Regroup may hire other companies to perform services on its behalf such as operating certain aspects of the Website or the Service or sending you email. These other companies may be supplied with or have access to your PII, PFI or PHI for the sole purpose of providing these services to InSight + Regroup or on InSight + Regroup’s behalf. We require these companies to protect and safeguard your PII, PFI and PHI to the same extent as we do.
How does InSight + Regroup disclose your PII?
Though we will make commercially reasonable efforts to preserve User privacy and to protect PII, we may need to disclose PII when required by law or if we have a good-faith belief that the action is necessary to comply with a pending judicial proceeding, a court order or legal process served on InSight + Regroup or to protect InSight + Regroup’s rights or the rights of others, to fight fraud, identity theft, to ensure the integrity and operation of InSight + Regroup’s business and systems, or to protect the rights, property or safety of InSight + Regroup, its employees or others.
How does InSight + Regroup disclose your PHI?
Because we are a business associate of a number of health care providers, we are required to comply with many of the privacy and security requirements of the Health Insurance Portability and Accountability Act of 1996, as amended, (“HIPAA”). We protect your PHI as required by HIPAA and will only disclose PHI in one of the following situations:
- We receive your prior authorization.
- We are required by law to disclose the information.
- The disclosure is permitted by HIPAA.
How We Share Your Information
On an aggregate basis only, we may collect comprehensive demographic and other non-identifying information about users of the Website and the Service. InSight + Regroup will never disclose any PII, PFI, or PHI as part of this aggregate information but we may lend, sell, share or otherwise disclose aggregate information with others so we can perform research and provide the results to third parties, enhance and market the Website and/or the Service, and conduct accounting and process record keeping functions.
To prevent unauthorized access, maintain data accuracy, and ensure the correct use of PII, PFI and PHI, we have put in place or made our best efforts to ensure the existence of reasonable, industry-standard physical, electronic, and administrative procedures to safeguard and secure the PHI, PFI and PII we collect and store online and to protect the loss, misuse, and alteration of the PHI, PFI and PII under our control. We comply with the HIPAA security and privacy requirements with respect to safeguarding and securing your PHI and have implemented such safeguards as data encryption, and encrypted authentication. Unfortunately, no data transmission over the Internet can be guaranteed to be absolutely secure. As a result, while we strive to protect your PII, PFI and PHI, we cannot ensure or warrant the security of any information you transmit to us, if your website access credentials have been compromised due to no fault of InSight + Regroup or its associated providers. If InSight + Regroup provides you with a user name and password to access the Website, we disclaim any responsibility for a breach of privacy as a result of your knowing, willing, negligent, or inadvertent disclosure of your user name and password to anyone other than a Facilitator using Inpathy on your behalf.
Other Websites and Links
On InSight+ Regroup’s Website, through the Service or in correspondence sent to you by InSight + Regroup, InSight + Regroup may include links to other websites that it thinks will be of interest to you or that are operated by our business partners, affiliates, advertisers, and others. These third parties have separate data collection and privacy practices independent from InSight + Regroup’s and InSight + Regroup cannot be responsible for their policies or activities. Please contact those third parties directly if you have questions about their privacy policies.
Cookies, Web Beacons, Clear Gifs, and IP Addresses
Additionally, we may use IP address information to count and track aggregate visits to the Website or the Service, to help diagnose problems with our or Mahler Health PM’s servers, and to administer the Website or the Service. InSight + Regroup does not link IP addresses to anything identifying a specific person, so while a particular user’s session can be tracked, the user remains completely anonymous.
Merger or Sale
If InSight + Regroup is sold or merged with another company, your PII, PFI and PHI may be included as part of the sale. Unless you are notified otherwise, such other company will maintain your PII, PFI and PHI in the same manner as set forth herein.
Your California Privacy Rights
California Civil Code Section 1798.83 permits customers of InSight + Regroup who are California residents to request certain information regarding its disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please contact us via the contact information below.
InSight + Regroup
1120 Rt 73, Suite 300
Mount Laurel, NJ 08054
*may be used for parental inquiries