DICOM Grid (dba Ambra Health) Privacy Policy

Last modified: September 26, 2016

The Ambra Health Privacy Policy describes how Ambra Health treats personal information when you use Ambra Health's products, including information provided when you use Ambra Health. In addition, the following describes our privacy practices that are specific to Ambra Health, a service that helps you store and organize your personal health information.

You are in control of your information

  1. You control who can access your personal health information. By default, you are the only user who can view and edit your information. If you choose to, you can share your information with others.
  2. Ambra Health will not sell, rent, or share your information (identified or de-identified) without your explicit consent, except in the limited situations described in the Ambra Health Privacy Policy, such as if Ambra Health is required to disclose an individual’s personal information in response to a lawful request by public authorities, including to meet national security or law enforcement requirements.
  3. You can completely delete your information at any time. Deletion will be initiated immediately, and your information will be purged from your account shortly thereafter. Additional backup copies of deleted information may persist for a short time. Ambra Health will not retain your information once deleted. Therefore, before you delete your information, you may want to print your information before deleting it.
  4. Ambra Health acknowledges that EU individuals have the right to access the personal information/data that we maintain about them.  An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data, should direct a query to info@ambrahealth.com. If requested to remove data, we will respond within a reasonable timeframe.

How Ambra Health uses your information

  1. To store your information in Ambra Health, you will need an Ambra Health Account. When you create a DICOM Grid Account, Ambra Health asks for your email address and a password, which is used to protect your account from unauthorized access. You can use an existing Ambra Health Account or create a new DICOM Grid Account specifically for this purpose.
  2. Ambra Health's servers automatically record log information about your use of Ambra Health (such as number of sign-ins and number of times a link was clicked). This information is temporarily stored in association with your Ambra Health Account for two weeks, at which point it is aggregated with other data and is no longer associated with your account. The log information will be used to operate and improve the service and will not be correlated with your use of other Ambra Health services.
  3. Ambra Health periodically publishes trend statistics and associations (such as what is published in Ambra Health Trends). Ambra Health may use data from your Ambra Health Account as part of an aggregated data set when publishing these trends statistics and associations (e.g., Ambra Health has found that one gender uses some modalities more than the other gender). These aggregated data sets do not contain any personally identifiable information and cannot be linked to you.
  4. Certain features of Ambra Health can be used in conjunction with other Ambra Health products, and those features may share information to provide a better user experience and to improve the quality of our services.
  5. The Ambra Health website does not deliver third party online advertisements on our sites but we advertise our products and services on third party websites. We use remarketing services to advertise on third party websites to previous visitors to our website. It could mean that we advertise to previous visitors who haven’t completed a task on our website, for example using the contact form to make an enquiry. This could be in the form of an advertisement on a search results page or on third party website. Third-party vendors use cookies to serve ads based on someone’s past visits to the website. Any data collected will be used in accordance with our own privacy policy and that of our service provider’s privacy policy. To opt out of these cookies and retargeting ads please visit http://www.networkadvertising.org/choices/.
  6. Types of Data Collected through the Ambra Health website:

    Personal Information Collected

    Personal information is information that identifies you as an individual. When you request information, subscribe to a mailing list, subscribe for a service, or respond to an online survey or otherwise contact us, we usually collect personal information such as your name, e-mail address(es), mailing address(es), and telephone numbers. We take your privacy and the quality of service we offer you very seriously. To ensure we provide the highest quality of service to our international visitors, we may forward your request for information and personal contact information to one of our regional partners. You opt into this sharing by filling out a form on our website; for example, by downloading an eBook or Requesting a Demo. To opt out of this sharing please email info@ambrahealth.com with the same name and email address you used when you submitted our forms. You can also opt out of providing information by not entering it when asked and, if such information is required in order to allow us to respond to your inquiry, you will receive a notice advising you of this. If you do not provide us with some or all of the requested information we may not be able to provide services to you.

    Other Information Collected

    The site also collects information that does not reveal your specific identity or does not directly relate to an individual ("other information"). For example, when you visit the site, we also track certain information about your computer and Internet connection, such as the IP address of your computer and/or Internet service provider, the date and time you access the site, the Internet address of websites from which you link to our site, the computer technology you are using and your movements and preferences on our site. We use technology that many other websites employ, including, without limitation, "cookies" or small data files stored on your computer's hard drive, to collect such information. There are persistent cookies and session cookies.  In some instances, we use cookies to collect information in connection with future visits from that website, to recognize you as a previous visitor, or to track your activity on our site. If you follow a link to the site from an affiliate or promotion, we store information about your arrival from that affiliate or promotion in a session cookie. A persistent cookie consists of a text file sent by a web server to web browser, which will be stored by the browser and will remain valid until its set expiry date. You do not need to have cookies turned on to visit our site. You can refuse cookies by setting your browser to decline them automatically or to give you the choice of declining or accepting the placement of cookies from the site. But, if you want to access Ambra Health webpages, you need to accept a mandatory session cookie, which you can delete after you leave the site. We also may collect information related to your company, geographic location, or other demographic information that does not personally identify you. To the extent permitted by applicable law, we reserve the right to combine other information as defined above with personal information that you submit.

Sharing your information with people and services you trust

This section is specific to Ambra Health products:

  1. If you share your information with others, you can view a list of who has access to your information and you can revoke sharing privileges at any time. When you revoke someone’s ability to read your health information, that party will no longer be able to read your information, but may have already seen or may retain a copy of the information.
  2. You can approve access for some of these service providers to view and copy your health information. If a service provider accesses your health information and stores a copy of your information, that copy will be governed by that service provider's privacy policy. Others at that facility – like an on-call doctor – may be able to view your information. Ambra Health is not responsible for the content, performance, or privacy policies of third-party service providers.
  3. Some of these third-party service providers will be covered by federal and state health privacy laws (such as the Insurance Portability and Accountability Act, or “HIPAA”), and those laws will govern how they may use and share your information. HIPAA requires (as does Ambra Health) that you must authorize these providers to send information to your Ambra Health account. With that authorization, you also give them permission to send certain especially sensitive types of health information (such as mental health or substance abuse records) that are protected by federal and state laws and require special authorization. When you ask Ambra Health to send your health information to others, you will also be giving Ambra Health permission to send those sensitive types of health information.
  4. All entities or business associates covered by HIPAA are contractually required to comply with HIPAA's rules related to collection, use, and sharing of your information. All other third-party service providers are contractually required to abide by the Ambra Health Developer Policies, which require that they comply with strict privacy standards for how they collect, use, or share your information.
  5. Ambra Health’s accountability for personal data of EU individuals that it receives under the Privacy Shield or US-Swiss Safe Harbor Framework and subsequently transfers to a third party is described in the Privacy Shield Principles. In particular, Ambra Health remains responsible and liable under the Privacy Shield Principles if third-party agents that it engages to process the personal data on its behalf do so in a manner inconsistent with the Principles, unless Ambra Health proves that it is not responsible for the event giving rise to the damage.

EU-US Privacy Shield and US-Swiss Safe Harbor

Ambra Health complies with the EU-US Privacy Shield Framework (“Privacy Shield”) as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries. Ambra Health has certified that it adheres to the Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability. If there is any conflict between the policies in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification page, please visit https://www.privacyshield.gov/.

Ambra Health also complies with the US-Swiss Safe Harbor Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information from Switzerland. Ambra Health has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. If there is any conflict between the policies in this privacy policy and the Safe Harbor Privacy Principles, the Safe Harbor Privacy Principles shall govern. To learn more about the US-Swiss Safe Harbor and to view our certification page, please visithttp://www.export.gov/safeharbor/.

In compliance with the Privacy Shield Principles and the US-Swiss Safe Harbor Principles, Ambra Health commits to resolve complaints about your privacy and our collection or use of your personal information. European Union individuals and Swiss citizens with inquiries or complaints regarding this privacy policy should first contact Ambra Health at:

Ambra Health
222 Broadway
18th Floor
New York, NY 10038
602-687-8046
https://ambrahealth.com

Ambra Health has further committed to refer unresolved privacy complaints under the Privacy Shield Principles BBB EU PRIVACY SHIELD, a non-profit alternative dispute resolution provider located in the United States and operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/EU-privacy-shield/for-eu-consumers/ for more information and to file a complaint.

Please note that if your complaint is not resolved through these channels, under limited circumstances, a binding arbitration option may be available to you before a Privacy Shield Panel as further explained in the Privacy Shield Principles in order to address residual complaints not resolved by any other means.

Likewise, Ambra Health has further committed to refer unresolved privacy complaints under the US-Swiss Safe Harbor to an independent dispute resolution mechanism operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/us/safe-harbor-complaints for more information and to file a complaint.

Ambra Health is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (FTC).

If you have additional questions, please contact us (mailto:info@ambrahealth.com) any time. Or write to us at:

If you have additional questions, please contact us any time. Or write to us at:

Ambra Health
222 Broadway
18th Floor
New York, NY 10038