Effective Date: 11/01/2024
Introduction
Rain Medical (“we,” “our,” or “us”) is committed to complying with all applicable privacy and data protection laws, including the Health Insurance Portability and Accountability Act (HIPAA) where applicable. This Privacy Policy explains how we collect, use, share, and protect the personal and sensitive information submitted by clinical providers—including doctors, nurses, and other healthcare professionals—when using our platform to request, approve, and fulfill graft orders and manage invoicing and payments.
By accessing or using our platform, you acknowledge that you have read and understood this Privacy Policy and consent to its terms. If you do not agree with these terms, please refrain from using our services.
1. Information We Collect
Rain Medical collects the following categories of information to perform our services:
a. Clinical Provider Information:
– Name, professional credentials, and contact details (email, phone number).
– Digital signatures and approvals required for order verification.
b. Patient Information:
– Patient identifiers (e.g., patient ID, case reference numbers).
– Medical details strictly necessary for processing orders and ensuring graft suitability.
c. Order Details:
– Information related to requested grafts, shipping instructions, and additional relevant order data.
d. Payment Information:
– Billing and payment details used for processing e-invoices and facilitating transactions.
e. Website and Usage Data:
– Technical information, such as IP addresses, browser types, and timestamps, for site functionality, security, and analytics.
2. Legal Basis for Collecting and Processing Data
We collect and process information based on the following legal principles:
– Performance of a Contract: Information is required to fulfill orders and process payments.
– Compliance with Legal Obligations: Data may be processed to meet regulatory or statutory requirements, such as recordkeeping or compliance audits.
– Legitimate Interests: We process data for platform security, fraud prevention, and service improvements, balancing these needs with user privacy.
– Consent: Explicit consent is obtained where required, such as for sharing patient-specific data with suppliers.
3. How We Use Your Information
Rain Medical uses your data for the following purposes:
– Processing and fulfilling graft orders.
– Enabling secure communication between clinical providers and our team.
– Generating and issuing invoices and processing payments.
– Meeting legal, regulatory, or compliance requirements.
– Improving website functionality, user experience, and operational efficiency.
4. Sharing Your Information
Rain Medical only shares your information in the circumstances described below:
a. With Your Authorization:
Data related to orders and patient details is shared only when expressly authorized by the clinical provider.
b. With Trusted Third Parties:
– Order Fulfillment: Limited patient and order details are provided to vetted suppliers or distributors to produce and deliver the requested grafts.
– Payment Processing: Payment and billing information is shared with secure third-party payment service providers to facilitate transactions.
c. Legal and Regulatory Disclosures:
We may disclose information if required to comply with a valid legal obligation, regulatory inquiry, subpoena, or other lawful request by public authorities.
5. Data Security Measures
We implement robust administrative, technical, and physical safeguards to protect all personal and sensitive data, including:
– Data encryption during transmission and at rest.
– Secure storage solutions and regularly updated access controls.
– Role-based access, limiting exposure to authorized personnel only.
Despite these measures, no system is completely secure. If you suspect a data breach or unauthorized access, notify us immediately.
6. Data Retention
Rain Medical retains information for as long as necessary to fulfill the purposes outlined in this policy, comply with legal obligations, and resolve disputes. Retention periods are regularly reviewed to ensure compliance with applicable laws.
7. Your Rights
As
a user of our platform, you have the right to:
– Access Your Data: Request a copy of your data in a readable format.
– Request Corrections: Correct inaccurate or incomplete information.
– Request Deletion: In certain circumstances, request the deletion of personal
data.
– Restrict Processing: Limit how your data is processed, as permitted by law.
– Data Portability: Receive your personal data in a portable format where
applicable.
To exercise these rights, contact us at [email address or phone number]. Requests are subject to legal and regulatory requirements, and certain rights may be restricted in the context of patient data or legal obligations.
8. Cookies and Tracking Technologies
Rain Medical may use cookies and similar tracking technologies to improve website performance, analyze user behavior, and enhance user experience. You can modify your cookie preferences via browser settings.
9. Policy Modifications
Rain Medical reserves the right to amend this Privacy Policy to reflect changes in our practices, technology, or legal obligations. Updates will be posted with the revised effective date, and users will be notified of material changes.
10. Contact Information
If you have questions or concerns regarding this Privacy Policy or how your information is handled, please contact us:
Rain Medical
8575 Fern Ave
Suite 108
Shreveport, LA 71105
admin@rainorders.com
318-828-2085