We collect only anonymized datasets which don’t contain any personal information about the patients.

We provide to our partners clear instructions with the proven tools to get the datasets fully anonymized.

We have a clear QA process in place to make sure we get fully anonymized datasets which can be used in Healthcare R&D projects around the world.

We store our datasets on Box which is GDPR and HIPAA compliant and has its own built-in DICOM viewer.

We transfer imaging and video datasets to our clients and partners securely and safely.  

In case of any questions regarding the manner and scope of processing of your personal data and the scope of your rights, please contact us at dpo@meddare.com.

According to the EU regulations on personal data protection (the so-called GDPR) coming into force in the EU, we have taken measures to adapt internal procedures to the requirements of the law.

In case of any questions regarding the manner and scope of processing of your personal data and the scope of your rights, please contact us at: dpo@meddare.com.

We process personal data in order to conclude our contracts with the clients.

You may ask us to access your data, rectify it, transfer it, delete it, limit processing, and object to its further processing at any time.

The personal data that you entrust to us is stored in our database with servers in the EU. It is adequately protected so that it does not fall into the wrong hands or be lost.

Providing personal data is voluntary, however refusal to provide it may result in the refusal to conclude the contract.

For more information on medDARE’s GDPR policy, please contact us at dpo@meddare.com.

The Standards for Privacy of Individually Identifiable Health Information (“Privacy Rule”) establishes a set of national standards for the protection of certain health information. The U.S. Department of Health and Human Services (“HHS”) issued the Privacy Rule to implement the requirement of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”).

De-Identified Health Information

There are no restrictions on the use or disclosure of de-identified health information. De-identified health information neither identifies nor provides a reasonable basis to identify an individual.

Permitted Uses
and Disclosures

A covered entity is permitted, but not required, to use and disclose protected health information, without an individual’s authorization, for the following purposes or situations: (1) To the Individual (unless required for access or accounting of disclosures); (2) Treatment, Payment, and Health Care Operations; (3) Opportunity to Agree or Object; (4) Incident to an otherwise permitted use and disclosure; (5) Public Interest and Benefit Activities; and (6) Limited Data Set for the purposes of research, public health or health care operations. Covered entities may rely on professional ethics and best judgments in deciding which of these permissive uses and disclosures to make.

Research

“Research” is any systematic investigation designed to develop or contribute to generalizable knowledge. The Privacy Rule permits a covered entity to use and disclose protected health information for research purposes, without an individual’s authorization, provided the covered entity obtains either: (1) documentation that an alteration or waiver of individuals’ authorization for the use or disclosure of protected health information about them for research purposes has been approved by an Institutional Review Board or Privacy Board; (2) representations from the researcher that the use or disclosure of the protected health information is solely to prepare a research protocol or for similar purpose preparatory to research, that the researcher will not remove any protected health information from the covered entity, and that protected health information for which access is sought is necessary for the research; or (3) representations from the researcher that the use or disclosure sought is solely for research on the protected health information of decedents, that the protected health information sought is necessary for the research, and, at the request of the covered entity, documentation of the death of the individuals about whom information is sought. A covered entity also may use or disclose, without an individuals’ authorization, a limited data set of protected health information for research purposes.

For more information on medDARE’s HIPAA policy, please contact us at dpo@meddare.com.