|Privacy & Security Policy
E-Mergency introduces a whole new brand of privacy, protection
and personal access that exceeds the requirements of HIPAA
The Health Insurance Portability and Accountability Act (HIPAA)of 1996 requires your personal medical information to be accessible to you while your personally identifiable information (PII) is protected. TTW Systems, LLC maintains that any institution that keeps medical information in a centralized database and uses your PII to identify and retrieve it cannot say with 100% certainty that your records are safe. So-called secure data bases can be breached, and PII that is under the control of an institution can be inadvertently lost, displayed, or stolen.
E-mergency solves this problem by putting you in control of access to your medical records. Because you control access through your password and login E-mergency does not keep any of your PII on our servers. We don't need to, because we never access your medical information: you do, by granting EMTs or other health professional temporary permission to view it in an emergency.
You may change your password at any time to protect your records in case your phone or computer is lost, stolen, or inadvertently displayed.
E-Mergency not only exceeds HIPAA requirements for the protection, security and availability of our Members' medical records: we have created a whole new standard for privacy and consumer control over what is rightfully yours - your own medical and health information.
Putting you in control of your medical records is the ultimate solution for privacy, protection and accessibility.
As concerns your medical and health records, access, integrity, availability, ownership, authorization, dependability, authentication, and confidentiality are cornerstones of TTW System's Security Policy.
TTW upholds our Security Policy with the following security measures:
Audit Trail. TTW maintains an audit trail and log of accesses to information provided by you in connection with the E-mergency service.
Auto-Logoff. TTW protects you against accidentally leaving your personal information active on a computer browser screen. The E-mergency service ends your "session" if you are logged in to your EMR site but have not actively used the service for a set period of time. This prevents others from accessing your account when you leave a session and forget to log out.
Business Partners. We require people we do business with to agree to comply with HIPAA and other privacy and security laws - and to accept and comply with our policy of no association of PII with your E-mergency medical and health records.
Limited Personal Information. The only information about you that TTW maintains is contact information (email and/or telephone numbers) that we use to send you information about updates or other important events - and to bill each year's renewal. This information is for contact and billing purposes only and is never associated with your medical and health information. TTW Systems does not keep birth date, address, social security numbers or credit card information on our servers.
Confidentiality. TTW has internal policies that keep your data private and confidential. TTW will not share, sell or rent your data with any unauthorized party.
Data Security. The third parties that own and operate the servers at the data centers at which your contact data is maintained take all reasonable measures to secure your data. The data centers are administratively, physically and technically secure. The servers are separated from the Internet by a firewall that prevents Internet traffic that fails to meet certain security criteria in an effort to block access by unauthorized parties and reduce Internet traffic from non-legitimate sources.
Digital Certificates. TTW uses a digital certificate issued by A2 Hosting, a leading Secure Server Certification Authority. This gives you the confidence that you are connected to a website operated by TTW, and authenticated as such.
Disaster Recovery. In the case of a disaster which affects the primary third-party data center used by TTW, redundant systems are maintained geographically by the third party to minimize downtime. Upon detection of such a situation, a managed domain name system (DNS) provider will begin routing traffic to a secondary third-party data center facility where redundant systems will immediately begin servicing requests.
Encryption. All communication between you and the third-party server used by TTW is secured by using TLS/SSL, which uses up to 256-bit encryption depending upon the Internet browser in use.
High Availability. The third-party data center used by TTW maintains redundant subsystems, such as multiple Internet trunks coming into the data center from multiple sources, fully redundant power on the premises, and backup generators to avoid outages caused by power failures, fires, natural disasters and other matters. Additionally, data is regularly backed up by the third party and stored off-site at a geographically dispersed data center location owned by the third party.
Login ID and Password. Access to your E-mergency Membership account is controlled by a login ID and a password, which you chose. E-mergency recommends and accommodates the use of complex alpha-numeric plus special character passwords. Strict login ID and password rules are designed to eliminate an unauthorized user from gaining access to your E-mergency account. In case of a lost password, we will never send your password to you. Instead, you must pass certain tests before we will give you access to your account in order to set a new password.
Monitoring and Emergency Preparedness. Our systems are fully monitored both by the third-party data center staff and a third-party system monitoring agent. Upon detection of any failure, TTW staff is notified immediately and is trained to respond by quickly assessing the situation to determine if automated recovery means have been triggered and are performing as expected. If not, immediate action is taken with the assistance of data center staff to correct the situation and restore service as soon as possible.
Temporary Read-Only Access. EMS Providers are granted temporary read-only access to your information; an EMS Provider does not have the ability to alter or modify your information. You may change your password at any time to prevent the same EMS providers from re-accessing your EMR.
What Information Do We Collect?
Information Request. If you wish to request more information about the E-mergency service prior to registering, you are required to provide your name and email address. This information is used by TTW Systems to contact you about our services.
We do not sell, rent, or lease your name or email address to third parties, and we will not provide your personal information to any third party individual, government agency, or company at any time. We use your e-mail address solely to communicate with you regarding your questions or other requests, or to update you regarding new developments at E-mergency.
Purchase. When you purchase your Emergency Medical Record (EMR) Account at myE-mergency.com we require that you enter certain contact information as part of the process (for example, name, email address, billing address, home zip code and credit card or paypal account numbers). With the exception of your email address, this information is for a one time use only - for verifying and authorizing credit card payments - and is not kept on our servers. This information is never associated with your EMR Account.
Your email address is kept on a separate server and used for intermittent communications with you regarding product upgrades or pertinent information, and to remind you of your yearly renewal.
Emergency Medical Record (EMR). After you have purchased your E-mergency Account, you will be transferred directly to your EMR website where you may enter, and update, your medical information. You set the login and password for this site, and have the option of changing it at any time. At this time you will also be asked to answer three special questions to be used in case you lose your password and wish to change it, or wish to change your password for any reason.
If you change your Member password for your EMR site, you must also change it on your smart phone application or your phone application will not access your EMR website. As a privacy and security precaution, the E-mergency Account on any phone that tries to access a EMR site without the proper password will be deleted. the purpose of this action is to prevent unauthorized access of your accounts, either on your EMR website or on your phone. If you forget to update your phone password and your E-mergency app Account is deleted, all you need to do reestablish it is re-enter your password and your token, and set up your phone app again.
You will also be assigned a Member ID to be entered into your E-mergency phone application (in the case of multiple Members, you will be given a "token" which will automatically enter all Member IDs into your phone at one time). The purpose of this Member ID is to allow your smart phone application to synchronize with your EMR Account and display your medical records.
Your EMR account is designed to completely separate your medical information from your PII. Your EMR account contains no PII. Do not enter your true name, social security number, physical address, or any other identifying information other than your email. You should not enter any PII into your EMR account. Use only "nicknames" for your account Members - they will be identified on your phone in an emergency by their photos on your phone.
TTW Systems is not responsible for any personally identifying information that our Members may include in their EMR Accounts.
Your EMR account will include medical and/or health information about you and your Members (including, but not limited to, information about blood pressure and other vitals, information about diseases or conditions that you may have, information about drugs you use or medical procedures you have undergone). You will enter this information yourself, or with the help of a doctor or other medical or health professional. You may also change it at any time. TTW Systems assumes no responsibility for the information you enter, the accuracy of such information, or the completeness of your medical information.
The purpose of the E-mergency service is to provide EMS Providers with the ability to access certain medical information concerning you during an emergency, and to notify the contacts of your choice that your medical records have been accessed. The E-mergency service offers various messaging platforms relating to specific requests and/or purposes to facilitate these communications (for example, email or SMS text notifications). Your provision of information in connection with the E-mergency service is voluntary and you therefore have a choice whether or not to disclose this information.
Health Information. The E-mergency service permits you to provide and store health information online, including health conditions, allergies and medications (your "Emergency Medical Record"). You provide this information voluntarily, and therefore recognize that you have a choice whether or not to disclose this information.
Your Log Files. In connection with your use of the E-mergency service, TTW collects and stores the Internet Protocol (IP) address of the computer you are using; the name of the domain and host from which you access the Internet; the browser software you use and your operating system; the default language on your Internet browser or your operating system; the date and time you access the service; and the Internet address of the website from which you directly linked to myE-mergency.com. TTW Systems uses this log file information to analyze trends, administer the service, and monitor service traffic and usage patterns for internal security purposes and to help make the E-mergency service more useful. We do not sell, rent or any in way share this information with any third parties.
EMS Provider and Provider-Designated User Information.
How Will Your Information Be Used And Disclosed?
In addition to the uses and disclosures of information outlined above, your information may also be used and disclosed as follows:
Use of E-mergency Member Information
TTW maintains an audit trail that keeps track of who has seen your E-mergency membership account and/or Health Information and whether any changes to your account and/or Health Information have occurred. You have the ability to view this audit trail to see all viewers of your account and/or Health Information.
You can always view all the information you entered in the E-mergency service voluntarily.
If another individual is managing your account with your permission (for example, a mother managing the account of her son), this person can view all your information entered in the E-mergency service on your behalf.
Your EMS Provider or an EMS Provider-Designated User can use contact and/or health information about you stored by TTW in connection with the provision of emergency medical services.
TTW Systems uses the contact and health information you supply to: 1) invite you to register for the E-mergency service, 2) determine service use, 3) survey you to evaluate and improve the E-mergency service, 4) operate the E-mergency service and to decide what services will meet our members' needs, 5) provide information as required by law, 6) communicate back to you about customer service issues, and 7) update you on service and E-mergency benefits.
Certain features of the E-mergency service may be used in conjunction with other TTW products, and those features may share information to provide a better user experience and to improve the quality of our services.
Disclosure of E-mergency Member Information.
Health Information. When an EMS Provider determines that you are in need or may be in need of emergency medical services and that you are an E-mergency member, you are deemed to have agreed to permit the EMS Provider and EMS Provider-Designated Users to have access to your Health Information. In addition, if the EMS Provider transports you to a facility, you are deemed to have agreed to permit notification of such transport to your E-mergency contacts provided through the E-mergency service.
What does TTW do with anonymous (de-identified) information?
TTW removes your identity from your personal information (contact, health and/or financial) and may work with it as anonymous ("de-identified") information.
Individual information is information about a user presented in a form where information about one anonymous user would be indistinguishable from information relating to other anonymous users (e.g. "a 30-year-old female"). Individual information is not in a form that allows anyone studying the information to personally identify any user.
Aggregate information is information that describes the habits, usage patterns and/or demographics of users as a group but does not reveal the identity of particular users. Your anonymous data is combined with the anonymous data of other E-mergency users and may become statistics.
We might use aggregate information within the E-mergency service to understand the needs of the E-mergency community of users and determine what kinds of programs and services we can offer to you. TTW Systems could use this anonymous information to give potential users, providers, or business partners a picture of the E-mergency community and services.
Can Patients Opt Out or Opt In to Specific Uses Of Their Information?
Medical Information. If you no longer wish to allow an EMS Provider to view your medical information, you may deactivate your E-mergency membership.
Invitations. If you no longer wish to receive invitations to register for the E-mergency service, you may request that TTW Systems no longer send invitations to you using myE-mergency.com.
Storage and Maintenance of Information. TTW stores and maintains all electronic communications sent via the E-mergency service, your Health Information, contact information and financial information for a period of at least ten (10) years.
In order to personalize our service for you and to collect aggregate, non-personal information regarding service usage by all of our users, myE-mergency.com uses "cookies" and may also use "web beacons" on its website or via email. A "cookie" is a small text file that invisE-mergencylebracelet.org transfers to your computer's hard drive. myE-mergency.com assigns each computer a different cookie. The cookie assigns a random, unique number to your computer. The cookie does not contain personally identifiable information, although other websites are able to access the random, unique number contained in cookies originating from myE-mergency.com. A "web beacon" is an object embedded in a webpage or email and is usually myE-mergency.com to the user but allows for a party to check whether a user has viewed a particular webpage or email. Web beacons help us track usage of our services. While web beacons will be assigned a random, unique number, web beacons do not contain personally identifiable information.
Your browser software can be set to warn you of cookies or to reject all cookies. Most browsers offer instructions on how to reset the browser to reject cookies in the "Help" section of the toolbar. If you reject cookies originating from myE-mergency.com you will not be able to use myE-mergency.com.
What can I do to protect my Privacy?
In order to protect your privacy you should: 1) never share your sign in name or password, and 2) always sign out when you are finished using the service. Also, do not enter any personally identifying information (PII) into your Emergency Medical Record form. Do not use any PII when naming your Account Members.
The E-mergency service is designed and intended for use by adults, and is not intended for, nor designed to be used by children under the age of 18. No Account Administrator may be under the age of 18. A parent or guardian, however, may use the E-mergency service on behalf of a minor child, who may be a designated Member of an Account. The parent or guardian assumes full responsibility for ensuring that the authentication information is kept secure and that the information submitted is accurate.