Notices of Privacy Practices.
Policy Applicable to Online Activities Only.
Personal Information We May Collect and Uses of Said Information.
TYPES OF INFORMATION COLLECTED: We may ask you for certain information referred to on this site as “personal information,” which includes information that pertains to your identity. Such information may include, but is not limited to, items such as your name, address, email address, telephone number, or broker license number. You may be required to provide personal information to access or use certain parts of our website or features of the site. If you do not provide the requested personal information, you may not be able to access or use the features of the site where such information is requested.
USES OF INFORMATION COLLECTED: We will use the personal information we collect from you solely for the purpose stated on the page where it is collected. The Company will not sell, license, transmit, or disclose this information outside the Company and its affiliated companies unless (a) expressly authorized by you, (b) it is necessary to enable the Company, its contractors and agents to perform certain services and functions for you or for us, or (c) as required or permitted by law. In all instances where we disclose your personal information said disclosure of information will be made in compliance with applicable laws and regulations, and we will require the recipient to protect said personal information and to use it solely for the purpose(s) for which it was provided.
General Information We May Collect.
TYPES OF OTHER INFORMATION COLLECTED: There may be other instances in which we collect information from you that is more general in nature (“general information”). Such information may include your Internet Protocol (IP) address, which enables us to identify your computer or device on a Transmission Control Protocol/Internet Protocol (TCP/IP) network, which includes the World Wide Web. Your computer has an IP address, which is required in order for you to communicate with others via the Internet. Such general information, including the click stream data and cookies, as mentioned below, may be collected from you whenever you access the site, whether or not you provide us with any personal information.
- Click Stream Data. When you visit our website we may also collect “click stream data” (server address, domain name). This information can be combined with information you have provided to us by registering, for example, which will enable us to analyze and better customize your visits. We may use click stream data for traffic analysis or e-commerce analysis of our website, to determine which features of our site are most or least effective or useful to you.
- Cookies, Tags and Other Information. You should also be aware that when you visit our website, we collect certain information that does not identify you personally, but provides us with “usage data,” such as the number of visitors we receive or what pages are visited most often. This data helps us to analyze and improve the usefulness of the information we provide on our website.
Like most commercial website owners, we may use what is known as “cookie” technology. A “cookie” is an element of data that a website can send to your browser when you link to that website. It is not a computer program and has no ability to read data residing on your computer or instruct it to perform any step or function. By assigning a unique data element to each visitor, the website is able to recognize repeat users, track usage patterns and better serve you when you return to that site. The cookie does not extract other personal information about you, such as your name or address.
General Information About You.
USE OF GENERAL INFORMATION: We will primarily use the personal information you provide and any general information we receive from you to provide products and services to you, including, but not limited to, the following:
- Security Measures. The Company has adopted and adheres to stringent security standards designed to protect non-public personal information at www.copower.com against accidental or unauthorized access or disclosure. Among the safeguards that the Company has developed for this site are administrative, physical and technical barriers that together form a protective firewall around the information stored at this site.
- Risk of Interception and Your Email. Please keep in mind, however, that whenever you give out personal information online there is a risk that third parties may intercept and use that information. While the Company strives to protect your personal information and privacy, we cannot guarantee the security of any information you disclose online. By using this site, you expressly acknowledge and agree that we do not guarantee the security of any data provided to or received by us through this site and that any personal information, general information, or other data or information received from you through the site is provided to us at your own risk, which you expressly assume.
We welcome your quote, information, and change requests, and have provided e-mail forms for that purpose. We will only share these requests with those employees most capable of addressing your needs.
Please note that your e-mail, like most, if not all, non-encrypted Internet e-mail communications, may be accessed and viewed by other Internet users, without your knowledge and permission, while in transit to us. For that reason, to protect your privacy, please do not use e-mail to communicate information to us that you consider confidential. If you wish, you may contact us instead via telephone at the numbers provided at various locations on our site.
There are some locations on the CompanyÃ¢â‚¬â„¢s website where we have made special provisions for a more secure environment in which we can exchange information with you. At each of these locations, we will provide you with appropriate instructions.
No Use of This Site By Persons Under 18 Permitted.
NOTICE CONCERNING CHILDREN. PLEASE NOTE: We are a general audience site, and do not direct any of our content specifically at children under 13 years of age. We understand and are committed to respecting the sensitive nature of children’s privacy online. If we learn or have reason to suspect that a site user is under age 13, we will promptly delete any personal information in that user’s account.
SHARING INFORMATION WITH PERSONS OR ENTITIES WHO MANAGE THIS WEBSITE. The CompanyÃ¢â‚¬â„¢s global and local websites and the personal information and general information collected are managed and controlled by Web Master located at 1600 W. Hillsdale Blvd, San Mateo, CA 94402.
DISCLOSING INFORMATION TO THIRD PARTIES – Who may have access to your information.Other than to the companies belonging to or affiliated with the Company for the purposes set out above, and except as described in this policy, we do not sell, trade, or otherwise transfer your personal information or general information to third parties without informing you in advance. We provide some of our services through contractual arrangements with affiliates, services providers, agents, partners and other third parties (collectively, “service partners”). Our service partners may use your personal information to operate our sites and to deliver their services. For example, your data may be transferred to website hosting partners and other parties who assist us in designing and operating the website, executing services, or helping us analyze collected data. These parties will only use your data for the purpose of carrying out the work as agreed with us and will be required to keep the information confidential. We will encourage our service partners to adopt and post privacy policies. However, the use of your personal information by our service partners is governed by the privacy policies of those service partners and is not subject to our control.
SECURITY – Release of Information. The Company will release personal or general information without your consent for security purposes, when required by law, or to prevent imminent harm to any person or entity. We will disclose personal or general information upon receipt of a court order or subpoena, or to cooperate with a law enforcement investigation, which may include responding to requests and court orders from jurisdictions outside the United States. We fully cooperate with law enforcement agencies in identifying those who use our services for illegal activities. We reserve the right to report to law enforcement agencies any activities that we in good faith believe to be unlawful, as determined in our sole discretion. Release of your personal data for security purposes, as described in this agreement to any person or entity under any circumstances shall be based on a determination made solely by us, exercising our own discretion, permission for which is expressly granted by you to us in accordance with this policy.
LINKS TO THIRD PARTIES – Purpose of Links. The Company will release personal or general information without your consent for security purposes, when required by law, or to prevent imminent harm to any person or entity. We will disclose personal or general information upon receipt of a court order or subpoena, or to cooperate with a law enforcement investigation, which may include responding to requests and court orders from jurisdictions outside the United States. We fully cooperate with law enforcement agencies in identifying those who use our services for illegal activities. We reserve the right to report to law enforcement agencies any activities that we in good faith believe to be unlawful, as determined in our sole discretion. Release of your personal data for security purposes, as described in this agreement to any person or entity under any circumstances shall be based on a determination made solely by us, exercising our own discretion, permission for which is expressly granted by you to us in accordance with this policy.
COOKIES. A cookie is a small string of information that the website you visit transfers to your computer for identification purposes. Cookies can be used to follow your activity on the website and that information helps us to understand your preferences and improve your website experience. Cookies are also used for such activities as remembering your user name and password, if you use such a feature on this site. You can turn off all cookies, in case you prefer not to receive them. You can also have your computer warn you whenever cookies are being used. For both options you have to adjust your browser settings (such as Mozilla, Firefox, or Internet Explorer). There are also software products available that can manage cookies for you. Please be aware, however, that when you choose to reject cookies, this choice may limit the functionality of the website you visit and you may lose access to some of its features.
The HIPAA Privacy Rule.
The Standards for Privacy of Individually Identifiable Health Information (“Privacy Rule”) establishes, for the first time, a set of national standards for the protection of certain health information. The Privacy Rule standards address the use and disclosure of individuals’ health information -called “protected health information” by organizations subject to the Privacy Rule as well as standards for individuals’ privacy rights to understand and control how their health information is used.
A major goal of the Privacy Rule is to assure that individuals’ health information is properly protected while allowing the flow of health information needed to provide and promote high quality health care and to protect the public’s health and well being.
To review the entire Rule itself, and for other additional helpful information about how it applies, visit the OCR website.
Statutory and Regulatory Background.
The Health Insurance Portability and Accountability Act of 1996 (HIPAA), Public Law 104-191, was enacted on August 21, 1996. Sections 261 through 264 of HIPAA require the Secretary of HHS to publicize standards for the electronic exchange, privacy and security of health information. Collectively these are known as the Administrative Simplification provisions.
HIPAA required the Secretary to issue privacy regulations governing individually identifiable health information, if Congress did not enact privacy legislation within three years of the passage of HIPAA. Because Congress did not enact privacy legislation, HHS developed a proposed rule and released it for public comment on November 3, 1999. The final regulation, the Privacy Rule, was published December 28, 2000.
Who is Covered by the Privacy Rule?
- Health Plans. Individual and group plans that provide or pay the cost of medical care are covered entities. Health plans include health, dental, vision, and prescription drug insurers, health maintenance organization (“HMO”), Medicare, Medicaid, Medicare+Choice and Medicare supplement insurers and long-term care insurers (excluding nursing home fixed-indemnity policies). Health plans also include employer-sponsored group health plans, government and church-sponsored health plans, and multi-employer health plans. There are exceptions -a group health plan with less than 50 participants that is administered solely by the employer that established and maintains the plan is not a covered entity. Two types of government-funded programs are not health plans: (1) those whose principal purpose is not providing or paying the cost of health care, such as the food stamps program; and (2) those programs whose principal activity is directly providing health care, such as a community health center, or the making of grants to fund the direct provision of health care. Certain types of insurance entities are also not health plans, including entities providing only worker’s compensation, automobile insurance, and property and casualty insurance.
- Health Care Providers. Every health care provider, regardless of size, who electronically transmits health information in connection with certain transactions, is a covered entity. These transactions include claims, benefit eligibility inquiries, referral authorization requests, or other transactions for which HHS has established standards under the HIPAA Transactions Rule.
- Health Care Clearinghouses. Health care clearinghouses are entities that process nonstandard information they receive from another entity.
- Business Associates Defined. A business associate is a person or organization other than a member of a covered entity’s workforce that performs certain functions that involve the use or disclosure of individually identifiable health information. Business associate services to a covered entity are limited to legal, actuarial, accounting, consulting, data aggregation, management, administrative, accreditation, or financial services.
Sample business associate contract language is available on the OCR website.
What Information is Protected?
The Privacy Rule protects all “individually identifiable health information” held or transmitted by a covered entity or its business associate, in any form or media, whether electronic, paper, or oral.