Please leave this field empty.




Privacy & Security

OBERD PRIVACY POLICY

WHO WE ARE

Oberd, a product of Universal Research Solutions, LLC (URS), is used by your healthcare institution to provide patients with an efficient way to complete forms and other material related to treatment outcomes, education, satisfaction and the healthcare provider’s standard of care.

OUR COMMITMENT TO PRIVACY

URS is committed to protecting the privacy of any health information we receive or create from any source and this commitment is a central component of our business. Further, we are required by law to protect and maintain the confidentiality of any and all health information and we have established a number of systems to fully and effectively meet our legal and ethical obligations to any patient whose health information is transmitted to us. Oberd also complies with the new General Data Protection Regulation (EU Regulation 2016/679, GDPR).

WHAT INFORMATION IS COVERED BY OUR PRIVACY POLICY

“Health Information,” “Protected Health Information,”  “Personal Health Information” and “Personal Data” are all subject to our privacy policy. Collectively, these terms include any information that could possibly identify a patient, their physical or mental health or medical records. Any information relating to patient treatment, diagnosis, prognosis, insurance information, payment information, health care directives, and organ or tissue donation are considered protected/personal health information. Basic demographics and other medical record data are often automatically passed to Oberd from a Practice Management or Electronic Medical Records system as covered by URS’ legal agreements with the healthcare institution (also known as Covered Entity in legal contracts). Receiving this type of data automatically helps Oberd efficiently deliver the right forms and material ordered by a patient’s healthcare provider, along with report information in a more meaningful way to healthcare professionals.

WHAT WE DO WITH INFORMATION WE RECEIVE

We are in the business of assisting healthcare organizations and patients with the capture and flow of electronic information. Information we receive is used to facilitate the provider/patient relationship, to improve communication and education relating to medical products and services, and also to improve the quality and efficiency of the patient’s care. The information may help medical provider’s make decisions related to care but medical providers use other knowledge and experience as well; Oberd data is not the sole basis for decisions related to a patient’s treatment plan.

The information we receive that is subject to this privacy policy is made available to the patient’s healthcare provider and to members of the provider’s group, and possibly to third-parties of secure web-based facilities for treatment purposes. We do not make protected information available to any unauthorized person or entity . In addition, we collect technical usage information, which is automatically generated by your computer or device when you access our system and use its applications.

Technical usage information includes:

  • IP address;
  • device information including, but not limited to, identifier, name, and type of operating system (including versions);
  • standard web information, such as browser type and pages accessed;

Cookies are used to provide relevant statistics of technical usage.

It is in our legitimate interest to effectively process data and provide useful content. The technical usage data helps us to do so in the following ways:  

  • personalize Websites and Applications (i.e. Apps);
  • monitor and analyze trends, usage and activity in connection with our Websites and Apps to improve our services;
  • administer and internally manage our Websites and Apps in order to conduct troubleshooting, data analysis, testing, research, statistical and survey analysis;
  • keep our Websites and Apps safe and secure; and/or
  • measure and understand the effectiveness of the content we serve.

HOW WE PROTECT THE INFORMATION WE RECEIVE

We do not sell, rent or lease personal health information. The information we receive that is subject to this privacy policy is stored either in our facilities or in a secured third-party facility under the terms of a hosting agreement with us that obligates the third-party to observe our privacy policy. We continuously staff our facilities and restrict access with bio-metric security features or other equivalent access control measures, and our facilities are subject to continuous video monitoring. All information we receive that is subject to our privacy policy is stored in encrypted form (using the AES-256 method, the strongest known) so, even if the files should fall into the wrong hands, they are not readable. When data moves in or out of the database it is encrypted while in transit so, even if intercepted, the information is not readable.

HOW LONG DO WE KEEP THE COLLECT DATA

The collected information is often kept indefinitely unless otherwise stated in our legal contract with the Covered Entity or healthcare organization. De-identified, aggregated historical data is often used for treatment and quality purposes to allow healthcare professionals provide better care.

HOW TO REMOVE AND OTHER RIGHTS

Any requests of patients to access, transmit, remove or modify personal data or restrict its processing must pass through the treating provider’s office.  

Patients may withdrawal consent at any time without affecting information provided prior to consent withdrawal by seeing the Privacy tab next to where forms are accessed. Non-patient users are asked to email dpo@oberd.com to withdrawal consent. Note that consent withdrawal will disable access to the system.   

If you have questions or concerns on Oberd’s Privacy policy please email dpo@oberd.com to reach our Data Protection Officer and Security team.