At Cedar, we take privacy and security seriously. We are fully HIPAA-compliant and undergo regular security audits.
Effective Date: February 2017
Cedar is a software platform available through our website or mobile app, designed to help patients make timely payments to their health care providers. If your health care provider has a contract with Cedar, you will be able to receive reminders about payments and pay through a secure Internet portal maintained by Cedar, which for some patients may include participating in a recurring payment plan.
In general, a reference to “Cedar,” “we,” “our,” or “us” in this policy means CarePortal, Inc., the company that operates the Cedar Platform, a payment portal. A reference to the “Platform” in this policy means the software platform that allows you to elect to receive reminders and submit payments to your health care provider, and it includes both the Cedar website and the Cedar mobile app. When you use the Platform, you are accessing Cedar’s back-end system. Information will be stored on this system and not on your mobile device.
Information we collect and receive
1. How we collect information
Your health care provider will provide us with information so that we can provide our services to you on behalf of your health care provider, including informing you of the payments you need to make. This information may include a description of services you have received from your health care provider and the associated dates and charges, insurance information, and contact information as further described below.
We also receive information you provide when you use the Platform, create an account, submit a payment, or contact us with a request or question. In addition, we collect some other information from your computer or mobile device automatically, including various technical information.
2. Categories of Information
The information that we collect includes the following categories:
Account information. When you create an account, you provide us with information such as a username and password.
Contact information. You and your health care provider may provide us with your telephone number, including mobile device number, email address, and/or mailing address.
Health services information. Your health care provider may provide us with information about the services you have received, your insurance information and the payments due.
Billing and other information. We or our third party payment processors may collect and store billing information such as billing address, credit card or debit card number, bank account information or other payment account information (e.g., Paypal or similar payment services as applicable).
Automatically Collected Data (Log data). Our servers automatically record some information about your interactions with the Platform, such as number of log-ins, time and date of payments and visits to the Platform, the type of device you are using, your operating system, your Internet Protocol address, sites or apps visited before and after coming to our Platform, and data from online cookies and similar technologies, which may be collected over time and across different websites and apps.
Other Third Party Information. We may supplement or enhance the data we have about you with information from various third party information sources.
Location Information. With your consent obtained through your mobile device platform, we may collect geolocation information based on your mobile device location.
How we use your information
We use, on behalf of your healthcare provider, your information in accordance with applicable laws to:
Provide the Platform. We use your information to facilitate payments from you to your healthcare provider. We use billing information to allow you to make these payments.
To contact you. We use your contact information to remind you about payments that need to be made and to communicate with you about your account. Please note that we may communicate with you by email, telephone call, text message or mail. We also may contact you by telephone or text message at your wireless device number using autodialer technology.
To respond to your requests. If you contact us with a concern or question, we will use your information to respond to you.
Investigating and preventing fraud and abuse. We may use the information we collect to detect, prevent, and respond to fraud, intellectual property infringement, violations of law, other misuses of the Platform, and to protect the rights of us, or customers and our users.
Further, we will use your Information in accordance with our agreements with your healthcare provider.
When authorized by your healthcare provider, we may de-identify your information in accordance with applicable laws and use that de-identified data for any purpose, including:
To understand and improve the Platform. We use log data to understand how users are using the Platform and to improve it.
To perform analytics. We use all of the information we collect to analyze how different types of consumers use and interact with our services, including user trends.
Your privacy choices
You may update billing information, including settings for recurring payments, by logging in to your account. If your contact information changes, please both inform your health care provider and update the information in your account. If you no longer wish to receive communications from Cedar, please inform your health care provider. You also have the rights set forth in your healthcare provider’s notice of privacy practices.
Sharing your information
We may buy or our business or a portion of our business or assets may be bought by other businesses or entities. In such event, we may transfer or assign the information we have collected as part of such merger, acquisition, sale change of control or other disposition of assets. In such transactions, your information may be included in the transferred business assets. Also, in the unlikely event of our bankruptcy, insolvency, reorganization, receivership or assignment for the benefit of creditors, or the application of laws or equitable principles affecting creditors’ rights generally, we may not be able to control how your information is treated, transferred, or used and your personal information may be included in the transferred assets.
We may share aggregate or de-identified information, such as statistical information, with third parties.
We maintain certain administrative, technical, and physical safeguards designed to protect the privacy and security of the information we collect through the Platform and directly from your health care provider. However, no information system can be 100% secure, so we cannot guarantee the absolute security of your information. Moreover, we are not responsible for the security of information you transmit to the Platform over networks that we do not control, including the Internet and wireless networks.
Of course, we appreciate your help in safeguarding the integrity of your own privacy. Please keep your username and password confidential and safe from discovery by others, and close your browser or mobile app after you are done. Just as important, we encourage you to let us know immediately if you suspect that the information you share with us is being used by an unauthorized person or in an unauthorized manner. To contact us, see the contact information below.
Our Platform is not directed to children, and we do not knowingly collect online information from children under the age of 13 or minors. We do, however, collect the personal information that the health care provider, a parent, or legal guardian may submit to us about a minor.
Do not track
Some browsers may transmit “do-not-track” signals to websites with which the browser communicates. The Cedar website does not currently respond to these “do-not-track” signals.