Privacy Policy
Last updated 01-17-2018
The Sanator Provider Registry is owned and operated by Gaine Healthcare, a division of Gaine Solutions Inc, a California company (herein referred to as “Gaine”).
When using the Sanator Provider Registry (herein referred to as the “Services”), you trust us with your information. This Privacy Policy is meant to help you understand what data we collect, why we collect it and what we do with it.
This privacy policy applies to users who have executed a Sanator Master Service Agreement and Purchase Order with Gaine (herein referred to as the “Sanator Agreement”).
If you have any questions about our privacy policy or specific use cases that you would like us to clarify please feel free to contact us and we promise to respond to you quickly and with total transparency.
Information that we collect
For users that have executed a Sanator Master Service Agreement and Purchase Order with Gaine (herein referred to as the “Sanator Agreement”), we collect information in the following ways:
- Information you give us about your organization and the users you have authorized to use the Services. This information may be contained in the Sanator Agreement, given to us in the form of electronic files, or entered through the Services of the Sanator web site.
- Information about your contracted providers and health plans. We gather the data required to deliver the Services. This data is more fully described in the data model applicable to your Sanator Agreement. This information may be given to us in the form of electronic files, or entered through the Services of the Sanator web site.
- Information we get from your use of the Services. We collect information about the notifications you respond to including who responded, when they responded, what device they responded from and other meta-data relating to the Services you use.
For all users of this web site, we collect information in the following ways:
- Information you give us about you and your organization. This information is collected when you register as a member of the site.
- Information Collected Automatically. We automatically collect certain information regarding your use of the Services. Examples of information collected automatically include:
- Internet Protocol ("IP") address used to connect your computer to the Internet;
- Computer, device and connection information, such as browser type and version, operating system, mobile platform and unique device identifier (“UDID”) and other technical identifiers;
- Uniform Resource Locator ("URL") click stream data, including date and time, and content you viewed or searched for in the Services;
- Location information for location-aware Services to provide you with more relevant content for where you are in the world.
Cookies. The Services may also automatically collect information through the use of cookies or similar technologies. Cookies are small text files that a website sends to the browser on your computer or mobile device when you first visit a web page so that the website can recognize your device the next time you visit. We use the following cookies:
- “Session” cookies, which are temporary and deleted when you close your browser;
- “Persistent” cookies, which remain until you delete them or they expire;
In general, cookies do not contain personally identifiable information, but when you furnish your personal information through the Services, this information may be linked to the non-personally identifiable data stored in cookies sent to your browser from the Services.
Gaine and its service providers use these technologies for various purposes, including: facilitating the login process, administering, customizing and improving the Services and personalizing the browsing experience.
There are a number of ways to manage cookies. The “help” portion of the toolbar on most browsers will tell you how to stop accepting cookies, how to be notified when you receive a new browser cookie, and how to disable existing browser cookies. However, if you block cookies, you may not be able to register, login or make full use of the Services. You can also use your mobile device’s settings to manage the available privacy options.
How we use information we collect
We will only ever use the information we collect to deliver the Services described in the Sanator Agreement. These Services include the following:
Collaboration with other Sanator users.
Sanator is a collaborative data management platform. We share changes you make to public domain information related to your providers with other Sanator users that participate in this reciprocal arrangement.
We will never send your provider information to any other person or organization that does not participate equally in this reciprocal arrangement and has not executed a Sanator Agreement.
We will never share information related to your providers with other Sanator users if this information is not specifically authorized by you, or is required by the other party to comply with state and federal regulations related to provider directory maintenance.
Distribution of provider data to health plans.
Sanator Services include the distribution of changes to provider data to contracted health plans with which you have a current contractual obligation to share changes, or with which you have an obligation under state or federal laws to share changes. Our distribution of changes to health plans will be tracked in an audit log which you will be able to view through the Sanator Services on this site.
Private information sharing agreements between Sanator users.
Sanator enables groups to enter into private data sharing agreements where additional data elements are shared between parties. Private data sharing agreements are covered in the Sanator Agreement. Our distribution of extended data elements in private data sharing agreements will be tracked in an audit log which you will be able to view through the Sanator Services on this site.
We will ask for your consent before using information for a purpose other than those set out in this Privacy Policy.
We may share aggregated information or non-personally identifiable information publicly and with our partners. For example, we may share information publicly to show trends about the quality of provider information over time through the use of our services.
Information we share
We do not share any information with companies, organizations and individuals outside of Gaine unless one of the following circumstances applies:
With your consent
We will share information with companies, organizations or individuals outside Gaine if you give us permission to do so. We require opt-in consent for the sharing of any personally identifiable information.
For legal reasons
We will share personal information with companies, organizations or individuals outside Gaine if we have a belief in good faith that access, use, preservation or disclosure of the information is reasonably necessary to:
- Meet any applicable law, regulation, legal process or enforceable governmental request.
Enforce applicable Terms of Service, including investigation of potential violations. - Detect, prevent or otherwise address fraud, security or technical issues.
- Protect against harm to the rights, property or safety of Gaine, our users or the public, as required or permitted by law.
Compliance and cooperation with regulatory authorities
We adhere to several self-regulatory frameworks. When we receive formal written complaints, we will contact the person who made the complaint to follow up. We work with the appropriate regulatory authorities, including local data protection authorities, to resolve any complaints regarding the transfer of personal data that we cannot resolve with our users directly.
Changes
Our Privacy Policy may change from time to time. We will not reduce your rights under this Privacy Policy without your explicit consent. We will post any Privacy Policy changes on this page and, if the changes are significant, we will provide a more prominent notice (including, for certain services, email notification of Privacy Policy changes). We will also keep prior versions of this Privacy Policy in an archive for your review.
Information security
We work hard to protect your data from unauthorized access or unauthorized alteration, disclosure or destruction of information that we hold. In particular:
- We encrypt many of our services using SSL.
- We review our information collection, storage and processing practices, including physical security measures, to guard against unauthorized access to systems.
- We restrict access to personal information to Gaine employees, contractors and agents who need to know that information in order to process it for us and who are subject to strict contractual confidentiality obligations. They may be disciplined or their contract terminated if they fail to meet these obligations.
Access to and Accuracy of Your Personal Information
You may request access to personal information about you that you have provided to us through the websites or mobile platforms governed by this policy. You may also request to review and correct any of that personal information. Additional rights may also apply under applicable laws.
- The Services may allow registered users to access their registration information and make corrections or updates. The accuracy of such information is solely the responsibility of the user. No access is given to other data that may have been collected about users.
- To protect your privacy and security, we will also take reasonable steps to verify your identity. To view and change the personal information that you directly provided to us, you can return to the Web page where you originally submitted your data and follow the instructions on that Web page, or contact us at the address below.
Contact Us
If you have comments or questions about this privacy policy or our processing of your information, please contact:
Gaine Healthcare
3889 Long Street, Suite 201
San Luis Obispo, CA 93401
Telephone: 1-415-449-0565
Email: privacy@gainesolutions.com