Privacy Policy

Updated July 19, 2015

This privacy policy exists to explain what information we collect, what we do with it, and how we protect it.

What we collect and what we do with it

1) If you sign up for an appointment, waitlist, or request to be contacted by a medical practice, we'll collect your name, email, phone number, date of birth, and reason for visit. This information will be saved in our database and transfered to the medical practice you selected.

The combination of your name, email, phone number, and DOB will be used to uniquely identify you to the medical practice, which will allow them to determine if you're a new or existing patient. If you're an existing patient, your visit will be associated with your existing medical record, held at the practice.

Your "reason for visit" will be used by the practice to plan accordingly and confirm that the visit is appropriate for them.

We will use your email address to send appointment confirmations and reminders.

If you tell us your phone number is a mobile number and give us permission to send you text messages, the medical practice will be able to text you about wait times.

2) If you create an account to manage information about a practice, we'll collect your name, email address, and phone number so we can verify your identity and maintain an audit trail of changes made to practice data.

How we protect your information

All web traffic is encrypted is encrypted via SSL.

Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems.

When we send emails regarding medical appointments, we will include your name, email, and name of the practice, but we won't include your date of birth or any medical information.

Your DOB and Reason for Visit will only be transfered to the medical practice over encrypted channels.

How we use cookies

We use cookies to:

If you disable cookies in your browser, you will be able to use the site to search for care, but you will not be able to make appointments or sign up for waitlists.

Third Party Disclosure

We will not sell, trade, or transfer your personally identifiable information unless we provide you with advance notice. This does not include:

However, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.

California Online Privacy Protection Act

CalOPPA is the first state law in the nation to require commercial websites and online services to post a privacy policy. The law's reach stretches well beyond California to require a person or company in the United States (and conceivably the world) that operates websites collecting personally identifiable information from California consumers to post a conspicuous privacy policy on its website stating exactly the information being collected and those individuals with whom it is being shared, and to comply with this policy. See more at: http://consumercal.org/california-online-privacy-protection-act-caloppa/#sthash.0FdRbT51.dpuf

According to CalOPPA we agree to the following:

COPPA (Children Online Privacy Protection Act)

When it comes to the collection of personal information from children under 13, the Children's Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, the nation's consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children's privacy and safety online.

We do not specifically market to children under 13.

Fair Information Practices

The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.

In order to be in line with Fair Information Practices, should a data breach occur, we will notify the users via email within 7 business days

We also agree to the individual redress principle, which requires that individuals have a right to pursue legally enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or a government agency to investigate and/or prosecute non-compliance by data processors.

CAN SPAM Act

The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.

To be in accordance with CANSPAM we agree to the following: If at any time you would like to unsubscribe from receiving future emails, you can email us at privacy@nextpatient.co and we will promptly remove you from all correspondence.

Contacting Us

If there are any questions regarding this privacy policy you may contact us at privacy@nextpatient.co.