Information Handling Statement for

Zen Clients:

We know how important privacy and security is to our healthcare clients. Safeguarding the privacy of clients and the security of data is a top priority for us here at Zen Healthcare IT (“Zen”).

As such, Zen has developed a set of Privacy & Security Principles that guide our use of personal information. These principles follow specific requirements as set forth in the HIPAA Privacy and Security rules, the HITECH ACT, the Carequality Interoperability Framework Agreement, HITRUST CSF Framework and other state or client contractual obligations, to the extent applicable to Zen.

Please review the information below to learn more about our policies for collecting, using, securing, and sharing personal information:

• It is Zen’s corporate policy to handle all information with the utmost respect for privacy at all times. Zen maintains written privacy policies and procedures following industry best practices such as those established under the HITRUST CSF framework and HIPAA. Zen’s privacy and security policies are reviewed and updated frequently (at least annually) to keep up with changing regulations and best practices.
• Zen is compliant and acts in accordance with the applicable Federal law as described in the HIPAA Privacy and Security rules, the HITECH ACT, and any other law that may be related to the usage of non-public information.
• Zen does not release personal or client data to outside 3rd parties unless such disclosure has prior written consent, or is required in order to comply with local, state or federal laws. Zen only transmits and stores data to enable our client’s interoperability projects as defined by one or more Statement(s) of Work.
• This privacy policy is subject to change at the discretion of Zen Healthcare IT.
• For more information about Zen’s privacy and security policies for clients, please contact us directly at 949-396-0361 or email us at info@zenhealthcareit.com. We are happy to put you in touch with our Security Officer.

Information Handling Statement for Website Users

As part of Zen’s effort to be open and transparent, we feel it is important to make users aware of the information Zen collects from them via this website, and to explain how we will use that information and how it might be shared with others, if at all.

Information Automatically Collected

By addressing the Zen Healthcare IT website (consultzen.com, zenhealthcareit.com, or zengemini.net), Zen will automatically collect the following data:

• the IP address from which users access the website
• the date and time of those visit(s)
• the URLs of the pages that are viewed

Zen will use this data to understand how our website is used and to make adjustments and improvements. We may enable cookies in order to remarket to visitors of our website. To learn more details and find instructions for how to adjust your preferences, visit Zen’s Cookie and Tracking Technology Usage page.

Information Collected via Zen’s Online Form(s)

The personal information submitted by a user on Zen’s Contact Us (or other) form(s) is used for Zen internal activities, such as responding to user’s requests, and is not distributed to parties outside of Zen.

Disclosure of Information Collected

Zen does not sell, trade or transfer any information we collect from our website to any outside third party. This does not include, however, any third party who has a business association with Zen (for example, a subcontractor), provided such third party has agreed to keep such information confidential. We may also release collected user information when we believe such release is required to comply with the law, enforcement of our website policies, or to protect Zen’s or others’ rights, property or safety.

Security

In the case that unauthorized attempts to upload or change information on the Zen servers are suspected or detected, a user’s personal information may be tracked to identify the source of the threat, perceived or actual.

Copyright Notice

Unless it is specifically stated otherwise, all information on the Zen website is copyrighted and may not be reproduced without Zen’s prior written consent. All photographs and images are either owned by, or are commercially licensed for such use by Zen, and cannot be reproduced, published or otherwise used.

The capitalized terms ‘Mirth®’, ‘Mirth® Connect’, ‘Mirth® Match’, ‘Mirth® Results’, ‘Mirth® Sign-On’ and ‘NextGen®’ are trademarks or registered trademarks, as applicable. MIRTH is a registered trademark of NXGN Management, LLC (Irvine, CA, USA). NextGen is a registered trademark of NXGN Management, LLC (Irvine, CA, USA). Zen Healthcare IT is not affiliated with NXGN Management, LLC.

The RSS feeds included on the Zen website are done so as a courtesy to our users and are the property of the respective RSS sources. Further, the respective RSS sources are solely responsible for the content of such feed.

Privacy Policy Changes

Zen does reserve the right to change this Privacy Policy as it deems necessary. We encourage users to frequently check this page for such changes. The continued use of the Zen websites after any change in this Privacy Policy constitutes acceptance of such changes.

Contact Information

Should you have questions about our policies or if we can be helpful to you in protecting your privacy, please contact our team at info@zenhealthcareit.com.