Privacy policy
Hugo Health, Inc Privacy Policy
rev 07.16.2022
Hugo Health, Inc
Develops innovative solutions that lead to better health and a learning healthcare system that enables people to partner with researchers, providers, innovators, community members, family, and friends to embrace the potential of their health information for themselves, their families, and society.
INTRODUCTION
You’re entering into this Agreement with Hugo Health, Inc, which will be responsible for your personal data provided to, or collected by or for, our Services.
If you use our Services, you consent to this Privacy Policy.
Services
This Privacy Policy applies to all Services, including Hugo Health Kindred, offered by Hugo Health, Inc. This includes the collection and aggregation of health data on behalf of our users.
Consent
If you use our Services, you consent to the collection, use and sharing of your personal data under this Privacy Policy and to our Terms of Service.
If you use our Services after an update to this Privacy Policy, you consent to the changed policy.
Change
We may modify this Privacy Policy, and if we make material changes to it, we will provide notice of these changes through our Services, or by other means, to provide you the opportunity to review the changes before they become effective. If you object to any changes, you may close your account. Your continued use of our Services after we publish or send a notice about our changes to this Privacy Policy means that you’re consenting to the updated Privacy Policy.
You provide data to create an account and to connect to your various health data sources.
1. INFORMATION WE COLLECT
1.1 Information You Provide To Us
Registration: To create an account, you provide data including your name, email address, mobile number, and password. You'll provide your username and password to connect your health portals or other digital products.
You create a Hugo profile.
Personal profile: You may add information such as your date of birth, gender, and phone number. Your profile is private and can’t be viewed by anyone publicly.
You give other data to us, such as survey responses and data that’s imported from patient portals.
Personal Health Record Data (PHRD): Any information imported or personally reported via Hugo, for example, health records imported from patient portals, device data, and responses to surveys, or other personally reported data.
We log your visits and use of our Services.
1.2 Service use
We log usage data when you visit or otherwise use our Service. We use log-ins, cookies, device information, and internet protocol (“IP”) addresses to identify you and log your use.
To provide services to you.
2. HOW WE USE YOUR DATA
2.1 To provide services to you in order to improve user experience and the overall quality of our Services:
• providing you with appropriate search results and personalized content
• verifying your identity
• recognizing you when you return to our Services
• providing you notices about your account
• notifying you about updates or changes to our Services or any services we offer or provide through it
• informing you of new features or opportunities that let you make use of your data
• informing you of opportunities to participate in clinical research (opt out by contacting kindred_support@hugo.health)
To improve services or to develop new products.
2.2 To improve our Services to you or to develop new products and services we may use your information as follows:
• to track your usage of our Services
• administer a survey
• perform quality control and quality improvement activities
• conduct data analysis about our audience size and usage trends
• monitor the success of our marketing activities
To help you and fix problems that occur.
2.3 Customer support
We use the data (which can include your communications) needed to investigate, respond, and resolve complaints and Service issues (e.g., bugs).
We use data to generate aggregate insights.
2.4 Aggregate insights
We use your information to produce aggregate insights that don’t identify you. For example, we may use your data to generate statistics about our users, demographics, or healthcare utilization.
We use data for security, fraud prevention, and investigations.
2.5 Security and investigations
We use your data (including your communications) if we think it’s necessary for security purposes or to investigate possible fraud or other violations of our Terms of Service Agreement or this Privacy Policy and/or attempts to harm our members or visitors.
We contact you to notify you of updates, service-related issues, promotions, and reminders.
2.6 Communications
We’ll contact you through email, text messages, and push notifications. We’ll send you messages about the availability of our Services, security, or other service-related issues. We also send messages about how to use the Services, network updates, reminders, and promotional messages from us. Please be aware that you can’t opt out of receiving service messages from us, including security and legal notices.
We may share/disclose your data to enhance and support the Hugo platform infrastructure.
3. HOW WE SHARE YOUR DATA
3.1 To support and enhance the Hugo platform
During the course of building and enhancing our technology, we may share/disclose your data with contractors, service providers, and other third-party vendors in order to improve the platform. Any activities beyond this use will require your explicit permission. Your data won’t be shared for marketing, promotional, or business development purposes.
Important note: Access to PHR data on Hugo is granted only to individuals or entities who are bound by contractual obligations and HIPAA guidelines to keep personal information confidential and to use it only for the purposes for which we disclose it to them.
We may share your data if our business is sold to others, but it must continue to be used in accordance with this Privacy Policy. Users have the option of deactivating their account per section 4.2 of this Privacy Policy.
3.2 Change in control or sale
To a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution or other sale or transfer of some or all of Hugo Health’s assets, in which personal information held by Hugo about our users is among the assets transferred. This Privacy Policy would continue to apply to information collected while it was in place. Users have the option of deactivating their account per section 4.2 of this Privacy Policy.
We may need to share your data when we believe it’s required by law or to protect your and our rights and security.
3.3 Legal disclosures
It’s possible that we’ll need to disclose information about you when required by law, subpoena, or other legal process, or if we have a good faith belief that disclosure is reasonably necessary to (1) investigate, prevent, or take action regarding suspected or actual illegal activities, or to assist government enforcement agencies; (2) enforce our agreements with you, (3) investigate and defend ourselves against any third-party claims or allegations, (4) protect the security or integrity of our Service (such as by sharing with companies facing similar threats), or (5) exercise or protect the rights and safety of Hugo Health, LLC, our users, personnel, or others.
We attempt to notify users about legal demands for their personal data when appropriate in our judgment, unless prohibited by law or court order or when the request is an emergency. We may dispute such demands when we believe, in our discretion, that the requests are over broad, vague, or lack proper authority, but we don’t promise to challenge every demand.
When a user specifically directs their data to be shared.
3.4 When directed by the user
Users are encouraged to participate in clinical research, trials, and other potential opportunities if they’re interested and they meet certain enrollment criteria. Once a volunteer opts to share their health information for these purposes, Hugo will facilitate this transaction.
We continue to collect and retain your data for as long as your account is open.
4. OTHER IMPORTANT INFORMATION
4.1 Data retention
We retain all data you provide while your account is in existence or as needed to provide you Services. Even if you only use our Services one time, and connect to your data sources, the information will continue to populate your account until you disconnect and request cancellation of your account. If you’ve shared your data for research or other purposes the data will continue to be shared until the expiration date or you unenroll from the study.
Some of your data may remain with Hugo or with partners who you have shared with even after you close your account.
4.2 Account closure
If you choose to close your Hugo account, your personal data will generally stop flowing within 24 hours. We typically delete closed account information within 30 days of account closure, except as noted below. Please email support@hugo.health to request that your account be closed. You’ll be notified within 30 days of account closure that all data in the account has been deleted.
We retain your data even after you’ve closed your account if reasonably necessary to comply with our legal obligations (including law enforcement requests), meet regulatory requirements, resolve disputes, maintain security, prevent fraud and abuse, or enforce this Privacy Policy or our Terms of Service.
We may retain de-personalized information after your account has been closed. Information you’ve shared with others (e.g., through research studies) can’t be deleted.
We take extensive precautions to secure and protect your information from unauthorized access, disclosure, or use. Should a breach occur, we’ll notify consumers and follow appropriate guidelines in compliance with all State and Federal regulations.
4.3 Security
We treat the privacy and security of your data with the utmost importance and respect. As such, we take extensive precautions to secure and protect your information from unauthorized access, disclosure, or use. We implement security safeguards designed to protect your data, such as HTTPS. We regularly monitor our systems for possible vulnerabilities and attacks. However, we can’t warrant the security of any information you send us. There’s no guarantee that data may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards. Please visit our Security Policy for additional information.
Hugo Health, Inc is regulated by the Federal Trade Commission’s (FTC) Health Breach Notification Rule; however, the platform is also HIPAA compliant, and in some instances, Hugo Health is considered a Covered Entity through Business Associate Agreements with Partners or Affiliates. Should there be a breach of unsecured identifiable health information, Hugo Health will comply with the FTC or HIPAA Breach Notification rules and notify consumers within the identified timeframe and guidelines outlined by the appropriate Federal and state agencies.
Hugo Health does not provide medical advice.
4.4 Medical Advice
Hugo Health doesn’t offer medical advice. Please consult your physician on all medical issues.
4.5 How to Contact Us
If you have any questions or comments about this Privacy Policy or our privacy practices generally, please contact us at support@hugo.health.