Medi-ID servers and supporting systems are protected from hackers and network intrusion using firewalls and other leading security measures.
CONTROLLED EMPLOYEE ACCESS
Certain Medi-ID employees and system administrators may need to access the Medi-ID system to provide operational / administrative support. Access rights are strictly controlled and access is only granted to those who require it to support the Medi-ID system and its users. All Medi-ID employees and subcontractors are required to sign confidentiality agreements. Access to the system is only granted after validation of the user’s identification credentials, assigned role and system permissions.
Users must enter their username and password to be granted access to the Medi-ID system. These credentials are created by users upon registration. To reset a password, the information will be sent to the user’s email on file. If two-factor authentication is enabled, then once the user enters the account password a unique passcode is sent via text message. Administrators will not have access to user passwords and passwords can only be reset by following a link sent by email upon user request.
Encryption provides a secure way for users to exchange information with web sites via their web browsers by “scrambling” the information as it is submitted. This makes it unusable to anyone who does not possess a protected decryption key to “unscramble” the information. Medi-ID provides encryption for user interactions through Secure Socket Layer (SSL) technology using a robust 256 bit encryption key. Medi-ID also leverages industry best practice encryption standards (e.g. S/MIME, X.509 certificates, TLS) whenever health information is transmitted in or out of Medi-ID.
PHYSICAL SITE SECURITY
The Medi-ID servers and supporting systems are physically secured and protected in Amazon Web Services’ world class data centres in the Australia. Access to the physical systems is carefully controlled by security measures including multiple levels of authentication requirements (e.g. user keys, biometrics), security guard and registry check-in requirements, and state of the art security monitoring and alerting systems.
TRACKING ACCESS AND DISCLOSURES
Medi-ID logs pertinent details anytime health information is viewed edited or exported in order to ensure the integrity of the system.
PERSONAL IDENTIFIABLE INFORMATION/ PUBLIC PROFILE
Mobile Apps (“Apps”), including information related to your past use of the Websites. Your Personal Information is information about you that may or may not be personally identifiable like your user name, password, email address, or personal profile data that is not otherwise publicly available. Your Personal Information also includes all of the information that you input onto the Medi-ID Website or Medi-ID App and which is also accessible via QR code reader. This policy does not apply to the practices of companies that Medi-ID does not own or control or to people that Medi-ID does not employ or manage. All Personal Information that is entered into the Websites or App by you is private to you except to the extent that you opt to share such Personal Information with other persons who may access the Websites and App. Other than for the reasons explicitly described below, it is the policy of Medi-ID not to disclose Personal Information to any third party at any time.
Conversely, given that a portion of the purpose of the Websites and App is to share what its customers have experienced with others, our policy regarding Submissions is very different.
While our objective is to safeguard your identity, privacy and anonymity, our goal is also to publicly publish and promote the Submissions that describe what you have experienced without identifying who you are so that others can recognize experiences that have been shared by people who are similar in background to themselves. Always use caution when giving out any personally identifiable information about yourself, other family members or friends in the Websites and App. Medi-ID does not control or endorse the content, messages or information exchanged by means of the Websites and, therefore, Medi-ID specifically disclaims any liability with regard to the Websites and App and any actions resulting from your participation in the Websites and App.
Medi-ID collects Personal Information when you register with, use or visit the Website, and when you visit the pages of certain Medi-ID partners. Medi-ID may combine information about you that we have with information we obtain from business partners or other companies. When you register, we ask for information such as your user name, password, email address, and personal profile. Once you register with Medi-ID and sign in to a website you may not be completely anonymous to us. Medi-ID may collect information about your transactions with us and with some of our business partners. Medi-ID may set and access cookies on your computer.
MEDICATION REMINDERS WITHIN THE APP
The Medi-ID Application is intended as a helpful backup reminder system that you can personalize for taking your medications. You should not and must not rely on the Application as your primary tool for determining whether and when to take medication, the Application might not function as intended. Specifically, the Application will not function properly if your device is broken or powered off, if the Application software is not enabled or if any hardware or software on your device prevents the Application from operating as intended.
The maintenance of your mobile and computing devices is your responsibility. You acknowledge that the Application, and the utility of any of its alerts or notifications, depends on information that you input into the Application. You are solely responsible for ensuring that the correct medication is taken at the proper times and in the proper dosages. Persons using the Application assume full responsibility for the use of the Application and agree that we are not responsible or liable for any claim, loss, or damage arising from the use of the Application.
Medi-ID DATA COLLECTION
Medi-ID may automatically receive and record Personal Information on our server logs from your browser, including your IP address, Medi-ID cookie information, and the pages you request.
HOW MEDI-ID USES DATA
Medi-ID may use Personal Information for the following general purposes: to customize the content you see, fulfill your requests for products and services, improve our services, provide paid content, contact you, conduct research.
Medi-ID does not rent, sell, or share your Personal Information with third parties except to provide products or services you’ve previously requested, or unless we have your express permission, or under the following circumstances:
We provide the information to trusted partners who work on behalf of or with Medi-ID under confidentiality agreements. These companies may use your Personal Information to help communicate with you about news and information related to Medi-ID. However, these companies do not have any independent right to share this information.
We transfer information about you if Medi-ID is acquired by or merged with another company.
Australian Residents: Your Privacy Rights Under Australian law, our member customers that are Australian residents may request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. As detailed above, we do not share our customer’s personal information with unaffiliated third parties for direct marketing purposes without their approval.
If at any time you wish to opt out of having your Personal Information shared with third parties and or receiving information from Medi-ID (via email or postal mail) about new products, services, or promotions, you can do so. You may contact us by emailing us at email@example.com. Please indicate what publications or services you no longer wish to receive so that we may better address your needs.
Medi-ID believes that it is especially important to protect children’s privacy online. Medi-ID does not knowingly collect or use any Personal Information from children under the age of 13 and Medi-ID does not knowingly provide any Personal Information, regardless of its source, to any third party for any purpose whatsoever from visitors younger than 13 years old. No information should be submitted to or posted at Medi-ID by visitors younger than 13 years old.