top of page

Privacy Policy

 

CSA’s Privacy Policy describes what personal information may be obtained through our Services and interactions with us, the use and disclosure of the information, choices available regarding user information, safeguards to protect the data, and provides means to communicate with us about our privacy practices.

The site may offer links to other sites which may be external and independent from CSA and which may have their own privacy policies. CSA is not responsible, nor liable, for external content, use, or privacy policies of external sites.

CSA Services are not directed, not targeted to children. Users must be, at minimum, 18 years old. CSA will comply with laws and regulations relating to the collection and use of information from children, including the Children's Online Privacy Protection Act (COPPA), to the extent that such laws may be applicable to the operation of this website. If there is suspicion that we have received information from a child or other person protected under such laws, please notify us by mail – info@clinicalstudiesofarizona.com  RE: Children’s Online Privacy Protection and we will take reasonable steps to remove such information from our Systems.

​

​

​

User Conditions

​

By accessing the Services, the user acknowledges, understand, and accepts the following:

 

  • Not to modify or disable any features of any CSA Services

  • Not to rent, lease, or provide commercial hosting services using CSA Services

  • Not to use our Services in any way that violates these Terms, or any applicable laws, rules, regulations, codes, guidelines or regulatory requirements.

  • Not to use CSA Services in any fraudulent or malicious manner

  • Not to compromise our security systems

  • Not to interfere with the use and access of our Services

  • Not to collect data from CSA Services

  • Abuse of access privileges is strictly prohibited and may result in civil and/or criminal penalties.

​​

If there is disagreement with any provision of this Policy, please leave this website and discontinue its use/access in the future.

​

​

​

Information Collected

​

CSA may obtain the following information:

​

  • Personal information, provided voluntarily through our website when submitting forms, inquiries via email, or other site functions or features including contact information (name, email, postal address, phone number, company)

  • Data obtained automatically through web browser cookies, pixels, web server logs, web beacons and other technologies for the purpose of remembering and avoid re-entering user information, tracking user interaction within the site, manage, track and measure usability of the page, site improvement.

  • Information associated with your Client Portal account (client portal profile, user name, password)

  • Information uploaded on your Client Portal (photos, documents, messages, chat sessions, calendar information)

  • Automatically collected information may include dates and times of use of the website, device MAC and IP addresses, login information, network operator, which may be used to comply with and enforce legal requirements and applicable industry standards.

  • Data obtained with CSA member interactions

​​

User’s submission of personal information constitutes consent to the use, transfer and storage of information

​​

​

​

Use of Information

 

CSA may use the information for the following purposes:

​

  • Provide enhanced services such as identifying and authenticating user ID , personalizing the site experience and allowing delivery of content and product offerings

  • Support market initiatives to provide user product and services

  • Communicate with the user, confirm and respond to requests

  • Provide customer support

  • Business improvement efforts

  • Identify, prevent and protect against fraud and other criminal activities, claims and liabilities

  • To monitor and secure Services and Systems

  • Comply and enforce legal requirements, relevant industry standards and CSA policies

​​

​

​

Sharing Information

​

CSA uses personal information to provide services, analyze data to improve services and operations, product development and to respond to inquiries and requests. We will not share your personal information except:

​

  •  With service providers who perform services for us. Our providers are not authorized to use or disclose this information unless it is required to perform their services or to comply with legal requirements.

  • With law enforcement authorities, government, regulators, or individuals with authority or justification for receipt of the information as permitted by law or legal processes

  • In connection with an investigation of illegal activities

  • In the event of sell, partnership, merging, joint venture, transfer, reorganization, dissolution, or liquidation of the business or assets

​​

​

​

User Rights

 

Subject to technical functionality and subject to applicable law, user may request correction or deletion of personal information, to limit use and disclosure of personal information and to opt out of communications.

​

Users may update or request changes to their privacy preferences by:

​

​​

​

​

Data Information Safeguards

​

CSA implemented various safeguards to protect user data, including the following:

​

  • Data is encrypted via SSL.

  • Sensitive information, Protected Health Information (PHI) and Protected Individual Information (PII) can only be accessed by authorized individuals and must be used for business purposes/justification only.

  • Access to sensitive data is granted based on user-role permissions and it is traceable. Sharing either (PHI) or (PII) data is prohibited and restricted to only authorized personnel. User information is confidential to the extent described in this Policy.

  • User passwords are required to be changed every 90 days and must consist of a minimum of 8 alphanumeric characters (caps and low-caps) and symbols. Failed attempts are tracked and the user account will be locked out.

​​

Computer systems and Files are encrypted

​

​

​

CSA Portal Account

​

By logging into the CSA Portal System, the user agrees to the following:

​

  • The user ID is unique, nontransferable, is maintained secure, and has been provided by CSA - IT Department.

  • User information cannot be shared. If there is the possibility that a password has been compromised, the user must contact CSA immediately at info@clinicalstudiesofarizona.com RE: Password Request

  • Access is permitted to authorized individuals who observe CSA’s information security policies.

  • The user acknowledges understanding and compliance with CSA IT and security policies.

  • Information access is strictly confidential and must be used for business-purposes only.

  • User is responsible to abide by all policies, and by federal, state, and local laws governing information technology and personal information, personal information; including the Health Insurance Portability and Accountability Act (HIPAA)

  • User must use appropriate safeguards to protect confidential patient information and personal information by means of encryption, closed room discussion with authorized personnel, paper copies stored only in locked filing cabinets within CSA along with other means not mentioned in the examples

  • User may add a secondary layer of security (two-step verification) to corroborate the user identity, which may require entering codes transmitted via text, email, phone or authentication app.

​​

​

​

Health Information Privacy Practices

 

CSA, complies with the Health Insurance Portability and Accountability Act of 1996, as amended (“HIPAA”), maintaining the privacy and security of protected health information (PHI) and to provides notice of its legal duties and privacy practices with respect to protected health information (PHI) collected and maintained. This protection extends to any PHI whether in oral, written, or electronic format.

​

The Notice of Health Information Privacy Practices lists the use and disclosure of PHI to carry treatment, payment of health care operations or other purposes permitted, or required, by law. The Notice also refers to the individual’s rights to its own PHI by CSA and its business associates (service providers who may assist providing services).

​

CSA will not use or disclose PHI without prior consent, unless permitted or required by law. CSA must limit access, uses, disclosures, or requests for PHI to the minimum necessary as permitted by law. PHI may be shared by CSA and its business associates for the purpose of treatment, payment and healthcare operations.

​

As permitted or required by law, CSA may also disclose PHI without consent to:

​

  • Public health or legal authorities for prevention or control of diseases, injuries or disabilities or to report abuse or neglect of children, elderly, dependent individuals, or regarding communicable disease or otherwise at risk of contracting or spreading diseases.

  • Government agencies, accreditation organizations, or persons under the jurisdiction of such. These disclosures may include reporting adverse events with respect to products, services, recalls, workers compensation.

  • Law enforcement, judicial and administrative proceedings, as required by law, such as in response to a valid subpoena or court order.

  • Health oversight activities, including audits, investigations and inspections.

  • Coroners and medical examiners.

  • Correctional institutions may require disclosure of PHI necessary for the individual’s health, safety and the safety of other individuals.

  • Military, veterans, national security, intelligence, protective services for the president may require disclosure of PHI for activities appropriate to assure the proper execution of tasks.

  • Treatment alternatives, health-related benefits and services, and research. It may be possible to use the individual’s PHI to communicate possible treatment options or alternatives. In majority of instances, for research, a written consent will be sought for use of PHI. However, with written authorization of an institutional review or privacy boards, under certain circumstances, a waiver of consent and a waiver of authorization may be granted – if the research poses minimal risk to the individual’s privacy.

  • De-identified remnant samples and de-identified information, meaning that it is not possible to match the information to the individual, may be used. If the information  has been de-identified as required by law, then it is no longer subject to the Health Information Privacy Notice and may be used for any purpose without any further notice or compensation unless specifically prohibited or unless prohibited by other federal, state or local law, rule or regulation.

 

PHI disclosure may be necessary if, in good faith it is believed to be necessary to prevent or lessen a serious or imminent threat to the health and safety of the individual, the public, another person. If it is necessary for law enforcement authorities to identify an individual based on statements admitting to participation in a violent crime, escaped from a correctional institution or lawful custody, or if it is necessary for national security, intelligence or protective service activities.

Consent will be required prior to use or disclosure of PHI for purposes other than those listed above.

Every individual has the right to its own Health Information/PHI. If desired, you may request a copy of CSA’s Privacy Notice by contacting us via email at info@clinicalstudiesofarizona.com  RE: Copy of Privacy Notice. Please specify if a paper copy of this Notice is needed.

​

​

​

Privacy Policy Updates

​

CSA reserves the right to update its Privacy Policy without prior notice. The current version of the policy will be indicated, reflecting the date of the last update, at the top of the Policy.

​

​

​

Disclaimers

​

CSA services are provided “as is” and “as available”, without expressed or implied warranties.

​

To the maximum extent permitted, CSA does not represent, warrant or guarantee that the Services will always operate uninterrupted, timely or error free; the Services will be free from all harmful components or errors; will be secured or immune from unauthorized access; will be accurate, complete, or that errors will be corrected, data transmission and storage is immune from security breaches; and CSA cannot warrant, endorse, guarantee, or assume responsibility for third-party services.

​

CSA does not use its website to solicit or target children. CSA will never knowingly solicit or market anyone under 18 years of age.

​

​

​

Privacy Policy Feedback

 

If there are any concerns, questions, comments or feedback related to this Policy, please contact us  via email at info@clinicalstudiesofarizona.com  RE: Privacy Policy Comments/Questions

​

​

​

​

​

bottom of page