1. General

MphRx respects the privacy of every individual and entity who visits the MphRx website or uses the MphRx platform from which MphRx gathers information and electronically transfers the information via MphRx’s platform. This policy (“Privacy Policy”) outlines the type of information MphRx typically collects and how MphRx may use that information. This Privacy Policy will also instruct you on what to do if you do have concerns about the way in which MphRx handles personal information (“PI”) or personal health information (“PHI”) of patients. MphRx may update this Privacy Policy from time to time, so please check it occasionally.

2. Scope and application

This policy has been developed to govern the collection, use, and disclosure of personal information in a manner that will facilitate MphRx business operations and service delivery while protecting the rights and privacy of users. MPHRX is committed to protecting Personal Information subject to HIPAA (HIPAA stands for Health Insurance Portability and Accountability Act which assures your medical information remains private) and extending privacy protection practices to its handling of personal information where that information may not be subject to privacy laws or regulations. MphRx maintains a comprehensive set of privacy and data protection policies that are subordinate and complementary to HIPAA. The subordinate policies, define privacy roles, responsibilities, accountabilities and requirements relevant to a given context (e.g. for the management of PHI and for PI) and may apply not only to MPHRX but also to parties such as health information custodians and third party service providers.

3. Mandate

Protecting privacy and maintaining data integrity is not only an obligation for MphRx it’s also part of its mandate. Along with providing MphRx solutions and support for the effective and efficient storing, transferring and communicating of medical data, one of the core objectives of MphRx is to: ‘protect the privacy of individuals whose personal information or personal health information is collected, transmitted, stored or exchanged by and through the MphRx platform in accordance with HIPAA and any other applicable laws. MphRx believes that protecting privacy effectively involves not only complying with applicable privacy requirements but also having a strong culture of privacy protection. This Policy mandates MphRx’s internal policies and procedures to provide for comprehensive safeguards for PI/PHI and programs, practices, processes, tools and techniques to protect privacy proactively. MphRx establishes a culture of privacy and data protection by maintaining and continuously improving its Privacy Policy.

4. Your provision of personal information is voluntary

Disclosure of any patient’s PI/PHI is completely voluntary. Except as stated in this Policy, MphRx does not sell, transfer or disclose PI/PHI to third parties unless MphRx has express consent.

5. Some non-personal information is collected automatically

Personal information shall be used within MphRx only by authorized personnel for the purpose for which it was obtained or for a consistent purpose. MphRx may automatically collect certain non-personal information in connection with patients and administrators. MphRx may store some information on your computer. This information will be in the form of a “cookie” or similar file and may be used by MphRx to collect other information during your visit to our website, such as the particular site areas you visit and the activities in which you participate at our websites. The use of cookies is an industry standard and you will find them on most websites. Please note that with most Internet browsers, you can erase cookies from your computer hard drive, block all cookies, or receive a warning before a cookie is stored. You should refer to your browser instructions or help screen to learn more about these functions. A fulfillment house or other third party on our behalf with whom MphRx shares such information may use this information to tailor our website and/or product information to better match your interests and preferences and to improve our products, services, and other marketing programs. Except as stated in this Policy, MphRx does not sell, transfer or disclose that information to third parties unless MphRx has your express consent. You should be aware that our principal business involves medical record storage and transfer and provision of the same to hospitals, doctors and other medical personnel or organizations who have received permission to see such medical records. Our provision of such medical records and related information is audited and is fully HIPAA compliant (HIPAA stands for Health Insurance Portability and Accountability Act which assures your medical information remains private).

6. Intention of responsible stewardship of information

It is our intention to be a responsible steward of the information that we hold in all respects. MphRx only processes personal information for the purposes described in this Privacy Policy and/or for the delivery of its specific services. You should check our policies from time to time for changes to this Privacy Policy and the Privacy Notices / Policies provided from time to time for our specific services. In addition to the above, MphRx adheres to the following guidelines:

  1. Proactively protect privacy and PI/PHI and foster a culture of privacy and data protection.
  2. Protect PI/PHI in accordance with the company, state and federal privacy requirements.
  3. Proactively embed privacy protections into the design and operation of its solutions, services, systems, and processes. Privacy protections shall seek to prevent privacy invasive events from occurring and shall safeguard PI/PHI throughout its lifecycle.
  4. MphRx personnel all play a role in protecting privacy and PI/PHI and maintaining data integrity while working under the leadership of the Chief Technology Officer.
  5. Employ a risk-based approach to protecting privacy. Risk management practices provide the opportunity to establish the optimum level of oversight, control, and discipline to enable MphRx to manage risk in changing environments and help provide the proper level of assessment so that business objectives and strategies, including privacy protection, are being met.
  6. Continuously improve MphRx privacy and data protection policies and seek opportunities to do so by learning from its stakeholders’ experience and results, and by encouraging feedback and suggestions, particularly from personnel.

7. Enforcement

MphRx regularly reviews its compliance with this Privacy Policy. Please feel free to direct any questions or concerns regarding this Privacy Policy or MphRx’s treatment of PI/PHI personal information by contacting us through our website or by writing to us at:

Office of the Chief Technology Officer
c/o MphRx
23 Andrews Lane Princeton,
NJ 08540

When we receive formal written complaints at this address, it is MphRx’s policy to contact the complaining user regarding his or her concerns. We will cooperate with the appropriate regulatory authorities, including local data protection authorities, to resolve any complaints regarding the transfer of personal data that cannot be resolved between MphRx and an individual or entity.

8. Changes to this Privacy Policy

Please note that this Privacy Policy may change from time to time. We will not reduce your rights under this Privacy Policy without your explicit consent, and we expect most such changes will be minor. Regardless, we will post any Privacy Policy changes on this page and, if the changes are significant, we will provide a more prominent notice (including, for certain services, email notification of Privacy Policy changes). Each version of this Privacy Policy will be identified at the top of the page by its effective date, and we will also keep prior versions of this Privacy Policy in an archive for your review. If you have any additional questions or concerns about this Privacy Policy, please feel free to contact us any time through our website or by writing to us at the above address.