Privacy Policy

Overview

Personal data privacy is crucial to Natalis Outcomes. We are committed to the patient’s right to data protection and privacy. The information below outlines how we handle patient personal information that can directly or indirectly identify a patient (personal data).

Natalis Outcomes collects and processes personal data required to support our Mental Health Wellness Services.

Natalis Outcomes’ Privacy Policy will explain:
• What data does Natalis Outcomes collect?
• What purpose(s) does Natalis Outcomes collect personal data?
• How is personal data stored?
• How is personal data updated?
• Cookies and their use.
• Who uses collected personal data?
• What purpose and how long is personal data saved?
• Changes to our Privacy Policy.
• How to contact us.
• How to contact the appropriate authority.

What data does Natalis Outcomes collect? 

Natalis Outcomesmay collect various types of data about a patient when providing Mental Health Wellness Services. Examples are as follows:

• personal contact data, i.e., name, email address, date of birth.
• personal data Natalis Outcomes must collect due to legal and HIPAA compliance-related purposes,
• personal usage, registration, and participation data which Natalis Outcomes may generate through use of our web application or online Services,
• special categories of personal data,
• application-related personal data, and
• personal data which Natalis Outcomes may receive from third party healthcare providers.

What purpose(s) does Natalis Outcomes collect personal data?  

Natalis Outcomes processes personal data to:

• ensure good business relationships with a provider and patient, including user satisfaction with and providing up-to-date information on the latest news about our products and services,
• develop and offer Natalis Outcomes’ software products, cloud service providers and other services,
• protect the quality and safety of our premises, facilities, software products or services,
• secure and, if necessary, defend Natalis Outcomes’ protected legal assets against unlawful attacks, assert our rights or defend Natalis Outcomes against legal claims,
• ensure compliance with statutory laws and regulations applicable to Natalis Outcomes,
• operate Natalis Outcomes’ Internet pages, web applications, including analyzing data to promote and continuously improve a user experience,
• transfer personal information to recipients like third-party healthcare providers.

How is personal data stored?

All personal data collected and received by Natalis Outcomes in connection with the delivery of our Mental Health Wellness Services are transmitted and securely stored on AWS cloud services provider locations within the United States that adhere to associated GDPR (General Data Protection Regulations) framework.

Data is encrypted ‘at rest’ and ‘in transit’ complying with HIPAA regulations.   

How is personal data updated?

Natalis Outcomes recommends providers review HDI Assessment results directly with the patient and provide a copy of the Assessment and Analysis results to the patient for their personal records.

Should the patient identify personal information that needs to be; updated, changed, transferred, or removed, they should notify their provider or clinic.

Cookies and their use:

Cookies are small text files placed on your computer browser to collect standard internet log in information and visitor behavior information. When someone visits Natalis Outcomes’ website we may collect information automatically through cookies or similar technology. The cookies stored on your computer are non-personally identifiable information.

For further information, please visit:   www.allaboutcookies.org 

Natalis Outcomes uses cookies in a range of ways to improve the user experience on our website. These may include:

• Keeping you signed in
• Understanding how you use our website (www.natalisoutcomes.org)

Who uses collected personal data?

Personal data will be available to the following categories of third parties:

Third party healthcare service providers

Natalis Outcomes may engage third party healthcare service providers to process personal data on our behalf e.g., for consulting or other services, the provision of relevant web applications.

These healthcare service providers may receive or are granted access to personal data when rendering their services and will constitute recipients within the meaning of the relevant GDPR (General Data Protection Regulation).

Changes to our Privacy Policy.

Natalis Outcomes keep our Privacy Policy under regular review and places any updates on our website, www.natalisoutcomes.org.

This policy was revised and released on February 22, 2023.

How to contact us? 

Please direct any requests to exercise your rights to privacyofficer@natalisoutcomes.org

How to contact the appropriate authority.

Should you wish to report a complaint or if you feel Natalis Outcomes has not addressed your concern in a satisfactory manner, you may file a health information privacy and security complaint with the Office for Civil Rights (OCR).

U.S. Department of Health and Human Services

Office for Civil Rights

Centralized Case Management Operations

200 Independence Ave., S.W.

Suite 515F, HHH Building

Washington, D.C. 20201

Customer Response Center: (800) 368-1019

Fax: (202) 619-3818

TDD: (800) 537-7697

Email: ocrmail@hhs.gov

Confidential                                            

Copyright 2023©Natalis Outcomes                     

Privacy 002 Rev.002 EJJ

---

Natalis Outcomes | Security Policy

OVERVIEW:

Natalis Outcomes and its subsidiaries and affiliates will collect patient personal information in the delivery of our professional Mental Health Wellness Services. This Natalis Outcomes Security Policy (“Security Policy”) explains how Natalis Outcomes securely handles patient personal information when visiting:

(a) the Natalis Outcomes website located at (www.natalisoutcomes.org) and/or receiving

(b) all other patient Services provided by Natalis Outcomes, as described on, or provided through the Natalis Outcomes website, including our web-based application designed to assess mental health wellness.

Patient personal information will be collected, measured, and tracked over time in compliance with all HIPAA regulations.   

SCOPE:

Mental Health Wellness Services provided by Natalis Outcomes may also be offered through a third party such as a healthcare provider or practitioner. Compliance to our Security Policy is a requirement for third party healthcare providers or practitioners.

Natalis Outcomes complies with all legal and regulatory requirements (HIPAA). We may use patient personal information for any purpose if the data is analyzed anonymously so it is no longer identifiable by patient.

GENERAL PRINCIPLES:

1. Information Gathered through Assessments

Responses and/or personal patient information gathered through taking assessments are electronically captured, measured, and tracked over time.

• Use of Information

We use patient personal information to:

• Provide Mental Health Wellness Services to the patient.

• Maintain and enhance additional meaningful patient Services by Natalis Outcomes.

• Increase meaningful communication with the patient to improve mental wellness.

• Assess if patient responses to assessments, as determined by a mental health professional, are impacted by related factors, such as age, occupation, education level, stress, sleep, physical activities.

• Service Provider Arrangements

Patient information gathered by Natalis Outcomes through assessments may be transferred using encryption methods, to our affiliates or other third parties who provide Services to the patient. Our service providers use collected patient information to perform their designated functions and are not authorized to use or disclose personal patient information for their own marketing or other purposes. 

• Legal and Compliance

Natalis Outcomes may provide patient information, if necessary, to:

• Comply with legal obligations.
• Protect and defend the rights or property of Natalis Outcomes.
• Prevent or investigate potential wrongdoing in connection with our Services.
• Protect the personal safety of users of our Services or the public.
• Protect against legal liability.

• Sale of Business

Patient information may be provided to third parties in connection with a business transaction, including a merger or sale involving all or part of Natalis Outcomes as part of a company reorganization, or stock or asset sale.

• Safeguarding and Retention of Personal Information

Natalis Outcomes has implemented reasonable administrative, technical and physical measures in an effort to safeguard patient personal information.

We restrict access to patient personal information on a need-to-know basis to employees and authorized service providers who require patient personal information access to fulfill their job requirements. 

Natalis Outcomes’ data retention process is designed to retain personal information for no longer than is necessary for the purposes stated above or to otherwise meet legal requirements.

• Third Party Websites

Natalis Outcomes may contain links to other websites that are not owned nor controlled by us. We have no control over and assume no responsibility for the content, privacy / security policies or professional best practices of any third party website or Services.  

• Data Security

Patient personal information is important to us. While we strive protect data with commercially acceptable encryption methods ‘at rest’ in our AWS cloud provider platform, and through internet transmission, ‘in transit,’ Natalis Outcomes cannot guarantee absolute security.

Should you have any questions or inquiries concerning Natalis Outcomes’ Security Policy, please contact the Natalis Outcomes Security Officer with questions, securityofficer@natalisoutcomes.org

Confidential      Copyright 2023©Natalis Outcomes        Security 001 Rev01 EJJ