Remote patient monitoring involves the collection, assessment, and interpretation of digitally collected physiologic data. Patients are provided with devices to monitor readings in-between office visits. This provides the healthcare team with additional data to make more informed decisions in patient care. Oftentimes, we think of the patients with white coat hypertension and those who are at risk for falls due to hypotension when at-home monitoring is considered. Alternatively, we may consider at-home monitoring for patients who are high-risk and there may be concerns for medication non-adherence or worsening control of their disease states. RPM provides an opportunity to identify these patients proactively and adjust therapy as needed. Devices may include but are not limited to blood pressure monitors, scales, pulse oximeters, and glucometers.
What’s new with RPM
Chronic Care Remote Physiologic Monitoring (RPM) Services, commonly referred to as remote patient monitoring or telemonitoring, are now allowable under general supervision as RPM has been designated as a care management service. This means that the supervising provider is not required to be in the same office suite as the individual performing or conducting the RPM service.1 This exciting news means that RPM services can now be offered in various locations, including the community pharmacy. Pharmacists who have established collaborative contracts with providers can now work as contracted employees or through other models to offer RPM to their patients.
As part of the final rule for 2020, CMS acknowledged the ambiguity surrounding the RPM program as they had not published strict guidelines for qualifications for RPM.1 Currently, RPM is a payable service for Medicare patients who would benefit from telemonitoring services. Copays and deductibles do apply for these services, so that must be taken into consideration when selecting an appropriate patient for enrollment.
Does your system do billing?
Our system handles all of the reports and time logging required to bill. We do not submit the medical claim,(837) to payers. We also will never bill your patients directly for any service or product.
What does this look like in workflow
The workflow of RPM may depend on the practice setting, but in the community pharmacy, this would involve collaborating with a supervising provider to identify patients who would benefit from the program. After patients are enrolled, they are provided with devices that connect to a clinician dashboard through various connection types. There are options for devices that connect cellularly as well as those that require a wireless network and Bluetooth connectivity. Additionally, there are patient wearables or devices that can be used regularly but do not require being connected to the patient at all times. Patients monitor their readings and the data is transmitted to the dashboard. The pharmacy team evaluates these readings on a regular basis and serves as triage to identify if further escalation is needed. Some readings can be addressed by a patient phone call while others may require more immediate attention by the provider or emergency services.
Is there a dashboard catered to doctors?
Yes. Our portal was co-designed by cardiologist, internal medicine, and neurologist.
Who do you offer your services to?
In Short any company looking to incorporate real-time physiologic data to their site, app, or company. We often work with medical providers seeking to improve health on a broader scale.
What are the opportunities?
There are so many opportunities to make a positive impact on patient care. RPM has provided data to proactively identify patients who are non-compliant with medications. It has also served as a tool to connect uncontrolled patients with their providers for additional telehealth or in-office visits as needed. When a worsening trend is identified, the healthcare team reaches out to the patient to ask questions, provide recommendations, identify any needs that the patient may have, and connect them to resources. This provides patients with peace of mind, knowing that their healthcare team is working diligently to monitor their care.
What are the codes and payment?1
The Medicare program now includes four codes that can be billed by qualified healthcare professionals for the provision of RPM services. The initial code, 99453, is intended to cover the time and efforts dedicated to setting up the device for the member. This would include education on how to use the device as well as how to communicate with the team if there are any needs. The next code, 99454, is intended to cover the cost of the device and any costs associated with transmissions. This code is billable once every 30 days. Interestingly, this is the only RPM code that is based on a 30-day cycle, rather than a calendar month. Codes 99457 and 99458 are billable in increments of 20 minutes for clinical staff time dedicated to RPM services with 99457 attributed to the first 20 minutes and 99458 attributed to each additional increment of 20 minutes. These codes are billed based on time accumulated within the calendar month.
How is Remote Patient Monitoring (RPM) different from Telehealth?
Medicare has placed fewer restrictions on the Remote Patient Monitoring (RPM) codes compared to the codes for Telehealth Services. Specifically, the physician and patient do not have to be located in rural or medically underserved areas to qualify for reimbursement. Nor is there any “originating site” requirement for RPM services. You can provide RPM services anywhere the patient is located, including at the patient’s home, or while out and about.
Do private payers reimburse for Remote Patient Monitoring (RPM) services, or is reimbursement limited to Medicare?
Private payers may reimburse for RPM services, but they are not required to do so. Private payers that do reimburse for RPM services may have different requirements for billing. Make sure to check with the commercial payers in your region to find out whether services are reimbursable and what requirements your practice has to meet for billing.
Is there a patient copay for Remote Patient Monitoring (RPM) services?
Yes, for Medicare beneficiaries. As with other Medicare Part B services, RPM codes are subject to a 20% beneficiary copay. With limited exceptions, practices may not choose to waive the Medicare copay. Private payers may establish their own copays, or may choose not to require a patient copay.
Are Remote Patient Monitoring (RPM) services only reimbursable for patients with multiple chronic conditions?
No. A practice may recommend RPM services for any patient who would benefit from some form of remote patient monitoring.
How has COVID-19 affected coverage of RPM?
In March 2020, CMS issued specific guidance concerning RPM in its "Medicare and Medicaid Programs; Policy and Regulatory Revisions in Response to the COVID-19 Public Health Emergency" interim final rule.
As the previously cited HIMSS article notes, CMS made several changes to how it covers RPM. These are changes for the duration of the pandemic and some permanent fixes. They include the following:
Going forward, RPM can be used for Medicare patients with acute and/or chronic conditions. This expands coverage from patients with only chronic conditions. For the duration of the public health emergency, CMS clarified that RPM could be provided to new and established Medicare patients. Many commercial payers are following the new Medicare guidelines for RPM during the pandemic. Some states have also included RPM into their telehealth parity laws.
How many days must RPM services be delivered to be billable during the pandemic?
Prior to COVID-19, the answer to this measurement days question was fairly straightforward: 16. However, a federal waiver issued early in the pandemic permitted providers to deliver and bill for RPM services to those patients with suspected or confirmed cases of COVID-19. The waiver stated that CMS would permit the reporting of RPM services to Medicare for periods of time of fewer than 16 days but no less than two days during the public health emergency (PHE). This became known as Medicare's "2-day RPM requirement." However, what's important to understand is that billing for CPT code 99453 and CPT code 99454 requires usage of a medical device that digitally collects and transmits 16 or more days of data every 30 days for the billing of these codes. Th is referred to as the "16-day RPM requirement."
Some providers and RPM vendors have applied the 2-day RPM requirement to all patients during the PHE. This interpretation is incorrect. In early 2021, CMS stated that the 2-day RPM requirement should only be applied to patients with a suspected or confirmed diagnosis of COVID-19.
How did the guidance issued by the FDA in March 2020 affect RPM?
The U.S. Food and Drug Administration (FDA) issued guidance to expand the availability and capability of non-invasive RPM devices to facilitate patient monitoring while reducing patient and healthcare provider contact and exposure during the pandemic. Several devices are included in the guidance, such as FDA-cleared non-invasive blood pressure devices, pulse oximeters, cardiac monitors, and electrocardiograph (ECG) devices.
The FDA's policy, which is limited to the duration of the public health emergency, details how the FDA does not intend to object to companies making modifications in product indications, claims, functionality, or limited modifications to hardware and software.
What are common examples of RPM devices?
RPM can employ wired or wireless measurement devices. The most common RPM devices are blood pressure monitors, weight scales, cardiac implants, and blood glucose meters. Pulse oximeters have also become more common due to the COVID-19 pandemic.
Who can deliver RPM services?
Physicians and other qualified healthcare professionals (QHCPs) can provide and bill for RPM. Clinical staff can furnish and manage RPM under the general supervision of the billing provider.
Who can receive RPM services?
Any patient. With that said, a provider should only order/prescribe RPM if captured data is directly relevant to managing a patient's condition(s) (i.e., medical necessity), with such justification documented in the medical record.
What are the benefits of using RPM?
RPM provides a wide range of benefits, including the following:
Keeping people healthy
Reducing the number of hospitalizations
Reducing hospital lengths of stay
Reducing patient, provider, and overall healthcare costs
Permitting older and disabled individuals to remain at home longer and delay or avoid moving into skilled nursing facilities
What do providers need to deliver RPM services?
Since each RPM program is different, the steps to set up programs will vary. The amount of work that providers must complete will differ by RPM program, but these are the general steps for providers who choose to deliver RPM services with minimal external support:
Speak with private payers to determine coverage (if considering non-Medicare patients)
Consider who you will take as RPM patients (i.e., establish your patient base)
Identify the condition(s) you will manage
Select the device(s) you will use to provide RPM
Set up an intake procedure to address matters such as initiating the patient care process, training patients on using the RPM device, installing the equipment in patients' homes (if necessary), maintaining the devices, and responding to equipment problems
Establish policies and procedures
While this may seem like a lengthy list, a good RPM program vendor will perform many of these steps, thereby reducing the effort and management required from the provider and staff.
What do patients need to receive RPM services?
This will largely depend upon the RPM device and how data is transmitted from patient to provider. Some devices require patients to access one or more of the following: Wi-Fi; smartphone (in some instances, newer models); and personal computer. Other devices may only require the device itself. Such devices use cellular data to transmit information.
Depending upon the design and/or complexity of the device, patients may need in-person or virtual assistance to set up and use the technology.
Where is data captured via RPM stored?
Where RPM data is stored will depend upon the device. Typically, data is captured and transmitted via a Wi-Fi or cellular network to a central data repository. Types of repositories include an electronic health record (EHR) system or personal health record.
Older devices often stored the information on the device itself, which then required patients to convey the information to their providers. This type of workflow is no longer considered RPM by Medicare and the vast majority of other payers.
How is remote patient monitoring different from telehealth?
RPM is considered a specific subset of telehealth. One can use the phrase ‘telehealth’ to refer to RPM, but telehealth can also refer to many other types of remote healthcare services.
RPM is the use of a device for interaction between providers and patients outside of the provider’s organization. Telehealth is the use of electronic information and telecommunications technologies to support long-distance clinical care, patient and professional health-related education, public health, and health administration.
Must patients provide consent to receive RPM services?
Yes, and providers must obtain and document consents in patients' medical records. Medicare allows for informed verbal consent, but other payers may require written.
Due to COVID-19, CMS temporarily modified the requirement that consent must be obtained prior to providing an initial RPM service. Practitioners can now obtain consent at the time services are provided and by individuals providing RPM services under contract to the ordering physician or qualified healthcare professional.
What are the typical specialties that offer remote patient monitoring services?
Specialties frequently embracing RPM include cardiology, pulmonology, endocrinology, gastroenterology, and bariatrics.
What are some of the disease states managed via remote patient monitoring?
Common disease states managed by RPM include hypertension, obesity, congestive heart failure (CHF), chronic lower respiratory disease (COPD), and diabetes.
What rules and regulations do I need to follow when creating an RPM program?
Like any healthcare program, providers should follow HIPAA security and privacy regulations. Providers should ensure that their RPM devices and technology are compliant with FDA standards. Technology that meets FDA standards can help ensure quality control and assurance, data accuracy, and compliance. Finally, providers will want to ensure that their RPM programs follows the most current coding and billing rules.
How do I ensure my RPM program is HIPAA compliant?
This essentially boils down to carefully vetting RPM vendors and their devices. Vendors should build their devices so that patient data is encrypted when it is in transit — from patient to provider and vice versa — and when the device that stores the data is not in use.
What are the common types of RPM programs available to providers?
There are a variety of programs and vendors providers can choose from. Generally speaking, they can be broken down into two types: full-service programs and those requiring a self-managed approach. The following summarizes the essential differences between these programs:
For a full-service program, a practice contracts with an RPM company to supply patients with devices. The practice can either hold a stock of the devices to distribute to patients or have the vendor ship devices directly to patients as the office enrolls them. Many full-service programs allow practices to lease the devices, eliminating upfront costs for each new patient. Devices are often cellular, which is simpler for patients to use. All they need to do is insert batteries into the devices and power them on. Some full-service programs offer technical support to patients. Monthly costs are a higher percentage of reimbursement, but the initial cost for each device is eliminated and staff time to manage the program is greatly reduced.
For programs requiring a self-managed approach, practices maintain the supply of devices (typically Bluetooth) and contracts with an RPM software vendor to manage the data from those devices. This approach requires the practice to perform what amounts to providing ongoing technical support for patients, although this time does count towards the management codes and is therefore not billable. Taking a self-managed approach can prove cheaper in the long run, but practices will need to incur significant initial costs and allocate more office resources and staff time to the program.
What payers cover RPM and how is it reimbursed?
RPM is payable by Medicare, 21 state Medicaid programs (as of January 2021), and an increasing number of private payers. Some states, such as Louisiana, have mandated that all private insurers operating in the state must cover some form of RPM. In 2020, the CPT codes for RPM were overhauled, making it one of the most lucrative Medicare care management programs.
There is a small payment for initial patient enrollment, and a monthly base payment for management of the device and patient readings. There is an optional service for each 20 minutes of care management — which can be provided by clinical staff — up to 60 minutes total.
What state Medicaid programs cover RPM?
As of spring 2021, the Center for Connected Health Policy (CCHP) reports that 26 states have some form of reimbursement for remote patient monitoring in their Medicaid programs. This is up from 22 states from fall 2020 as four states — North Carolina, North Dakota, Oklahoma, and Ohio — have since added reimbursement for RPM.
However, there are some caveats to some states' RPM coverage. Ohio added reimbursement but only for specific remote physiologic monitoring codes. Many of the states with Medicaid programs that reimburse for RPM have restrictions associated with RPM use. CCHP states the most common of these restrictions include only offering RPM reimbursement to home health agencies, restricting the clinical conditions for which symptoms can be monitored, and limiting the type of monitoring device and information that can be collected. Two states — Hawaii and New Jersey — have laws requiring that Medicaid reimburse for RPM. However, as of spring 2021, these states lacked any official Medicaid policy concerning RPM reimbursement.
Is setting up the RPM device and related patient education considered covered services?
Yes, via CPT code 99453. See the FAQ "What CPT codes cover RPM and how much are they reimbursed by Medicare?" below for more details.
1. Centers for Medicare & Medicaid Services. Medicare Program; Revisions to Payment Policies Under the Physician Fee Schedule and Other Revisions to Part B for CY 2019; Medicare Shared Savings Program Requirements; Quality Payment Program; Medicaid Promoting Interoperability Program; Quality Payment Program—Extreme and Uncontrollable Circumstance Policy for the 2019 MIPS Payment Year; Provisions From the Medicare Shared Savings Program— Accountable Care Organizations— Pathways to Success; and Expanding the Use of Telehealth Services for the Treatment of Opioid Use Disorder Under the Substance Use-Disorder Prevention That Promotes Opioid Recovery and Treatment (SUPPORT) for Patients and Communities Act. Woodlawn, MD: Federal Register, 2018. 2. Centers for Medicare & Medicaid Services. Physician Fee Schedule Look-Up Tool. Available at: https://www.cms.gov/Medicare/Medicare-Fee-for-Service-Payment/PFSlookup. Accessed July 14, 2020.
What CPT codes cover RPM and how much are they reimbursed by Medicare*?
As of April 2020, they are as follows:
99453 (Remote monitoring of physiologic parameter(s) (e.g, weight, blood pressure, pulse oximetry, respiratory flow rate), initial; set-up and patient education on use of equipment) — Medicare pays $21 for initial setup of an RPM device and patient education.
99454 (Device(s) supply with daily recording(s) or programmed alert(s) transmission, each 30 days) — Medicare pays $64 per month for monitoring patient data as it streams in from a device.
99457 (Remote physiologic monitoring treatment management services, clinical staff/physician/other qualified health care professional time in a calendar month requiring interactive communication with the patient/caregiver during the month; initial 20 minutes) — Medicare pays $55 per month for spending 20 minutes a month tracking and monitoring data and managing resulting care.
99458 (Remote physiologic monitoring treatment management services, clinical staff/physician/other qualified health care professional time in a calendar month requiring interactive communication with the patient/caregiver during the month; additional 20 minutes) — Medicare pays $44 per month for each additional minute spent past 99457's initial 20 minutes up to 60 minutes total.
* Amounts identified are approximate. Reimbursement varies among Medicare administrative contractors (MACs).
Note: CPT code 99091 was the original way to bill for remote patient monitoring. Over the past several years, its limitations and requirements had made it rarely reported due to the availability of the newer codes listed above. However, the 2021 Medicare physician fee schedule final rule might change the frequency that CPT 99091 is reported as CMS now permits billing the code with newer codes. In other words, providers can bill for "complex" RPM management when the provider must spend significant time managing the patient and their RPM care plan. CMS also stated that 99091 can be billed each 30 days whenever such complex provider management occurs without affecting the practice's ability to bill clinical staff time via CPT 99457 each calendar month.
Who can perform RPM under CPT code 99457?
99457 reimburses for time spent by the billing physician, QHCP, or clinical staff, in accordance with laws.
Are RPM services only reimbursable for patients with multiple chronic conditions?
No. Providers may recommend RPM services for any patient who may benefit from the service.
Is CPT code 99454 reimbursed per device or per patient?
99454 can only be billed once per patient every 30 days. This is regardless of whether the patient is using a single device or multiple devices.
Can RPM be billed in conjunction with chronic care management (CCM)
Yes, a provider can bill both the RPM CPT code 99457 and CCM CPT code 99490. CMS recognizes the analysis involved in furnishing RPM services is complementary to CCM and other care management services. With that said, the time spent by providers in furnishing these services cannot be counted towards the required time for RPM and CCM codes for a single month. In other words, no “double counting.” Billing 99457 and 99490 together requires a provider to deliver at least 40 minutes of services: 20 minutes of RPM, 20 minutes of CCM.
Is there a copayment associated with RPM services?
or Medicare beneficiaries: Yes. RPM services, like other Medicare Part B services, are subject to a 20% beneficiary copay. This copay is generally not waivable, but it may be covered if a patient has supplemental coverage or Medicaid. Private payers establish their own copay policies and may choose not to require a copay.
What are the documentation requirements for RPM?
Providers should initially obtain informed beneficiary consent to receive RPM services.
To document CPT 99453, include the following:
practitioner order for device deployment;
condition(s) for which the patient is being monitored;
date of delivery of the device to the patient; and
date(s) on which training is provided to the patient.
For time-based codes (CPT 99457 and 99458), document the time spent on each.
Is text messaging an acceptable form of "interactive communication" under Medicare rules?
No. CMS has defined interactive communication, as referred to in CPT code 99457 and CPT code 99458, as a conversation occurring in real time that includes synchronous, two-way interactions which can be enhanced with video or other kinds of data. This had been interpreted by some RPM providers and vendors to include texting as an acceptable method for delivering billable interactive communication time. But as of the 2021 Medicare physician fee schedule final rule, this is no longer the case. Time spent texting with patients can be counted towards RPM management time. However, it does not satisfy the requirement for interactive communication. Some billable time for each RPM code must be achieved via audio communication with the patient/caregiver.
Can multiple practitioners deliver remote patient monitoring services to the same patient at the same time?
No. The confusion around this question concerns the 2020 Medicare physician fee schedule final rule, which seemed to suggest that separate providers could bill RPM services for the same patient as long as the patient used different RPM devices. In 2021, CMS sought to clarify that only one provider could bill CPT code 99453 and CPT code 99454 during a 30-day period. If one or more providers attempt to bill for remote patient monitoring services for a patient already receiving RPM services from another provider, associated claims are likely to be denied. Repeated attempts to bill for RPM in this fashion could lead to compliance challenges.
Are patients permitted to report their own measurements?
Not for remote patient monitoring. While self-reporting measurements into a patient portal or app or otherwise manually conveying measurements to providers may qualify for other Medicare covered services, data captured in such a fashion cannot be counted towards Medicare RPM. RPM device measurements must automatically sync with a provider's remote patient monitoring platform without any patient transcription.
What is the Medicare 2021 RPM correction document?
In early 2021, CMS made the surprising announcement that it was issuing a correction to its 2021 Medicare physician fee schedule final rule. The correction was welcomed news as it clarified several areas of confusion concerning remote patient monitoring billing requirements while also expanding coverage.
Remote Therapeutic Monitoring (RTM)
What is remote therapeutic monitoring (RTM)?
Generally speaking, remote therapeutic monitoring (RTM) is designed to help manage patients using medical devices that collect "non-physiological data." The concept of RTM was introduced by the American Medical Association in 2020.
What is non-physiological data
We don't yet have a clear definition of non-physiological data from CMS. However, the 2022 Medicare Physician Fee Schedule proposed rule indicates that remote therapeutic monitoring is intended to monitor a range of health conditions and patients who would benefit from remote monitoring that falls outside of traditional confines of tracking vitals data via remote patient monitoring (RPM).
What are examples of non-physiological data
In the proposed rule, CMS indicated that potential non-physiologic data includes musculoskeletal system status, therapy/medication response, therapy/medication adherence, and respiratory system status.
Are remote therapeutic monitoring and remote patient monitoring different
Yes. We learned from the proposed rule how CMS expects these two concepts to differ. In short, provider types that cannot bill for RPM may now be able to bill for RTM; RTM data can be collected from medical devices that measure non-physiological data; and RTM, as presently defined, would cover data self-reported by patients, assuming code requirements are met.
What are the remote therapeutic monitoring CPT codes
As of July 2020, the five remote therapeutic monitoring codes — each with a placeholder at the moment — have the following proposed descriptions:
CPT code 989X1: Remote therapeutic monitoring (e.g., respiratory system status, musculoskeletal system status, therapy adherence, therapy response); initial set-up and patient education on use of equipment
CPT code 989X2: Remote therapeutic monitoring (e.g., respiratory system status, musculoskeletal system status, therapy adherence, therapy response); device(s) supply with scheduled (e.g., daily) recording(s) and/or programmed alert(s) transmission to monitor respiratory system, each 30 days
CPT code 989X3: Remote therapeutic monitoring (e.g., respiratory system status, musculoskeletal system status, therapy adherence, therapy response); device(s) supply with scheduled (e.g., daily) recording(s) and/or programmed alert(s) transmission to monitor musculoskeletal system, each 30 days
CPT code 989X4: Remote therapeutic monitoring treatment management services, physician/ other qualified health care professional time in a calendar month requiring at least one interactive communication with the patient/caregiver during the calendar month; first 20 minutes
CPT code 989X5: Remote therapeutic monitoring treatment management services, physician/other qualified health care professional time in a calendar month requiring at least one interactive communication with the patient/caregiver during the calendar month; each additional 20 minutes (List separately in addition to code for primary procedure)
When will providers be able to offer RTM services to patients
The proposed rule, for which comments are due to CMS on or before Sept. 13., suggests that coverage for remote therapeutic monitoring could begin as soon as Jan. 1, 2022. This would be unusually fast as CMS typically does not adopt coverage for new CPT services quickly. We'll know more when the 2022 Medicare Physician Fee Schedule final rule is published, if not sooner.
Would remote therapeutic monitoring be good for patients and providers
Yes and yes. Remote therapeutic monitoring would also be good for payers. As we understand the proposed codes and coverage, providers would be in a position to address some significant gaps in the current coverage and delivery of remote patient monitoring. RTM services would help patients experience more consistency and quality along the care continuum, especially for chronic disease monitoring.
What are we waiting to learn about RTM?
A lot. Among the matters and issues still requiring clarification: final CPT codes, descriptions, and reimbursement; definition of non-physiologic data; who will be permitted to bill RTM services; what clinical use cases will be eligible for RTM reimbursement; approved devices to collect RTM data; whether self-reported data is acceptable; and if RTM will be considered an "incident to" service, meaning that non-provider clinical staff can furnish a significant amount of the service instead.
Updated September 2020
Protecting your privacy is important to GatherMed LLC. (“GatherMed,” the “Company”, “us” or “we”). This policy describes how the Company may use your data.
Data controller (or HCP, healthcare professional including supporting staff) means the natural or legal person who determines the purpose and the means of the processing of the Personal data;
Data processor (or GatherMed including subcontractors) means the natural or legal person processing the Personal data on behalf of the Data Controller;
Data subject (or User) means the physical person of which the Personal data has been collected pursuant to the Services;
Health data means data related to the physical and/or mental health of a natural person, including the provision of health care services, which reveal information about that natural subject;
Personal data means any information (including Health data) related to an identifiable natural individual and collected pursuant to the Services;
Services means the GatherMed website and all apps and software operated by GatherMed;
1. Why we collect your information:
We collect, use, disclose and process Personal data to provide you with the Services and to improve your user experience and technical support. GatherMed may use your Personal data to contact and correspond with you, to respond to your inquiries; to track communications with you; to perform safety backups of your Personal data; to assist you or your healthcare professional in tracking your Health Data; to generate global statistics (anonymized data will be used for this purpose); to help the Company develop new services and software features that meet your needs and to improve the Software.
2. What information we collect:
We collect Personal data from you in several different ways when you interact with our Services such as:
Active Personal data collection: You actively send information to us when you sign-up as a member of the Services, participate in surveys, respond to us or otherwise contact us. Depending on your choices, you may send us Personal data about yourself and/or others such as your email address, name, mailing address, phone number, birthday, and gender, as well as your child's due date/birthday, name, gender or healthcare portal user key. At all times, you determine what information you want to actively share with us.
Health Data Processing: If you are using the Services in the course of your medical treatment by a healthcare professional, you may actively send your Health Data throughout our Services to your healthcare professional. GatherMed shall only act as a Data processor relating to your Health Data.
Passive Information Collection: We also collect information about how you use and interact with our Services. The collected information includes your IP address, the pages you visit within our Services, the date and time when you visit the website, the URL that referred you to our services, the device that you use to visit the website, and the device used when operating the app. We also collect usage information, such as which feature you are using, for how long and when, and demographic information, such as your gender and age, which we may prompt you for. The data collected does not identify you and is used to improve our Services’ performance and appearance through your account connection.
3. Necessary collection, use and disclosure:
GatherMed shall collect and use your Personal data only to the extent that is necessary to provide the Services and will not use your Personal data for purposes other than those why your Personal data was initially collected.
We keep your Personal data secured, encrypted and confidential and we do not disclose it, but note the following clarifications and exceptions:
Law enforcement: We may share your Personal data to respond to law enforcement requests, court orders or other legal process or if we believe that such disclosure is necessary to investigate, prevent or respond to illegal activities, fraud, physical threats to you or others or as otherwise required by any applicable law or regulation.
Bluetooth devices: At the user’s discretion, the Services may be connected by Bluetooth technology to health measuring devices. The manufacturers of these devices have elected to use Bluetooth LE (low energy) communication as a means of providing a "real-time" experience to users allowing immediate retrieval of data from their devices. The Services does not use Bluetooth for any other purpose. If you do not wish to have your Personal data transmitted by Bluetooth you may disable Bluetooth on your smartphone or similar device in the settings application for that device, or you may simply not connect (or disconnect if you have already connected) the devices that require Bluetooth on the Software.
Aggregated Statistics and Reports: We freely use and disclose data in anonymous form, for example, in statistics or reports.
Our employees and authorized independent contractors ("Authorized personnel"): Authorized personnel may have access to your Personal data for the purpose of helping us administer and run our Services (and not for their own, independent purposes, unless you consent to such use). Authorized personnel access and use such Personal data in accordance with our instructions, on a "need to know" basis, and under defined strict confidentiality and security obligations.
Express consent: GatherMed shall also disclose your Personal data at your express request.
4. Data controller of your Health data:
By are using the Services in the course of your medical treatment by a healthcare provider, that healthcare professional shall obtain a verbal or written consent from you to collect, use and disclose your Personal data and Health data.
That healthcare professional may modify, add and/or erase your Personal data and Health data; may provide alerts to you through the Services and may share your Personal data and Health data with its clinical staff or healthcare partners who require access to patient information, within the requirements of the applicable regional privacy laws such as the Privacy and Security Rules of Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). In addition, your Personal data and Health data may also be used or disclosed by the healthcare professional for the his business partners or other purposes of healthcare treatment, payment (including but not limited to health insurance claims and reimbursement) and operations of the medical practice, as well as for other purposes permitted by applicable laws.
At all times, Your healthcare professional is the Data controller of Health data. GatherMed shall act as the Data processor of your Health data for your healthcare provider.
5. Personal data Hosting and Storing:
Except for non-identifiable and anonymized information which GatherMed may store in perpetuity and in any reasonable location, GatherMed shall host and store your Personal data for a maximum of 6 months after you delete your account, ask for the deletion of your account or have your account deleted by your healthcare professional. After such period, GatherMed may delete your stored Personal data, with respect to the applicable laws.
Your Personal data may be stored in locations outside of your state or country with respect to the applicable regional laws, such as, but not limited to, the General Data Protection Regulation of the European Union, the HIPAA of the United States of America and the Personal Information Protection and Electronic Documents Act of Canada.
6. Access and Update:
You have the right to access and obtain copies of your Personal data. You also have the right to update, rectify and correct any Personal data that you believe is inaccurate or incomplete. To do so, please contact our Privacy officer at https://gathermed.accountablehq.com/.
7. Withdrawal of consent and Opt-out:
8. Generally not suitable for children under the age of :
GatherMed Services are not intended for children under the age of 13. We do not knowingly collect Personal data via the Services from users in this age group. We do, however, collect information about children and babies provided by the parents or legal guardians of such children or babies. We ask our Services’ users not to provide information about any baby or child without first getting their parents' or legal guardians’ consent. By providing Personal data regarding any baby or child, you are affirming that you are legally authorized to do so. We encourage parents and legal guardians to talk to their children about their use of the Internet and the information they disclose pursuant to the Services.
In the event that the Services have been used by a child under the age of 13 to store information of that child without parental consent, GatherMed shall be and is authorized to delete, in its entirety, any of the information stored. GatherMed also reserves the right to revoke any license to use the Services which is being used by a child under the age of 13.
As we also do not intentionally collect or maintain information in the Services from those visitors and Users of the Services who are under 18 years old.
9. Third-Party Programs:
GatherMed uses commercially reasonable and appropriate physical, electronic, and managerial procedures to safeguard and secure the Personal data we collect. However, GatherMed can’t fully eliminate security and/or privacy risks associated with Personal data created, stored or transferred using the internet and internet technologies.
GatherMed, as the Data processor, shall not be liable for any breach, unauthorized disclosure or unlawful use of your Personal data or Health data that was, at the time of the breach, under the control of your healthcare professional.
11. Electronic communications (E-mails):
Your email address may be used to send you Electronic Communications from time to time. At any time, you may ask us to stop sending you Electronic Communications by contacting privacy@GatherMed.com or using the unsubscribe clickable mechanisms provided at the bottom of such communication.
The collection, use and disclosure of your Personal data by GatherMed will be governed by the latest version of this Policy. New versions of this Policy will be posted at https://gathermed.accountablehq.com/.
13. End User License Agreements:
The End User License Agreement, available at email@example.com and governing your use of the Services (and which may be viewed from the info page of the software) contains important provisions disclaiming and excluding the liability of GatherMed and others in relation to your use of the Services, and provisions determining the applicable law and exclusive jurisdiction for the resolution of any disputes regarding your use of the Services. Each of those provisions also applies to any disputes that may arise in relation to this Policy and the collection, use and disclosure of your Personal data, and are of the same force and effect as if they had been reproduced directly in this Policy.
14. Do Not Track :
While many current browsers permit you to send a signal to us about your Do Not Track (“DNT”) preferences, we do not respond or support DNT signals sent from your browser.
15. Access, Comments, and Questions
Email: firstname.lastname@example.org Website: https://www.GatherMed.com