The Privacy Policy of Alita Systems, updated on March 25, 2025, outlines Alita Systems' comprehensive approach to protecting the privacy and security of various types of data, including personal and health-related information, across its electronic health record platform and related services (collectively, “Services”).
At Alita Systems, we are committed to safeguarding the privacy and security of our Client’s Personal Information and any Protected Health Information (PHI) as required by the Health Insurance Portability and Accountability Act (HIPAA). This Privacy Policy explains how we collect, use, store, and protect Personal Information. At the end of the Privacy Policy, we also share information related to PHI and rights related to PHI. Any Business Associate Agreement we have with a Client will outline the requirements related to how we handle PHI.
We do not control and are not responsible for the privacy practices of the websites of other entities and we urge you to review any applicable third-party privacy policies for yourself.
Our processing of data on behalf of our healthcare provider clients is governed by the agreements we enter into with our clients, which may include Business Associate Agreements as applicable and required under the Health Insurance Portability and Accountability Act (“HIPAA”). Your healthcare provider may also have its own privacy practices and/or policies that govern its collection and use of your data. We are not responsible for how your healthcare provider treats your information, and we recommend you review their privacy policies.
1. What Personal Information do we collect?
We collect the personal information when you use our Services or obtain information from us. This may include your name, address, email address, phone number, organization name, specialty, the number of providers you represent, and any other information you provide to us when you contact us. If you purchase a product or service from us, create an account with us, or are an end user of our Services, we may also collect username and password, ICD codes, social security numbers, DEA registration numbers and medical account identifiers. For payment purposes, we may collect credit card number, security code, expiration date, shipping address and billing address.
No one is required to provide any information to us at any time. However, if you do not provide us with the information we request, we may be unable to provide you with the information or Services you have asked for. In other cases, your decision not to provide us with information may preclude your access to certain features and functions of our Services we offer.
2. How do We Collect Personal Information?
Information You Give us
We obtain personal information in a number of ways. For example, we obtain personal information when you provide it to us through this Website. We also collect information through email and other communications, and in other routine operations in the ordinary course of our business.
Information We Collect From Other Sources
If an organization you are affiliated with purchases our Services, we may obtain personal information about you for account creation and maintenance purposes, such as name, email, username, and password. From time to time we may obtain business contact information you make publicly available, including from third parties, for our marketing purposes.
Information We Collect Automatically
We, and certain third-party analytics and digital advertising vendors we engage, may also collect information automatically as you use this Website and Services through the use of common data gathering technologies, such as cookies. Cookies and other technologies collect certain information about the web browsers and devices of users of the Website and our Services, such as IP addresses, access times, and what web pages they visit.
We use cookies and other data collection tools to operate and improve the Website and our Services, for technical troubleshooting, to better understand how the Website and our Services are used, to personalize your visit to the Website and use of our Services, and to display advertisements to you. For more information on the types of cookies we use and to manage your cookie preferences, please visit our cookie preference tool here.
3. How We Use the Information We Collect
We use the information we obtain to:
· Provide and improve the Website;
· Provide our Services and information resources;
· Develop new and updated Services and information resources;
· Administer, protect and manage the Website, our Services and information resources;
· Provide customer service;
· Communicate with individuals concerning our Services, including marketing and promotional communications and, where applicable, fulfillment of promotional offers;
· Enable you to log in to your account to use and access the sections of the Website reserved for Client use;
· Text, call or email in response to an inquiry or request submitted by an individual
· Process orders and payment;
· Investigate, enforce, and apply our contractual terms;
· Protect against and prevent fraud and other criminal activity, claims and other liabilities;
· Comply with and enforce applicable legal requirements, relevant industry standards and policies; and
· Fulfill other purposes we disclose to you when we collect your personal information.
· We may use information we collect to create aggregated data sets that are not identifiable to an individual. We may use and disclose this aggregated data for a variety of development, promotional, communications, and other business purposes.
4. How We Disclose Information
We may disclose information we obtain to our third-party vendors who provide us with services to assist us in providing, developing, promoting, marketing and supporting our Services and information resources and in running our day to day business activities. For example, we use third-party vendors to provide infrastructure hosting, software, and payment processing services. We enter into contracts with our third-party vendors that limit how they may use and disclose the information for the purposes for which we disclosed it to them.
We may also disclose information as we believe necessary to:
· Comply with applicable law and regulations, which may include disclosures made in response to any subpoena, document request, or other legal request seeking the disclosure of information that appears to have been lawfully issued;
· Perform under and enforce the terms and conditions under which our services are provided;
· Protect our rights, reputation, and property, or that of our users, affiliates, or the public or to pursue available remedies or limit damages we may sustain;
· Support our auditing, compliance and corporate governance functions; and
· Transfer or assign the information that we have collected from users in connection with a corporate transaction, such as a divestiture, merger, consolidation, or asset sale, or in the unlikely event of bankruptcy, including in any diligence process related to such a transaction.
5. Children
The Website and our Services are not directed to or designed to be used by children. We do not knowingly collect personal information online from children under the age of eighteen (18).
6. Third-Party Links
The Website may contain links to third-party sites to provide additional, value-added services. Except as set forth herein, we do not share Your personal information with those third parties, and are not responsible for their privacy practices. We therefore have no responsibility or liability for the content and activities of these linked sites. We suggest you read the privacy policies on all such third-party sites.
7. Patient Information
We do not request any patient information through the general Website, such as www.alitasystems.com or reachouthub.com. Certain Services provided by us, and certain support operations involve access to, and the processing of, patient information. This information is provided to us lawfully by: (i) medical professionals who have obtained their patients’ consent or authorization to provide us with their patient information or (ii) by the patient themselves (or, if the patient is a minor, through their parent or guardian).
Such information may be considered Protected Health Information (“PHI”) as that term is defined in the Health Insurance Portability and Accountability Act of 1996, as amended, and its implementing regulations (“HIPAA”). Such information may also be regulated by certain state laws. We process PHI on behalf of our healthcare provider Clients and subject to contractual agreements with such Clients, including business associate agreements. If you have any questions or concerns regarding PHI you believe may be processed by our Services, please contact the health care provider customer with whom you have a relationship directly.
8. Data Security and Retention
We use industry-standard security measures designed to protect the personal information we obtain from unauthorized alteration, loss, disclosure, or use, including technological, physical and administrative controls over access to the systems we use to provide the Website and our Services.
However, please note that the security of information transmitted through the Internet can never be guaranteed. We are not responsible for any interception or interruption of any communications through the Internet or for changes to or losses of data. Users of our Services and the Website are responsible for maintaining the security of any username, password or other form of authentication involved in obtaining access to password protected or secure areas of any of the Website. In order to protect us, you and your information, we may suspend your use of the Website or Services, without notice if any breach of security is suspected.
We will retain the personal information we obtain for a period sufficient to provide the Services that our Clients request or as otherwise necessary to fulfill the purpose for which such information was collected and as necessary to comply with our legal obligations.
9. STATE CONSUMER PRIVACY RIGHTS
Rights for Residents of Applicable States
If you are a resident of a state with applicable consumer privacy laws, you may have the following rights:
· • To confirm whether we process your personal information.
·� • To access your personal information.
· • To correct inaccuracies in your personal information.
· • To delete your personal information that we have obtained.
· • To receive a copy of your personal information in a portable and readily usable format.
· • To opt out of the sale or sharing of your personal information.
· • To opt out of the processing of your personal information for purposes of (i) targeted advertising or (ii) automated decision-making or profiling in furtherance of decisions that produce a legal or similarly significant effect on you.
· If you live in a state that requires specific consent prior to processing your sensitive personal information for certain purposes, we will obtain such and you can withdraw your consent at any time.
· Residents of applicable states may exercise the above rights by:
· • Submitting a request at support@alitasystems.com
· • Calling our toll-free number at (833) 477-3573
· We may ask you to provide us with information necessary to reasonably verify your identity before responding to your request. We will consider all requests and provide our response within the time period required by applicable law. Please note, however, that certain information may be exempt from such requests. If we deny your request in whole or in part, you may have the right to appeal the decision. In such circumstances, we will provide you with information regarding the appeals process.
Response Timing and Format
We endeavor to respond to a consumer request within forty-five (45) days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing.
10. Information About Protected Health Information (PHI)
What is Protected Health Information (PHI)?
Protected Health Information (PHI) is any individually identifiable health information that relates to:
- Ppast, present, or future physical or mental health condition
- The provision of healthcare services
- Payment for healthcare services provided
This information can include things like name, address, phone number, date of birth, social security number, and health information. (45 C.F.R. § 160.103)
How We Collect and Use Your PHI
You may use our Services to collect PHI in a variety of ways, including through direct interactions (e.g., in-person, via phone, or electronically), third-party service providers, and healthcare providers. You may use our Services to use and disclose PHI for the following purposes:
- Treatment: To provide, coordinate, or manage healthcare (45 C.F.R. § 164.506).
- Payment: To obtain payment for the healthcare services you provide to individuals (45 C.F.R. § 164.506).
- Healthcare Operations: To manage our operations, such as conducting quality assessments, audits, or training programs (45 C.F.R. § 164.506).
Disclosure of Your PHI
We will not share PHI except as outlined below:
- With your consent: We may share PHI if you provide written consent from the individual (45 C.F.R. § 164.508).
- As required by law: We may disclose PHI to comply with federal, state, or local law, such as reporting health-related statistics or responding to a court order (45 C.F.R. § 164.512).
- For healthcare operations: We may share PHI with business associates, such as those who help us manage appointments, billing, or data analytics, provided they are also HIPAA-compliant (45 C.F.R. § 164.502(e)).
- Public Health and Safety: We may disclose PHI for public health activities, including preventing or controlling disease, reporting adverse events, or complying with FDA regulations (45 C.F.R. § 164.512(b)).
How We Protect PHI
We implement a variety of physical, administrative, and technical safeguards to protect PHI from unauthorized access, use, or disclosure. These include:
- Data encryption (45 C.F.R. § 164.312).
- Access controls and authentication procedures (45 C.F.R. § 164.312).
- Security policies and regular staff training (45 C.F.R. § 164.530).
- Secure storage and disposal practices for paper and electronic records (45 C.F.R. § 164.310(d)).
Rights Regarding PHI
Individuals have the following rights regarding their PHI:
- Right to Access: An individual can request a copy of their PHI, either in paper or electronic form, subject to certain limitations (45 C.F.R. § 164.524).
- Right to Correct: If an individual believes that their PHI is inaccurate or incomplete, they may request corrections or amendments to it (45 C.F.R. § 164.526).
- Right to Request Restrictions: Individuals can request that limitations to the way their PHI is used or shared, although a covered entity is not required to agree to all such requests (45 C.F.R. § 164.522).
- Right to Confidential Communications: An individual may request that a covered entity communicate with them in a specific way or at a certain location (45 C.F.R. § 164.522).
- Right to Receive an Accounting of Disclosures: An individual can request an accounting of certain disclosures of their PHI made by a covered entity over the last six years (45 C.F.R. § 164.528).
- Right to File a Complaint: If an individual believes that their privacy rights have been violated, they may file a complaint with a covered entity or with the U.S. Department of Health and Human Services (45 C.F.R. § 164.530).
How We Handle PHI After You End the Relationship with Us
If you no longer have an active relationship with Alita Systems, we will continue to protect PHI as required by HIPAA and any Business Associate Agreement. We will retain the PHI for the minimum necessary time, as mandated by law, before safely and securely disposing of it (45 C.F.R. § 164.530).
11. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. Any changes will be communicated to you via the contact information we have on file, and we will post the updated policy on our website. Please review the Privacy Policy periodically to stay informed about how we are protecting PHI (45 C.F.R. § 164.520).
12. Contact Information
If you have any questions or concerns about this Privacy Policy, or if you would like to exercise any of your rights outlined above, please contact us at:
Alita Systems
1827 N Yellowood Avenue
Broken Arrow, OK 74012
Phone: (800) 450-5211
Email: support@alitasystems.com
References
- 45 C.F.R. Part 160 – General Administrative Requirements
- 45 C.F.R. Part 164 – Security and Privacy of Health Information
- U.S. Department of Health and Human Services, Office for Civil Rights (OCR) – HIPAA Privacy Rule: www.hhs.gov/hipaa/for-professionals/privacy/index.html
We use cookies to improve user experience. Choose what cookie categories you allow us to use. You can read more about our Cookie Policy by clicking on Cookie Policy below.
These cookies enable strictly necessary cookies for security, language support and verification of identity. These cookies can’t be disabled.
These cookies collect data to remember choices users make to improve and give a better user experience. Disabling can cause some parts of the site to not work properly.
These cookies help us to understand how visitors interact with our website, help us measure and analyze traffic to improve our service.
These cookies help us to better deliver marketing content and customized ads.