(876) 469-0819 info@topazemr.com

Terms of Service for Topaz EMR  System

Last Updated:  October 1, 2024

1. Acceptance of Terms By accessing or using the Topaz EMR system, you agree to comply with and be bound by these Terms of Service. If you do not agree with these terms, you should not use the system.

2. Services Provided Topaz EMR provides electronic medical record management solutions including but not limited to patient record storage, data management, and clinical decision support tools.

3. User Responsibilities

  • Account Security: You are responsible for maintaining the confidentiality of your login credentials and for all activities that occur under your account.
  • Compliance: You agree to use the system in compliance with all applicable laws and regulations, including those related to data privacy and protection in your country.
  • Prohibited Activities: You may not use the system for any illegal purposes or engage in activities that could harm the system or disrupt its performance.

4. Data Ownership and Usage

  • Ownership: All data entered into the Topaz EMR system remains the property of the respective healthcare provider.
  • Usage Rights: Topaz EMR may use data in an aggregated, anonymized form for system improvements, research, and analytics, ensuring no personal identification is disclosed.

5. Termination Topaz EMR reserves the right to terminate or suspend your access to the system at any time, without prior notice, if you violate these terms or for any other reason deemed necessary to include financial obligations.

6. Limitation of Liability Topaz EMR is not liable for any indirect, incidental, or consequential damages arising from your use of the system or any failure to access or use the system.

7. Changes to Terms Topaz EMR reserves the right to modify these Terms of Service at any time. Changes will be effective upon posting, and continued use of the system constitutes acceptance of the updated terms.

8. Contact Information For any questions or concerns regarding these Terms of Service, please contact us at [info@topazemr.com].

 

Privacy Policy for Topaz EMR System

1. Topaz EMR is committed to protecting your privacy and ensuring the security of your personal and medical information. This Privacy Policy outlines how we collect, use, and safeguard your data.

2. Information We Collect

  • Personal Information: Includes your name, contact details, and professional credentials.
  • Medical Records: Includes medical history, test results, treatment plans, and other health-related information.
  • Usage Data: Includes information about how you access and use the Topaz EMR system, such as IP addresses and login activity.

3. How We Use Your Information

  • Service Delivery: To provide and manage our EMR services, including patient record management and clinical support.
  • Communication: To contact you regarding system updates, support, and administrative matters.
  • Improvement: To analyze usage patterns and enhance system functionality and performance.
  • Legal Compliance: To comply with legal obligations and regulatory requirements.

4. Data Protection

  • Security Measures: We implement advanced security measures including encryption, access controls, and secure data storage to protect your information.
  • Access Controls: Access to personal and medical information is restricted to authorized personnel only.

5. Sharing Your Information

  • Third Parties: We do not share your personal or medical information with third parties except as required by law or to provide necessary services (e.g., integration with other healthcare systems).
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the transaction.

6. Data Retention We retain your information for as long as necessary to fulfill the purposes for which it was collected or as required by applicable laws and regulations.

7. Your Rights

  • Access and Correction: You have the right to access and request corrections to your personal and medical information.
  • Opt-Out: You may opt-out of certain communications or data usage practices by contacting us.

8. Changes to Privacy Policy We may update this Privacy Policy from time to time. Any changes will be posted on our website, and continued use of the system constitutes acceptance of the revised policy.

9. Contact Information If you have any questions or concerns about this Privacy Policy or our data practices, please contact us at [info@topazemr.com].

 

 

Data Protection

At Topaz EMR, your privacy is a priority. This Privacy Policy outlines how we collect, use, protect, and share your personal information in accordance with the General Data Protection Regulation (GDPR) and the Data Protection Act 2020 of Jamaica. By using our services, you agree to the collection and processing of your personal data as described in this policy.

  1. Data Controller

The data controller responsible for your personal data is Your Health Care Provider,

  1. Personal Data We Collect

We may collect and process the following categories of personal data:

  1. Patient Information:
    • Name, date of birth, gender, national ID number
    • Contact information (address, email, phone number)
    • Medical history, diagnosis, lab results, prescriptions, and treatment plans
    • Insurance information and billing details
  2. Healthcare Provider Information:
    • Name, medical license number, contact information
    • Professional qualifications, work history, and employer details
  3. Usage Data:
    • Information about how you interact with the Topaz EMR system, including login data, access times, and system usage.
  4. Device Data:
    • Information about the devices you use to access Topaz EMR, such as IP address, browser type, and device operating system.
  1. Lawful Basis for Processing Personal Data

Your Health Care provider processes personal data based on the following lawful bases:

  • Consent: We obtain your consent to collect and use certain personal data where required (e.g., sharing with third-party services).
  • Contractual Necessity: We process personal data to fulfill our contractual obligations to you, such as providing electronic medical records services.
  • Legal Obligations: We are required by law to process certain personal data to comply with health regulations and other applicable laws.
  • Legitimate Interests: We process personal data for our legitimate business purposes, such as improving our services, provided that these interests do not override your privacy rights.
  1. How We Use Your Personal Data

Your Health Care provider uses your personal data to:

  • Provide, manage, and maintain the electronic medical records (EMR) service.
  • Facilitate accurate patient diagnoses, treatment plans, and prescriptions.
  • Comply with legal and regulatory obligations, such as reporting to health authorities.
  • Securely process billing and insurance claims.
  • Enhance and improve our EMR system, including troubleshooting and support.
  • Safeguard patient data against unauthorized access.
  1. Data Sharing and Disclosure

Your Health Care provider may share your personal data in the following circumstances:

  • Healthcare Providers: Patient data is shared with authorized healthcare professionals involved in the patient’s care.
  • Third-Party Processors: We may share data with third-party service providers (e.g., billing processors, cloud storage providers) who process data on our behalf, strictly under contractual agreements to ensure GDPR and Data Protection Act compliance.
  • Legal Compliance: We may disclose personal data if required by law, for example, to public health authorities or to comply with a court order.
  • With Consent: In cases where explicit consent has been provided, we may share your data with third parties for specific purposes, such as research or marketing.
  1. Data Security

Your Health Care provider is committed to ensuring that your personal data is secure. Topaz EMR implements a range of technical and organizational measures to protect your data, including:

  • Encryption: All sensitive data is encrypted both at rest and during transmission.
  • Access Control: Access to patient data is restricted to authorized personnel only.
  • Data Minimization: We collect only the data necessary for the purposes outlined in this policy and retain it only as long as necessary.
  • Security Audits: Regular audits and security checks are conducted to prevent unauthorized access, data breaches, or misuse.
  1. Data Retention

Your Health Care provider retains personal data in accordance with applicable laws and regulations. Medical records are stored for 10 years from the last patient interaction, as required by the Medical Act and the Data Protection Act 2020. After this period, data will be securely deleted or anonymized, unless retention is necessary for legal purposes.

  1. Your Rights as a Data Subject

Under GDPR and the Data Protection Act 2020, you have the following rights:

  1. Right to Access: You can request access to the personal data Your Health Care provider holds about you and receive a copy.
  2. Right to Rectification: You have the right to correct any inaccurate or incomplete personal data.
  3. Right to Erasure (“Right to be Forgotten”): You can request that Your Health Care provider delete your personal data in certain circumstances.
  4. Right to Restriction of Processing: You can ask us to limit the processing of your personal data in specific cases.
  5. Right to Data Portability: You can request that your personal data be transferred to another data controller in a structured, commonly used, and machine-readable format.
  6. Right to Object: You can object to the processing of your personal data in certain cases, such as for marketing purposes.
  7. Right to Withdraw Consent: Where processing is based on your consent, you have the right to withdraw your consent at any time.

To exercise any of these rights, please contact your Health Care provider

  1. International Data Transfers

Your Health Care provider may transfer your personal data to countries outside Jamaica, including the European Union (EU). In cases where data is transferred internationally, we ensure that appropriate safeguards are in place to protect your data, in line with GDPR requirements.

  1. Data Breaches

In the event of a data breach involving your personal information, Your Health Care provider will promptly notify you and the relevant authorities as required by the GDPR and Data Protection Act. We have an established incident response plan to manage and mitigate any data breaches.

  1. Changes to This Privacy Policy

Topaz EMR may update this privacy policy periodically to reflect changes in legal requirements or data processing practices. Any changes will be posted on our website, and we encourage you to review this policy regularly.

  1. Contact Information

If you have any questions or concerns about this Privacy Policy or how your data is handled please contact your healthcare provider: