JointPoint, ("us", "we", or "our") operates https://www.jointpoint.com (the "Site"). This page informs you of our policies regarding the collection, use and disclosure of Personal Information we receive from users of the Site.
We use your Personal Information only for providing and improving the Site. By using the Site, you agree to the collection and use of information in accordance with this policy.
While using our Site, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you. Personally identifiable information may include, but is not limited to your name and email address ("Personal Information").
Like many site operators, we collect information that your browser sends whenever you visit our Site ("Log Data").
This Log Data may include information such as your computer's Internet Protocol ("IP") address, browser type, browser version, the pages of our Site that you visit, the time and date of your visit, the time spent on those pages, attempted logins to our user portal, and other statistics.
In addition, we use third party services such as Google Analytics that collect, monitor and analyze this data.
We may use your Personal Information to contact you with newsletters, marketing or promotional materials and other information.
Cookies are files with small amount of data, which may include an anonymous unique identifier. Cookies are sent to your browser from a web site and stored on your computer's hard drive.
Like many sites, we use "cookies" to collect information. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Site.
The security of your Personal Information is important to us, but remember that no method of transmission over the Internet, or method of electronic storage, is 100% secure. While we strive to use commercially acceptable means to protect your Personal Information, we cannot guarantee its absolute security.
Effective Date June 30, 2017
JointPoint takes seriously its obligation to protect the confidentiality of personal information. The JointPoint application includes both the software system used in the Operating Room, and additionally servers and systems operated and maintained by JointPoint.
JointPoint allows you to store patient health information including patient name, date of birth, and images that are associated with cases. JointPoint stores patient information on both the “client” computer and the server.
The security of your information and data while using our Applications is very important to us. Our Applications employ a variety of technical safeguards to protect the confidentiality, integrity, and availability of your personal information. This includes protecting both “data at rest” (stored data) and “data at motion” (data moving over networks).
To protect data at rest, all data related to patient care that is stored on our server or devices, including both images and patient record data, is encrypted using AES (Advanced Encryption Standard), so that it is not usable outside of the JointPoint application.
To protect data at motion, all PHI data in our application is encrypted using Transport Layer Security (TLS)/Secure Sockets Layer (SSL) technology.
To protect patient information, using JointPoint requires a user name and password to be entered in order to log in to the system, providing authentication control to access the system. User names and logins are controlled by JointPoint.
Healthcare extenders asked to use or operate JointPoint to assist a surgeon, such as nurses or individuals representing prosthetic manufacturers, will have access to patient data as they support the surgeon.
Additionally, representatives at JointPoint have access to protected health information as they support use of the product.
Patient data will not be shared with any third party without patient request and consent.
Representatives at JointPoint are able to view healthcare provider (HCP) and healthcare extender data user logins. They are also able to configure ‘sharing’ so that HCP’s and healthcare extenders can share patient data in a HIPAA-compliant manner.
The security of Personal Information and PHI is important to us, but remember that no method of transmission over the Internet, or method of electronic storage, is 100% secure.