Breach Notification Procedures
In the unlikely event of a breach of any unsecured PHI, Curednation will adhere to the following procedures:
Notification: We will notify affected individuals via email, letter, telephone, or as required by law, no later than 60 days following the discovery of the breach.
Description of Breach and PHI Involved: The notification will include a description of the breach, the types of information involved, and the steps affected individuals should take to protect themselves.
Mitigation Steps and Investigation: We will include a description of what we are doing to investigate the breach, mitigate harm to individuals, and protect against further breaches.
Contact Information: Affected individuals will receive contact information for further inquiries.
Data Security
Curednation implements the following safeguards to protect PHI:
Technical Safeguards: This includes encryption, secure user authentication protocols, and audit trails to monitor access and alterations to PHI.
Administrative Safeguards: We regularly review our procedures and monitor compliance with our privacy and security policies.
Physical Safeguards: Access to physical records and servers is controlled and monitored.
Use of PHI for Marketing, Fundraising, and Sale
Curednation will not use PHI for marketing, fundraising, or sale without obtaining explicit written consent from individuals. The following policies apply:
Opt-In/Opt-Out: We provide individuals with the option to opt-in or opt-out of use of their PHI for these purposes.
Notification: Before any PHI is used for these activities, we will inform individuals about what information will be used, the purpose, and whom it will be shared with.
State-Specific Requirements
Curednation complies with all applicable state laws regarding the handling of PHI, which may include:
More Stringent Protections: In states with more stringent privacy laws, Curednation will adhere to those laws.
Reporting Requirements: Where state laws have specific reporting requirements for breaches or disclosures, we will comply with those requirements.
Training Procedures for Staff
Curednation ensures that all members of our workforce, including employees, volunteers, and contractors, are trained on these privacy policies and procedures as follows:
Initial Training: Upon beginning work with Curednation.
Ongoing Training: At regular intervals and when changes to policies or laws occur.
Regular Policy Review
Curednation commits to a regular review of our privacy policy, at least annually, and will update the policy to reflect changes in laws, regulations, or company practices.
Contact Information for Privacy Officials
For questions or more information about our privacy practices, please contact:
Privacy Officer: Betsy Rubendall
Curednation Contact Information:
1-877-882-8733
2310 North Henderson Ave, #1524, Dallas, TX 75206
Policy Versioning
This is version 1.1 of the Curednation Privacy Policy, published on April 12, 2024. All updates will be documented with a new version number and date.
Effect of Policy on Service Use
Your continued use of Curednation services following these privacy practices signifies your acceptance of the terms. We encourage clients to safeguard their login information and promptly report any unauthorized use of their accounts.
Acknowledgment of Receipt
We request that all clients acknowledge the receipt of this privacy policy. This can be done electronically for online services or in person for services rendered at physical locations.
User-Friendly Summary
A brief summary of this policy is available in layman’s terms upon request to help our clients better understand their rights and our practices.
Feedback Mechanism
Curednation values client feedback on our privacy policy. Please direct any comments or suggestions to our Privacy Officer at the contact information provided.
Policy Distribution
This privacy policy will be distributed to clients upon initiation of services and will be available on the Curednation website for review.
