Privacy and Confidentiality Statement

Purpose
This Privacy and Confidentiality Statement describes how information collected by Health Services Advisory Group, Inc. (HSAG) Web systems is used and disclosed. Please review this document carefully and contact us if you have any questions.

E-mail: webmaster@hsag.com
Address: Health Services Advisory Group, Inc.
1600 East Northern Avenue, Suite 100
Phoenix, Arizona 85020-3933

Information Collection and Use
HSAG is the sole owner of the information collected on this site. HSAG does not sell, trade, or rent user information (e.g., e-mail address, name, address, phone number) to any other organizations, groups, or entities. Information may be shared with government agencies, when contractually required, in ways documented in this statement. HSAG collects information from users at several different points on its Web sites, depending on the particular site. All methods are described below.

HSAG’s Web sites automatically collect and record the following information about each visitor:

Date and time of visit

Where the visitor goes on HSAG sites

The type of computer (Mac, PC, Unix) and browser each visitor is using

The search engine used to find the site and key words that brought the visitor to the site

The country location of each visitor’s computer

With this information, HSAG can track not only the number of “hits” (visits) to each Web site, but also the times of day, the sections that are the most popular, and the range of computers and browsers most commonly used by visitors.

Meeting Registrations
Online registration is available for some professional meetings. During registration, users are required to give their contact information (such as name, credentials, organization, and e-mail address). This information is used to contact the user regarding the meeting and to register the user; the information may also be used to contact the user regarding future related HSAG meetings and activities. Information fields required for registration are clearly marked; all other fields are optional.

Portal Registrations and Use
Registration is required for access to secure, project-specific portals maintained by HSAG. Registration information is used to verify the identity of the requesting user, and to issue user names and passwords. These portals are secured by passwords and are not accessible by unauthorized personnel. Please keep your password confidential: Do not share it with outside entities. Should an employee with access to a portal leave your agency, please notify HSAG immediately to ensure your privacy.

When registering for, or logging in to, a secure portal, information is encrypted and protected with industry standard SSL technology. While on a secure page, the lock icon on the bottom of Web browsers, such as Netscape Navigator and Microsoft Internet Explorer, becomes locked.

Cookies
A cookie is a small piece of data containing a unique identifier that a Web server uses to identify visitors during their time on a Web site. HSAG uses these cookies to analyze user trends and provide users with access to specific areas on the site. If a user rejects the cookie, the user may still use the HSAG site; however, the user may be limited in some areas of the site. For example, the user may not be able to receive custom information from the site or have information preloaded into some forms.

Log Files
HSAG uses IP addresses to analyze trends, administer the site, track users’ movements, and gather broad demographic information for aggregate use. IP addresses are not linked to personally identifiable information. They may be resolved to identify the name of the organization owning that IP address.

Sharing
HSAG may share information on the use of its sites with some of its customers, such as the Centers for Medicare & Medicaid Services, some state governments, and others. HSAG does not provide personally identifiable information in these reports. Generally, these reports are for verifying the level and type of use of HSAG Web sites.

Links
HSAG Web sites contain many links to other sites. Please be aware that HSAG is not responsible for the privacy practices of other sites. Users are encouraged to be aware when they leave the HSAG site and to read the privacy statements of each Web site that collects personally identifiable information. This privacy statement applies solely to information collected by the HSAG Web sites.

Security
SSL encryption is used to protect sensitive information online. HSAG servers are kept in a secure, restricted access environment. Policies and procedures are in place to ensure the security of user information. Ongoing training on security and privacy practices is provided to HSAG staff.

Notification of Changes
HSAG reserves the right to amend this policy as necessary, without prior notice. If the privacy policy is changed, those changes will be posted on the Web site so users are always aware of what information is collected, how it is used, and under what circumstances, if any, it is disclosed. If, at any point, a decision is made to use personally identifiable information in a manner different from that stated at the time it was collected, HSAG will notify users by way of an e-mail. Users will have the choice as to whether or not to give HSAG permission to use their information in this different manner. Unless specific permission is given, HSAG will use information in accordance with the privacy policy under which the information was collected.