CORONAVIRUS (COVID-19) RESOURCE CENTER Read More

Privacy Policy

List of Terms

Network of Care (or "we") provides its service to "you," the user of such services, subject to this Privacy Policy. If you do not accept the terms of this Privacy Policy, you may not access or use the Network of Care services or Web site.

Our Promise - Network of Care will never release or sell any of your personally identifiable information.

Network of Care respects your privacy and promises to earn and keep your trust. All personal data and information about you and the recipient of your care ("Personal Information") is kept confidential and will not be used in ways to which you have not consented, and we will not sell or disclose any information that identifies you to a third party. In particular, your PHR data will not release for any purpose, including marketing or research, to third parties, such as employers, insurers or our own internal developers, under any circumstances without your explicit request and consent. In the event that you close your PHR account, all your personal data will be expunged from all servers. However, all access logs will remain intact.

Collection of Information

We collect information in three distinct areas relative to our public-facing site: (1) login registration and profile creation; (2) the customized medical-records feature, and (3) interaction with the website and tools.

PHR and Network of Care infrastructure and security

All of the major architectural technologies are virtualized. This provides a layer of abstraction between virtual systems and underlying physical infrastructure, and thus allows for compartmentalization and modularity among components. All PHR data is encrypted and stored in designated servers. Activity logs are maintained and accessible to our users upon request within 15 days.

  • Virtual Servers. Multiple, individual server-operating systems are hosted on a single hardware platform. Multiple hardware servers can be “clustered” together for fault-tolerance and scalability. Each Virtual Server instance is easily portable between each host in a cluster. Virtual servers for different products and customers are secured by separate virtual switches and VLANs.
  • Virtual Storage. Disk storage is completely separate from servers, is highly fault-tolerant, and can be carved up into flexible units that can be applied to any virtual server. The storage units can be moved around, re-sized, copied, duplicated, and restored with relative ease. We have implemented a sophisticated Storage Area Network (SAN) as a robust, central repository for all data.
  • Virtual Networking. The network is modular as well. Instead of traditional routing, high-speed switches are used throughout, which is much faster and more flexible. The same network infrastructure used for general connectivity can also be used as a storage transport for the SAN. Network resources can be quickly allocated and customized, expanded and reduced. Each product and customer is walled-off from one another via dedicated virtual switches and VLANs, and VLAN Access Lists (ACLs) are used to open only those ports necessary for communications to and from other systems. Internet access is provided by InterNAP, which aggregates multiple carriers and employs routing protocols to optimize transit. These connections are dual-hand-off redundancy, with two physical firewalls in a fail-over configuration.
Advanced Features
  • Server Fail-Over. We have many server hosts in our cloud. When one host fails, virtual servers can be failed-over to healthy hosts. In most cases, this can be done without interruption of service. In extreme cases, it requires no more time than a reboot of a virtual machine.
  • Storage "Snapshots". Our SAN is configured to take a point-in-time snapshot of the entire data set daily and maintain that data for a week. This allows us to restore entire virtual disks to the state they were in on a previous day.
  • Backups. Even with all of this redundancy, backups are still important. We back up to another disk array, and we can offer the option of copying that data to a secure online repository at our Business Continuity Site, or even at another cloud provider.
  • Demand-Based Scalability. We can add CPU and Memory as needed and do it quickly. We can make changes as soon as we receive the request and process it same-day, and often with no interruption of service.
Data Center

Our Colo has the following features and amenities and is located in San Francisco. (All PHR data is stored in United State only):

  • Operated by Virtustream, 650 Townsend, San Francisco.
  • Strong physical security, in the form of limited door access, layers of checkpoints, “man-traps,” and 24x7 security staff.
  • Biometric access verification.
  • Fire suppression, gas-based, so as not to destroy equipment if it is activated.
  • Redundant power sources.
  • Battery systems that keep power online in the event of an outage.
  • Redundant generator systems that kick on seamlessly when the power grid goes to battery operation.
  • Periodic testing of all power systems.
  • Convergence of significant, redundant bandwidth from major Network Service Providers.
  • SSAE and SAS70 Type 2 certification.

The Colo pulls together all of the best networking products into immediate proximity, so we can add new bandwidth and features easily, including branch offices or Disaster Recovery Replication to another physical site.

System Security and Access
  • Access to individual resources and servers is carefully managed. One user account is assigned to each person requiring access.
  • Accounts are subject to password complexity requirements.
  • Access permissions are subject to manager approval.
  • Accounts and security privileges are reviewed quarterly.
  • Security logs are audited quarterly.
  • All public-facing websites are secured with valid SSL certificates
  • External access is via encrypted technologies such as SSH, IPSec VPN, PCoIP, or encrypted RDP.

Aggregate Information

As stated above, Personal Information will not be released to third parties. Network of Care may provide your information to third parties in aggregate with others' information, which does not allow you to be identified or contacted ("Aggregate Information"). For example, we might inform third parties regarding the number of users of our site and the activities they conduct while on our site. We might also inform our national partners, such as the National Association of County Behavioral Health and Developmental Disability Directors, that "30 percent of our users live east of the Mississippi" or that "25 percent of our users have looked into elder legal services." Network of Care does contain links to other Web sites. Please note that when you click on one of these links, you are "clicking" to another Web site. We encourage you to read the privacy statements of these linked sites as their privacy policies may differ from ours.

How Network of Care Handles Privacy Internally

We use industry-standard efforts to safeguard the confidentiality of your personal information, such as firewalls and Secure Socket Layers where appropriate. Strong physical security, in the form of limited door access, layers of checkpoints, “man-traps,” and 24x7 security staff as well as Biometric access verification. We review our Web security on an ongoing basis, adding more measures and safeguards whenever possible.

Your Privacy Choices

When you complete login registration and your user profile, you give us permission to send you recurring informational/promotional emails from Network of Care. You are always given the option to opt out of receiving any or all of these emails at any time, either by responding to the email or by changing your preference selections in your account area on our Web site. If we change the way we use any of your individually identifiable information, we will contact you via email at the address designated in your user profile.

Updating Your Personal Information and Contacting Network of Care

You can always contact us in order to delete your Personal Information from our systems by emailing us at support@networkofcare.org. Additionally, you can always update the Personal Information that you have provided to us and change your privacy choices in the user profile area and in your account area on our website.

Your Consent

Network of Care may change this Privacy Policy at any time by posting revisions to it on our website and emailing our registered users. Your use of our services or our website constitutes your acceptance of the provisions of this Privacy Policy and your continued usage after such changes are posted constitutes your acceptance of each revised Privacy Policy. If you do not agree to the terms of this Privacy Policy or any revised policy, please exit our website and do not use our services.