• Privacy Policy

    Introduction
    RiverStar provides whole person health applications, community information exchange
    platforms and customer service solutions to companies and communities that need them. This
    includes development software used to develop applications to facilitate customer service,
    professional services (PS) work to develop custom web applications using our tools, and hosting
    of web applications developed by our customers or PS team on behalf of our customers. These
    web applications in turn sometimes collect personal information of our customer’s customers.
    All such data collected and the use to which such data are put, are controlled by our customers.

    This privacy policy outlines our involvement in safe guarding the privacy of these participants.

    RiverStar as a hosting provider
    In a hosting context, RiverStar never shares hosted data with third parties unless required to by
    law, for example a court order. Responsibility for implementation of privacy policy to end
    customers rests with our customers who develop and control the web application hosted by us.
    RiverStar will take reasonable precautions to protect data at the server level from loss, misuse
    and unauthorized access, disclosure, alteration and destruction.

    Whole Person Health and Community Information Exchange Products
    From a product perspective, our products are designed to be configured and controlled by our
    clients as far as who has access to the applications and any data captured by those applications.
    In this case, we follow directives from our customer regarding privacy issues. We actively work
    with our customers to ensure that the applications are configured to adhere to our clients’ privacy
    management requirements. RiverStar does not control who accesses the applications or data, nor
    any sharing of the data. RiverStar does not access the data except to support the requests of our
    clients and generate requested reports of aggregated data for their use.

    Custom Solutions developed by our Professional Services team
    In a PS context, we may be (partially or fully) developing the web application specified by our
    customers. In this case, we follow directives from our customer regarding privacy issues. We
    actively work with our customer to ensure that the privacy principles are followed in their environment.

    Privacy Principles
    The Privacy Principles that the RiverStar PS team uses are described below:

    Notice
    RiverStar does not control what information is collected by our customers or the purposes of
    such data collection. RiverStar does not own the data hosted for our customers nor does
    RiverStar have the authority to provide access to such data to anyone except under direct legal
    order. RiverStar simply provides the tools used to build the applications and the applications
    used by our customers and the hosting for such applications and data. If contacted, RiverStar will
    provide information about how individuals can contact our customers with any inquiries or
    complaints and the types of third parties to which a customer discloses the information.
    RiverStar will work with our customers to notify individuals about the purposes for which they
    collect and use information about them.

    Choice
    RiverStar will work with our customers to ensure they understand the need to give individuals
    the opportunity to choose (opt out) whether their personal information will be disclosed to a third
    party or used for a purpose incompatible with the purpose for which it was originally collected or
    subsequently authorized by the individual. For sensitive information, RiverStar will work with
    our customers to ensure they understand the need to provide affirmative or explicit (opt in)
    choice, if the information is to be disclosed to a third party or used for a purpose other than its
    original purpose or the purpose authorized subsequently by the individual.

    Onward Transfer (Transfers to Third Parties)
    RiverStar will only provide onward transfer to third parties as directly requested and controlled
    by our customer. We will work with our customer to ensure that they understand the need for
    notice and choice principles to be followed. We will also remind our customer of onward transfer
    requirements, if we are a part of selecting third parties. RiverStar has no control over the transfer
    of personal data to third parties. Onward transfer is controlled by our customers. If RiverStar
    were to have control over the transfer of personal data to third parties, RiverStar would
    potentially be liable. Note that RiverStar may be required to release personal data in response to
    legal requests by public authorities including to meet national security or law enforcement
    requirements.

    Access
    RiverStar will help our customers satisfy access requirements under privacy principles.
    Individuals have the right to access personal information about them that an organization holds
    and be able to correct, amend, or delete that information where it is inaccurate, except where the
    burden or expense of providing access would be disproportionate to the risks to the individual’s
    privacy in the case in question, or where the rights of persons other than the individual would be
    violated. RiverStar has no ability to grant access or change/ delete any information held on
    behalf of our customers. Our customers have all such control. In the normal course of business,
    RiverStar does not access any of the data held on behalf of our customers.

    Security
    RiverStar will take reasonable precautions to protect personal information from loss, misuse and
    unauthorized access, disclosure, alteration and destruction.

    Data Integrity
    RiverStar will help our customers satisfy Data Integrity requirements under the Privacy
    Principles. Personal information must be relevant for the purposes for which it is to be used. An
    organization should take reasonable steps to ensure that data is reliable for its intended use,
    accurate, complete, and current. Again, RiverStar does not have any control over what data are
    collected or what use our customers make of such data.

    Enforcement
    RiverStar uses a self¬-assessment approach to assure compliance with this privacy policy and
    periodically verifies that the policy is accurate, comprehensive for the information intended to be
    covered, prominently displayed, and completely implemented and accessible in conformity with
    the Principles. We encourage interested persons to raise any concerns using the contact
    information provided and we will investigate and attempt to resolve any complaints and disputes
    regarding use and disclosure of Personal Information in accordance with the Principles. This will
    generally involve referral of the individual to the customer who is collecting the data

    Amendments
    This privacy policy may be amended from time to time. We will post any revised policy on this
    website.

    Contact Information
    Questions, comments or complaints regarding RiverStar’s Privacy Policy can be mailed
    or emailed to:
    RiverStar Software
    Attn: Security Officer
    20 Danada Square West
    Suite 260
    Wheaton, IL 60189
    security@riverstar.com

    Contact Us

    Ready to get started? Want to learn more? Either way, we want to hear from you.

    EMAIL

    info@riverstar.com

    PHONE

    (800) 945-6399

    MAILING ADDRESS

    20 Danada Square West Suite 260 Wheaton, Illinois 60189