Emergency Contact Data uses its best efforts to safeguard each member’s profile information. The Emergency Contact Data web site resides at a major hosting company that is recognized for its security expertise, and is supported by a hosting infrastructure that is protected with multiple levels of security appropriate for the storage of sensitive, confidential medical information. All data content within the site and database is backed-up daily and continual data access is assured, but not guaranteed through the use of redundant storage network technology.
Passwords and Security
Member information is encrypted using enhanced SSL when transmitted and is stored on a secure PCI DSS (Payment Card Industry Digital Security Standards) compliant web server at a high-security enterprise-level hosting company.
Credit Card information is stored separately, at the PCI DSS compliant payment processor.
Emergency Contact Data has been validated as compliant by SysNet, a leader in PCI DSS. All hosting is supported by high-security firewalls. SysNet performs regular server scans, monitors the security update requirements of the server, and alerts Emergency Contact Data and its hosting company of security updates requiring immediate implementation.
Emergency Contact Data does not ask its members for their personal identifiers such as date-of-birth, driver’s license or social security numbers nor does Emergency Contact Data store credit card numbers. Hackers will not benefit from attacking Emergency Contact Data.
Each member’s password is encrypted when stored on the server and is known only to the member. Information disclosure prevention and data compromise procedures are in place.
Emergency Contact Data provides the option for members to exclude their physical address from the profile information the First Responders see. This feature is for those that wish not to divulge this information about themselves and / or their children.
Privacy and Personal Information
Emergency Contact Data will not sell or share customer demographics with third parties.
Emergency Contact Data may use general member demographics and statistics for its own marketing purposes. It is understood that Emergency Contact Data will communicate with its members.
Emergency Contact Data is given permission by way of its Terms and Conditions to display member information and for this information to be passed to all concerned parties.
Emergency Contact Data falls outside of The Health Insurance Portability and Accountability Act of 1996, (HIPAA) and the Texas Privacy Act. Think of Emergency Contact Data as a diabetic bracelet that alerts others to their diabetic condition. As such, Emergency Contact Data gives its members the ability for them to show someone their medical information, such as a diabetic alert.
Emergency Contact Data Employee Benefit Plan: An employer does not have access to an employee’s member ID or password and cannot access or view any personal or medical information of their employees. All employee member information belongs solely to the employee, is independent of the employer, and is transferrable by the member for payment by the individual or another company, should they leave their employer.
It is the responsibility of each member to safeguard his or her personal information; this includes the use of eight to eleven character passwords composed or CAPITAL and lowercase letters, numbers, and special characters. For example, Sp3c!aL, spells special.
In the Membership Agreement, each user acknowledges that:
- The Emergency Contact Data Service is primarily intended to assist first responders and medical personnel
- The Emergency Contact Data Service is not guaranteed to provide any given healthcare result(s)
- Those viewing the user’s electronic, personal health record have the user’s permission
- The responsibility for the accuracy of member information is the sole responsibility of the member or guardian
- Emergency Contact Data personnel are not legally-permissioned to modify user-entered information
- The Emergency Contact Data website and mobile applications act only to facilitate the presentation of member or guardian posted information