Information DrFirst Collects
We may collect Personal or Non-Personal Information from you. “Personal Information” refers to any information that specifically identifies you as an individual that you provide in connection with your use of our website. Personal Information may include, but is not limited to, your name, telephone number, email address, postal address, location and the name of your organization. “Non-Personal Information” is any information you provide to us that cannot be used to determine your identity. The types and amount of information collected for the features listed above will vary depending on the website and activity. The requested Personal Information may include: first and last name, email address, home address (including city and state), telephone number (work or home), and (for those purchasing products online) credit card information. For some activities, you may be asked to create a username and/or password and/or to provide additional, demographic information, including: (i) your age or date of birth, (ii) gender, (iii) frequency of use, purchase, and consumption of certain DrFirst products and/or other similar products, (iv) facts about your business, and/or, (v) other information relevant to the DrFirst product you’ve purchased or the specific website which you are visiting.
How DrFirst Collects Information About You
How DrFirst Uses Information Collected From You
We use information collected or obtained when you use our website, including Personal Information for the purposes set out below:
Means of Collecting Information
Cookies help websites remember visitors when they return to the website. For example, a cookie can help a website remember that you’ve already registered, so you don’t have to sign in again each time you visit. Essentially, cookies are used to customize websites based on the content you view and the preferences you have indicated.
You may remove any cookies as described above or “opt out” of receiving advertisements or other cookies by using services such as those provided by the Digital Advertising Alliance or Network Advertising Initiative. You may find more information about their members and the “opt out” process by going to their websites at www.aboutads.info/choices or www.networkadvertising.org.
IP Addresses. We may keep track of Internet Protocol (IP) addresses to (among other things): (i) troubleshoot technical concerns, (ii) maintain website safety and security, (iii) restrict access to our website to certain users, and, (iv) better understand how our website is utilized. An IP address is a number that is used by computers on the network to identify your computer every time you log on to the Internet.
Log Files. We (or a vendor on our behalf) may collect information in the form of logs. Logs are files that record website activity and gather statistics about web users’ browsing habits. These entries are generated anonymously, and help us gather (among other things) (i) a user’s browser type and operating system, (ii) information about a user’s session (such as the URL they came from, the date and time they visited our website, and which pages they’ve viewed on our website and for how long), and, (iii) other similar navigational or click-stream data. We also use information captured in log file for our internal marketing and demographic studies, so we can constantly improve and customize the online services we provide you. Log files are used internally only, and are not associated with any particular user.
Web Beacons. We may use web beacons (or clear GIFs) on our websites or include them in the e-mail messages we send you. Web beacons (also known as “web bugs”) are small strings of code that provide a method of delivering a graphic image on a web page or in an email message for the purpose of transferring data back to us. The information collected via web beacons may include some of the information described in the IP Address section directly above, as well as information about how a user responds to an email campaign from XXXX (e.g., the time the email is opened, where does the user link to from the email, etc.). We use web beacon information for a variety of purposes, including but not limited to, website traffic reporting, unique visitor counts, advertising and email auditing and reporting, and personalization.
Newsletters and Communication. If you provide us your email address and/or mailing address (whether as part of our general website registration or for a specific newsletter or communication), or provide your contact information on a form intended as a request for information regarding our products and services, the contact information you provide will be used to send you the specific newsletter, communication, or literature requested. In addition, you may receive communications introducing you to other DrFirst brands or websites. These materials may come in the form of regular mail or email, depending on the website you register on and the information you provide during registration.
Business Interests. We may combine (aggregate) your Non-Personal information with other consumers’ information or other publicly available information to help us satisfy our legitimate business interests, such as performing trend analysis or market studies; identify consumer preferences or interests; set prices; perform billing functions; establish credit; or comply with government regulations. We may also share anonymized data, such as statistical or demographic information in aggregate form, with third parties for research or marketing purposes. However, this anonymized data will not contain your individually identifiable Personal Information.
Disclosure of Information to Third Parties
We disclose your Personal Information to our service providers that we engage to provide certain services, such as hosting and maintenance, data storage, customer management and disaster recovery. We expect our service providers to use reasonable measures in order to protect your privacy and Personal Information from unauthorized access.
We also reserve the right to make your Personal Information available:
California Privacy Rights. If you are a resident of the State of California, under the California Consumer Privacy Act of 2018 (CCPA), you have the following rights with respect to your information collected by companies conducting business in California:
Personal Information We Collect About You. Under the CCPA, Personal Information refers to information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with you or your household. Below is a list of categories of Personal Information we collect about you:
We collect the above categories of Personal Information from the following categories of sources:
We also collect information that is not deemed Personal Information under the CCPA. This includes publicly available information, such as information lawfully made available from federal, state, or local government records. Protected or health information we collect that is governed by HIPAA or the Confidentiality of Medical Information Act is not subject to the CCPA.
Use of Personal Information. We may use or disclose Personal Information we collect for one or more of the following business purposes:
Personal Information We Share with Third Parties. We disclose your Personal Information to service providers and third parties to whom you or an entity on your behalf has authorized us to disclose your Personal Information in connection with products and services we provide to you. We require all third parties to respect the security of your Personal Information and to treat it in accordance with applicable law. Below is a list of categories of Personal Information we may share with third parties:
Personal Information We Sell to Third Parties. We have not sold your Personal Information to third parties in the preceding twelve (12) months.
To exercise your rights listed above, please submit a request via one of the following:
9420 Key West Ave, Suite 101
Rockville, MD 20850
Attn: Legal Department – California Privacy Rights
All requests sent via postal mail must be labeled “California Privacy Rights” on the envelope or post card and clearly stated on the actual request. For all requests, please include your name, street address (if you would like a response via postal mail), city, state, and zip code. We will not accept requests via email, telephone or fax. We are not responsible for notices that are not labeled or sent properly, or do not have complete information. You may designate an individual to submit a request on your behalf. We will use the information you provide in your request to verify your identity and will respond to your request within forty-five (45) days, or within a timeframe otherwise required or permitted under the CCPA. You will not be required to pay a fee to access your Personal Information unless your request is unfounded, excessive, or repetitive.
How We Respond to Browser “Do Not Track” Signals. Some web browsers incorporate a “Do Not Track” feature that signals to websites that you visit that you do not want to have your online activity tracked. How browsers communicate the Do Not Track signal is not yet uniform. For this reason, the Services are not set up to interpret or respond to Do Not Track signals.
Children’s Online Privacy Protection Act (COPPA). Our Services are not directed to children under the age of 13. We do not knowingly collect Personal Information on our website directly from children and will destroy such information if we become aware that a child has disclosed such information to us without proper parental consent. It is DrFirst’s policy not to knowingly solicit or permit children under the age of 13 to provide their Personal Information for any purpose.
Please direct any questions or concerns to:
9420 Key West Ave, Suite 101
Rockville, MD 20850
Revision Date: 11/8/2016
DrFirst’s Rcopia 3 has been tested and certified by ISCA Labs as 2014, 2015 Edition compliant solution. In addition, Rcopia 4 has been tested and certified by Drummond Group as a 2014, 2015 Edition compliant in accordance with the applicable certification criteria adopted by the Secretary of Health and Human Services. This certification does not represent an endorsement by the U.S. Department of Health and Human Services.
Certified product versions may require additional costs pursuant to an annual contract commitment including: Yearly License fees, one-time interface fee (PMS), a one-time demographic upload fee, a one-time EPCS IDP fee, and a yearly EPCS license fee.
2014 Ambulatory Product, ONC-ACB Certification ID: 140351R00 – Rcopia 3, Certification Date: 12/16/2014 | ONC-ACB Certification ID: 160041R00 – Rcopia 4, Certification Date: 09/07/2016
Certification Criteria Met: Computerized Provider Order Entry, Drug-Drug, Drug-Allergy Interaction Checks, Demographics (Rcopia 3 Only), Problem List, Medication List, Medication Allergy List, Electronic Notes (Rcopia 3 Only), Drug-Formulary Checks, Smoking Status (Rcopia 3 Only), Patient-Specific Education Resources (Rcopia 3 Only), Electronic Prescribing, Authentication Access Control and Authorization, Auditable Events and Tamper-Resistances, Audit Report(s), Automatic Log-Off, Emergency Access, Integrity, Automated Measure Calculation, Safety-Enhanced Design, Quality Management System
Additional software relied upon for certification: FDB Health, MedlinePlus, National Library of Medicine, Meinberg NTP, Surescripts, Wellcentive
2014 Inpatient Product, ONC-ACB Certification ID: 140168R00 – Rcopia 3, Certification Date: 07/03/2014 | ONC-ACB Certification ID: 160042R00 – Rcopia 4, Certification Date: 09/07/2016
Certification Criteria Met: Drug-Formulary Checks, Electronic Prescribing, Automated Measure Calculation, Safety-Enhanced Design, Quality Management System
Additional software relied upon for certification: Surescripts
2015 Certified Products, ONC-ACB Certification ID: 170022R00 – Rcopia 3, Certification Date: 07/05/2017 | ONC-ACB Certification ID: 15.04.04.1375.Rcop.04.00.0.171277 – Rcopia 4, Certification Date: 12/27/2017
Certification Criteria Met: Computerized Provider Order Entry, Drug-Drug, Drug-Allergy Interaction Checks, Problem List, Medication List, Medication Allergy List, Drug-Formulary Checks, Electronic Prescribing, Authentication Access Control and Authorization, Auditable Events and Tamper-Resistances, Audit Report(s), Amendments, Automatic Log-Off, Emergency Access, End-User Device Encryption, Integrity, Automated Measure Calculation, Safety-Enhanced Design, Quality Management System, Accessibility-Centered Design.
There are no known limitations that a user may encounter in the course of implementing and using this Modular EHR’s capabilities, whether to meet meaningful use objectives and measures or to achieve any other use within the scope of the health IT’s certification.