Privacy Policy & ONC Certification Disclosure – Including Costs and Limitations

Privacy Policy, Inc. (“DrFirst”) is committed to safeguarding your privacy. This Policy explains what information we gather, use, and share when you visit any website controlled and operated by DrFirst, including when you access our websites via your mobile device. By accessing our website, you agree to be bound by the terms of this Policy. If you disagree with this Policy or with the DrFirst Website Terms of Use, or do not agree to be bound by them, you are not authorized to access any DrFirst website.

Information DrFirst Collects

We may collect Personal or Non-Personal Information from you. “Personal Information” refers to any information that specifically identifies you as an individual that you provide in connection with your use of our website. Personal Information may include, but is not limited to, your name, telephone number, email address, postal address, location and the name of your organization. “Non-Personal Information” is any information you provide to us that cannot be used to determine your identity. The types and amount of information collected for the features listed above will vary depending on the website and activity. The requested Personal Information may include: first and last name, email address, home address (including city and state), telephone number (work or home), and (for those purchasing products online) credit card information. For some activities, you may be asked to create a username and/or password and/or to provide additional, demographic information, including: (i) your age or date of birth, (ii) gender, (iii) frequency of use, purchase, and consumption of certain DrFirst products and/or other similar products, (iv) facts about your business, and/or, (v) other information relevant to the DrFirst product you’ve purchased or the specific website which you are visiting.

How DrFirst Collects Information About You

We only obtain Personal Information that you provide to us, such as when you request information from DrFirst. By using any DrFirst website and submitting Personal Information, you consent to the collection and use of your Personal Information by us as described in this Privacy Policy. In addition, when you access or visit our website, we and our service providers and others who host our website may use technology that can recognize, collect, and transmit information that is associated with you, but which does not personally identify you.

How DrFirst Uses Information Collected From You

We use information collected or obtained when you use our website, including Personal Information for the purposes set out below:

  • Market research;
  • Creating new features and services;
  • The development of services, new and updated products;
  • Responding to feedback, questions, and communications concerning our products or services;
  • Informing you about our services which may include contacting you by telephone;
  • Maintenance and administration of our website.

Means of Collecting Information

Cookies. We use cookies to improve the use and functionality of our website. A cookie is a small text file that may be placed in your browser by websites you visit and the content partners for those websites. You can use the preferences in your browser to view, control and delete the cookies you have by, for example, emptying the cache in your browser. You may check the “Help” menu on your Internet browser for more information, or check with your browser provider.

Cookies help websites remember visitors when they return to the website. For example, a cookie can help a website remember that you’ve already registered, so you don’t have to sign in again each time you visit. Essentially, cookies are used to customize websites based on the content you view and the preferences you have indicated.

We may use cookies to (i) allow us to personalize information for certain segments of our customer base, (ii) allow us to associate individual customers with their information profiles, (iii) keep track of and administer your status, preferences, business information and other information provided by you, (iv) for security purposes, and (v) to understand visitor usage of our websites on an anonymous basis.

You may remove any cookies as described above or “opt out” of receiving advertisements or other cookies by using services such as those provided by the Digital Advertising Alliance or Network Advertising Initiative. You may find more information about their members and the “opt out” process by going to their websites at or

IP Addresses. We may keep track of Internet Protocol (IP) addresses to (among other things): (i) troubleshoot technical concerns, (ii) maintain website safety and security, (iii) restrict access to our website to certain users, and, (iv) better understand how our website is utilized. An IP address is a number that is used by computers on the network to identify your computer every time you log on to the Internet.

Log Files. We (or a vendor on our behalf) may collect information in the form of logs. Logs are files that record website activity and gather statistics about web users’ browsing habits. These entries are generated anonymously, and help us gather (among other things) (i) a user’s browser type and operating system, (ii) information about a user’s session (such as the URL they came from, the date and time they visited our website, and which pages they’ve viewed on our website and for how long), and, (iii) other similar navigational or click-stream data. We also use information captured in log file for our internal marketing and demographic studies, so we can constantly improve and customize the online services we provide you. Log files are used internally only, and are not associated with any particular user.

Web Beacons. We may use web beacons (or clear GIFs) on our websites or include them in the e-mail messages we send you. Web beacons (also known as “web bugs”) are small strings of code that provide a method of delivering a graphic image on a web page or in an email message for the purpose of transferring data back to us. The information collected via web beacons may include some of the information described in the IP Address section directly above, as well as information about how a user responds to an email campaign from XXXX (e.g., the time the email is opened, where does the user link to from the email, etc.). We use web beacon information for a variety of purposes, including but not limited to, website traffic reporting, unique visitor counts, advertising and email auditing and reporting, and personalization.

Newsletters and Communication. If you provide us your email address and/or mailing address (whether as part of our general website registration or for a specific newsletter or communication), or provide your contact information on a form intended as a request for information regarding our products and services, the contact information you provide will be used to send you the specific newsletter, communication, or literature requested. In addition, you may receive communications introducing you to other DrFirst brands or websites. These materials may come in the form of regular mail or email, depending on the website you register on and the information you provide during registration.

We may also use your email address to send you transactional or administrative communications (e.g., confirmation email when you purchase a product online or when you sign up for, or unsubscribe from, a specific registration or activity), as well as certain service-related announcements (e.g., notices about updates to our Privacy Policy, discontinued features or programs on our websites, changes to our online services or technical support policies, or other related changes). Collectively, these types of communications are referred to in this Privacy Policy as “Administrative Communications.”

Business Interests. We may combine (aggregate) your Non-Personal information with other consumers’ information or other publicly available information to help us satisfy our legitimate business interests, such as performing trend analysis or market studies; identify consumer preferences or interests; set prices; perform billing functions; establish credit; or comply with government regulations. We may also share anonymized data, such as statistical or demographic information in aggregate form, with third parties for research or marketing purposes. However, this anonymized data will not contain your individually identifiable Personal Information.

Disclosure of Information to Third Parties

We disclose your Personal Information to our service providers that we engage to provide certain services, such as hosting and maintenance, data storage, customer management and disaster recovery. We expect our service providers to use reasonable measures in order to protect your privacy and Personal Information from unauthorized access.

We also reserve the right to make your Personal Information available:

  • To third party marketing and advertising companies;
  • To comply with any applicable law, regulation, a court or other legal process, or enforceable government request;
  • To take appropriate action regarding any use of our website that may violate any law or regulation;
  • To protect the health, safety, security, property, and interests or rights of us or others;
  • In order to investigate or respond to or resolve problems or inquiries or defend our interests.
  • As otherwise necessary or useful for us to conduct our business, so long as such use is permitted by law.


California Privacy Rights. If you are a resident of the State of California, under California Civil Code Section 1798.83, you have the right to request information on how to exercise your disclosure choice options from companies conducting business in California. To request such information, contact us via postal mail, at:, Inc.

9420 Key West Ave, Suite 101

Rockville, MD 20850

Attn: Legal Department – California Privacy Rights

All requests sent via postal mail must be labeled “California Privacy Rights” on the envelope or post card and clearly stated on the actual request. For all requests, please include your name, street address (if you would like a response via postal mail), city, state, and zip code. We will not accept requests via email, telephone or fax. We are not responsible for notices that are not labeled or sent properly, or do not have complete information.

How We Respond to Browser “Do Not Track” Signals. Some web browsers incorporate a “Do Not Track” feature that signals to websites that you visit that you do not want to have your online activity tracked. How browsers communicate the Do Not Track signal is not yet uniform. For this reason, the Services are not set up to interpret or respond to Do Not Track signals.

Children’s Online Privacy Protection Act (COPPA). Our Services are not directed to children under the age of 13. We do not knowingly collect Personal Information on our website directly from children and will destroy such information if we become aware that a child has disclosed such information to us without proper parental consent. It is DrFirst’s policy not to knowingly solicit or permit children under the age of 13 to provide their Personal Information for any purpose.

Acceptance of and Changes to Privacy Policy. By using or any other DrFirst website, you are accepting the practices described in this Privacy Policy. We reserve the right to periodically modify this Privacy Policy. Any modified privacy policy will be posted on this website and be marked with an effective date. Your continued use of our website after the effective date of any modification means you accept and agree to be bound by the Privacy Policy as modified. Any material changes will generally apply only to activities and information collected after modification. We encourage you to review this Privacy Policy whenever you return to the website to make sure you are aware of the latest Privacy Policy.

Third Party Websites. Our website may contain links to and from websites maintained by other companies or organizations (“Third Party Websites”). We are not responsible for the privacy practices or the content of third party websites. The information practices of third party websites are not covered by this Privacy Policy.

Note to Non-U.S. Visitors. This Privacy Policy is intended to meet the laws and regulations of the United States, which may not necessarily be consistent with the laws and regulations of your home country. Any information that you provide to will be treated in accordance with this Privacy Policy, the Terms of Use, and U.S. laws.

Questions or Concerns about our Privacy Policy.

Please direct any questions or concerns to:

Privacy Officer

9420 Key West Ave, Suite 101

Rockville, MD 20850

Revision Date: 10/11/2016

ONC Certification Disclosure – Including Costs and Limitations

DrFirst’s Rcopia 3 has been tested and certified by ISCA Labs as 2014, 2015 Edition compliant solution. In addition, Rcopia 4 has been tested and certified by Drummond Group as a 2014, 2015 Edition compliant in accordance with the applicable certification criteria adopted by the Secretary of Health and Human Services. This certification does not represent an endorsement by the U.S. Department of Health and Human Services.

Certified product versions may require additional costs pursuant to an annual contract commitment including: Yearly License fees, one-time interface fee (PMS), a one-time demographic upload fee, a one-time EPCS IDP fee, and a yearly EPCS license fee.

2014 Ambulatory Product, ONC-ACB Certification ID: 140351R00 – Rcopia 3, Certification Date: 12/16/2014 | ONC-ACB Certification ID: 160041R00 – Rcopia 4, Certification Date: 09/07/2016

Certification Criteria Met: Computerized Provider Order Entry, Drug-Drug, Drug-Allergy Interaction Checks, Demographics (Rcopia 3 Only), Problem List, Medication List, Medication Allergy List, Electronic Notes (Rcopia 3 Only), Drug-Formulary Checks, Smoking Status (Rcopia 3 Only), Patient-Specific Education Resources (Rcopia 3 Only), Electronic Prescribing, Authentication Access Control and Authorization, Auditable Events and Tamper-Resistances, Audit Report(s), Automatic Log-Off, Emergency Access, Integrity, Automated Measure Calculation, Safety-Enhanced Design, Quality Management System

Additional software relied upon for certification: FDB Health, MedlinePlus, National Library of Medicine, Meinberg NTP, Surescripts, Wellcentive

2014 Inpatient Product, ONC-ACB Certification ID: 140168R00 – Rcopia 3, Certification Date: 07/03/2014 | ONC-ACB Certification ID: 160042R00 – Rcopia 4, Certification Date: 09/07/2016

Certification Criteria Met: Drug-Formulary Checks, Electronic Prescribing, Automated Measure Calculation, Safety-Enhanced Design, Quality Management System

Additional software relied upon for certification: Surescripts

2015 Certified Products, ONC-ACB Certification ID: 170022R00 – Rcopia 3, Certification Date: 07/05/2017 | ONC-ACB Certification ID: – Rcopia 4, Certification Date: 12/27/2017

Certification Criteria Met: Computerized Provider Order Entry, Drug-Drug, Drug-Allergy Interaction Checks, Problem List, Medication List, Medication Allergy List, Drug-Formulary Checks, Electronic Prescribing, Authentication Access Control and Authorization, Auditable Events and Tamper-Resistances, Audit Report(s), Amendments, Automatic Log-Off, Emergency Access, End-User Device Encryption, Integrity, Automated Measure Calculation, Safety-Enhanced Design, Quality Management System, Accessibility-Centered Design.


There are no known limitations that a user may encounter in the course of implementing and using this Modular EHR’s capabilities, whether to meet meaningful use objectives and measures or to achieve any other use within the scope of the health IT’s certification.