 |
|
|
|
|
|||||||||
|
|||||||||
BBK Worldwide's Privacy PolicyAt BBK Healthcare, Inc. d/b/a BBK Worldwide ("BBK"), we take personal privacy seriously. Except as otherwise stated in this Privacy Policy, we do not disclose, rent, or sell any personally identifiable information provided to us to anyone outside the clinical study for which it was collected or necessary to deliver the services or carry out the transactions you have requested. We use appropriate security measures to protect any personally identifiable information we transmit or store. We comply with applicable state, federal and international requirements for the protection of personally identifiable information, including the federal health information privacy rule in the United States known as HIPAA (the Health Insurance Portability and Accountability Act), our certification under the United States' Safe Harbor Principles for complying with the U.S.-EU Safe Harbor Framework and the U.S.-Swiss Safe Harbor Framework as set forth by the U.S. Department of Commerce, Canada's Personal Information and Electronic Documents Act (PIPEDA), and Australia's National Privacy Principles (NPPs) and Health Records Act. The following is our Privacy Policy (Policy) in detail.
This Policy applies to personally identifiable information. "Personally identifiable information" is any information that could be used to contact or locate the person to whom it relates (such as name, address, telephone number or any other identifying information), which may be combined with any health information about that person. Personally identifiable information does not include information that is collected anonymously, or information about groups of people rather than individuals, which we sometimes use to track clinical study patient enrollment, or to show demographic trends or geographic groupings.
Except as otherwise provided in this Policy, we will keep your personally identifiable information private and will not share it with third parties outside our controlled subsidiaries and affiliates unless such disclosure is necessary and permitted by applicable law to: (a) comply with legal process (such as a court order) or other legal requirements of any governmental authority; (b) protect our rights or property; (c) enforce any terms and conditions of use or agreements applicable to our Web site and that incorporate this Policy by reference, including any subscription agreements to which you may have agreed in connection with our Sponsor Resources or other services; (d) protect the interest of users of our Web site, other than you, or any other person; or (e) operate or conduct maintenance and repair of our services or equipment, as authorized by law. BBK is a marketing consulting firm for the clinical research and development segment of the pharmaceutical, biotechnology, and medical device industries, helping to accelerate time to market for new medicines and treatments. In order for you to access certain services that we may offer via our Web site or otherwise, we may require you to provide us with personally identifying information. We use personally identifiable information to deliver the services or carry out the transactions you have requested. We also use your personally identifiable information to communicate with you. We may send certain mandatory service communications, such as subscription-related communications. You may choose not to provide us with any personally identifiable information. In such an event, you can still access and use much of our Web site. You, however, will not be able to access and use those portions of the Web site that require your personally identifiable information. When we are called in by a study sponsor to help recruit patients for a clinical study, we may receive personally identifiable information given voluntarily by people who might be interested in participating in the study, and we may receive personally identifiable information from the clinical study sites about people who may enroll in the study. We use the personally identifiable information volunteered by a person interested in participating in the study to screen for likely study eligibility, to locate a convenient study site, to refer that person to a site for enrollment, and to conduct follow-up communications to ensure that the person has been contacted by the study site, received the information he or she requested, and to monitor the quality of the contact with potential clinical study participants. When we refer a person to a site for enrollment, we transmit to the site the personally identifiable information volunteered by the person to facilitate the person's enrollment. After a person has enrolled or not enrolled in the study (a person may not enroll, for example, if he or she chooses not to, or does not meet the study's eligibility criteria), we receive from the site certain personally identifiable information that we use to analyze the effectiveness of our enrollment marketing efforts, and to track study enrollment rates at study sites. When we analyze study enrollment information in reports we may prepare for a study sponsor, all personally identifiable information has been eliminated from such reports. If asked to do so, however, we may share personally identifiable information with government health officials overseeing the clinical study and/or with the study sponsor or the sponsor's agents. We may also use information about groups rather than individuals to track and analyze study enrollment for various studies, or to show demographic trends, geographic groupings, or other aggregate statistics. These aggregate statistics may be disclosed to parties outside the study, but no personally identifiable information is included in them. We do not share, rent or sell to anyone outside the study any personally identifiable information provided to us. Except as otherwise stated in this Policy, we do not use personally identifiable information for any purpose other than the purpose for which the information was originally supplied, or the purposes described in this Policy, unless we have obtained consent from the affected persons. Whenever a person visits our corporate Web site, www.bbkworldwide.com, our Web server automatically recognizes the visitor's domain name, but not the e-mail address. We collect, and may use for marketing purposes, the e-mail addresses of those who communicate with us by e-mail, aggregate information on what pages visitors access, and any other information volunteered by visitors such as survey or registration information. Notwithstanding the foregoing, we may transfer, sell or assign information concerning your use of this Web site – including, without limitation, personally identifiable information – to third parties, as a result of the sale, merger, consolidation, change in control, transfer of substantial assets, reorganization or liquidation of BBK.
Whenever a person interested in participating in a clinical study contacts a call center or Web site that has been set up for the study, any personally identifiable information is provided voluntarily. The exact language of the questions asked and the consent sought is generally reviewed and approved by an independent board or committee overseeing the research at each study site. Each of these boards or committees (known as an Institutional Review Board (IRB) in the United States, a Research Ethics Committee (REC) in the European Union and Canada, and an Institutional Ethics Committee (IEC) in Australia) is an independent body charged by government regulations with overseeing the study, including all recruitment efforts, in order to protect the welfare of the patients participating in the study. A person can choose at any time not to provide the information requested by a call center or Web site. Any partial or incomplete information we receive is promptly deleted. Important information about the clinical study (contained in what is known as an informed consent form) is reviewed with each patient during the enrollment process by a study professional at the study site. Each patient must read and sign this written information describing the study before enrolling. The written information describes possible health risks and possible benefits of participating in the study, as well as what personally identifiable information will be collected in the study and who is able to use or disclose any personally identifiable information. If we, as a representative of the study sponsor, are not described in this written information as the type of sponsor representative to whom personally identifiable information may be disclosed, we will not receive personally identifiable information from the study sites. Anyone can decline to participate in a study at any time. When a patient withdraws from a study after enrolling, no more personally identifiable information is collected. Any personally identifiable information collected prior to withdrawal, however, may not be deleted if it has been relied upon for purposes of completing the study's research.
Whenever we use a call center, mail house, or any other third party who may need to receive or handle personally identifiable information on our behalf, we require them to enter into a written non-disclosure agreement and agree not to use personally identifiable information for any purpose other than the purpose for which we retained them. We also require any third parties we retain to comply with all applicable state, federal, and international privacy requirements.
Whenever we store or transmit personally identifiable information, we use a number of security procedures to prevent unauthorized access or disclosure. Our Web site has security measures in place intended to protect the loss, misuse, and alteration of the information under our control. We will take reasonable steps to safeguard personally identifiable information we collect from unauthorized access or disclosure and accidental loss, alteration, or destruction. In connection with clinical studies, we use a Web-based communication and database tool called TrialCentralNetSM which serves as the repository for clinical study information, including any personally identifiable information we receive. For each study, we build a separate instance of the TrialCentralNetSM application. This ensures that any personally identifiable information received for a particular study is confined to its own single instance of the application. Any personally identifiable information transmitted to or from TrialCentralNetSM is encrypted using a 128-bit Web server certificate designed to prevent unauthorized entry or interception. At the user level, TrialCentralNetSM uses distinct user access levels so that access to clinical study information is limited and appropriate for the needs of different users including BBK staff, study sponsors, and study sites. In addition, TrialCentralNetSM access requires a unique username and password for every user to prevent unauthorized access. Sessions are also time limited in order to reduce the risk of unauthorized access if a user forgets to log out. The TrialCentralNetSM database and codebase are staged on in-house servers in a secure, limited access area at BBK allowing us to completely control the operating environment and physical security of study information. This also helps us implement immediate recovery procedures if necessary. All TrialCentralNetSM data is backed up on tape every workday evening. At the conclusion of the study, all personally identifiable information is removed from TrialCentralNetSM and disposed of according to the requirements of our contract with the study sponsor.
The Health Insurance Portability and Accountability Act (HIPAA) is the United States federal law that controls the use and disclosure of personally identifiable health information by health insurers and healthcare providers, called "covered entities" under the statute. We are not a covered entity under the statute and HIPAA does not apply to the personally identifiable information that a person interested in participating in a study has voluntarily provided to a call center or Web site we set up for a clinical study. HIPAA does apply to any personally identifiable information transmitted by a study site if the site is a covered entity under HIPAA. Our services are designed to help each study site comply with its HIPAA obligations.
Our company complies with the U.S.-EU Safe Harbor Framework and the U.S.-Swiss Safe Harbor Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries and Switzerland. Our company has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Safe Harbor program, and to view BBK Healthcare, Inc. (dba BBK Worldwide); TCN e-Systems, LLC's certification, please visit www.export.gov/safeharbor/.
If we experience a business transition that affects the way personally identifiable information is treated in any material way, such changes will be included in an updated version of this Policy posted in the same locations as the previous version of the Policy.
By using our Web site, you signify your assent to our Policy. If you do not agree with this Policy, please do not use our Web site. Your continued use of this Web site following posting of changes to these terms will mean you accept those changes.
Anyone wishing to review or change his or her own personally identifiable information should contact the privacy officer at BBK Healthcare, Inc., 320 Needham Street, Newton, MA 02464, +1.617.630.4477, inquiry@bbkworldwide.com by mail, telephone, or e-mail.
If you have a concern or complaint about our handling of your personally identifiable information, or if you believe our response to an inquiry has not been satisfactory, please contact our privacy officer at the address above. Our privacy officer will investigate and try to resolve in a timely manner any concern or complaint about our use or disclosure of your personally identifiable information in accordance with the principles contained in this Policy. For any concern or complaint that cannot be resolved in this way, we have agreed to cooperate with the American Arbitration Association to resolve any disputes relating this Policy. The American Arbitration Association can be contacted at www.adr.org or 1.800.778.7879.
If the way we treat personally identifiable information changes in any material way, such changes will be included in an updated version of this Policy posted in the same locations as the previous version of the Policy. We will only use personally identifiable information in accordance with the terms of the Policy under which it was collected. |
Corporate Headquarters 320 Needham Street Suite 150 Newton, Massachusetts 02464 United States t +1 617 630 4477 |
||||||||
