Terms and Conditions of Use and User Consent
Last Modified: November 8, 2022
Current Health provides a remote patient monitoring system utilizing advanced wearable devices and integrated peripheral monitoring devices (the “System”), the Current Health mobile and web App (the “App”) and a home health dashboard and related services that allow healthcare professionals to monitor their patients’ health outside a clinical environment (together with the System and the App, the “Platform”).
THE PLATFORM IS NOT INTENDED TO BE A SUBSTITUTE FOR PROFESSIONAL MEDICAL ADVICE, DIAGNOSIS, AND TREATMENT.
IF YOU THINK YOU MAY HAVE A MEDICAL EMERGENCY, CALL YOUR PHYSICIAN OR 911 (IN THE U.S.) OR 999 (IN THE U.K.) IMMEDIATELY.
ALWAYS SEEK THE ADVICE OF A PHYSICIAN OR OTHER QUALIFIED HEALTH PROVIDER WITH ANY QUESTIONS YOU MAY HAVE REGARDING MEDICAL CONDITIONS OR SYMPTOMS. NEVER DISREGARD PROFESSIONAL MEDICAL ADVICE OR DELAY IN SEEKING IT BECAUSE OF SOMETHING YOU HAVE READ ON THE SITE OR INFORMATION YOU RECEIVE IN CONNECTION WITH YOUR USE OF THE PLATFORM.
If you are or should in the future become dissatisfied with the Current Health Platform, your sole and exclusive remedy is to discontinue using it.
1. Ownership of Platform; Permission to Use.
The Current Health Platform is owned by Current Health. We grant you permission to use the Platform for your personal information and non-commercial purposes to enable your healthcare provider to monitor and treat your medical conditions outside of a clinical environment.
You may not interfere with the Platform or try to access it using a method other than the instructions Current Health provides. You may not, nor may you permit any other person to, modify, reverse engineer, disassemble, decompile or otherwise derive or attempt to derive source code from the Services or any component of them. You may not combine any aspect of the Platform into another program or create or attempt to create derivative works based on the Platform. You may not copy, modify, distribute, sell, or lease any component of the Platform.
Your use of the Platform does not give you ownership of any intellectual property rights in or to the Platform, the App, or the System.
2. Medical Care Disclaimer
The Current Health wearable device has been approved by the U.S. Food and Drug Administration as a Class 1 medical device.
The Platform is not intended to be a substitute for professional medical advice, diagnosis, and treatment. Current Health does not recommend or endorse any specific product, services, or healthcare providers.
Always seek the advice of a physician or other qualified health provider with any questions you may have regarding medical conditions or symptoms. Never disregard professional medical advice or delay in seeking it because of something you have read on the Site or information you receive in connection with your use of the Platform. If you think you may have a medical emergency, call your physician or 911 (in the U.S.) or 999 (in the U.K.) immediately.
3. Consent and Authorization for Current Health to Collect, Use, Store, and Disclose Your Information
The Current Health Platform is a remote patient monitoring platform used by your healthcare provider to monitor and manage patients at home or other non-clinical settings. The Platform utilizes advanced wearable devices to provide continuous wireless monitoring of core patient vitals, including real-time reporting and alerts regarding patient status, and analysis and insights into patient condition. The components of the Platform consist of wearables, integrated third-party devices, an analytics engine, and hosted software applications that analyze and display information regarding your medical condition to your healthcare provider.
The Platform collects and stores personal information about you including, without limitation, data about medical conditions that can be identified as yours, otherwise known as “protected health information” or “personally identifiable information” (collectively, “PII”).
The confidentiality and security of PII is protected in the United States by the Health Insurance Portability and Accountability Act (HIPAA) and applicable state privacy laws, and your healthcare provider is designated a “Covered Entity” and Current Health is designated a “Business Associate” of your provider. The confidentiality and security of PII is protected in the United Kingdom by the Data Protection Act 2018 (DPA) and Arts. 6 & 9 of the UK General Data Protection Regulation (UK GDPR), and your healthcare provider is designated a “Data Collector” and Current Health is designated a “Data Processor.”
These laws generally require Current Health to:
- safeguard the confidentiality of your PII and not to disclose it except to you, your personal representative (e.g., your guardian or someone you authorize to make medical decisions for you), healthcare professionals involved in providing medical care to you, or third parties you specifically authorize to have access to your PII;
- notify you of the types of PII we collect and why, who we may disclose it to, and how long your healthcare provider has directed us to store or retain it; and
- allow you to “opt out” of your healthcare provider’s retention of the information or from receiving surveys or questionnaires relating to your health, treatment, or use of the Current Health Platform.
You can find more information about your privacy rights under HIPAA at: https://www.hhs.gov/hipaa/for-individuals/guidance-materials-for-consumers/index.html and under UK GDPR: https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/
- to provide you or your healthcare provider with information concerning medical conditions you may have and treatment options;
- to notify third parties to provide services to you specified by your healthcare provider (e.g., taking blood or other samples from you in your home);
- to improve the Platform by adding your medical data to the database that supports the Artificial Intelligence underlying the Platform and refining diagnostic algorithms or other commercial purposes;
- on a de-identified basis, for medical research, studies, or publications by Current Health or third parties.
YOU MAY REVOKE YOUR CONSENT AND AUTHORIZATION FOR CURRENT HEALTH TO COLLECT, PROCESS, USE, DISCLOSE, AND/OR STORE YOUR PII AT ANY TIME AND FOR ANY REASON (OR FOR NO REASON) EITHER BY NOTIFYING YOUR HEALTHCARE PROVIDER DIRECTLY, OR BY NOTIFYING CURRENT HEALTH AS PROVIDED IN SECTION 8 (How to Contact Us) BELOW. A revocation of authorization will not affect any actions taken by Current Health in reliance on your consent and authorization before notification of the revocation.
4. Privacy and Security
It is your responsibility, however, to ensure that your personal device used to access the Platform is adequately secured and protected against malicious software or use by unauthorized persons.
5. Warranty Disclaimer; Limitation of Liability
CURRENT HEALTH PROVIDES THE PLATFORM ON AN “AS IS” AND “AS AVAILABLE” BASIS.
Current Health will take reasonable care to ensure that the information and content available from the Platform is accurate, complete, up to date, continuously available, and does not infringe any third-party rights. However, we cannot guarantee that this is always the case.
CURRENT HEALTH EXPRESSLY DISCLAIMS ANY AND ALL WARRANTIES CONCERNING THE PLATFORM AND ITS USE BY YOU, WHETHER EXPRESS OR IMPLIED, STATUTORY, OR OTHERWISE INCLUDING, WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, TITLE, NON-INFRINGEMENT, FITNESS FOR ANY PARTICULAR USE OR PURPOSE, WARRANTIES OF PERFORMANCE, ANY WARRANTY THAT MIGHT OTHERWISE ARISE FROM COURSE OF DEALING OR USAGE OF TRADE.
Under no circumstances shall Current Health be liable for any incidental, indirect, direct, punitive, special, or consequential damages for claims for personal injury or wrongful death caused by use or misuse of the Platform, for loss or interruption of reputation, business, business opportunity, profits, anticipated savings, or goodwill; for delayed, intercepted, or lost data that may arise from your use of the Platform, unauthorized access to your personal information submitted to the Platform; or for any actions we may take or fail to take as a result of communications you send to us. This limitation applies irrespective of the basis for the claim for liability (i.e., whether based on contract, tort, strict liability, or otherwise). If a jurisdiction does not permit such a limitation of liability or exclusion of claims, this limitation of liability shall be to the maximum extent permitted by law.
IN ALL CASES, CURRENT HEALTH SHALL NOT BE LIABLE FOR ANY LOSS OR DAMAGE THAT WAS NOT REASONABLY FORESEEABLE BY US.
TO THE MAXIMUM EXTENT PERMITTED BY LAW, THE TOTAL LIABILITY OF CURRENT HEALTH FOR ANY CLAIMS ARISING OUT OF OR RELATING TO USE OF THE WEBSITES OR THE SERVICES, INCLUDING FOR ANY IMPLIED WARRANTIES THAT MAY BE LEGALLY ENFORCEABLE, SHALL BE LIMITED TO $1,000.
Current Health does not represent, warrant, or guarantee that your use of the Platform will be free from the unavailability of information, downtime, service disruptions, viruses or worms, or other mechanisms that may attack your phone or another electronic device. You acknowledge that you are responsible for protecting your phone or device from any such intrusions.
6. Governing Law
8. How to Contact Us
- via email at: [email protected]
- via post (for U.S. users) at: Current Health Inc., Attn: Privacy Officer, 294 Washington Street, Suite 510, Boston, MA, 02108, USA
- via post (for U.K. users) at: Current Health Limited, Attn: Privacy Officer, The Stamp Office, Level 3, 10 Waterloo Place, Edinburgh, EH1 3EG, UK
Current Health Privacy Statement
Last Modified: November 8, 2022
This Privacy Statement describes how Current Health Inc. (in the U.S) and Current Health Limited (in the U.K.) and their affiliates (collectively, “Current Health”) may collect, use, transfer, and/or store “PII”, i.e., data that can be used to identify or to contact a specific individual. The Statement applies to the Current Health mobile application (the “App”) and the services available via the Current Health App and to preconfigured tablets or similar devices (collectively, the “System”). The App and the System are referred to collectively in this Statement as the “Current Health Platform” or the “Platform.”
The Privacy Statement may be updated without prior notice to you to reflect changes in our information practices, so please review it periodically.
If you have any questions or comments relating to this Privacy Statement or to the ways that Current Health uses the information we collect from the Current Health Platform, please contact us using the methods outlined in the How to Contact Us section at the end of this statement.
1. Collection and Use of your Personally-Identifiable Information (PII).
A. Personal Information About You Received from Your Healthcare Provider. You cannot use the Current Health Platform unless this has been pre-arranged by your healthcare provider, who will provide Current Health with some or all of the following PII about you:
- your name
- your date of birth
- your residence postal address
- your email address
- your telephone number(s)
- information regarding your medical condition
If your healthcare provider includes information regarding your medical condition, in the U.S., it is also Protected Health Information or “PHI” and is protected by the Health Information Portability and Administrability Act (“HIPAA”) in the U.S.
Certain aspects of the above-listed PII may be designated as “sensitive” information under data privacy laws in certain jurisdictions. Current Health will adopt additional measures as required by such laws for the processing of PII, including sensitive information. By providing us with your sensitive personal information, you consent to Current Health collecting, processing, using, or storing.
We use your personal information to pre-configure the patient “kit” of devices and other materials from the Current Health Platform for your specific medical conditions and to deliver the kit to you. We also may use this information to send you surveys or other questionnaires about your views on the Current Health Platform and how we could improve it.
B. Your Health Information. The Current Health Platform currently is configured to collect the following PII about you:
PII collected on a continuous basis:
- pulse rate
- respiration rate
- oxygen saturation
PII collected on an intermittent basis:
- blood pressure
- lung function and spirometry
PII collected from third party peripheral device:
- blood glucose levels
Your healthcare provider has determined which of this PII the Current Health Platform will collect about you and how long Current Health is required to store (retain) your PII. In most cases, healthcare providers require us to store your PII until six years after a provider stops using the Platform.
The Current Health Platform will use the PII collected about you to provide continuous real-time monitoring of your medical status to your healthcare provider as well as alerts when the PII collected indicates that your medical status has fallen outside, or is likely to fall outside, parameters set by your provider. The PII collected and any alerts will be identified as your personal health information and may be sent directly to your provider or to an alert monitoring firm engaged by Current Health that can contact you to ask questions about your situation, which may then be referred to your provider. In all cases, all decisions about your medical treatment based in whole or in part on PII about you provided by the Current Health Platform will be made by your healthcare provider.
In addition to monitoring your health and medical conditions and prescribing tests or treatment, your healthcare provider may, but is not so required, to use the PII collected by the Current Health Platform to send you wellness coaching, to suggest that you make an appointment with or otherwise contact one of their physicians or other medical personnel, or to remind you about scheduled appointments.
Current Health also uses your PII to develop or improve ways that the Current Health Platform can predict when a patient’s vital signs indicate the worsening of a patient’s existing medical conditions or the onset of a new medical condition, and to otherwise develop and improve biomarker monitoring, health monitoring, disease detection, disease prediction, health risk stratification and prediction of disease evolution and therapy response, the ability to identify illness earlier, and the conduct of post market surveillance to enable Current Health to improve patient safety (collectively, “Authorized Purposes”).
Current Health will not sell or disclose your PII to a third party.
C. Account Information. When you sign in to the Current Health app, you will set up either biometric on PIN based authentication to protect your account and information. We may use your information to ask for your opinions about the Current Health Platform.
Current Health utilizes third party cloud hosting providers and third party analytics providers to collect information and to prepare reports about how patients access and use the Current Health App, such as mobile location and mobile device type. Current Health uses this information to improve the Current Health Platform. These service providers may have access to your PII if required to perform their functions for us, but they are contractually obligated to maintain the confidentiality and security of all PII and are not authorized by us to use or disclose any PII except as necessary to perform services on our behalf or to comply with legal requirements.
3. Use of Data that Cannot Be Identified as Yours. The Current Health App does not collect or use data that, on its own, permit direct association with a specific individual. The App does not collect, use, transfer, or disclose information about your location when you are using the App, and the App does not utilize “cookies” (a file sent to your smartphone, tablet, or web browser to obtain non-PII when you are using the App).
Current Health may “de-identify” your PII by removing your name and other personal identifiers such that the PII can no longer be identified as yours and does not allow someone to determine your identity. This “de-identified data” also may be combined with other patients’ de-identified data to become “aggregated data” that Current Health uses for Authorized Purposes and to examine the habits, needs, health patterns, usage patterns, and demographics of patients as a group. Current Health also may use de-identified data and aggregated data for scientific or other publications or provide to third parties for their research and development purposes. The rights provided to Current Health in this paragraph will be limited to those set forth in the Business Associate Agreement, if applicable, between Current Health and the organization that employs or contracts with your healthcare provider.
4. How Current Health Protects Your PII. Current Health uses rigorous security measures to protect the confidentiality of your PII including, without limitation, sign in methods to restrict access to your account, using activation codes, and tracking activity in your account. The security of the Current Health Platform relies on your not sharing or disclosing your login information with anyone that you do not want to have access to your PII. If you believe the confidentiality of your login information has been compromised, you should change your PIN and notify Current Health promptly.
While no party that maintains a mobile app or a website can guarantee security and no mobile or internet transmission is ever completely secure or error-free, Current Health does utilize administrative, technical, and physical safeguards, consistent with applicable laws, that are designed to ensure the integrity of our systems and to protect patients’ PII that we have collected against unauthorized access, disclosure, or use. These safeguards include, without limitation, using information technology safeguards such as firewalls and multi-factor identification, encrypting all PII that is stored by us and hosting it in a cloud environment, and employee security training. We periodically review and update our collection, processing, and storage practices with respect to PII, including physical security measures, and implement any changes necessary to guard against unauthorized access, disclosure, or use to your PII.
5. Where and How Long Current Health Retains YourPII. Information including, without limitation, your PII, collected by the Current Health Platform from persons in the United States is stored in an encrypted format in a cloud-hosted environment in the United States and from persons in the United Kingdom is stored in an encrypted environment in Ireland. We do not transfer, transport, or store PII collected from U.S. patients outside the U.S., and we do not transfer, transport, or store PII collected from U.K. patients outside the U.K.
Your healthcare provider has contracted with Current Health to arrange for your use of the Current Health Platform. Our agreement with your provider specifies how long Current Health is required to store or retain your PII. Most healthcare providers require Current Health to store or retain your PII for the duration of our contractual relationship.
At this time, Current Health only contracts to provide the Current Health Platform to healthcare providers in the U.S. and in the U.K. If you are using any part of the Current Health Platform from outside the U.S. or the U.K. in connection with treatment by a healthcare provider located in the U.S or the U.K., be aware that any PII collected from you will be transported to and processed in the U.S. or the U.K. and will be stored or maintained by Current Health in the U.S. or the U.K. where the privacy laws may not be as protective as the jurisdiction where you reside. By using any portion of the Current Health Platform, you understand and consent to the transfer, storage, and processing of your PII in the U.S. or the U.K. and the use and disclosure of your PII as described in this Privacy Statement.
6. Other Important Privacy Information
A. Protection of the Privacy of Children. Current Health does not knowingly collect or use any PII from persons aged 13 or younger, and we do not knowingly allow persons aged 13 or younger to communicate with us or to use the Current Health Platform. If you are a parent or guardian and become aware that your child has provided us with any information, please contact us using the methods outlined in the How to Contact Us section at the end of this Statement, and we will work with you to address this issue.
Children’s Online Privacy Protection Act (COPPA). For U.S. users,this U.S. lawimposes certain requirementson operators of websites or online services directed to children under 13 years old and on operators of other websites or online services that have actual knowledge that they are collecting PII online from a person under 13 years old. If you are a parent or guardian and become aware that your child has provided us with any information, please contact us using the methods outlined in the How to Contact Us section at the end of this Statement, and we will work with you to address this issue.
B. California Consumer Privacy Act (CCPA). As noted above in this Privacy Statement, Current Health collects and may use or disclose your PII for Authorized Purposes, to send you a questionnaire or survey about your experience with the Current Health Platform and how we might improve the Platform, and to permit third parties to provide cloud-hosting and analytics services to Current Health (which may be considered a “sale” of PII under the CCPA). California residents have the right to make the following requests of Current Health up to twice in a 12-month period:
- a list of the specific types of PII Current Health has collected about you;
- disclosure of the types of PII the Current Health Platform collects, uses, discloses, or sells; and
- direction to opt out of a “sale” of your PII (as defined by the CCPA) by Current Health.
California residents may also ask their healthcare provider to direct Current Health to delete their PII from the Current Health Platform.
7. Your Privacy Rights with Respect to Your PII. U.S. and U.K. residents have the following rights with respect to their PII that we collect and store:
- to ask your healthcare provider to direct Current Health to delete the PII;
- to have your healthcare provider limit the ways Current Health uses your PII;
- to restrict Current Health’s use of your PII for marketing or survey purposes;
- to request through your healthcare provider that Current Health furnish you with a copy of your stored PII; and
- to submit a complaint with your data protection authority regarding your healthcare provider’s and/or Current Health’s collection, use, or storage of your PII.
You may contact Current Health using the methods outlined in the How to Contact Us section at the end of this Statement, and we will work with you to address this issue. U.K. residents may submit a complaint regarding your service provider’s and/or Current Health’s collection, processing, using, or storing your PII as noted in that section.
8. How to Contact Us. If you have any privacy questions or complaints, or to exercise any of your privacy rights including, without limitation, modifying or withdrawing your consent to Current Health collecting, processing, using, or storing your PII as outlined in this Privacy Statement, please contact us:
- via email at: [email protected]
- via mail (for U.S. users) at: Current Health Inc. Attn: Privacy Officer, 294 Washington Street, Suite 510, Boston, MA, 02108, USA
- via post (for U.K. users) at: Current Health Limited, Attn: Privacy Officer, The Stamp Office, Level 3, 10 Waterloo Place, Edinburgh, EH1 3EG
If U.K. users believe their privacy rights have been breached by either your healthcare provider or by Current Health, you may contact the Information Commissioner’s Office (ICO) at: https://ico.org.uk/make-a-complaint/