MedText Privacy Policy

Your privacy is very important to us, and we created this Privacy Policy (“Policy”) to demonstrate our firm commitment to privacy and security. This Privacy Policy describes how Medtext collects information from all end users of our Internet services (the “Services”), including those who access some of our Services but do not have accounts (“Visitors”) and those who may purchase Products and/or pay a monthly service fee to subscribe to the Service (“Members”). This Policy also explains what we do with the information we collect, and the choices Visitors and Members have concerning the collection and use of such information and the rights of any Member’s patients to access their Protected Health Information under relevant Federal cybersecurity and privacy laws. We request that you read this Privacy Policy carefully and please contact us should you have any questions.

Personal Information MedText Collects and How It Is Used


Members may be asked to provide certain personal information when they sign up for our Products or Services including name, address, telephone number, billing information (such as a credit card number), and the type of personal computer being used to access the Services. The personal information collected from Members during the registration process (or at any other time) is used primarily to provide a customized experience as you use our Products and Services. Your information will never be licensed or sold to any third party. However, we may make limited disclosure of personal information under the specific circumstances described in the “Disclosure” section below.


The MedText technology is designed to facilitate referrals from one Healthcare Provider (and/or their staff) to another Healthcare Provider (and/or their staff). Under no circumstances will health information about your patients be shared with another Healthcare Provider (and/or their staff), unless it is in support of a referral that you have made and in that case, health information will only be shared with the healthcare providers that you designate. Those healthcare providers, in accordance with the HIPAA guidelines have the ability to share that information with their various staff members and/or designees. In addition, there are situations where the law permits or requires us to use and disclose your patients’ health information without your authorization. Such situations are described below.

There are situations where MedText may use and/or disclose your patients’ health information without first obtaining your written authorization for purposes other than for treatment or health care operations. Except for the specific situations where the law requires us to use and disclose information (such as reports of births to the health department or reports of abuse or neglect to social services), we have listed all these permitted uses and disclosures in this section.

Specifically, we may use and disclose your patients’ protected health information as follows:

  • Companies who work on our behalf: We contract with other companies to perform business support functions on our behalf, which may involve limited access to your personal information. We require these companies to use the information only to provide the contracted services; they are prohibited from transferring the information to another party except as needed to provide those services. Some examples of these business support functions include order fulfillment, coupon fulfillment, award and rebate fulfillments, customer survey execution and information systems management. We also may make aggregate non-personal information available to select service providers.
  • Subsidiaries and joint ventures: A subsidiary or a joint venture is an organization in which we own at least a 50% interest. If MedText shares your information with a subsidiary or joint venture partner, MedText will require that they not transfer your information to another party for marketing purposes or use your information contrary to your expressed choices. If you have indicated that you do not want to receive any marketing information from MedText, we will not share your information with our subsidiary or joint venture partner for their marketing purposes.
  • Co-branded and Partner Pages: MedText may share information with partner companies who jointly present special offers or promotions on co-branded pages within our site. You will be notified of this sharing when you are asked to furnish personal data on such a page. The partner’s use of any information you submit will be governed by the partner’s own privacy notice, which you can review before submitting your information.
  • Business Transfers: MedText reserves the right to transfer your personal information in connection with the sale or transfer of all or a portion of our business or assets. If the business is sold or transferred, MedText will give you an opportunity to tell us not to transfer your personal information. In some cases, this may mean that the new organization will not be able to continue providing to you the services or products that MedText provided.
  • For Public Health Activities. We may use or disclose health information to a public health authority that is authorized by law to collect or receive information in order to report, among other things, communicable diseases and child abuse, or to the F.D.A. to report medical device or product related events. In certain limited situations, MedText may also disclose health information to notify a person exposed to a communicable disease.
  • For Health Oversight Activities. MedText may disclose health information to a health oversight agency that includes, among others, an agency of the federal or state government that is authorized by law to monitor the health care system.
  • For Law Enforcement Activities. MedText may disclose limited health information in response to law enforcement official’s request for information to identify or locate a victim, a suspect, a fugitive, a material witness or a missing person (including individuals who have died) or for reporting a crime that has occurred on our premises or that may have caused a need for emergency services.
  • For Judicial and Administrative Proceedings. MedText may disclose health information in response to a subpoena or order of a court or administrative tribunal.
  • To Coroners, Medical Examiners, and Funeral Directors. MedText may release health information to a coroner or medical examiner to identify a deceased person or to determine the cause of death.
  • For Purposes of Organ Donation. MedText may disclose health information to an organ procurement organization or other facility that participates in the procurement, banking or transplantation of organs or tissues.
  • For Purposes of Research. MedText may conduct and/or participate in medical, social, psychological and other types of research. Most research projects are subject to a special approval process to evaluate the proposed research project and its use of health information before MedText use or disclose health information. In certain circumstances, however, we may disclose health information to people preparing to conduct a research project to help them determine whether a research project can be carried out or will be useful, so long as the health information they review does not leave our premises.
  • To Avoid Harm to a Person or for Public Safety. MedText may use and disclose health information if we believe that the disclosure is necessary to prevent or lessen a serious threat or harm to the public or the health or safety of another person.
  • For Specialized Government Functions. MedText may use and disclose health information of certain military individuals, for specific governmental security needs, or as needed by correctional institutions.
  • For Workers’ Compensation Purposes. MedText may disclose your health information to comply with the workers’ compensation laws or other similar programs.
  • For Appointment Reminders and to Inform You of Health Related Products or Services. MedText may use or disclose your health information to contact you for medical appointments or other scheduled services, or to provide you with information about treatment alternatives or other health-related products and services.
All Other Uses and Disclosures Require Your Prior Written Authorization

For situations not generally described in our Policy, MedText will ask for your written authorization before we use or disclose your patients’ health information. You may revoke that authorization, in writing, at any time to stop future disclosures of your patients’ information. Information previously disclosed, however, will not be requested to be returned nor will your revocation affect any action that we have already taken. In addition, if we collected the information in connection with a research study, we are permitted to use and disclose that information to the extent it is necessary to protect the integrity of the research study.

Responses to Email Inquiries

When Visitors or Members send email inquiries to MedText, the return email address is used to answer the email inquiry we receive. MedText does not use the return email address for any other purpose and does not share the return email address with any third party.

Voluntary Customer Surveys

MedText may periodically conduct both business and individual customer surveys. We encourage our customers to participate in these surveys because they provide us with important information that helps us to improve the types of products and services we offer and how we provide them to you. Your personal information and responses will remain strictly confidential, even if the survey is conducted by a third party. Participation in our customer surveys is voluntary. Information about how to opt-out of surveys will be contained in survey communications.

We may take the information we receive from individuals responding to our customer surveys and combine (or aggregate) it with the responses of other customers we may have, to create broader, generic responses to the survey questions (such as gender, age, residence, hobbies, education, employment, industry sector, or other demographic information). We then use the aggregated information to improve the quality of our services to you, and to develop new services and products. This aggregated, non-personally identifying information may be shared with third parties.

Automatic Collection of Information

Cookies: MedText may use “Cookies” to collect information. Cookies are small pieces of information stored by your browser on your computer’s hard drive, at a web site’s request. MedText Cookies do not contain any personal information, but are used primarily as follows:

  • to keep track of temporary information. For example, Cookies allow us to keep track of the pictures you upload and download;
  • to register you in special programs. Cookies allow us to remember you when you login to the places on our site that require Membership;
  • to remember your country and language preferences;
  • to help us understand the size of our audience and traffic patterns;
  • to collect and record information about what you viewed on our Web site and what you viewed in our e-mail;
  • to manage and present site information and the pictures displayed on your computer, and
  • to deliver information specific to your interests.

Web Beacons We may also place small “tracker gifs” or “beacons” on many of the pages on our website, in online advertising with third parties, and in our email. We use these beacons, in connection with Cookies, to collect non-personal data on the usage of our site including but not limited to the date and time of the visit, the pages visited, the referring web page, the type of browser (e.g., Internet Explorer, Firefox, etc), the type of operating system (e.g., Windows, Linux, or OSX), and the domain name of the visitor’s Internet service provider (e.g., AOL). This information is collected about thousands of site visits and analyzed as a whole. This information is useful in, for example, tracking the performance of our online advertising such as online banner ads and to determine where to place future advertising on other web sites.

Disabling Cookies and Beacons: If you are uncomfortable with the collection of such information through the use of Cookies and Beacons, we recommend disabling these features through your browser preferences, though please understand this will limit the performance and functionality of MedText’s Web site. Your browser documentation should provide specific procedures for disabling cookie and beacon support.

Health Data Privacy

Assuring that confidential health information is used, disclosed, protected, and transmitted in conformity with the Administrative Simplification components of the Health Insurance Portability and Accountability Act of 1996, 45 CFR Parts 160, 162, and 164, and the Health Information Technology for Economic and Clinical Health Act (collectively “HIPAA”) is of paramount importance to MedText. Protected health information (“PHI”), as defined by HIPAA, is stored by the MedText in a manner that conforms with the HIPAA Security Rule. Individual customers that are also Covered Entities, as defined by HIPAA, are responsible for the disclosure of PHI transmitted via SMS text messaging or uploading to the MedText’s system. MedText is not responsible for any disclosure of PHI in transit as MedText has no control over the Customer’s service provider. MedText’s only obligation related to PHI is for PHI stored by MedText. To the extent that MedText stores PHI that has been uploaded by a Customer, MedText acknowledges its obligation as a Business Associate of the Customer, as defined by HIPAA. MedText and Customer shall enter into the MedText’s Business Associate Agreement upon request of the Customer.

Child Privacy

Protecting the online privacy of children is especially important, and those under the age of 13 are protected by federal law. For that reason, MedText does not knowingly permit children under the age of 13 to become registered members of our sites, without verifiable parental consent. MedText does not knowingly collect or solicit personal information about children under 13, except with their parent’s express consent.

If we ever include children under the age of 13 as part of our intended site audience, those specific web pages will, in accordance with the provisions of the Children’s Online Privacy Protection Act (“COPPA”), be clearly identified and provide an explicit privacy notice; and we will provide processes to obtain parental approval, provide access to information and allow parents to request removal of their children’s personal information. MedText encourages parents and guardians to spend time with their children online and to participate in their interactive activities and interests.

Public Forums

Some parts of our site may enable you to participate in public services such as discussion boards, chats, and live events. Please use discretion when posting personal information about yourself when using these services. Be aware that when you disclose personal information at these sites, such as your name, member name, email address, etc., the information may be collected and used by others to send unsolicited email. The services are open to the public, and what you post there can be seen by anyone and is not protected. MedText cannot control the comments that you may receive while you participate in these services. You may find other people’s comments to be offensive, harmful or inaccurate.

MedText’s Commitment to Data Security

We implement a variety of administrative, managerial, and technical security measures to help protect your personal information. MedText has various internal control standards which relate specifically to the handling of personal information. These include certain controls to help safeguard the information we collect online. Our employees are trained to understand and comply with these controls and we communicate our Policy, practices and guidelines to our employees. However, while we strive to protect your personal information, you must also take steps to protect your information. We urge you to take every precaution to protect your personal information while you are on the Internet.

Services and Web sites we sponsor have security measures in place to protect the loss, misuse, and alteration of the information under our control. While we make every effort to ensure the integrity and security of our network and systems, we cannot guarantee that our security measures will prevent third-party “hackers” from illegally obtaining this information.

Where to Direct Questions About Our Privacy Policy

If you have any questions about this Privacy Policy or the practices described herein, you may contact us by email at

Accounting of E-Health Records for Treatment, Payment, and Health

Starting January 1, 2014, HITECH will require MedText to provide an accounting of disclosures through an e-health record to carry out treatment, payment, and health care operations. This new accounting requirement is limited to disclosures within the three-year period prior to the individual’s request.

MedText must either: (1) provide an individual with an accounting of such disclosures it made and all of its business associates disclosures; or (2) provide an individual with an accounting of the disclosures made by MedText and a list of business associates, including their contact information, who will be responsible for providing an accounting of such disclosures upon request.

Obtaining a Copy of Our Privacy Policy

We provide you with this Policy to explain and inform you of our Privacy Practices, and this Policy is available on the MedText website. Even if you have requested this Policy electronically, you may request a paper copy at any time.

Revisions to This Policy

MedText reserves the right to revise, amend, or modify this policy, our Terms of Service agreement, and our other policies and agreements at any time and in any manner, by updating this posting.

last revision on October 2, 2018