Sharing your personally identifiable information enables us to offer you a number of benefits. It will make it easier and more convenient for you to:
- Buy REKA products online.
- Seek consultation from Physician and Technician online.
- Authorize Physician and Technician to view your medical data.
- Register your purchase so you can receive all the benefits to which your purchase entitles you;
- Request information specific to your interests;
- Participate in online communities;
- Receive personalized messages and special offers that are relevant to your interests;
- Save time by storing your preferences;
It will also allow us to conduct market research to help us develop better products, to provide more responsive customer service, and to improve our websites.
You may choose to share your information with us in a number of ways online, such as completing an registration form to become a member of REKA Interest Groups, ordering a product, entering a contest, registering a purchase, participating in a promotion, or subscribing to a newsletter.
You can also share your personally identifiable information with us by communicating with one of our customer care representatives by e-mail, telephone, or in writing.
Sometimes REKA obtains your personal data from other parties outside REKA. This includes the buying of a business of which you already are a customer or the disclosure of your personal data by one of our partner companies.
If you do not want us to use your personal data which you have not provided to us yourself, you can let us know by contacting us at the address listed below.Sharing information
We want to know you better so we can serve you better. But the choice of whether you want this kind of service is up to you.
Some of our Web Sites will send a "cookie", a small text file, to your computer. This allows us to recognize your computer the next time you visit, without bothering you with another request to register. And, if you use an online "shopping cart", cookies allow us to keep track of the products you purchase. If you do not wish to receive cookies, please refer to the "Help" file of your Internet Browser to learn how to either block all cookies or receive a warning before a cookie is stored.
If you visit our Web Sites to browse, read, or download information, we collect and store some "visitor information" from you, such as the name of the domain and host from which you access the Internet, the Internet Protocol (IP) address of the computer you are using, the date and time you access our Web Site, and the Internet address of the website from which you linked directly to our Web Site. We use this information to measure the traffic on our Web Sites and to help us make our Web Sites more useful. We delete this information after some time.Safeguarding the information you share with us
We recognize our responsibility to protect the information you entrust to us. REKA uses a variety of secure techniques to protect your information, including secure servers, firewalls, and encryption of financial data. REKA websites also may make chat rooms, forums, message boards and/or newsgroups available to you. Please remember that any personally identifiable information you provide in these areas is also available to other users, and you should exercise caution before deciding to disclose it.Your rights
Once you have provided us with your personally identifiable information, you will have reasonable access to that information so you can change or delete it. You may do this by accessing your online profile, or by requesting a copy of your profile at the contact address listed below.
Because REKA sells thousands of products in hundreds of countries, you may have previously provided us with personally identifiable information through reply cards, our call centers, or in some other manner. Your decision not to register now will not affect the information you have already provided to REKA. Of course, you will always have the option to unsubscribe to any online contact from REKA or change your personal profile information.Special information for parents
While REKA Web Sites are generally not targeted at children under the age of thirteen, it is REKA policy to comply with the law when it requires that a parent's or guardian's permission is secured before knowingly collecting, using, or disclosing personal information from children under the age of thirteen.
We strongly recommend that parents take an active role in supervising the online activity of their children.Patient Health Information and Data
REKA Health ensures all PHI is kept in the strictest of confidence and all patient data are kept secured and protected. REKA Health has implemented stringent measures protecting patient health information and data. In addition, the REKA Cloud is encrypted and protects from unwanted guests.
When patients upload data to our cloud, the information being transmitted uses secure socket layer or SSL. This data is only readable from the REKA Health cloud portal during secure login.
The REKA Health cloud ensures web security with a GeoTrustTM BusinessID SSL certificate. The GeoTrustTM True BusinessID Wildcard certification guarantees a high grade of encryption and authentication. The True Site Seal displayed on our website verifies that the strictest verification process has taken place. This guarantees our patients, doctors and medical administrators get a full suite of security and are not in danger of being compromised.REKA Health Cloud Security Features
The REKA Health Cloud makes use of SQL with encrypted passwords. In order to recover a password, the user needs to reset it with the security question asked during the first login.
SSL Certification for the REKA Health Cloud and web services securely processes sensitive information. All information is encrypted and fully secured. It utilizes True Business Wildcard certification with 256-bit encryption and 2048 bit RSA key, ensuring the level of security is not compromise.
Sessions are limited to 20 minutes of inactivity before they are terminated, reducing the risk that an unattended computer permits unauthorized access to the data. Additionally, the application makes use of a server-side store for user session data. This reduces the risk of data stored within the session.
Business Associates Agreement ensures all partners and businesses associates agree to protect and ensure confidentiality at all time.
Secure cloud hosting and protection by Firehosttm make certain the reliability of the administrative aspects of compliance and great patient care via cloud service.HIPAA Compliance 2013 Omnibus Ruling
Title II of HIPAA defines policies, procedures and guidelines for maintaining the privacy and security of individually identifiable health information as well as outlining numerous offenses relating to health care and sets civil and criminal penalties for violations. Title II requires the Department of Health and Human Services (HHS) to draft rules aimed at increasing the efficiency of the health care system by creating standards for the use and dissemination of health care information.
These rules apply to "covered entities" as defined by HIPAA and the HHS. Covered entities include health plans, health care clearinghouses, such as billing services and community health information systems, and health care providers that transmit health care data in a way that is regulated by HIPAA.
REKA Health has complied with the following to ensure HIPAA Compliance.
Administrative Safeguards – policies and procedures designed to clearly show how the entity will comply with the act
- Covered entities (entities that must comply with HIPAA requirements) must adopt a written set of privacy procedures and designate a privacy officer to be responsible for developing and implementing all required policies and procedures.
- The policies and procedures must reference management oversight and organizational buy-in to compliance with the documented security controls.
- The procedures must address access authorization, establishment, modification, and termination.
- Entities must show that an appropriate ongoing training program regarding the handling of PHI is provided to employees performing health plan administrative functions.
- Covered entities that out-source some of their business processes to a third party must ensure that their vendors also have a framework in place to comply with HIPAA requirements. Companies typically gain this assurance through clauses in the contracts stating that the vendor will meet the same data protection requirements that apply to the covered entity. Care must be taken to determine if the vendor further out-sources any data handling functions to other vendors and monitor whether appropriate contracts and controls are in place.
- A contingency plan should be in place for responding to emergencies. Covered entities are responsible for backing up their data and having disaster recovery procedures in place.
- Internal audits ensuring compliance with HIPAA. Policies and procedures should specifically document the scope, frequency, and procedures of audits. Audits should be both routine and event-based.
- Procedures should document instructions for addressing and responding to security breaches that are identified either during the audit or the normal course of operations.
Physical Safeguards – controlling physical access to protect against inappropriate access to protected data
- Controls must govern the introduction and removal of hardware and software from the network.
- Access to equipment containing health information should be carefully controlled and monitored.
- Access to hardware and software must be limited to properly authorized individuals.
- Required access controls consist of facility security plans, maintenance records, and visitor sign-in and escorts.
- Policies are required to address proper workstation use. Workstations should be removed from high traffic areas and monitor screens should not be in direct view of the public.
- If the covered entities utilize contractors or agents, they too must be fully trained on their physical access responsibilities.
Technical Safeguards – controlling access to computer systems and enabling covered entities to protect communications containing PHI transmitted electronically over open networks from being intercepted by anyone other than the intended recipient.
- Information systems housing PHI must be protected from intrusion. When information flows over open networks, some form of encryption must be utilized.
- Each covered entity is responsible for ensuring that the data within its systems has not been changed or erased in an unauthorized manner.
- Covered entities must also authenticate entities with which they communicate.
- Covered entities must make documentation of their HIPAA practices available to the government to determine compliance.
- Documented risk analysis and risk management programs are required. Covered entities must carefully consider the risks of their operations as they implement systems to comply with the act.
You may contact us through this contact form if you would like to:
- request a copy of your personal data, or change or delete your personal data;
- opt-out from receiving any future personalized offers or information from REKA.
Please address your requests to:
REKA HEALTH PTE LTD
2 International Business Park
#11-01/02 The Strategy
T +65 6777 1588
F +65 6779 5677
If you have a concern about our use of your personally identifiable information, please let us know and we will make all reasonable efforts to address it.