REKA Health: Mobile Health with High Compliance, Digital Cardiac Rhythm Monitoring Solution & Cardiac Health Insights

Font Size

SCREEN

Profile

Menu Style

Cpanel

Privacy

REKA believes strongly in protecting the privacy of the personally identifiable information you share with us. We also believe it is important to inform you about how we will use your personal data, and to give you choices about how those data will be used. Therefore, we encourage you to read this Privacy Policy carefully.

Scope of this Privacy Policy

In general, this Privacy Policy applies to all personal information of consumers collected or used by REKA HEALTH PTE LTD or its subsidiaries (REKA). This includes information from websites for commercial use that are owned by REKA HEALTH PTE LTD and offline collections of personal data for commercial use owned by REKA. However, some of our websites or data collections work with special kinds of data (for example, medical data) which require a somewhat different privacy policy. Whenever and wherever that is the case, REKA will make it clear that the privacy policy concerned is different from this general REKA Privacy Policy.

Why should you share your personal data with REKA?

Sharing your personally identifiable information enables us to offer you a number of benefits. It will make it easier and more convenient for you to:

  • Buy REKA products online.
  • Seek consultation from Physician and Technician online.
  • Authorize Physician and Technician to view your medical data.
  • Register your purchase so you can receive all the benefits to which your purchase entitles you;
  • Request information specific to your interests;
  • Participate in online communities;
  • Receive personalized messages and special offers that are relevant to your interests;
  • Save time by storing your preferences;

It will also allow us to conduct market research to help us develop better products, to provide more responsive customer service, and to improve our websites.

You may choose to share your information with us in a number of ways online, such as completing an registration form to become a member of REKA Interest Groups, ordering a product, entering a contest, registering a purchase, participating in a promotion, or subscribing to a newsletter.

You can also share your personally identifiable information with us by communicating with one of our customer care representatives by e-mail, telephone, or in writing.

Sometimes REKA obtains your personal data from other parties outside REKA. This includes the buying of a business of which you already are a customer or the disclosure of your personal data by one of our partner companies.

If you do not want us to use your personal data which you have not provided to us yourself, you can let us know by contacting us at the address listed below.

Sharing information

We want to know you better so we can serve you better. But the choice of whether you want this kind of service is up to you.

You should know that your personally identifiable information may be transferred from your home country to other REKA companies around the world, who may communicate with you about our products or special offers you may find useful. If you do not want us to send you personalized offers or information, you can let us know by checking the appropriate box on the registration form or reply card. REKA will only share your data with third parties outside REKA in the following circumstances: Sometimes REKA sells you a product or offers you a service in a joint marketing effort with other companies. In such cases, your personal data will be shared with these companies. We will always let you know that such relationship exists and who these companies are prior to your registration. Note that these companies often have their own privacy policies that apply to the way they use your personal data. These privacy policies sometimes differ from the REKA Privacy Policy. REKA sometimes uses outside companies for handling your purchase or request or for processing your data. REKA requires these companies to adequately safeguard your personal data and not use your data for any other purpose not authorized by REKA. REKA sometimes sells a business to another company. Such transfer of ownership could include the transfer of your personal data directly related to that business to the buyer. REKA will release personally identifiable information if compelled by law. REKA will not sell or provide your personal data to other third parties allowing them to use your personal data for their own purposes.

REKA will not share any personal financial information you provide (such as credit card information) with other parties unless this is needed to handle your order, process our invoice, or prevent or combat fraud. From time to time, this Web Site may provide links to other websites. You should carefully review the privacy policies on those sites; they may differ from the REKA Privacy Policy.

"Cookies" and website logging

Some of our Web Sites will send a "cookie", a small text file, to your computer. This allows us to recognize your computer the next time you visit, without bothering you with another request to register. And, if you use an online "shopping cart", cookies allow us to keep track of the products you purchase. If you do not wish to receive cookies, please refer to the "Help" file of your Internet Browser to learn how to either block all cookies or receive a warning before a cookie is stored.

If you visit our Web Sites to browse, read, or download information, we collect and store some "visitor information" from you, such as the name of the domain and host from which you access the Internet, the Internet Protocol (IP) address of the computer you are using, the date and time you access our Web Site, and the Internet address of the website from which you linked directly to our Web Site. We use this information to measure the traffic on our Web Sites and to help us make our Web Sites more useful. We delete this information after some time.

Safeguarding the information you share with us

We recognize our responsibility to protect the information you entrust to us. REKA uses a variety of secure techniques to protect your information, including secure servers, firewalls, and encryption of financial data. REKA websites also may make chat rooms, forums, message boards and/or newsgroups available to you. Please remember that any personally identifiable information you provide in these areas is also available to other users, and you should exercise caution before deciding to disclose it.

Your rights

Once you have provided us with your personally identifiable information, you will have reasonable access to that information so you can change or delete it. You may do this by accessing your online profile, or by requesting a copy of your profile at the contact address listed below.

Because REKA sells thousands of products in hundreds of countries, you may have previously provided us with personally identifiable information through reply cards, our call centers, or in some other manner. Your decision not to register now will not affect the information you have already provided to REKA. Of course, you will always have the option to unsubscribe to any online contact from REKA or change your personal profile information.

Special information for parents

While REKA Web Sites are generally not targeted at children under the age of thirteen, it is REKA policy to comply with the law when it requires that a parent's or guardian's permission is secured before knowingly collecting, using, or disclosing personal information from children under the age of thirteen.

We strongly recommend that parents take an active role in supervising the online activity of their children.

Patient Health Information and Data

REKA Health ensures all PHI is kept in the strictest of confidence and all patient data are kept secured and protected. REKA Health has implemented stringent measures protecting patient health information and data. In addition, the REKA Cloud is encrypted and protects from unwanted guests.

When patients upload data to our cloud, the information being transmitted uses secure socket layer or SSL. This data is only readable from the REKA Health cloud portal during secure login.

The REKA Health cloud ensures web security with a GeoTrustTM BusinessID SSL certificate. The GeoTrustTM True BusinessID Wildcard certification guarantees a high grade of encryption and authentication. The True Site Seal displayed on our website verifies that the strictest verification process has taken place. This guarantees our patients, doctors and medical administrators get a full suite of security and are not in danger of being compromised.

REKA Health Cloud Security Features

The REKA Health Cloud makes use of SQL with encrypted passwords. In order to recover a password, the user needs to reset it with the security question asked during the first login.

SSL Certification for the REKA Health Cloud and web services securely processes sensitive information. All information is encrypted and fully secured. It utilizes True Business Wildcard certification with 256-bit encryption and 2048 bit RSA key, ensuring the level of security is not compromise.

Sessions are limited to 20 minutes of inactivity before they are terminated, reducing the risk that an unattended computer permits unauthorized access to the data. Additionally, the application makes use of a server-side store for user session data. This reduces the risk of data stored within the session.

Business Associates Agreement ensures all partners and businesses associates agree to protect and ensure confidentiality at all time.

Secure cloud hosting and protection by Firehosttm make certain the reliability of the administrative aspects of compliance and great patient care via cloud service.

HIPAA Compliance 2013 Omnibus Ruling

Title II of HIPAA defines policies, procedures and guidelines for maintaining the privacy and security of individually identifiable health information as well as outlining numerous offenses relating to health care and sets civil and criminal penalties for violations. Title II requires the Department of Health and Human Services (HHS) to draft rules aimed at increasing the efficiency of the health care system by creating standards for the use and dissemination of health care information.

These rules apply to "covered entities" as defined by HIPAA and the HHS. Covered entities include health plans, health care clearinghouses, such as billing services and community health information systems, and health care providers that transmit health care data in a way that is regulated by HIPAA.

REKA Health has complied with the following to ensure HIPAA Compliance.

Administrative Safeguards – policies and procedures designed to clearly show how the entity will comply with the act

  • Covered entities (entities that must comply with HIPAA requirements) must adopt a written set of privacy procedures and designate a privacy officer to be responsible for developing and implementing all required policies and procedures.
  • The policies and procedures must reference management oversight and organizational buy-in to compliance with the documented security controls.
  • The procedures must address access authorization, establishment, modification, and termination.
  • Entities must show that an appropriate ongoing training program regarding the handling of PHI is provided to employees performing health plan administrative functions.
  • Covered entities that out-source some of their business processes to a third party must ensure that their vendors also have a framework in place to comply with HIPAA requirements. Companies typically gain this assurance through clauses in the contracts stating that the vendor will meet the same data protection requirements that apply to the covered entity. Care must be taken to determine if the vendor further out-sources any data handling functions to other vendors and monitor whether appropriate contracts and controls are in place.
  • A contingency plan should be in place for responding to emergencies. Covered entities are responsible for backing up their data and having disaster recovery procedures in place.
  • Internal audits ensuring compliance with HIPAA. Policies and procedures should specifically document the scope, frequency, and procedures of audits. Audits should be both routine and event-based.
  • Procedures should document instructions for addressing and responding to security breaches that are identified either during the audit or the normal course of operations.

Physical Safeguards – controlling physical access to protect against inappropriate access to protected data

  • Controls must govern the introduction and removal of hardware and software from the network.
  • Access to equipment containing health information should be carefully controlled and monitored.
  • Access to hardware and software must be limited to properly authorized individuals.
  • Required access controls consist of facility security plans, maintenance records, and visitor sign-in and escorts.
  • Policies are required to address proper workstation use. Workstations should be removed from high traffic areas and monitor screens should not be in direct view of the public.
  • If the covered entities utilize contractors or agents, they too must be fully trained on their physical access responsibilities.

Technical Safeguards – controlling access to computer systems and enabling covered entities to protect communications containing PHI transmitted electronically over open networks from being intercepted by anyone other than the intended recipient.

  • Information systems housing PHI must be protected from intrusion. When information flows over open networks, some form of encryption must be utilized.
  • Each covered entity is responsible for ensuring that the data within its systems has not been changed or erased in an unauthorized manner.
  • Covered entities must also authenticate entities with which they communicate.
  • Covered entities must make documentation of their HIPAA practices available to the government to determine compliance.
  • Documented risk analysis and risk management programs are required. Covered entities must carefully consider the risks of their operations as they implement systems to comply with the act.
Contacting us

You may contact us through this contact form if you would like to:

  • ask us any question regarding our privacy policy;
  • request a copy of your personal data, or change or delete your personal data;
  • opt-out from receiving any future personalized offers or information from REKA.
Our Address

Please address your requests to:

REKA HEALTH PTE LTD
2 International Business Park
#11-01/02 The Strategy
Singapore 609930

T +65 6777 1588
F +65 6779 5677

If you have a concern about our use of your personally identifiable information, please let us know and we will make all reasonable efforts to address it.