It's something you might think belongs more in Ripley's Believe It or Not than the GripeLog. A reader just made a remarkable discovery: a good privacy policy.
"I'd like to call attention to something that someone has done well," the reader wrote. "The company I work for has signed up with health management firm SimplyWell. I just went to their website to set up my account for the first time and up popped this privacy policy:"
SimplyWell will safeguard, and never disclose, identifiable participant health information without the express, documented permission of the participant to whom the information belongs. Should a participant, for any reason, permit SimplyWell to disclose information to others, SimplyWell will be bound by the terms of the participant's authorization, and will require the recipient of information to be bound by an agreement to prohibit further disclosure. An authorized recipient of information is solely responsible for that recipient's duty not to further disclose information. SimplyWell is not responsible for an authorized recipient's compliance with the agreement not to further disclose information.
Should a subpoena or other legal process require SimplyWell to disclose identifiable participant or business client information, SimplyWell will notify the participant or business client of its receipt of such legal notice or process at the last address provided to SimplyWell by the participant or business client, or through other means.
The reader probably couldn't have been much more surprised if he'd run across a mermaid in Nebraska. "The privacy policy statement is simple and straightforward, and says most of the things that a privacy policy should say," the reader wrote. "By rights, it should apply to all personally identifiable information, instead of being limited to health information, but the general idea is right."
I agree with the reader that SimplyWell definitely has the right idea with this privacy policy, particularly in that they do keep it about as short and sweet as could be expected. When a privacy policy goes on for thousands of words, as most of them do, the sheer length and complexity make it onerous. Let's hope a few other companies will follow SimplyWell's lead by keeping their privacy policy simple as well.
Read and post comments about this story here.
9:34:29 AM 
|
|
