Today’s consumers are struggling to navigate a confusing jumble of apps, portals, and logins from their physician, their insurance company, and their employer. For the family health navigator, all of these access points need to be managed for each family member, often including elderly parents.
Who we are
Why we do what we do
How we help you access your data and keep it private and secure
b.well’s goal is to help you access your health data from any provider, health system, pharmacy, lab or other healthcare office which may hold your records, and bring it into a central digital location to create one health record for you and your healthcare team, such as your primary care provider, other specialists you may see, and any caregivers who help you.
Our product not only helps you gather your data, but also offers proactive, personalized insights about your health based on the data you’ve connected. At times, we deliver our services through applications that our customers make available to you. Whether you use a b.well branded application or our services through a different application, our commitments to protect your health data and privacy remain the same.
We are not a medical device, nor a replacement for your doctor. Instead, we’re an additional source of support as you navigate the healthcare system. We take this role, and your privacy and security, very seriously.
- We keep our data policies transparent and consumer friendly. It’s important to us that you know how we operate, and that you can make informed decisions about how to use your data.
- We help you select permissions for who can see your data – and you can change your mind on your permissions anytime – so you stay in control.
- Except when sharing is required by law, to deliver our services, or to protect our interests, your data will never be shared without your permission, and we apply safeguards to limit access and keep your data protected.
- We will never sell your data.
- If you ever want to use your “right to be forgotten”, you are free to do so anytime by contacting Support through your user account and asking that your account be deleted and to exercise your right to be forgotten.
- Right to be forgotten means that we delete your information from our current databases.
- If you already gave permission for someone else to access the data, we will stop sharing, but you may need to contact them separately to delete your data.
We’re leaders in consumer health data access and privacy
To confirm our commitment to safeguarding your health data, b.well voluntarily follows the CARIN Alliance Trust Framework and Code of Conduct, an industry-leading set of best practices for protecting the confidentiality of your health data and your privacy rights. This promise is made public on MyHealthApplication.com, which is maintained by CARIN.
By promising to follow the CARIN Code of Conduct, we hold ourselves accountable to you and to the U.S. Federal Trade Commission (FTC). If we fail to live up to this promise, complaints can be made to the FTC.
The Code of Conduct covers such items as:
- Clear options for consents to retrieve and/or share your data
- Right to change your consents at any time
- Right to request the deletion of your account and health data
- Data security safeguards to protect your private information
- Requirements for notifying you if and when breach occurs that compromises your data or privacy
We follow the highest industry standards in data security
Our systems are subject to annual security reviews and have achieved HITRUST and US NIST cybersecurity framework (CSF) certification, which require independent verification of our security-related policies, procedures, and implemented controls by external auditors on at least a biennial (2 year) basis.
Your data is encrypted in secure servers, not stored on your local device; and always encrypted during transmissions.
It’s impossible to eliminate all risk in a cyber environment, but we believe we are following industry best practices for minimizing data breach risk to a reasonable level.