Safe Harbor Policy
H. A. Services is committed to respecting individual privacy and values the confidence of its customers, employees, business partners, and others.
The Commission of the European Union, Switzerland and the U.S. Department of Commerce have negotiated and agreed on a set of personal data protection rules (the "Safe Harbor Principles"), allowing U.S. companies to comply with the EU or Switzerland requirement that adequate protection be given for the transfer of personal data out of the EU or Switzerland to the United States. H. A. Services adheres to the Safe Harbor Principles.
This Safe Harbor Policy applies to all personal information, whether from employees or non-employees such as investigators, received by H. A. Services in the United States from the EU or Switzerland, in any format, including without limitation electronically. For purposes hereof, "personal information" means any information or set of information that identifies or could be used by or on behalf of H. A. Services to identify an individual.
Personal information does not include information that is encoded or made anonymous, or publicly available information that has not been combined with nonpublic personal information.
The United States, the EU and its member states, and Switzerland are committed to making privacy protections available to their citizens without unnecessarily impeding the free flow of data.
The United States has largely adopted a self-regulatory approach to the development of privacy protections in the private sector, addressing specific privacy concerns in the law as needed. The concern is that privacy issues differ across industry sectors, and that "a one size fits all" legislative approach would lack the necessary precision to avoid interfering with the benefits that result from the free flow of data. Nonetheless, the United States does address specific privacy concerns in the law as needed, particularly where sensitive information is involved or there have been cases of abuses. In Europe, however, privacy laws tend to be comprehensive, applying to every industry and closely regulating what information is collected and how it is used.
The H. A. Services Chief Information Officer has to approve this policy.
The "H. A. Services Sr. Management Team" has direct responsibility for owning and maintaining this Policy.
All lines of business are directly responsible for implementing the Policy within their business areas, for adherence by their staff, and for the reporting of compliance.
6.1 Privacy Principles
The privacy principles in this Safe Harbor Policy are based on the Safe Harbor Principles. If H. A. Services collects personal information directly from individuals in the EU or Switzerland, it will inform them about the purposes for which it collects and uses personal information about them, the types of non-agent third parties to which H. A. Services discloses that information, and the choices and means, if any, H. A. Services offers individuals for limiting the use and disclosure of their personal information. Notice will be provided in clear and conspicuous language when individuals are first asked to provide personal information to H. A. Services, or as soon as practicable thereafter, and in any event before H. A. Services uses the information for a purpose other than that for which it was originally collected.
If H. A. Services receives personal information from its subsidiaries, affiliates or other entities in the EU or Switzerland, it will use such information in accordance with the notices provided by such entities and the choices made by the individuals to whom such personal information relates.
H. A. Services will offer individuals the opportunity to choose (opt out) whether their personal information can be: (a) disclosed to a non-agent third party, or (b) used for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual.
For sensitive personal information (i.e., personal information regarding race, ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, health or sex life, or personal information treated and identified by a third party as sensitive), H. A. Services will give individuals the opportunity to affirmatively and explicitly (opt in) consent before the information will be disclosed to a non-agent third party or the information used for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual.
H. A. Services will provide individuals with reasonable mechanisms to exercise their choices.
6.3 Data Integrity
H. A. Services will use personal information only in ways that are compatible with the purposes for which it was collected or subsequently authorized by the individual. H. A. Services will take reasonable steps to ensure that personal information is relevant to its intended use, accurate, complete and current.
6.4 Transfers to Agents
For purposes hereof, "agent" means any third party that uses personal information provided to H. A. Services to perform tasks on behalf of and under the instructions of H. A. Services. H. A. Services will obtain assurances from its agents that they will safeguard personal information consistently with this Safe Harbor Policy. Where H. A. Services has knowledge that an agent is using or disclosing personal information in a manner contrary to this Safe Harbor Policy, H. A. Services will take reasonable steps to prevent or stop the use or disclosure.
6.5 Access and Corrections
Upon request, H. A. Services will grant individuals reasonable access to personal information that it holds about them. In addition, H. A. Services will take reasonable steps to permit individuals to correct, amend or delete information that is demonstrated to be inaccurate or incomplete.
H. A. Services will take reasonable precautions to protect personal information in its possession from loss, misuse and unauthorized access, disclosure, alteration and destruction.
H. A. Services will conduct compliance audits of its relevant privacy practices to verify adherence to this Safe Harbor Policy. Any employee that H. A. Services determines is in violation of this Safe Harbor Policy will be subject to disciplinary action up to and including termination of employment.
6.8 Dispute Resolution
Any questions or concerns regarding the use or disclosure of personal information should be directed to the H. A. Services Chief Information Officer at the address given below. H. A. Services will investigate and attempt to resolve complaints and disputes regarding use and disclosure of personal information in accordance with the principles contained in this Safe Harbor Policy. For complaints that cannot be resolved between H. A. Services and the complainant, H. A. Services has agreed to participate in the dispute resolution procedures of the panel established by the European data protection authorities to resolve disputes pursuant to the Safe Harbor Principles.
6.9 Affirmation Statement
H. A. Services complies with the U.S.-EU Safe Harbor Framework and the U.S.-Swiss Safe Harbor Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries and Switzerland. H. A. Services has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Safe Harbor program, and to view H. A. Services’ certification, please visit http://www.export.gov/safeharbor/.
6.10 Contact Information
Questions or comments regarding this Safe Harbor Policy should be submitted to the H. A. Services Clinical Research Privacy Office.
Chief Information Officer
H. A. Services
820 Adams Ave
Audubon, PA 19403
6.11 Changes to this Safe Harbor Policy
This Safe Harbor Policy may be amended from time to time, consistent with the requirements of the Safe Harbor Principles. Appropriate notice will be given concerning such amendments.
- March 27, 2014As IT professionals, we need to sit back from time to time, and make sure we are asking the right questions. For instance, when researching server management systems and data storage, the...Read More »
- February 28, 2014We meet a lot of impressive tech masters at H. A. Services, and we interact with many different IT departments. One of the most common phrases we hear said is, “We have a unique...Read More »
- January 31, 2014One of our goals at H. A. Services in the past year has been to identify verticals to determine what industries we can help the most. We've discovered that many of our new clients are from...Read More »