Rising Medical Solutions, LLC (Rising) values your privacy and any personal information provided to us in the course of our services is for Rising’s exclusive use; we do not sell, share, or rent your personal information to third parties. Any disclosure of personal information by Rising is performed within the parameters of applicable laws and regulations, such as to comply with a court order or legal process and shall not be disclosed otherwise by Rising.
Any activity on risingms.com is subject to monitoring by Rising. We collect personal information when a user voluntarily contacts us through our site using a form submission or email submission. We use this information (such as name, phone number, or email address) to fulfill the request you submitted, such as delivering requested materials and/or services and responding to questions/inquiries.
- Our websites and other software applications made available through computers and mobile devices, and
- Provision of our services, namely medical claims management, whereby we receive information from patients, insurers, insurance professionals, medical professionals, or other third parties involved in a patient’s medical claim.
Your Rights and Choices
You have the right to be informed about how your data is collected and used. You are entitled to know what data we collect about you, and how it is used. You are entitled to correct and update any personal data about you, and to request this information be deleted. See the “Contact” section below.
If you wish to change information that we maintain about you or wish to update preferences, you can make a request at any time by contacting Rising’s Data Protection Officer.
Data Protection Officer
Rising Medical Solutions
325 North LaSalle Street, Suite 600
Chicago, IL 60654
Toll-Free #: 866.274.7464
Personal Information We May Have Access To
General Website Visitor Information
General website visitors are defined as those users seeking information about Rising which include, but are not limited to, prospective buyers, prospective employees, customers, medical providers, and industry professionals. To the extent that a visitor submits a website form or email inquiry, we will have access to the information provided, such as name, company, e-mail, telephone number, job title, and service interest.
Patient Information Obtained During the Course of Service Delivery
Rising helps medical claim payers (e.g. insurance carriers, self-insured employers, third-party claims administrators) process and manage patient medical claims. To the extent that relevant medical information is sent to Rising by a medical claim payer or medical provider, or is provided to Rising by the patient themselves, Rising may have access to the following information during the course of processing/managing a medical claim.
General contact and medical claim information:
- Patient contact information (e.g. name, address, e-mail, telephone), patient demographic information (e.g. age/date of birth, gender, employment status), claim number, policyholder number, date of injury/illness/disability, and cause of injury/illness/disability.
- Unique identification numbers issued by government bodies or agencies, as required by certain states to process medical claims (e.g. social security number, national insurance number, tax identification number).
- In general, we have the information that an insurer, medical provider and/or patient has provided to Rising in order to assist with a patient’s medical claim.
Medical condition and health status:
- In certain cases, we may receive further information about a patient’s medical condition(s) from an insurer, medical provider, and/or patient, such as health status, injury/illness/disability recovery information, medical treatment/procedures performed, prescription information, and medical history.
Cookies are small text files that are placed on your computer or mobile device by websites that you visit. They are widely used in order to make websites work efficiently, as well as to provide information to the owners of the site. Cookies are useful because they allow a website to recognize your device, letting you navigate between pages efficiently, remembering your preferences, and generally improving your experience.
Rising utilizes HubSpot cookies when a visitor browses our website. HubSpot is Rising’s website platform partner. For a specific and detailed list of cookies used, see this page. Generally, these cookies fall into two categories:
- Essential/Necessary Cookies: Essential cookies do not require consent. These cookies include a “non-consent cookie,” which is used if you decline to have your information tracked when you visit our website. A single cookie will then be used in your browser to remember your preference not to be tracked and to ensure our website conducts no such tracking.
- Consent Banner Cookies: Non-essential cookies are controlled by the consent banner. Overall, these cookies are used to help personalize a visitor’s browsing experience across site visits. They are also used to collect information about how visitors use our site. We use the information to compile reports and to help us improve the site. The cookies collect information such as the number of visitors to the site, where visitors have come to the site from, and page visit metrics. These cookies do not collect any personal or sensitive information, and the information they store is not sent to or sold to any third parties.
Client Web Portal – for Rising customers only
- VisionLoginFromSystem is used to tell us if the user has logged in from the user’s current system in the last 90 days for purposes of multi-factor authentication/security.
- ReferralRequestSourceInfo is used to store user profile information in order to pre-populate service referral forms. This data is simple contact information (e.g. name, email address, phone number, etc.) that is used to increase user convenience and referral submission speed.
How We Use Personal Data
We use the personal data we collect from our corporate website for:
General visitor purposes, including:
- to communicate with visitors;
- to perform website administration;
- to report on statistical website information.
Recruitment and employment purposes, including:
- to decide whether to employ (or engage) you;
- to check that you have the legal right to work for us;
- to comply with employment law, immigration law, health and safety law, tax law, and other laws which affect us;
- for any other reason which we may notify you of from time to time.
We use personal data during the course of service delivery, including:
- to communicate with a patient and/or other parties to a patient’s claim (e.g. insurers, medical providers, third party administrators or insurers);
- to manage/process a patient’s medical claim properly and according to any applicable state or federal regulations;
- to manage our business operations in compliance with internal privacy policies and procedures that secure and protect a patient’s individually identifiable health information;
- to report on aggregated statistical information that does not include any identifiable patient information;
- to conduct patient satisfaction surveys;
- to comply, as obligated, with any other applicable laws and regulatory mandates, any legal process/proceedings, and any response to requests from public and government authorities;
- to establish and defend the legal and privacy rights of patients, insurers, or others related to a claim, and pursue available remedies that limit damages.
We will only process personal data for the specific purposes set out above or for any other purposes specifically permitted by data protection legislation. Should you need clarification of the above purposes, please contact our Data Protection Officer.
Rising does not sell or rent personal information to third parties. Rising may make personal data available to the following parties for the purposes of medical claims management service delivery, or as required by law. Any such information sharing is performed within the parameters of our security/privacy procedures and all applicable laws and regulations:
- External third-party service providers, such as medical professionals, medical equipment providers, attorneys and other outside professional advisors; travel and medical assistance providers.
- Insurers, third-party claim administrators; claims adjusters; language translators; peer reviewers; and/or similar third-party vendors.
- Enterprise service partners such as IT systems, hosting and privacy/security service providers; document and records management providers; and outsourced service providers that assist us in carrying out business activities.
Security of Personal Data
We continuously implement and update appropriate technical and organizational measures to help protect personal information under our control against accidental, unlawful or unauthorized access, loss, use, disclosure or alteration. Some of the safeguards we use to protect personal data are firewalls, data encryption, information access controls, annual audits, and security penetration testing. However, no one can fully guarantee absolute data security. If you have reason to believe that your interaction with us is no longer secure, please immediately notify us of the problem by contacting us as described in the “Contact” section above.
When we provide personal data to a partner, the partner will be selected carefully and required to use appropriate measures to protect the confidentiality and security of personal data.
Third-Party Web Sites
Visitors, from time to time, have the option to enter a third-party web site through the Rising’s website; or visitors, from time to time, have the option to enter our website from another third-party web site. Since we cannot be assured that such third-party web sites follow our privacy policies, we encourage you to ask questions and review the privacy policies of these third parties. We have no responsibility or liability for the actions or policies of these independent sites, do not endorse any product or service mentioned or offered on such sites, and are not responsible for the content or privacy practices of such sites.
International Data Transfer
For the processing of any international medical claims, Rising may share certain personal information across geographical borders to international patients, international insurers, international medical providers, and/or international partners/service providers (working in conjunction with us or on our behalf) worldwide. Such transfers are made in accordance with applicable international law.
General Data Protection Regulation (GDPR)
European Economic Area (EEA)/European Union (EU) residents may exercise any of the rights described in this section by contacting us directly. If you reside outside of the EEA/EU, you may have similar rights under your local laws.
The GDPR provides the following rights for individuals:
- The right to be informed about the collection and use of their personal data;
- The right to access their personal data;
- The right to have inaccurate personal data rectified or completed if it is incomplete;
- The right to have personal data erased;
- The right to request the restriction or suppression of their personal data;
- The right to data portability, to retain and reuse their personal data for their own purpose;
- The right to object to the processing of their personal data;
- Rights in relation to automated decision making and profiling.
The GDPR’s lawful basis for processing:
- You have provided your consent which can be withdrawn at any time;
- Processing is necessary for the performance of a contract to which you are a party or to perform services you have requested;
- We are required by law;
- Processing is required to protect your vital interests or those of another person; or
- Processing is necessary for the purposes of our legitimate commercial interests, except when such interests are overridden by your rights and interests.
Rising does not knowingly collect online information from children under the age of 13. Our services are provided to and marketed towards adults. If notified that we have collected personal information of a child under the age of 13, we will delete the information as expeditiously as possible.
Updates and Effective Date
Current Policy’s Effective Date: 12/31/2019
Last Updated: 06/29/2020