Image.works, Inc. ("image.works” or “Company”) has established the following procedures with regard to the handling and transmission of Customer Business Records. Customer Business Records includes electronic files, data, mailing lists and any other form of personal or business record provided by customers to Company. Company will use Customer Business Records as directed by the customer and only for the business purposes for which they were intended. Access to Customer Business Records is restricted to personnel who have a business need to work with the data, in accordance with the customer’s intent. Upon completion of the intended work, Customer Business Records are archived and then destroyed. Customers are encouraged to protect Customer Business Records through standard encryption methodologies, as appropriate for the level of confidentiality of the records being transmitted. Data files containing personal health information, as defined by HIPAA and HITECH, should only be transmitted to Company in accordance with HIPAA guidelines.
Customer Business Records transmitted to Company should not include Social Security numbers. If a transmitted file contains Social Security numbers, the Social Security numbers will immediately be deleted from the file. Financial account information including credit card numbers, or usernames and passwords that would allow access to confidential personal or financial information, should only be uploaded if necessary for the project.