Image.works, Inc. ("image.works” or “Company”) has established the following procedures with regard to the handling and transmission of Customer Business Records. Customer Business Records includes electronic files, data, mailing lists and any other form of personal or business record provided by customers to Company. Company will use Customer Business Records as directed by the customer and only for the business purposes for which they were intended, and does not share Customer Business Records with any other entity for any purpose, except as required by law. Access to Customer Business Records is restricted to personnel who have a business need to work with the data, in accordance with the customer’s intent. Upon completion of the intended work, Customer Business Records are archived and then destroyed. Customers are encouraged to protect Customer Business Records through standard encryption methodologies, as appropriate for the level of confidentiality of the records being transmitted. Data files containing personal health information, as defined by HIPAA and HITECH, should only be transmitted through Company’s HIPAA approved systems.
Customer Business Records transmitted to Company should not include Sensitive Data. Sensitive Data is any record containing Social Security numbers, financial account information including credit card numbers (unless absolutely critical to the project), or usernames and passwords that would allow access to confidential personal or financial information. If a transmitted file contains Sensitive Data, the Sensitive Data will immediately be deleted from the file.