©2019 MedaPrep, LLC.  All Rights Reserved.

Privacy Policy and EU-US Privacy Shield

Privacy Policy and EU-US Privacy Shield

Privacy Policy

We respect your privacy. This is one reason we have taken the time and space on our website to disclose our information collection practices and our privacy policy. Please take the time to review this document.

Collecting information provides specific benefits to our customers and their website visitors. Information collected is for patient communications only. MedaPrep does not use information for any type of marketing or contact purposes.
Who has access to the information collected?

MedaPrep and its customers — information is used only by organizations using the MedaPrep solution and delivery services possibly not sharing our privacy policy.


If you would like to dispute any information, please contact us using the information below.  For removal or request of your personal data, please contact us using the information below.

This privacy statement applies to the website of:
MedaPrep, LLC
3715 Hycliffe Avenue
Louisville KY 40207 US
EU-US Privacy Shield Policy
MedaPrep, LLC complies with the EU-US Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries. MedaPrep, LLC has certified that it adheres to the Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability. If there is any conflict between the policies in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification page, please visit https://www.privacyshield.gov/

MedaPrep, LLC, (the “Company”) provides software to organizations that use the solution to communicate to with their patients electronically. This may include contact information such as name, email address and phone numbers.  Protecting consumer privacy is important to the Company. This privacy policy outlines our general policy and practices for implementing the Principles, including the types of information we gather, how we use it and the notice and choice affected individuals have regarding our use of and their ability to correct that information. This privacy policy applies to all personal information received by the Company whether in electronic, paper or verbal format. This may include data shared with third parties at the specific request of the Company’s customers via application interfaces for transaction processing.

“Personal Information” or “Information” means information that (1) is transferred from the EU to the United States; (2) is recorded in any form; (3) is about, or pertains to a specific individual; and (4) can be linked to that individual.
“Sensitive Personal Information” means personal information that reveals race, ethnic origin, sexual orientation, political opinions, religious or philosophical beliefs, trade union membership or that concerns an individual’s health.
Individuals whose data the Company handles have the right at any time to correct or delete it. The Company provides the means for individuals to access their account to remove, add, or revise data.

Notice The Company shall inform an individual of the purpose for which it collects and uses the Personal Information and the types of non-agent third parties to which the Company discloses or may disclose that Information. Company shall provide the individual with the choice and means for limiting the use and disclosure of their Personal Information. Notice will be provided in clear and conspicuous language when individuals are first asked to provide Personal Information to the Company, or as soon as practicable thereafter, and in any event before the Company uses or discloses the Information for a purpose other than for which it was originally collected.

The Company does not disclose third-party information. However, individuals have the right to choose (opt out) whether their Personal Information is (1) to be disclosed to a third party or (2) to be used for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual. For Sensitive Personal Information, the Company will give individuals the opportunity to affirmatively or explicitly (opt out) consent to the disclosure of the information for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual. Company shall treat Sensitive Personal Information received from an individual the same as the individual would treat and identify it as Sensitive Personal Information. Opt-out links will be available on many forms. Individuals may also send requests to support@medaprep.com.

Onward Transfers
Prior to disclosing Personal Information to a third party, Company shall notify the individual of such disclosure and allow the individual the choice (opt out) of such disclosure. Company shall ensure that any third party for which Personal Information may be disclosed subscribes to the Principles or are subject to law providing the same level of privacy protection as is required by the Principles and agree in writing to provide an adequate level of privacy protection. The Company does not disclose information to third parties.
Please note that Company is obliged to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

In cases of onward transfer of Privacy Shield data to third parties, Company is potentially liable.
Data Security Company shall take reasonable steps to protect the Information from loss, misuse and unauthorized access, disclosure, alteration and destruction. Company has put in place appropriate physical, electronic and managerial procedures to safeguard and secure the Information from loss, misuse, unauthorized access or disclosure, alteration or destruction. Company cannot guarantee the security of Information on or transmitted via the Internet.

Data Integrity Company shall only process Personal Information in a way that is compatible with and relevant for the purpose for which it was collected or authorized by the individual. To the extent necessary for those purposes, Company shall take reasonable steps to ensure that Personal Information is accurate, complete, current and reliable for its intended use.
Access Company acknowledges the right of EU individuals to access their personal data. Company shall allow an individual access to their Personal Information and allow the individual to correct, amend or delete inaccurate information, except where the burden or expense of providing access would be disproportionate to the risks to the privacy of the individual in the case in question or where the rights of persons other than the individual would be violated. The company provides links to allow individuals to revise Personal Information. Individuals may also contact the Company via support@medaprep.com

Company uses a self-assessment approach to assure compliance with this privacy policy and periodically verifies that the policy is accurate, comprehensive for the information intended to be covered, prominently displayed, completely implemented and accessible and in conformity with the Principles. We encourage interested persons to raise any concerns using the contact information provided below and we will investigate and attempt to resolve any complaints and disputes regarding use and disclosure of Personal Information in accordance with the Principles.

If a complaint or dispute cannot be resolved through our internal process, we agree to dispute resolution using (an independent resource mechanism) as a third party resolution provider.

This privacy policy may be amended from time to time consistent with the requirements of the Privacy Shield. We will post any revised policy on this website.