Google Care Studio Privacy Notice
Last modified: 18 February, 2022
Details about the Privacy Notice
This Privacy Notice describes Google LLC’s privacy practices that are specific to Care Studio. It is in addition to the Google Privacy Policy and it explains how Google LLC (referred to as “Google,” “we,” “us,” or “our”) treats personal information when you use Care Studio, by Google Health (‘End User’ ‘You’ and ‘Your’ refers to caregivers, healthcare professionals, etc., and not consumers or patients).
Care Studio organizes complex healthcare information and streamlines workflows to help clinicians spend more time caring for their patients (‘Care Studio’). It is made available to healthcare organizations that have entered into appropriate commercial agreements with Google, including, as applicable, a Business Associate Agreement (‘Organizations’ refers to hospitals, health systems, academic medical centers, etc.).
Your access to Care Studio is subject to the End User Notice. This means that any patient and Google data associated with your access is managed by your Organization’s domain administrator. Please consult the End User Notice made available to you within Care Studio, which describes in more detail your Organization’s domain administrator role in managing your use of Care Studio.
Your use of Care Studio, which describes in more detail the activities covered by this Privacy Notice.
Follow your Organization’s protocols
Care Studio is intended for use by authorized doctors, nurses, and other caregivers at your Organization. As such, these authorized clinical users are subject to protocols created by their hospitals to protect patient data and comply with regulatory requirements. If you’re an authorized clinical user of Care Studio, ensure that you are familiar with your Organization’s protocols for protecting patient privacy. Always follow hospital protocols when using Care Studio.
Information: what we collect & how it’s used
-
Patient Data - You and Your Organization are in control of the health information provided to Google. We only use Patient Data to provide Care Studio. It will not be used for advertising, or marketing purposes. (see Care Studio’s Privacy Commitments). In addition to the Privacy Commitments, all patient data shared with Google Health by your Organization and you is subject to the data protection terms included within the relevant commercial agreements between your Organization and Google, including, as applicable, any Business Associate Agreement (‘Patient Data’). This means that Google Health is required to have in place privacy and security controls to protect Patient Data.
-
End User Data - Access to Care Studio is enabled via a user role assigned to the Google Account managed by your Organization’s administrator. This allows Care Studio to collect and process End User Data, for example, the contents of your communications, how you interact with Care Studio, your account details, and privacy settings.
-
Who has access to End User Data - Access to End User Data is limited to Google Health team members who are assigned to support and maintain Care Studio for each particular healthcare system. Google Health team members who serve in this role are subject to strict employee policies and annual training requirements that cover HIPAA, privacy and ethics.
-
Who has access to Patient Information - Access to Patient Data is limited to Google Health team members who are assigned to support and maintain the tool for each particular healthcare system. Google Health team members who serve in this role adhere to strict employee policies and undergo annual training that covers HIPAA, privacy and ethics.
-
Information shared with third parties - Google Health does not share Patient or End User Data with third parties except with our affiliates and other trusted businesses or persons that have entered into a subcontractor business associate agreement, based on our customers instructions and in compliance with our Privacy Policy and any other appropriate confidentiality and security measures.
Information security
We’ve implemented administrative, technical, and physical safeguards, to keep Patient and End User Data private and secure. We enforce strict per-customer isolation by combining logical and cryptographic (per-customer encryption key) controls with physical isolation.
For more information about our security practices, please see the Google Security White Paper and the main Google Privacy Policy.
Contact Us
If you are an authorized clinical user caregiver, contact your hospital administrator if you have questions regarding the use of information by your hospital.
Contact Google about the information in this Notice by emailing support+carestudio@health.google.
1600 Amphitheatre Parkway
Mountain View, CA 94043, USA
(650) 253-0000