Signal 1 Privacy Policy
Signal 1 is committed to protecting your privacy. This Privacy Policy outlines policies and procedures related to the collection, use, and disclosure of personal information from Signal 1 employees, contractors, current or potential customers, and patient health information that we process in order to provide quality products and services (collectively referred to as “Services”).
Collection of Personal Information
We may collect personal information from you when you interact with our Services, communicate with us, or are employed by us. The types of personal information we may collect are described below:
- Information you provide to us when engaging in sales and marketing activities, such as completing a form on our website or attending a conference, may include contact information (such as name, email address, phone number) and professional information (such as your job title and organization). This same information may also be passively collected when you visit our website through the use of cookies or tracking technologies.
- If you are a customer using our Services, we may collect name, email, feedback on our Services, as well as usage data (such as IP address, browser type, browser version, pages that you visit, the time and date of your visit.)
- If you are a patient of a hospital or health system that is using our Services, we may collect protected health information related to you which could include demographic information, laboratory results, vitals, medications, orders and procedures, medical history, diagnoses and comorbidities, imagining data, clinical notes, and predictions generated by AI algorithms. To the extent possible, personally-identifiable information (such as unique identifiers for hospital visits, MRN, age, birthday, names, and time stamps associated with hospital records) is treated upon collection to reduce the risk of identification.
- Some of our Services allow our customers (hospitals or health systems) to access information within electronic health records to develop, deploy, and monitor the performance of AI models. In this context, each customer controls and is responsible for the information they process and must comply with any regulations or laws that require providing notice and/or obtaining consent prior to transferring personal data to Signal 1 for processing purposes. If you have questions about the type of personal data Signal 1 processes on behalf of a customer, please contact that customer directly or refer to their policies.
- If you are an employee or contractor, we may collect contact information (such as name, email, phone number, mailing address), employment and financial information (such social insurance number, salary, banking information, credit data), and any other information you provide in your employment inquiries or applications.
- If you participate in product or market research activities (for example, voice of customer interviews or usability testing of medical devices), we may collect your contact information (name, email), profession, place or work, years of experience.
Use of Personal Information
We use a combination of industry standard security measures to protect your personal information from loss and misuse. We will only use your personal information for the purpose it was collected. For example:
- We may use contact information to share information about our Services, including updates and upcoming events.
- Data related to the use of our websites is used to analyze website performance and improve user experience.
- Data collected from our customers is used to provide and improve our Services. This may include providing technical support, training new AI/ML algorithms, making predictions to improve patient care or hospital operations, or enabling hospitals to deploy AI models that we did not develop.
- Any data collected may be used in ways necessary to comply with legal and regulatory requirements.
Disclosure of Personal Information
We may disclose your personal information to the following parties for the purposes outlined in this Privacy Policy:
- Service providers and vendors who help us deliver our Services, such as hosting providers, payment processors, and customer support. In this context, some of your information may be transferred to a country other than the country in which you reside or from which the information was originally collected.
- If Signal 1 is involved in a merger or acquisition, your personal information may be transferred, notice will be provided before your information becomes subject to a different privacy policy.
- Under certain circumstances, Signal 1 may be required, by law or by another authority (e.g., court, government agency, privacy commissioner, etc.) to disclose your personal information.
Other situations whereby Signal 1 may disclose your information include a good faith belief that such a disclosure is required to define the right or property of Signal 1, to investigate potential wrongdoing, protect the personal safety of users or patients, and protect against legal liability.
We do not sell or rent your personal information to third parties for marketing or any other purpose.
Storage and Transfer of Personal Information
Your information, including personally identifiable information, is stored in Signal1’s secure cloud environment and may also be stored by trusted third-party vendors or service providers supporting our operations. These third parties are carefully selected and are required to adhere to strict data protection and security standards.
Depending on the type of information and its intended purpose, data may be stored and processed in different geographies, which may have data protection laws different from those in your jurisdiction. Specifically:
- Customer and Customer Contact Information: Stored on secure servers in the USA and may be accessed or processed for legitimate business purposes.
- Protected Health Information (PHI): Stored and accessed solely within the country where it was originally collected, ensuring compliance with applicable health data protection regulations.
- Employee data is stored in Canada.
Your information, including personally identifiable information, is stored in Signal 1’ secure cloud operating environment and in any other geographies where the parties involved in the processing are located. This means that, depending on the type of information and its purposes, information may be stored outside your state/province or country where data protection laws may differ from those in your jurisdiction. Specifically,
- Customer and customer contact information is stored on servers in the USA and may be accessed for any other justification.
- Protected health information is stored in the country in which it was collected
- Employee data is stored in Canada
Security of Personal Information
We take reasonable measures to protect the security and confidentiality of your personal information. We implement industry-standard security technologies and procedures to safeguard your personal information from unauthorized access, use, or disclosure. For example:
- We prioritize continuous security and privacy training for our team members to ensure they are equipped with the necessary knowledge to handle sensitive data with care.
- Through role-based access, we ensure that only those with the appropriate permissions can access patient data, thereby reducing the risk of unauthorized exposure.
- We have strong access control protocols, incident response plans, and regular audits in place to monitor and protect patient data.
- Our processes align with and are audited against key industry standards like SOC2 Type 2, HIPAA and PIPEDA to ensure we are compliant with all necessary regulations.
- We use the latest security technologies to protect patient data, including advanced encryption methods, vulnerability scanning, and real-time monitoring to ensure security both at rest and in transit.
- Our systems are designed with a strong security architecture to guarantee data confidentiality, availability and resilience against potential threats.
- We implement modern cybersecurity strategies, such as Zero Trust, to continuously protect our systems and maintain robust security at every layer.
Consent and Control of Personal Information
By using our Services, you consent to the collection, use, and disclosure of your personal information as described in this Privacy Policy.
We respect your privacy rights and comply with all applicable privacy laws. Depending on your location and the information in question, you may have the right to access, correct, or delete your personal information. If you have any questions or requests regarding your personal information, please contact us using the information provided below.
Retention of Personal Information
Signal 1 will retain your personal information for as long as is necessary for the purposes set out in this Privacy Policy. Beyond the stated business purposes, we will retain your personal information for the duration necessary to comply with Signal 1’s legal obligation to applicable laws, to resolve disputes, and enforcement of our legal agreements.
Changes to this Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our business practices or legal requirements. Changes to this policy become effective when they are posted on this page.
Contact us
If you have any questions about this Privacy Policy, please us by sending an email: privacy@signal1.ai
Last Modified: January 9, 2025