1. What personally identifiable information is collected from you, how it is used, and with whom it may be shared.
2. What choices are available to you regarding the use of your data.
3. The security procedures in place to protect the misuse of your information.
4. How you can correct any inaccuracies in the information.
Information Collection, Use, and Sharing
We are the sole owners of the information collected on this site, email, and phone. We only have access to collect information that you voluntarily give us via email or other direct contact from you. We will not sell or rent this information to anyone.
We will use your information to respond to you, regarding the reason you contacted us. We will not share your information with any third party outside of our organization, other than as necessary to fulfill your request, e.g. to connect you with an business, organization or individual who would like to assist. You will be contacted for permission before sharing anything.
Your Access to and Control Over Information
You may opt out of any future contacts from us at any time. You can do the following at any time by contacting us via the email address or phone number given on our website:
• See what data we have about you, if any.
• Change/correct any data we have about you.
• Have us delete any data we have about you.
• Express any concern you have about our use of your data.
We take precautions to protect your information. When you submit sensitive information via the website, email, or other platform, your information is protected both online and offline.
Wherever we collect sensitive information (such as member application and documentation), that information is encrypted and transmitted to us in a secure way. You can verify this by looking for a lock icon in the address bar and looking for “https” at the beginning of the address of the Web page.
While we use encryption to protect sensitive information transmitted online, we also protect your information offline. Only organizations or individuals who need the information to assist you are granted access to personally identifiable information. The computers in which we store personally identifiable information are kept in a secure environment.
Protected Health Information (PHI)
CFW is committed to and has implemented many safeguards to ensure its devices, services, websites and data systems (collectively “Products”) are compliant with the regulations and conditions set forth in the Health Insurance Portability and Availability Act of 1996 (HIPAA).
CFW is committed to continuous improvement to ensure its Products incorporate state-of-the-art information technology privacy and security measures. We are committed to keeping all PHI (Protected Health Information) that is entrusted to us private and secure. We have instituted policies and procedures to ensure this data is kept confidential, including, but not limited to, the following:
Security is a top priority for CFW, therefore, access to our members data is strictly enforced. All of our staff are required to sign a confidentiality agreement. Additionally, CFW has initiated formal practices to assign appropriate personnel access to data, and actions are in place to govern the proper movement and handling of that data.
CFW’s primary physical safeguard is to not retain sensitive data in any public or private CFW location other than those assigned for database management and quality assurance activities. Specific workstation usage, disposal, reuse and security measures are in place. CFW’s data center uses a cloud based architecture with inherent security measures including 24 hours monitoring, advanced fire protection systems, uninterruptible power and database redundancy. Annual audit of the facility security plan, disaster recovery plan, and contingency plans are in place.
To further protect sensitive data, CFW enforces unique software architecture that includes user identifications, various database audit logging, data integrity systems and verified backups, entity authentication programs, digital certificates, and increasing measures to provide better data integrity and encryption.
We are committed to keeping all PHI and sensitive information secure and to keeping our systems and procedures up to date and in compliance with all related regulations.