McKesson

iKnowMed Electronic Health Record

Privacy Notice

Effective Date: 11/11/2021

At McKesson Corporation (“McKesson” or “we”), we value the trust that healthcare providers place in us to appropriately use and protect personal information. This Privacy Notice informs users of the iKnowMed Electronic Health Record (EHR) application (“application”) about how McKesson may collect, use, and share personal information and how it is protected. We want you to be clear how we're using personal information and the ways in which we protect this information. By using this application, you accept the privacy practices presented in this Privacy Notice. We encourage you to read this Privacy Notice in full to understand our privacy practices before using this application or submitting any personal information.

Scope

This Privacy Notice applies only to the iKnowMed EHR application

(https://www.mckesson.com/). McKesson may have separate websites, subdomains, and applications through other web, mobile, cloud or SaaS platforms which are not subject to this Privacy Notice. Additionally, McKesson business partners, ad networks and other third parties may have their own websites and services with separate privacy practices. We encourage you to read the privacy notices of all websites and applications that you visit and understand their privacy practices.

Personal Information We Collect

When you use this application, we may collect personal information about you. Personal information is any information accessed, collected, or used by McKesson that identifies an individual, or can reasonably be used to identify an individual, whether directly or indirectly. The personal information we may collect includes, but is not limited to:

  • First name, last name
  • Professional qualifications, such as your licenses, certifications, and credentials
  • Voice recordings, such as recognition or recording through microphone
  • Contact information such as your business address, business telephone numbers, business electronic mail addresses
  • Occupation/title, User ID and/or employee number as assigned by an employer
  • User ID and password, signature (electronic or digitized image)
  • IP address, device/User activity (such as login-logout info, sites/pages visited, # of visits, click stream, navigation, beacon signal hits, errors, crash rate, or other user activities)
  • Information about you from practice management systems and combine it with information we already have about you.

Tracking Technologies We Use

We use various technologies to collect personal information about users of this application. These technologies include the following:

  • Web server logs
    • As is true of most websites and applications, we gather certain information automatically and store it in log files. This information may include IP addresses, browser type, internet service provider, referring/exit pages, operating system, date/time stamp and/or clickstream data.
     
  • Cookies
    • We and our subsidiaries, business partners, marketing partners, affiliates, or other service providers may utilize cookies. Cookies uniquely identify your device or user account associated with this site or service. You can control the use of cookies by adjusting your browser preferences at any time. If you reject cookies, you may still use our site, but your ability to use some features or areas of our site may be limited.
     
  • Other Tracking Technologies

These tracking technologies are used, to analyze trends, to perform diagnostic services such as error reporting to improve the site or service, to perform data analysis and audits and to remember user’s settings.

How We Respond to “Do Not Track” Signals

Some web browsers have a ''Do Not Track'' feature. This feature allows you to tell websites you visit that you do not want to have your online activity tracked over time and across websites. These features are not yet uniform across browsers and not broadly supported. This application is not currently set up to respond to those signals.

How We Use the Personal Information Collected

We may use the personal information we collect for purposes such as:

  • Reporting or data analytics services
  • Customer and troubleshooting support
  • Error detection and debugging
  • Data migration and/or installation services
  • Fraud detection or monitoring services
  • Personalized user service or customized site-content based user preferences

How We Share Personal Information Collected

  • McKesson does not sell personal information about you to third parties.
  • We may provide your personal information to third parties that provide services to help us with our business activities such as pharmacy/eprescribing. These companies are authorized to use personal information about you only as necessary to provide these services to us.
  • Some of our pages may utilize framing techniques to serve content to/from our partners while preserving the look and feel of our website. Please be aware that you are providing personal information to these third parties and not directly to McKesson. When framing techniques are utilized, your personal information is subject to the privacy policies of the third parties.

McKesson may also need to share information with companies, organizations, or individuals outside of McKesson if we have a good faith belief that access, use, preservation, or disclosure of that information is reasonably necessary to:

  • Meet applicable laws, regulations, legal processes or enforceable governmental requests
  • Enforce applicable Terms of Service, including investigation of potential violations
  • Detect, prevent, or otherwise address fraud, security or technical issues
  • Protect against harm to the rights, property or safety of our users, McKesson, or the public as required or permitted by law
  • Engage in a merger, acquisition, reorganization, or sale of all or a portion of McKesson assets.

McKesson may also need to share information with companies, organizations or individuals outside of McKesson if we have a good faith belief that access, use, preservation, or disclosure of that information is reasonably necessary to:

  • Meet applicable laws, regulations, legal processes or enforceable governmental requests
  • Enforce applicable Terms of Service, including investigation of potential violations
  • Detect, prevent, or otherwise address fraud, security or technical issues
  • Protect against harm to the rights, property or safety of our users, McKesson, or the public as required or permitted by law
  • Engage in a merger, acquisition, reorganization, or sale of all or a portion of McKesson assets.

Your Choice

Where appropriate or legally required, we will describe how your information that we collect through this application will be used and will provide choices about whether to allow us to engage in that use. To exercise your choice, you may discontinue information collection by deleting cookies in your web browser or discontinue accessing the application altogether.

Access to Personal Information

This application allows you to directly view, edit, or delete information about you through your profile settings. You can also update information about you by logging into https://msh.my.salesforce.com.

Retention

We will retain your personal information for as long as your account is active, as reasonably useful for commercial purposes, or as necessary to comply with our legal obligations, resolve disputes and enforce our agreements.

Health Insurance Portability and Accountability Act (“HIPAA”)

As a key provider of services and technology to the healthcare industry, McKesson has implemented programs to address the privacy and security requirements of HIPAA.

To the extent that we are functioning as a HIPAA business associate, a Notice of Privacy Practices will be provided to you or made available to you.

Children’s Privacy

This application is not intended for any user under the age of 13, and we do not knowingly collect personal information from children under the age of 13. We request that children under the age of 13 not submit any personal information through this application.

How We Protect Your Information

McKesson has established appropriate physical, electronic, and administrative safeguards to protect the information we collect from or about our users. We restrict access to personal information to McKesson employees, contractors and agents who need to know that information to process it for us, and who are subject to confidentiality obligations.

Any sensitive personal information (e.g., credit / debit card number) will be transmitted in an encrypted form using SSL encryption. Notwithstanding our security safeguards, it is impossible to guarantee 100% security in all circumstances. If you have any questions about security or have reason to believe that your interaction with us is no longer secure (for example, you feel that the security of any account you might have with us has been compromised), you must immediately notify us of the problem by contacting McKesson at Privacy@McKesson.com.

Changes to this Privacy Notice

We may periodically update this Privacy Notice to describe new features, products or services we offer and how it may affect our use of personal information about you and your controls. We will not apply changes to this Privacy Notice retroactively to personal information we have previously collected. Since we may change this Privacy Notice, we recommend that you check the current version available from time to time. If we make changes to this notice, we will update the “Last Update Date” at the beginning of this notice.

Contact Information

If you have questions or concerns about this Privacy Notice, our information handling practices, or any other aspect of privacy and security of your personal information, please contact us at: Privacy@McKesson.com.

You may also write to us at:

McKesson Corporation
ATTN: Privacy Officer (Privacy Notice, McKesson iKnowMed EHR)
2 National Data Plaza NE, 3rd Floor
Atlanta, GA 30329
top