Privacy Policy

Privacy Policy

We keep all your personal details (name, contact number, email address) confidential and secure. We do not sell, rent or lease this data to any third party individuals, government agencies, or any legal entities at any time unless compelled to do so by law. Suma Soft will solely use the details provided by you to provide timely information about our services.
In compliance with the CAN-SPAM Act, all the emails sent to subscribed individuals from Suma Soft will contain concise information on how to unsubscribe yourself from our mailing list so that you do not receive any further communication from our side.

HIPAA Privacy Policy

We take privacy very seriously. We share a commitment with Covered Entities to protect the privacy and confidentiality of Protected Health Information (PHI) that we obtain subject to the terms of a Business Associate Agreement.
This policy is provided to help you better understand how we use, disclose, and protect PHI in accordance with the terms of Business Associate Agreements.

Definitions

  • Business Associate Agreement (BA Agreement)
A formal written contract between Suma Soft Pvt Ltd and a Covered Entity that requires Suma Soft Pvt Ltd to comply with specific requirements related to PHI.
  • Covered Entity
A health plan, healthcare provider, or healthcare clearinghouse that must comply with the HIPAA Privacy Rule.
  • Protected Health Information (PHI)
PHI includes all “individually identifiable health information” that is transmitted or maintained in any form or medium by a Covered Entity. Individually identifiable health information is any information that can be used to identify an individual and that was created, used, or disclosed in (a) the course of providing a health care service such as diagnosis or treatment, or (b) in relation to the payment for the provision of health care services.

Use and Disclosure of PHI

We may use PHI for our management, administration, data aggregation, analytics and legal obligations to the extent such use of PHI is permitted or required by the BA Agreement and not prohibited by law. We may use or disclose PHI on behalf of, or to provide services to, Covered Entities for purposes of fulfilling our service obligations to them, if such use or disclosure of PHI is permitted or required by the BA Agreement and would not violate the HIPAA Privacy Rule.
We use third party cloud service provider. HIPAA compliant region provided by cloud service provider is used for hosting and processing PHI shared by Covered Entity. In the event that PHI must be disclosed to any other subcontractors or agents, we ensure that those subcontractors or agents agrees to abide by the same restrictions and conditions that apply to us under the BA Agreement with respect to PHI, including the implementation of reasonable and appropriate safeguards.
We may also use PHI to report violations of law to appropriate federal and state authorities.

Safeguards

We use appropriate safeguards to prevent the use or disclosure of PHI other than as provided for in the BA Agreement. We have implemented administrative, physical, and technical safeguards that reasonably and appropriately protect the confidentiality, integrity, and availability of the electronic protected health information that we create, receive, maintain, or transmit on behalf of a Covered Entity. Such safeguards include:
  • Maintaining appropriate clearance procedures and providing supervision to assure that our workforce follows appropriate security procedures;
  • Providing appropriate training for our staff to assure that our staff complies with our security policies;
  • Making use of appropriate encryption when transmitting PHI over the Internet;
  • Utilizing appropriate storage, backup, disposal and reuse procedures to protect PHI;
  • Utilizing appropriate authentication and access controls to safeguard PHI;
  • Utilizing appropriate security incident procedures and providing training to our staff sufficient to detect and analyze security incidents; and
  • Maintaining a current contingency plan and emergency access plan in case of an emergency to assure that the PHI we hold on behalf of a Covered Entity is available when needed.

Mitigation of Harm

In the event of a use or disclosure of PHI that is in violation of the requirements of the BA agreement, we will mitigate, to the extent practicable, any harmful effect resulting from the violation. Such mitigation will include:
  • Reporting any use or disclosure of PHI not provided for by the BA Agreement and any security incident of which we become aware to the Covered Entity; and
  • Documenting such disclosures of PHI and information related to such disclosures as would be required for Covered Entity to respond to a request for an accounting of disclosure of PHI in accordance with HIPAA.

Access to PHI

As provided in the BA Agreement, we will make available to Covered Entities, information necessary for Covered Entity to give individuals their rights of access, amendment, and accounting in accordance with HIPAA regulations.
Upon request, we will make our internal practices, and records including policies and procedures, relating to the use and disclosure of PHI received from, or created or received by the BA on behalf of a Covered Entity available to the Covered Entity or the Secretary of the U.S. Department of Health and Human Services for the purpose of determining compliance with the terms of the BA Agreement and HIPAA regulations.

Cookies Policy

A cookie is a small file which asks permission to be placed on your computer’s hard drive. Once you agree, the file is added and the cookie helps in analyzing the web traffic or lets you know when you visit a particular site. Cookies are broadly classified into three types as session cookies, permanent cookies, and third-party cookies.
We use cookies to monitor and understand website usage, store visitor preferences, record session information, which helps us to improve the responsiveness of the sites for our users.
A cookie does not necessarily give us any access to your personal files over your computer, or any information other than the data you choose to share with us. You can choose to accept or decline cookies by choosing the viable option in the dialog box that appears when you visit a website. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.
Based on the data acquired from cookies, we are able to direct our visitors to new areas that they might be interested in. It also helps us to customize web page content based on visitors’ browser type or other information that the visitor sends, and we take care that a user is not sent the same banner ad repeatedly.
This data will be utilized by Suma Soft only.
Please note that Suma Soft reserves the right to change the terms and conditions of the website from time to time.

Disclaimer

The data displayed on this website should be used for information purpose only and does not bind to create any professional relationship between you and Suma Soft. Suma Soft makes continuous efforts to provide accurate and updated information through this site. However, changes and updation to this site can be done at any moment without any prior notice.
Suma Soft is not bound to any kind of obligation with reference to the performance of this site. The images and content used on this website are subject to copyright protection act. Any attempt to make unauthorized use of a copyrighted image is a punishable offense.

Caution: Be Aware of Fake Job Offer Letters / Selection

Suma Soft Pvt Ltd has not authorized any agency or any other company or individual for issuing an offer letter or selection on its behalf.
All offer letters and selection are done by Suma Soft at our office at Pune, Nashik or Coimbatore. All official communication regarding hiring is always done via Email from only the following 2 email domains : sumasoft.net, sumasoft.com
Our hiring process is based on pure merit and we do not charge any sort of fee at any stage of our recruitment process, hence request all candidates to stay alerted and protected from fake job offer letters.