Return to App
Legal & Compliance

Integrity Tissue Solution

Privacy Policy

1. Introduction

Integrity Tissue Solution (“Company,” “we,” “us,” or “our”) is a specialized platform designed to streamline the ordering and reimbursement process for advanced wound care products. Our platform is built exclusively for clinics, podiatrists, vascular surgeons, and wound care providers (collectively, “Healthcare Providers”).

This Privacy Policy describes how we collect, use, store, disclose, and protect information obtained through our website and platform (collectively, the “Platform”). This policy applies to all users of our Platform, including clinic staff, administrators, and authorized healthcare professionals.

Please read this Privacy Policy carefully. By accessing or using the Platform, you acknowledge that you have read, understood, and agree to be bound by the terms of this Privacy Policy.

2. About Us and Governing Law

Integrity Tissue Solution is headquartered and operates under the laws of the State of Georgia, United States of America. This Privacy Policy is governed by and construed in accordance with the laws of the State of Georgia, without regard to its conflict of law provisions, as well as applicable federal laws of the United States, including the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and its implementing regulations.

Our principal place of business is located in Georgia, USA. Any disputes arising under this Privacy Policy shall be subject to the exclusive jurisdiction of the state and federal courts located in Georgia.

3. Scope of This Policy

This Privacy Policy applies to:

  • All individuals who create and use accounts on the Platform, including clinic staff and administrators
  • Healthcare Providers who access the Platform to manage wound care product ordering and reimbursement workflows
  • Authorized representatives of clinics, medical practices, and healthcare facilities
  • Any individual who contacts us for support or inquiries related to our services

This policy does not apply to third-party websites, services, or applications that may be linked to or from our Platform.

4. Information We Collect

4.1 Account and Contact Information

When Healthcare Providers and clinic staff register for and use the Platform, we collect the following types of information:

  • Full name and professional title
  • Clinic or practice name and business address
  • Professional contact information, including business email address and phone number
  • National Provider Identifier (NPI) and other professional license numbers
  • Account credentials (username and encrypted password)
  • Billing and invoicing contact information for the clinic or practice

4.2 Platform Usage Information

As you use our Platform, we automatically collect certain technical and usage information, including:

  • IP address and device identifiers
  • Browser type, version, and operating system
  • Pages visited, features used, and time spent on the Platform
  • Referring URLs and navigation paths
  • Date and time of access
  • Cookies and similar tracking technologies (see Section 7 for details)

4.3 Communications Data

We may collect information you provide when you contact us for support, submit inquiries, or communicate with our team, including the content of messages and any attachments you send.

5. HIPAA Compliance and Protected Health Information

Integrity Tissue Solution is fully committed to compliance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA), the Health Information Technology for Economic and Clinical Health Act (HITECH), and all applicable regulations promulgated thereunder, including the HIPAA Privacy Rule (45 C.F.R. Part 164) and the HIPAA Security Rule.

5.1 Our Role as a Business Associate

To the extent that our Platform facilitates the access, transmission, or use of Protected Health Information (PHI) on behalf of covered Healthcare Providers, Integrity Tissue Solution operates as a Business Associate as defined under HIPAA. We enter into a Business Associate Agreement (BAA) with covered entities as required by applicable law.

5.2 Handling of PHI

We implement the following safeguards for any PHI that may be processed through our Platform:

  • Administrative safeguards, including workforce training, access controls, and designated privacy and security officers
  • Physical safeguards, including secure data center environments and device controls
  • Technical safeguards, including encryption of PHI at rest and in transit, audit controls, and automatic logoff procedures
  • PHI is used only for the purposes authorized by the covered entity and permitted by HIPAA
  • Breach notification procedures in accordance with the HITECH Breach Notification Rule

5.3 Minimum Necessary Standard

We apply the HIPAA minimum necessary standard, ensuring that PHI is only accessed, used, or disclosed to the extent necessary to accomplish the intended purpose.

6. How We Use Your Information

6.1 Platform Operations

  • To create, manage, and maintain your account on the Platform
  • To facilitate the Benefits Verification (BV) process for wound care products
  • To process and manage product orders, including skin substitutes and biologics
  • To provide customer support and respond to inquiries

6.2 Communications

  • To send transactional and service-related communications, including order confirmations and status updates
  • To send marketing and promotional communications about our products and services, where you have opted in or where permitted by law (see Section 10 regarding your opt-out rights)
  • To send important notices, platform updates, and changes to our policies

6.3 Platform Improvement

  • To analyze usage patterns and improve the functionality, performance, and user experience of the Platform
  • To conduct internal research and development
  • To detect, investigate, and prevent fraudulent activity, unauthorized access, and other security incidents

6.4 Legal and Compliance

  • To comply with applicable federal and state laws, regulations, and legal obligations
  • To enforce our Terms of Service and other agreements
  • To respond to legal process, court orders, or government requests

7. Cookies and Tracking Technologies

Our Platform uses cookies and similar tracking technologies to enhance your experience and collect usage information.

7.1 Types of Cookies We Use

Essential Cookies: These cookies are necessary for the Platform to function properly. They enable core features such as user authentication, session management, and security. You cannot opt out of essential cookies without affecting Platform functionality.

Analytics Cookies: We use analytics cookies to understand how users interact with the Platform, which pages are visited most frequently, and how users navigate through our services. This information helps us improve the Platform.

Functional Cookies: These cookies remember your preferences and settings to provide a more personalized experience.

Performance Cookies: These cookies collect information about how the Platform performs and help us identify and fix technical issues.

7.2 Managing Cookies

Most web browsers allow you to control cookies through their settings. You may set your browser to refuse cookies or to alert you when cookies are being sent. Please note that some parts of the Platform may not function properly if you disable cookies. For more information on managing cookies, please refer to your browser's help documentation.

We honor Do Not Track (DNT) signals where technically feasible. If your browser transmits a DNT signal, we will take reasonable steps to respect that preference.

8. Disclosure of Your Information

We do not sell, rent, or trade your personal information to third parties. We may disclose your information only in the following limited circumstances:

8.1 Within Our Organization

Access to your information within Integrity Tissue Solution is limited to personnel who need it to perform their job functions and provide services to you. All such personnel are subject to confidentiality obligations.

8.2 Legal Requirements

We may disclose your information if required to do so by law, regulation, legal process, or governmental request, including to comply with HIPAA reporting obligations, respond to court orders or subpoenas, or cooperate with law enforcement investigations.

8.3 Protection of Rights

We may disclose information when we believe disclosure is necessary to protect the rights, property, or safety of Integrity Tissue Solution, our users, or others, or to prevent fraud or other illegal activity.

8.4 Business Transfers

In the event of a merger, acquisition, reorganization, bankruptcy, or sale of all or a portion of our assets, your information may be transferred as part of that transaction. We will notify you via email and/or prominent notice on the Platform of any such change and will require any successor to honor this Privacy Policy or provide equivalent protections.

9. Data Security

We take the security of your information seriously and implement a comprehensive set of administrative, technical, and physical safeguards designed to protect your information from unauthorized access, use, disclosure, alteration, or destruction.

Our security measures include, but are not limited to:

  • Encryption of data in transit using TLS (Transport Layer Security) protocols
  • Encryption of sensitive data at rest
  • Role-based access controls limiting data access to authorized personnel
  • Regular security assessments and vulnerability testing
  • Multi-factor authentication for Platform access
  • Audit logging of data access and system events
  • Employee training on data privacy and security practices

Despite our best efforts, no method of data transmission or storage is 100% secure. In the event of a data breach affecting your information, we will notify you as required by applicable law, including the Georgia Personal Identity Protection Act (O.C.G.A. § 10-1-912) and applicable federal law.

10. Your Rights and Choices

Subject to applicable law, you have the following rights regarding your personal information:

10.1 Right to Access

You have the right to request access to the personal information we hold about you. Upon a verified request, we will provide you with a copy of your data and information about how it is used.

10.2 Right to Export Your Data

You have the right to request a portable copy of your personal information in a commonly used, machine-readable format. We will provide your data export within thirty (30) days of a verified request.

10.3 Right to Delete

You have the right to request deletion of your account and associated personal information, subject to our legal obligations to retain certain records. Please note that deletion of your account may affect your ability to use the Platform. We will process verified deletion requests within thirty (30) days.

10.4 Right to Opt Out of Marketing Communications

You have the right to opt out of receiving marketing emails and SMS notifications from us at any time. You may exercise this right by:

  • Clicking the “unsubscribe” link in any marketing email you receive from us
  • Replying “STOP” to any marketing SMS message you receive from us
  • Contacting us directly at the email address provided in Section 13

Please note that even if you opt out of marketing communications, you will continue to receive transactional communications related to your account and the services you use.

10.5 Right to Correct

You may update or correct inaccurate information in your account at any time by logging into your account settings or contacting us directly.

To exercise any of the above rights, please submit a written request to the email address listed in Section 13. We may need to verify your identity before processing your request.

11. Data Retention

We retain your personal information for as long as your account is active or as needed to provide you with services. We also retain information as necessary to:

  • Comply with our legal obligations, including applicable healthcare record retention requirements under Georgia and federal law
  • Resolve disputes and enforce our agreements
  • Fulfill the purposes described in this Privacy Policy

When your information is no longer needed, we will securely delete or anonymize it in accordance with our data retention policies. For healthcare-related records, we comply with applicable state and federal retention requirements, which may require retention for a minimum of seven (7) years or longer.

12. Children's Privacy

The Platform is designed and intended solely for use by healthcare professionals and authorized clinic personnel. Our Platform is not directed to, and we do not knowingly collect personal information from, individuals under the age of 18. If you believe that a minor has provided us with personal information, please contact us immediately using the information in Section 13 and we will take steps to delete such information.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact our Privacy Officer:

Integrity Tissue Solution
Privacy Officer
Georgia, United States of America
Email: will@integritytissue.com

We will respond to your inquiry within thirty (30) business days of receipt. For HIPAA-related requests or concerns, please indicate “HIPAA Request” in your email subject line.

14. Changes to This Privacy Policy

We reserve the right to update or modify this Privacy Policy at any time. When we make material changes, we will:

  • Notify registered users via email to the address associated with their account
  • Where required by law, obtain your consent before applying material changes to how we process your information

Your continued use of the Platform after the effective date of any changes constitutes your acceptance of the updated Privacy Policy. We encourage you to review this Privacy Policy periodically.

15. Governing Law and Jurisdiction

This Privacy Policy is governed by the laws of the State of Georgia, United States of America, without giving effect to any principles of conflicts of law. You agree that any dispute arising from or relating to this Privacy Policy shall be resolved exclusively in the state or federal courts located in Georgia, and you hereby consent to the personal jurisdiction of such courts.

In addition to Georgia law, this Privacy Policy is subject to applicable federal laws and regulations, including but not limited to HIPAA, HITECH, the Federal Trade Commission Act, and the CAN-SPAM Act.

By using the Integrity Tissue Solution Platform, you acknowledge that you have read and understood this Privacy Policy.