Global Privacy Policy

Scope

This Privacy Policy applies to information, including personal information collected by OmniComm Systems, Inc. and its affiliated offices. The document outlines our strong commitment to our customers’ privacy and the protection of personal information. As a company serving global clinical trials your personal information may be used and stored outside of the country you live. We will take any necessary step to ensure that your information is in compliance with this Privacy Policy.

Purpose

The purpose of this policy is to describe OmniComm’s privacy principles set forth by federal and international regulations that govern clinical research, including transfer and hosting of personal information in electronic, paper, or verbal formats.

General

This Privacy Policy demonstrates our commitment to respect the privacy and the protection of any personal information submitted to and hosted at OmniComm Systems, Inc. OmniComm Systems, Inc. respects individual privacy and values the confidence of its customers, employees, clinical trial participants, healthcare professionals, investors, business partners, and others. OmniComm Systems, Inc. collects, maintains and uses personal information in a manner that is consistent with the laws of countries in which the organization does business. Data Privacy is taken serious and is implemented in companywide Policies and SOPs.

OmniComm Systems Privacy Commitments

OmniComm Systems respects and follows the best practices and privacy principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability including the transfer of personal information in electronic, paper or verbal formats from the member states of the European Union and Switzerland to the United States as set forth in the EU-U.S. Privacy Shield and the Swiss-U.S. Privacy Shield Framework. 

https://www.privacyshield.gov/ 

To confirm participating organizations you may refer to  https://www.privacyshield.gov/list

1.  Notice

OmniComm Systems, Inc. informs individuals about the purposes for which it collects and uses personal information. The notice will be provided in clear language in a conspicuous manner. The use of the data is limited to the purpose first identified and no more information is collected than is required to satisfy the purpose. Data used for pharmaceutical research and other purposes when using OmniComm software products should be anonymized when appropriate. Any personal information that is related to the use of the OmniComm clinical trial software products or personal data developed in specific medical or pharmaceutical research studies is the responsibility of the client. 

OmniComm Systems, Inc. informs individuals about the type of third party to which OmniComm Systems, Inc. discloses information if any, and offers individuals the choices and means for limiting the use and disclosure of their personal information.

2.  Choice

OmniComm Systems, Inc. offers individuals the option of choice whether their personal information is disclosed to a third party. Individuals can also choose to not have their data shared if the purpose is incompatible with the original purpose of data collection. OmniComm Systems, Inc. provides individuals with reasonable mechanism to exercise their choices.

If sensitive personal information is to be disclosed to a third party or is to be used other than the purpose originally authorized, OmniComm Systems, Inc. will give individuals explicit (opt in) choice, and will disclose the information only after explicit consent of the individual.

Individuals are provided readily available mechanisms to exercise choice whether their personal information is (i) to be disclosed to a third party or (ii) to be used for a purpose that is materially different from the purpose(s) for which it was originally collected.  Individuals may email optout@omnicomm.com to exercise this option.

3.  Accountability for Onward Transfer

OmniComm Systems, Inc. ensures by written agreement that our agents and third party providers follow the same privacy principles and data protections principles as OmniComm Systems, Inc.

Personal data is only shared by OmniComm with Third Parties who require it for specific business purposes.  Data is transferred only for the scope of purpose it was initially intended and not for any other reasons.   These third parties must agree to abide by the same of level of privacy protection as required by Privacy Shield principles.

4.  Security

OmniComm Systems, Inc. provides services internationally and receives information from all over the world. Whenever OmniComm Systems, Inc. is required to transfer personal information, regardless of where this occurs, OmniComm Systems, Inc. protects confidentiality, integrity and availability of personal information by physical and logical security measures. OmniComm Systems, Inc. has written procedures in place regulating the protection of confidential data from loss, misuse and unauthorized access, disclosure, alteration and destruction.

5.  Data Integrity and Purpose Limitation

OmniComm Systems, Inc. takes reasonable steps to ensure that personal information is reliable to its use, that the data is accurate, complete and current. OmniComm Systems, Inc. does not process information that is incompatible with the original purposes for which it has been collected or subsequently authorized by the individual.

6.  Access

Upon request, individuals will be granted reasonable access to personal information that OmniComm Systems, Inc. hold about them. In addition, upon request, OmniComm Systems, Inc. will take reasonable steps to allow individuals to correct, amend, or delete information that is found to be inaccurate or incomplete.

7.  Recource, Enforcement and Liability

OmniComm Systems, Inc. has written procedures in place that regulate regular internal compliance audits of the privacy principles. Internal audits are conducted by the OmniComm Compliance Committee or by a third party as delegated by the Compliance Committee. The Compliance Committee is comprised of a cross-section of department and affiliate representatives across the companies, who have authority to enforce the policies that are created. The CEO has the ultimate responsibility and authority of managing Quality Systems. Non-compliance issues are investigated and corrective actions are put in place and followed up until resolution for any problems arising out of failure to comply with the principles. Remedy actions could include disciplinary actions, up to and including termination of employees.

8. Dispute Resolution

In compliance with the Privacy Shield Principles, OmniComm commits to resolve complaints about our collection or use of your personal information.   

OmniComm has further committed to refer unresolved Privacy Shield complaints to the International Centre for Dispute Resolution / American Arbitration Association (ICDR/AAA), an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please contact or visit http://go.adr.org/privacyshield.html for more information or to file a complaint.  The services of the ICDR/AAA are provided at no cost to you.

OmniComm has further committed to cooperate with the panel established by the EU data protection authorities (DPAs) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved Privacy Shield complaints concerning human resources data transferred from the EU and Switzerland in the context of the employment relationship.

All individuals are encouraged to please forward any individual complaints, issues, concerns, or questions regarding the collection, the use or disclosure of personal information to Privacyshieldcompliance@omnicomm.com or to:

OmniComm Systems, Inc.
Attention: Compliance Department
2101 West Commercial Boulevard, Suite 3500
Fort Lauderdale, FL 33309, USA

For non-HR data transferred from the EU or Switzerland, OmniComm has registered with the American Arbitration Association (AAA) as an independent recourse mechanism to resolve complaints at http://go.adr.org/privacyshield.html

For HR data transferred from the EU for use in the context of the employment relationship, OmniComm has registered with the EU data protection authorities (DPAs) as an independent recourse mechanism to resolve complaints at http://ec.europa.eu/justice/data-protection/bodies

For HR data transferred from Switzerland for use in the context of the employment relationship, OmniComm has registered with the Swiss Federal Data Protection and Information Commissioner (FDPIC) as an independent recourse mechanism to resolve complaints at https://www.edoeb.admin.ch/

General Information

The OmniComm Systems, Inc. organization is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC).

There exists the possibility, under certain conditions, for the individual to invoke binding arbitration when other dispute resolution procedures have been exhausted.

OmniComm Systems, Inc. is required to disclose personal information in response to lawful requests by public authorities, including those necessary to meet national security or law enforcement requirements.

OmniComm Systems, Inc. acknowledges the potential liability in cases of onward transfers to third parties of personal data of EU or Swiss individuals received pursuant to Privacy Shield.

Notification of Policy Changes

This Privacy Policy was made effective on 11-JUL-2017.  It was updated to meet EU-U.S. and Swiss-U.S. Privacy Shield requirements.