Compliance & Data Security / FAQs
Last Updated: November 13, 2023
What is Nurse-1-1?
Nurse-1-1 is a service owned and operated by VideWell, Inc., a technology company providing a platform on which users can chat with (a) a Health Expert for informational purposes only and/or (b) Agents of Nurse-1-1 Customers, if applicable. The Nurse-1-1 platform can be accessed via the Nurse-1-1 Website, Widget, or Apps, as well as via Customer websites and apps where the Widget is installed.
Where is your data processed and stored?
Third Party Sub-Processor | Purpose | Applicable Service | Data Access |
Amazon Web Services, Inc | Hosting & Infrastructure | Used as a on-demand cloud computing platforms and Data hosting provider | Customer & Encrypted End-User Data |
Pusher Ltd. | Conversation & Chat Functionality | Used to support conversations/chat features in the Nurse-1-1 product | Encrypted Customer & End-User Data |
MailChimp | Email Functionality | Used for email | Customer & End-User Data |
Sendgrid | Email Functionality | Used for email | Customer & End-User Data |
Google LLC | Corporate use of Google’s GSuite services that include collaborative productivity apps, corporate email, shared calendars, online document editing and storage. | Used for internal operations and limited client communications and collaboration | Customer Data |
Hubspot | CRM | Used for all Customer CRM functionality | Customer Data |
Mixpanel, Inc. | User Analytics | Used to provide analytics data regarding users’ interactions with our Site and Services. User data processed by Mixpanel, Inc. is retained for the duration set forth in the user’s (or its organization’s) agreement with Nurse-1-1. | Customer & End-User Data |
How long do you keep a consumer/patient’s data?
We store personal information for as long as the information is required to fulfill our legitimate business needs or the purposes for which the information was collected. Additionally, we store personal information for as long as is required to resolve disputes or as long as required by applicable law.
Users may also access settings within the Apps to stop sharing certain information with us. In addition, they may opt out at any time by emailing us at privacy@nurse-1-1.com though we are not able to change settings within their personal devices.
Users can review and change their personal information by logging into the Service and visiting their account profile page. Users may also send us an email at privacy@nurse-1-1.com to request access to, correct or delete any personal information that they have provided to us.
When personal information is deleted, the user’s account is also deleted. We may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect.
What is your privacy policy?
Nurse-1-1’s privacy policy can be found at https://legal.nurse-1-1.com/legal/privacy-policy.
Users are also prompted to accept this privacy policy as the first step to initiating a live chat within the Nurse-1-1 live chat.
What are your terms of service?
Nurse-1-1’s terms of service can be found at https://legal.nurse-1-1.com/legal/terms-of-service.
Users are also prompted to accept the terms of service as the first step to initiating a live chat within the Nurse-1-1 live chat.
Are you compliant with GDPR?
Nurse-1-1 is committed to protecting the privacy and personal data of its users, and as such, it fully complies with the General Data Protection Regulation (GDPR). The GDPR sets strict standards for the collection, storage, and processing of personal information, ensuring transparency, security, and control for individuals.
Nurse-1-1 adheres to the key principles of the GDPR, including the lawful and fair processing of data, purpose limitation, data minimization, accuracy, storage limitation, integrity, and confidentiality. We only collect and process personal data that is necessary to provide our services effectively and to address users’ healthcare inquiries.
Our data protection practices prioritize user consent and control. We obtain explicit consent from users before collecting any personal information, and users have the right to access, rectify, and delete their data at any time. We implement robust security measures to safeguard personal data, preventing unauthorized access, loss, or disclosure.
Nurse-1-1 does not share personal data with third parties without explicit consent, except where required by law or to fulfill our contractual obligations. When utilizing data processors or service providers, we ensure they meet the necessary GDPR requirements and maintain the same high standards of data protection.
We are committed to keeping our users informed about how their data is handled through clear and concise privacy policies and transparent communication channels. Our privacy practices are regularly reviewed and updated to maintain compliance with evolving data protection regulations.
By upholding the GDPR’s principles, Nurse-1-1 strives to create a trusted and secure environment for users seeking healthcare information and support, ensuring the confidentiality and privacy of their personal data at all times.
Are you compliant with CCPA?
Yes. According to CalOPPA we agree to the following:
- Users can visit our site anonymously.
- Our Privacy Policy link includes the word ‘Privacy’ and can be easily be found at https://legal.nurse-1-1.com/legal/privacy-policy.
- The privacy policy states exactly the information being collected and those individuals with whom it is being shared.
- Users can access and check whether there are any privacy policy changes on our Privacy Policy Page.
- If users email us at and request the latest privacy policy, a copy will be emailed.
COPPA (Children Online Privacy Protection Act)?
We do not knowingly collect or maintain personal information from persons under 18 years of age, and no part of the Service is directed at persons under 18. If you are under 18 years of age, then please do not use the Service. If we learn that personal information of persons less than 18 years of age has been collected without verifiable parental consent, then we will take the appropriate steps to delete this information. To make such a request, please contact us at privacy@nurse-1-1.com.
Are you HIPAA compliant?
Although we are not a business entity covered by the Health Insurance and Portability and Accountability Act of 1996 (“HIPAA”), we ensure all our processes meet HIPAA standards and best practices.
How do you log and monitor access to user chats and encrypted ePHI?
- All ePHI data is encrypted in transit, end to end, and at rest using AES 256 CBC encryption.
- Access to chats result in logs to the Nurse-1-1 PHI Access logs. Prior to access, the viewer will need to enter their login information (username and password) and provide a reason for accessing the given chat.
- PHI access logs are accessible to Customers in their Nurse-1-1 dashboard. Accessing the PHI access logs also results in logs to the Nurse-1-1 PHI Access logs.
- At this time, PHI access logs of usernames are not encrypted, however, the logs do not include any ePHI.
- Access to recordings of interactions with Users is limited only to Customer’s agents, Nurse-1-1 auditors, the Health Experts who have been given proper authorization and undergone training, and the Nurse-1-1 Security Team.
- Once the viewer of ePHI data has logged in and logged their reasoning to the Nurse-1-1 PHI Access logs, encrypted PHI will be decrypted during the viewer’s audit session.
How do you audit or monitor chats?
- Customers of Nurse-1-1 can create and audit chats based on their own audit policies. Capabilities for customers to audit any of their users’ chats is provided to customers via the Nurse-1-1 dashboard.
- Nurse-1-1 offers Nurse-1-1 audit capabilities and services. Led by our Chief Nurse Practitioner, these services allow Nurse-1-1 to monitor and audit patient chats.
- Nurse-1-1 will routinely access chats to review for:
- Ensuring the agent is making a personal connection with users, listening, engaging, and understanding the user.
- Information provided by the agent to users for accuracy and appropriate information provided, within the required guardrails.
- Use of the consistent, pre-approved recommendations (Navigational Recommendations) for any information provided to the user about medications, side effects, benefits, etc.
- Once a review is conducted, Nurse-1-1 provides feedback to the agents for each review to help correct any infractions or to highlight excellent work done by the agent.
- If a Nurse-1-1 Health Expert does not follow their training or does not use the pre-approved recommendations when recommending next steps, or providing suggestions or advice, Nurse-1-1 will remove the health expert from the platform. This is done on a case by case basis.
Is there a disclaimer given to the consumer/patient about not providing medical advice to the consumer/patient?
The following disclaimer is delivered to consumers/patients within the accepted Terms of Service and may also be presented to the consumer/patient at the beginning of a live chat:
Nurse-1-1 does not provide medical advice or treatment and is not a healthcare provider. The content is not intended to be a substitute for professional medical advice, diagnosis or treatment. By using the services, end users expressly agree that no patient-provider relationship of any kind is established between you and nurse-1-1 based on your interactions with health experts or any other use of the services. Health experts contacted using the nurse-1-1 services do not take the place of your physician or other qualified healthcare provider and you should continue to schedule regular and ongoing visits with your primary care physician (“pcp”). For questions or concerns about your medical care or treatment, you should contact your pcp or another qualified healthcare professional instead of using the services. If you are in need of immediate medical attention, please contact a healthcare professional or emergency services (such as 911). Never disregard professional medical advice or delay in seeking it because of your use of the services.
How is Important Safety Information delivered to the patient/consumer?
Important Safety Information is customized and delivered to the patient immediately upon opening the chat widget. ISI is placed at the top of the chat widget, below the medication name and above important informational links, such as Prescribing Information and Medication Guides.
What information is given through consistent, pre-approved Navigational Recommendation messaging?
Nurse-1-1 Navigational Recommendations play a crucial role in ensuring consistent and compliant information is provided to consumers/patients regarding the Prescribing Information. These recommendations encompass a wide range of critical details, including indications, dosage, contraindications, drug interactions, common side effects, and important safety information. By incorporating these guidelines, the Nurse-1-1 Live Nurse Chat platform not only enables adherence to FDA guardrails but also facilitates the swift delivery of accurate, compliant, and consistent messaging to users, promoting patient safety and informed decision-making.
Navigational Recommendations offer a powerful tool to create custom recommendations that can enhance influence, prompt patient action, and lead to positive outcomes. By leveraging these recommendations, teams can develop and review prebuilt call-to-action messages, saving time on repetitive tasks and ensuring compliance while driving patient engagement. The ability to personalize patient and provider support through tailored messaging enables a more effective influence on patients’ decision-making processes, guiding them towards desired outcomes.
How is other important information or documents delivered to the patient/consumer?
In addition to ensuring compliance, Nurse-1-1 Navigational Recommendations serve as a valuable resource for providing pre-approved content to consumers/patients in a fast and efficient manner. The live nurse within the chat can quickly deliver marketing and educational materials that have been created and approved by the Medical, Legal, and Regulatory (MLR/PRB) departments. This includes a wide range of important information and materials such as doctor discussion guides, patient brochures, copay card savings program details, patient advocacy group information, symptom checklists, and more. By leveraging these pre-approved resources, Nurse-1-1 enhances the patient experience by delivering accurate and relevant information, empowering patients with the knowledge they need to make informed decisions about their healthcare.
Follow-Up Email Campaigns
Nurse-1-1 Follow-Up Campaigns play a vital role in engaging consumers/patients after the live chat has ended. These campaigns nurture patients by triggering automated follow-ups that are relevant to their conversations, ensuring a continued connection throughout their healthcare journey. By staying close to the patient journey beyond the chat session, Nurse-1-1 can continue to influence positive outcomes and encourage next best actions based on the provided Navigational Recommendations. Additionally, these campaigns collect valuable data that can be used for gap analysis and opportunity discovery, allowing for continuous improvement in patient engagement, activation and support.
Data Reporting
Nurse-1-1 provides clients with aggregate reporting and market insights to make smarter campaign decisions. Get actionable insights about your patients. Data-driven analytics provide metrics on patient interactions so you can understand how best to engage the market and further improve medication adherence, patient support and overall revenue. Aggregate, de-identified data is delivered to our clients on a consistent basis. Aggregate data can no longer be associated or relinked with any particular individual.