18.0 Data Retention Policy
Despite not being a requirement within HIPAA, iDialogs understand and appreciates the importance of health data retention. Acting as a subcontractor, and at times a business associate, iDialogs is not directly responsible for health and medical records retention as set forth by each state. Despite this, iDialogs has created and implemented the following policy to make it easier for iDialogs Customers to support data retention laws.
18.1 State Medical Record Laws
18.2 Data Retention Policy
- Current iDialogs Customers have data stored by iDialogs as a part of the iDialogs Service.
- Once a Customer ceases to be a Customer, as defined below, the following steps are
- Customer is sent a notice via email of change of standing, and given the option to reinstate account.
- If no response to notice in 18.2.2(a) above within 7 days, customer data is archived and the account is permanently deactivated. The data will be archived for a period of six (6) years in accordance with HiPAA security rule 45 CFR § 164.316(b)(2)(i).
- If the customer responds within a 30 day period, we can delete all records of the customer's data upon request or we can retain it on behalf of the customer for the period outlined above in 18.2.2(b).