Blog

Mercy Medical Center – Redding

Memorial Sloan Kettering Bergen

Valley Arthritis Center

Havertown Podiatry

Marin General Hospital

NHLBI — NIH

Georgetown Radiation Therapy Center

California Pacific Medical Center – Davies Campus

Adult and Pediatric Urgent Care

Idaho Gastroenterology Associates – All Locations

The Patient
Record Scorecard

Showing medical record providers’ compliance with the HIPAA Right of Access based on patient requests.

VIEW SCORECARD
VIEW SCORECARD

View Methodology

See Whitepaper

Providers without a score:

View the HIPAA Right of Access Survey to see an indication of compliance.

VIEW SURVEY
VIEW SURVEY

What does it mean to be compliant with the HIPAA Right of Access?

Record requests must be accepted by email or fax.

Records must be sent in the format requested – if that format can be readily produced.

Records must be sent within 30 days.

No unreasonable fees should be charged for records.

Want to improve your score?

SIGN UP FOR WEBINARS
SIGN UP FOR WEBINARS

When you’re sick, and you’re frightened, and you’re fighting for your life, that is not the time to have trouble gathering your data.

YVETTE
Diagnosed with Ovarian Cancer,
September 2, 2016

Patient Stories

Play Video
"Getting my records was so difficult, it was easier to repeat the tests for every new provider I saw."

Tamira

Diagnosed with breast cancer, May 16, 2016

Play Video
"I am a cancer warrior, and data is one of my most powerful weapons."

Yvette

Diagnosed with Ovarian Cancer, September 2, 2016

Play Video
"I need to get my records in a timely fashion so I can go about planning my treatment path"

Susan

Metastatic breast cancer since March 2014

Highlighting Five-Star Providers

1CP Place

21st Century Oncology – Andalusia

21st Century Oncology – Fort Meyers

AAMC Oncology and Hematology

Aaron Smith Plastic Surgery

ABC Eyes – Pediatric Ophthalmology PA

ABC Medical

Abilene Regional Medical Center

Abington Cedarbrook Internal Medicine

Abington Hospital – Jefferson Health (FKA Abington Memorial Hospital)

Abramson Cancer Center : Dr Hayley Knollman

Abramson Cancer Center Cherry Hill

Acension St. Vincent Fishers

ACES – San Diego

Ackerman Cancer Center

Adam Aronsky MD

Adena Regional Medical Center

Adult & Pediatric Dermatology Specialists

Adult and Pediatric Urgent Care

Advanced Dermatology Associates

Our Supporters

Organizations that support putting the patient, and their right to access all of their medical information, first.

The HIPAA Right of Access Webinar Series

Join Deven McGraw, Chief Regulatory Officer at Ciitizen, to discuss HIPAA Right of Access regulations, increased OCR enforcement, removing unnecessary friction, and putting patients first.

REGISTER FOR WEBINARS
REGISTER FOR WEBINARS

View previous webinars.

Sign up to receive information about:

Patient Record Scorecard updates, upcoming HIPAA Right of Access webinars, personalized webinars for your team, in-person feedback about improving your score,  and more.

Online Terms of Service

Last updated: May 15, 2019

Summary: Welcome to the Terms of Service for Ciitizen. This document provides the legal terms of service for use of our website, as well as any of the Services that we offer. Please read the Terms carefully, as they include an agreement to waive the right to bring class action suits against us and to handle any claims you might have against us via arbitration. Please also review our Privacy Policy at https://www.ciitizen.com/privacy/.

Ciitizen Corporation, a Delaware corporation (“Ciitizen,” “we,” “us,” “our”) provides its Services (defined below) to you through its website located at www.ciitizen.com (the “Site”) and other related content, applications, services, tools and features (collectively, the “Service(s)”), subject to the following terms and conditions (as amended from time to time, the “Terms”). By using or accessing the Services, you are agreeing to these Terms. For purposes of these Terms, “you” and “your” means you as the user of the Services. If you use the Services on behalf of a company or other entity then “you” includes you and that entity, and you represent and warrant that (a) you are an authorized representative of the entity with the authority to bind the entity to these Terms, and (b) you agree to these Terms on the entity’s behalf.

We may modify these Terms from time to time. If we do this, we will update the “Last Updated” date at the top of these Terms. If we make changes that are material, we may also attempt to notify you, such as by e-mail notification and/or by placing a prominent notice on the first page of the Ciitizen website. However, it is your sole responsibility to review the Terms from time to time to view any such changes. The updated Terms will be effective as of the time of posting, or such later date as may be specified in the updated Terms. Your continued access to or use of the Services after the modifications have become effective will be deemed your acceptance of the modified Terms.

PLEASE READ THESE TERMS CAREFULLY, AS THEY CONTAIN AN AGREEMENT TO ARBITRATE AND OTHER IMPORTANT INFORMATION REGARDING YOUR LEGAL RIGHTS, REMEDIES, AND OBLIGATIONS. THE AGREEMENT TO ARBITRATE REQUIRES (WITH LIMITED EXCEPTION) THAT YOU SUBMIT CLAIMS YOU HAVE AGAINST US TO BINDING AND FINAL ARBITRATION, AND FURTHER (1) YOU WILL ONLY BE PERMITTED TO PURSUE CLAIMS AGAINST CIITIZEN ON AN INDIVIDUAL BASIS, NOT AS A PLAINTIFF OR CLASS MEMBER IN ANY CLASS OR REPRESENTATIVE ACTION OR PROCEEDING, (2) YOU WILL ONLY BE PERMITTED TO SEEK RELIEF (INCLUDING MONETARY, INJUNCTIVE, AND DECLARATORY RELIEF) ON AN INDIVIDUAL BASIS, AND (3) YOU MAY NOT BE ABLE TO HAVE ANY CLAIMS YOU HAVE AGAINST US RESOLVED BY A JURY OR IN A COURT OF LAW. You have the right to opt-out of arbitration as explained in Section 9. For more information, please see the Dispute Resolution By Binding Arbitration section below.

In addition, when using certain services, you will be subject to any additional terms applicable to such services that may be posted on such Service from time to time. All such terms are hereby incorporated by reference into these Terms.

Table of Contents

  1. 1. Access and Use of the Service
  2. 2. Conditions of Use
  3. 3. Intellectual Property Rights
  4. 4. Copyright
  5. 5. Third Party Services and Materials
  6. 6. Disclaimer of Warranties
  7. 7. Limitations of Liability
  8. 8. Indemnity and Release
  9. 9. Dispute Resolution by Binding Arbitration
  10. 10. Termination
  11. 11. User Disputes
  12. 12. General
  13. 13. Your Privacy
  14. 14. California Residents
  15. 15. Contact Us

1. Access and Use of the Service

Summary: Ciitizen provides a platform for (1) enabling users to collect their health information through the HIPAA right of access, (2) using and sharing Health Information (defined below), and (3) authorizing Ciitizen to collect Health Information on a user’s behalf. Users should understand that the Ciitizen platform and any Services do not constitute medical advice, and Ciitizen did not generate such Health Information, and is not responsible for the Health Information’s completeness or accuracy; Ciitizen is also not responsible for verifying any Health Information that the user provides. You are required to register to use our Services and you are responsible for protecting your user credentials. Ciitizen also may modify or discontinue the Services or any particular feature; we agree to notify you by e-mail prior to termination of any inactive accounts.

Services Description.The Service is a web-based platform that (i) allows users to request access to their historical health information and records (“Health Information”) through the “right of access” granted under the Health Insurance Portability and Accountability Act (“HIPAA”), as well as through online portal accounts made available to you by some health care providers or health plans, (ii) aggregates and standardizes (to the extent possible) such Health Information, (iii) allows users to use and disclose such aggregated, standardized Health Information with third parties, including caregivers and medical professionals through their health profile, and (iv) allow users to post content and interact with other users.

User Consent.As part of the Service, you may choose to have Ciitizen collect Health Information on your behalf maintained by (1) health care providers or health plans with whom you have, or previously had, a patient or subscriber relationship, or (2) from third-party sites. You may (1) link directly to online portals and/or (2) fill out and sign HIPAA requests for access forms (“HIPAA Access Forms”) and request Ciitizen to send those forms to designated health care providers and health plans, in each instance to enable Ciitizen to obtain your Health Information and upload it into your account.

By taking advantage of either or both routes for obtaining your Health Information, you acknowledge that you are asking Ciitizen to obtain your Health Information on your behalf. You further acknowledge that when you request authorization for Ciitizen to access an online portal provided by your health care provider or your health plan, you will be directly connected to an online website for the health care provider or health plan you have designated, and Ciitizen will submit information (including user names and passwords) that you provide in order to log into that portal and obtain your Health Information to upload to your Ciitizen account. By accessing an online portal or completing a HIPAA Access Form in order to enable Ciitizen to obtain your Health Information, you authorize and permit Ciitizen to use and store information provided by you (for example, information on the HIPAA Access Form, user names and passwords) and any Health Information collected from third parties in order to provide the Services, including processing and using such Health Information for product development, improvement, demo and training, and aggregated and anonymized searching capabilities. You represent and warrant that you own all right, title and interest in and to the Health Information collected from third parties and any data you provide to us (including any and all intellectual property rights therein), subject to Ciitizen’s right to Work Product (as defined below) as set forth below.

You acknowledge there may be delays in record request processing from your health providers and health plans. Despite our reasonable efforts, Ciitizen also may not be able to obtain some or all of your Health Information and we do not guarantee or assume any responsibility or liability for the completeness, timeliness, accuracy, deletion or non-delivery of any Health Information. Ciitizen is also not responsible for the way in which data is displayed on the Site or through the Service, as this may be impacted by the nature and form of the Health Information that Ciitizen receives from you or on your behalf.

You may add self-entered historical health information to your health profile, and you may edit and remove any such contribution made by you from your health profile. Health Information that comes from records of health care providers or health plans accessed through your HIPAA “right of access” will be “read only” and cannot be altered, although you will have a choice of whether or not to share such Health Information with others. If you believe any Health Information coming from the records of your health care providers or health plans is inaccurate, it is your responsibility to address this issue with the relevant health care provider(s) or health plan(s).

Service Disclaimer. THE SERVICES, INCLUDING ALL OF THE MATERIAL AND INFORMATION MADE AVAILABLE THROUGH THE SERVICES, ARE FOR INFORMATIONAL PURPOSES ONLY AND DO NOT CONSTITUTE PROFESSIONAL MEDICAL ADVICE OR TREATMENT. Always seek the advice of your physician or other qualified health provider with any questions you may have regarding your health. The Services are not a substitute for professional medical advice; never disregard professional medical advice or delay in seeking it because of something made available through the Services. If you think you may have a medical emergency, call your doctor or 911 immediately. Ciitizen does not recommend or endorse any specific tests, physicians, products, procedures, opinions, or other information that may be mentioned on the Services.

Ciitizen has no control over the completeness, validity, consistency or accuracy of any content provided (or lack of such) by you or others (such as hospitals, other health care providers, or health plans). You rely on any information provided by Ciitizen, or third parties providing services on behalf of Ciitizen to provide the Services, or other members solely at your own risk.

Your Registration Obligations. You must reside in the United States or any of its territories to use our Services. Minors under the age of majority in their jurisdiction are only permitted to use our Services if the minor’s parent or guardian accepts these Terms on the minor’s behalf prior to use of the Services. By using the Services, you represent and warrant that you meet all of these requirements.

You will be required to register with Ciitizen in order to access and use certain features of the Service. If you choose to register for the Service, you agree to provide and maintain true, accurate, current and complete information for your account. Our Privacy Policy describes how we handle the registration data and certain other information you provide to us when you use our Services. If you are under 18 years of age, you are not authorized to use the Service, with or without registering, unless your parent or guardian has provided their express prior consent. If you are under the 13 years of age, you may not use the Service, other than by having your parent or guardian register and use the Service on your behalf.

Member Account, Password and Security. You are solely responsible for maintaining the confidentiality and security of your Ciitizen username, password and other account information, and are fully responsible for any and all activities that occur under your account. You can access, edit and update your account via the www.ciitizen.com. You agree to (a) immediately notify Ciitizen at legal@ciitizen.com of any unauthorized use of your password or account or any other breach of security including unauthorized disclosure of your username and/or password, and (b) ensure that you log out of your account at the end of each session when accessing the Service. Ciitizen is not liable for any acts or omissions by you in connection with your account. We are not liable for any loss or damage arising from your failure to comply with this Section.

Modifications to Service. Ciitizen reserves the right to modify or discontinue, temporarily or permanently, the Service (or any part thereof) with or without notice. You agree that Ciitizen will not be liable to you or to any third party for any modification, suspension, or discontinuance of the Service; provided that if we discontinue the Service, we will use our best efforts to permit you to export any health information maintained by us for a period of thirty (30) days from when the Service is discontinued.

General Practices Regarding Use and Storage.You acknowledge that Ciitizen may establish general practices and limits concerning use of the Service, including without limitation the maximum period of time that Health Information, data or other Content will be retained by the Service and the maximum storage space that will be allotted on Ciitizen’s servers on your behalf. You acknowledge that Ciitizen reserves the right, in our sole discretion, to terminate accounts that are inactive for an extended period of time; provided that Ciitizen has provided you with at least fifteen (15) days’ prior notice to the e-mail associated with your account.

2. Conditions of Use

Summary: Currently, we provide the Services free of charge to the user. You are solely responsible for any content you create via the Services. Certain types of user-created content and conduct (as set forth below) are strictly prohibited. Ciitizen can take appropriate action – including legal action – where you are in violation of these Terms. You acknowledge and agree that the Services are for your personal use only.

User Conduct.You are solely responsible for all code, video, images, information, data, text, software, music, sound, photographs, graphics, messages or other materials (“Content”) that you upload, post, publish or display (hereinafter, “Upload”) or email or otherwise use via the Service. The following are examples of illegal or prohibited Content and/or use. Ciitizen reserves the right to investigate and take appropriate legal action against anyone who, in our sole discretion, violates these Terms, including without limitation, removing the offending Content from the Service, suspending or terminating the account of such violators and reporting you to the law enforcement authorities.

You agree to not use the Service to:

  • a) email or otherwise upload any Content that (i) infringes any intellectual property or other proprietary rights of any party; (ii) you do not have a right to upload under any law or under contractual or fiduciary relationships; (iii) contains software viruses or any other computer code, files or programs designed to interrupt, destroy or limit the functionality of any computer software or hardware or telecommunications equipment; (iv) poses or creates a privacy or security risk to any person; (v) constitutes unsolicited or unauthorized advertising, promotional materials, commercial activities and/or sales, “junk mail,” “spam,” “chain letters,” “pyramid schemes,” “contests,” “sweepstakes,” or any other form of solicitation; (vi) is unlawful, harmful, threatening, abusive, harassing, tortious, excessively violent, defamatory, vulgar, obscene, pornographic, libelous, invasive of another’s privacy, hateful racially, ethnically or otherwise objectionable; or (vii) in the sole judgment of Ciitizen, is objectionable or which restricts or inhibits any other person from using or enjoying the Service, or which may expose Ciitizen or its users to any harm or liability of any type;
  • b) interfere with or disrupt the Service or servers or networks connected to the Service, or disobey any requirements, procedures, policies or regulations of networks connected to the Service; or
  • c) violate any applicable local, state, national or international law, or any regulations having the force of law;
  • d) impersonate any person or entity, or falsely state or otherwise misrepresent your affiliation with a person or entity;
  • e) solicit personal information from anyone under the age of 18;
  • f) harvest or collect email addresses or other contact information of other users from the Service by electronic or other means for the purposes of sending unsolicited emails or other unsolicited communications;
  • g) advertise or offer to sell or buy any goods or services for any business purpose that is not specifically authorized by us;
  • h) further or promote any criminal activity or enterprise or provide instructional information about illegal activities; or
  • i) obtain or attempt to access or otherwise obtain any materials or information through any means not intentionally made available or provided for through the Service.

Fees.We currently provide the Service free of charge to our users. We reserve the right to charge a fee for certain portions of the Service in the future.

Special Notice for International Use; Export Controls. You agree that you will not export or re-export, directly or indirectly, the Services and/or other information or materials provided by Ciitizen hereunder, to any country for which the United States or any other relevant jurisdiction requires any export license or other governmental approval at the time of export without first obtaining such license or approval. In particular, but without limitation, the Services may not be exported or re-exported (a) into any U.S. embargoed countries or any country that has been designated by the U.S. Government as a “terrorist supporting” country, or (b) to anyone listed on any U.S. Government list of prohibited or restricted parties, including the U.S. Treasury Department’s list of Specially Designated Nationals or the U.S. Department of Commerce Denied Person’s List or Entity List. By using the Services, you represent and warrant that you are not located in any such country or on any such list. You are responsible for and hereby agree to comply at your sole expense with all applicable United States export laws and regulations.

No Commercial Use. The Service is for your personal use only. Unless otherwise expressly authorized herein or in the Service, you agree not to display, distribute, license, perform, publish, reproduce, duplicate, copy, create derivative works from, modify, sell, resell, exploit, transfer or upload for any commercial purposes, any portion of the Service, use of the Service, or access to the Service.

3. Intellectual Property Rights

User Content Transmitted Through the Service; Your Ownership of User Content and Your Health Information. With respect to the content or other materials you upload through the Service or share with other users or recipients (collectively, “User Content”), by posting or submitting your User Content through the Services, you represent and warrant that you have, or have obtained, all rights, licenses, consents, permissions, power and/or authority necessary to grant the rights granted herein for your User Content. You agree that your User Content will not contain material subject to copyright or other proprietary rights, unless you have the necessary permission or are otherwise legally entitled to post the material and to grant us the license described above. As between you and us, you and/or your licensors own all right, title and interest in and to the User Content and your Health Information. As a condition of your use of the Services, you grant us a nonexclusive, perpetual, irrevocable, royalty-free, worldwide, transferable, sublicenseable license to access, use, host, cache, store, reproduce, transmit, display, publish, distribute, modify and adapt and create derivative works (either alone or as part of a collective work) from your User Content and Health Information.

You acknowledge and agree that Ciitizen may preserve your User Content and Health Information and may also disclose your User Content and Health Information if required to do so by law or if we, in our sole discretion, hold the good faith belief that such preservation or disclosure is reasonably necessary to: (a) comply with legal process, applicable laws or government requests; (b) enforce these Terms; (c) respond to claims that any such User Content or Health Information violates the rights of third parties; or (d) protect the rights, property, or personal safety of Ciitizen, its users and the public. You understand that the technical processing and transmission of the Service, including your User Content and Health Information, may involve (a) transmissions over various networks; and (b) changes to conform and adapt to technical requirements of connecting networks or devices.

Services, Software and Trademarks. You acknowledge and agree that the Services and their content (other than the Health Information and User Content you submit or that we collect on your behalf), including their “look and feel” (e.g., text, graphics, images, logos), proprietary content, information and other materials, are protected under copyright, trademark and other intellectual property laws (collectively, other than your Health Information and User Content, the “Service Content”). You agree that Ciitizen and/or its licensors own all right, title and interest in and to the Service Content and the Services (including any and all intellectual property rights therein). You agree not to take any action(s) inconsistent with such ownership interests. We and our licensors reserve all rights in connection with the Services and the Service Content, including, without limitation, the exclusive right to create derivative works.

Except as expressly authorized by Ciitizen, you agree not to modify, copy, frame, scrape, rent, lease, loan, sell, distribute or create derivative works based on the Service or the Service Content, in whole or in part, except that the foregoing does not apply to your own User Content that you legally upload to the Service. In connection with your use of the Service you will not engage in or use any data mining, robots, scraping or similar data gathering or extraction methods. If you are blocked by Ciitizen from accessing the Service (including by blocking your IP address), you agree not to implement any measures to circumvent such blocking (e.g., by masking your IP address or using a proxy IP address). Any use of the Service or the Service Content other than as specifically authorized herein is strictly prohibited. The technology and software underlying the Service or distributed in connection therewith are the property of Ciitizen, our affiliates and our partners (the “Software”). You agree not to copy, modify, create a derivative work of, reverse engineer, reverse assemble or otherwise attempt to discover any source code, sell, assign, sublicense, or otherwise transfer any right in the Software. Any rights not expressly granted herein are reserved by Ciitizen.

The Ciitizen name and logos and all related names, logos, product and service names, designs and slogans are trademarks and service marks of Ciitizen or its affiliates or licensors (collectively the “Ciitizen Trademarks”). Other names, logos, product and service names, designs and slogans that appear on the Services are the property of their respective owners, who may or may not be affiliated with, connected to, or sponsored by us. Nothing in these Terms or the Service should be construed as granting, by implication, estoppel, or otherwise, any license or right to use any of the Ciitizen Trademarks without our prior written permission in each instance. All goodwill generated from the use of Ciitizen Trademarks will inure to our exclusive benefit.

Ciitizen Work Product. As a part of the Services, we may produce certain reports, summaries, graphs, or other analysis using your Health Information and/or any data you provide to us, or otherwise process said Health Information and data in any way (“Work Product”) and provide you with access to such Work Product. You acknowledge and expressly agree that any Work Product (not including the Health Information and User Content that you have provided) becomes the sole and exclusive property of Ciitizen and Ciitizen may use and disclose Work Product in any manner and for any purpose whatsoever, so long as no part of your Health Information and User Content is released externally without your explicit, revocable consent (unless legally required), without further notice or compensation to you and without retention by you of any proprietary or other right or claim in accordance with applicable laws. You hereby assign to Ciitizen any and all right, title and interest (including, but not limited to, any patent, copyright, trade secret, trademark, show-how, know-how, and any and all other intellectual property right) that you may have in and to any and all Work Product, and waive any moral rights you might have.

License Grant. Subject to your compliance with these Terms, Ciitizen hereby grants to you, a personal, worldwide, royalty-free, non-assignable, non-sublicensable, non-transferrable, and non-exclusive license to (a) use the software provided to you as part of the Services and (b) any Work Product for your personal health use only. The software license has the sole purpose of enabling you to use and enjoy the benefit of the Services as provided by us, in the manner permitted by these Terms and subject to the use restrictions described below. We and our licensors reserve all rights in connection with the Services and its content (other than your User Content), including, without limitation, any Work Product or the exclusive right to create derivative works.

Third Party Material. Under no circumstances will Ciitizen be liable in any way for any Content or materials of any third parties (including users), including, but not limited to, for any errors or omissions in any Content, or for any loss or damage of any kind incurred as a result of the use of any such Content. You acknowledge that Ciitizen does not pre-screen Content, but that Ciitizen and its designees will have the right (but not the obligation) in their sole discretion to refuse or remove any Content that is available via the Service. Without limiting the foregoing, Ciitizen and its designees will have the right to remove any content that violates these Terms or is deemed by Ciitizen, in its sole discretion, to be otherwise objectionable. You agree that you must evaluate, and bear all risks associated with, the use of any Content, including any reliance on the accuracy, completeness, or usefulness of such Content.

Feedback. We welcome feedback, comments and suggestions for improvements to the Services (“Feedback”). You acknowledge and expressly agree that any contribution of Feedback does not and will not give or grant you any right, title or interest in the Services or in any such Feedback. All Feedback provided by you to Ciitizen are non-confidential and becomes the sole and exclusive property of Ciitizen and Ciitizen may use and disclose Feedback in any manner and for any purpose whatsoever without further notice or compensation to you and without retention by you of any proprietary or other right or claim. You hereby assign to Ciitizen any and all right, title and interest (including, but not limited to, any patent, copyright, trade secret, trademark, show-how, know-how, moral rights and any and all other intellectual property right) that you may have in and to any and all Feedback.. Notwithstanding the foregoing, we will keep your identity and any PHI or sensitive information provided by you in connection with any Feedback strictly confidential.

4. Copyright

Summary: Ciitizen respects the rights of copyright owners and expects you to do the same. If you are a copyright owner, and you believe any content hosted by Ciitizen infringes your copyrights, you may submit a notification pursuant to the Digital Millennium Copyright Act by providing notice to our designated agent.

Copyright Complaints. Ciitizen respects the intellectual property of others, and we ask our users to do the same. If you believe that your work has been copied in a way that constitutes copyright infringement, or that your intellectual property rights have been otherwise violated, you should notify Ciitizen of your infringement claim in accordance with the procedure set forth below.

Ciitizen will process and investigate notices of alleged infringement and will take appropriate actions under the Digital Millennium Copyright Act (“DMCA”) and other applicable intellectual property laws with respect to any alleged or actual infringement. A notification of claimed copyright infringement should be emailed to legal@ciitizen.com(Subject line: “DMCA Takedown Request”). You may also contact us by mail or facsimile at:

Ciitizen Corporation 
3000 El Camino Real
3 Palo Alto Square, Suite 120
Palo Alto, California, 94306 

To be effective, the notification must be in writing and contain the following information:

  • an electronic or physical signature of the person authorized to act on behalf of the owner of the copyright or other intellectual property interest;
  • a description of the copyrighted work or other intellectual property that you claim has been infringed;
  • a description of where the material that you claim is infringing is located on the Service, with enough detail that we may find it on the Service;
  • your address, telephone number, and email address;
  • a statement by you that you have a good faith belief that the disputed use is not authorized by the copyright or intellectual property owner, its agent, or the law;
  • a statement by you, made under penalty of perjury, that the above information in your Notice is accurate and that you are the copyright or intellectual property owner or authorized to act on the copyright or intellectual property owner’s behalf.

Counter-Notice. If you believe that your User Content that was removed (or to which access was disabled) is not infringing, or that you have the authorization from the copyright owner, the copyright owner’s agent, or pursuant to the law, to upload and use the content in your User Content, you may send a written counter-notice containing the following information to Ciitizen:

  • your physical or electronic signature;
  • identification of the content that has been removed or to which access has been disabled and the location at which the content appeared before it was removed or disabled;
  • a statement that you have a good faith belief that the content was removed or disabled as a result of mistake or a misidentification of the content; and
  • your name, address, telephone number, and email address, a statement that you consent to the jurisdiction of the federal court located within Northern District of California and a statement that you will accept service of process from the person who provided notification of the alleged infringement.
  • If a counter-notice is received by Ciitizen, Ciitizen will send a copy of the counter-notice to the original complaining party informing that person that it may replace the removed content or cease disabling it in 10 business days. Unless the copyright owner files an action seeking a court order against the content provider, member or user, the removed content may be replaced, or access to it restored, in 10 to 14 business days or more after receipt of the counter-notice, at our sole discretion.

Repeat Infringer Policy. In accordance with the DMCA and other applicable law, Ciitizen has adopted a policy of terminating, in appropriate circumstances and at Ciitizen’s sole discretion, users who are deemed to be repeat infringers. Ciitizen may also at its sole discretion limit access to the Service and/or terminate the memberships of any users who infringe any intellectual property rights of others, whether or not there is any repeat infringement.]

5. Third Party Services and Materials

Summary: Ciitizen may from time to time include or link to services provided by third parties. We are not responsible for these materials or services. 

The Service may display, include or make available content, data, information, applications or materials from third parties (“Third Party Materials”) or provide links or other access to certain third party websites and resources. By using the Services, you acknowledge and agree that Ciitizen has no control over such third party websites and resources and that we are not responsible for examining or evaluating the content, accuracy, completeness, timeliness, validity, copyright compliance, legality, decency, quality or any other aspect of such Third Party Materials or websites. We do not warrant or endorse and do not assume and will not have any liability or responsibility to you or any other person for any Third Party Materials, websites, products, services or resources. You further acknowledge that Third Party Materials and links to other websites are provided solely as a convenience to you. Any dealings you have with third parties are between you and such third party, and you agree that Ciitizen is not liable for any loss or claim that you may have against any such third party.

6. Disclaimer of Warranties

Summary: Except as expressly stated, the Services provided by Ciitizen are “as is” and without warranties. 

Your access to and use of the Services are at your own risk. You understand and agree that the Services are provided to you on an “AS IS” and “AS AVAILABLE” basis. Without limiting the foregoing, to the maximum extent permitted under applicable law, Ciitizen, its parents, affiliates, related companies, officers, directors, employees, agents, representatives, partners and licensors (the “Ciitizen Entities”) DISCLAIM ALL WARRANTIES AND CONDITIONS, WHETHER EXPRESS OR IMPLIED, OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Without limiting any of the foregoing, the Ciitizen Entities make no warranty or representation and disclaim all responsibility and liability for: (a) the completeness, accuracy, availability, timeliness, security or reliability of the Services; (b) any harm to your computer system, loss of data, or other harm that results from your access to or use of the Services; (c) the operation or compatibility with any other application or any particular system or device; (d) whether the Services will meet your requirements or be available on an uninterrupted, secure or error-free basis; and (e) the deletion of, or the failure to store or transmit, your User Content and other communications maintained by the Services. No advice or information, whether oral or written, obtained from the Ciitizen Entities or through the Services, will create any warranty or representation not expressly made herein. 

Some jurisdictions do not allow the disclaimer or exclusion of certain warranties. Accordingly, some of the disclaimers set forth above may not apply to you or be enforceable with respect to you. If you are dissatisfied with any portion of the Service or with these Terms, your sole and exclusive remedy is to discontinue use of the Service 

If you are a user from New Jersey, the foregoing section titled “Disclaimer of Warranties” is intended to be only as broad as is permitted under the laws of the State of New Jersey. If any portion of this section is held to be invalid under the laws of the State of New Jersey, the invalidity of such portion shall not affect the validity of the remaining portions of the applicable section.

7. Limitations of Liability

Summary: Ciitizen is not be liable for certain types of damages resulting from certain types of claims as described herein. 

TO THE EXTENT NOT PROHIBITED BY LAW, YOU AGREE THAT IN NO EVENT WILL THE Ciitizen ENTITIES BE LIABLE (A) FOR INDIRECT, SPECIAL, EXEMPLARY, INCIDENTAL, CONSEQUENTIAL OR DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES, LOSS OF USE, DATA OR PROFITS, BUSINESS INTERRUPTION OR ANY OTHER DAMAGES OR LOSSES, ARISING OUT OF OR RELATED TO YOUR USE OR INABILITY TO USE THE SERVICES), HOWEVER CAUSED AND UNDER ANY THEORY OF LIABILITY, WHETHER UNDER THESE TERMS OR OTHERWISE ARISING IN ANY WAY IN CONNECTION WITH THE SERVICES OR THESE TERMS AND WHETHER IN CONTRACT, STRICT LIABILITY OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) EVEN IF THE Ciitizen ENTITIES HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGE, OR (B) FOR ANY OTHER CLAIM, DEMAND OR DAMAGES WHATSOEVER RESULTING FROM OR ARISING OUT OF OR IN CONNECTION WITH THESE TERMS OR THE DELIVERY, USE OR PERFORMANCE OF THE SERVICES. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OR LIMITATION OF INCIDENTAL OR CONSEQUENTIAL DAMAGES, SO THE ABOVE EXCLUSION OR LIMITATION MAY NOT APPLY TO YOU. THE Ciitizen ENTITIES’ TOTAL LIABILITY TO YOU FOR ANY DAMAGES FINALLY AWARDED SHALL NOT EXCEED THE AMOUNT OF ONE HUNDRED DOLLARS ($100.00), OR THE AMOUNT YOU PAID THE Ciitizen ENTITIES, IF ANY, IN THE PAST SIX (6) MONTHS FOR THE SERVICES (OR PRODUCTS PURCHASED ON THE SERVICES) GIVING RISE TO THE CLAIM. THE FOREGOING LIMITATIONS WILL APPLY EVEN IF THE ABOVE STATED REMEDY FAILS OF ITS ESSENTIAL PURPOSE. 

Some jurisdictions do not allow the limitation or exclusion of liability for incidental or consequential damages. Accordingly, some of the limitations set forth above may not apply to you or be enforceable with respect to you. If you are dissatisfied with any portion of the Service or with these Terms, your sole and exclusive remedy is to discontinue use of the Service. 

If you are a user from New Jersey, the foregoing section titled “Limitation of Liability” is intended to be only as broad as is permitted under the laws of the State of New Jersey. If any portion of this section is held to be invalid under the laws of the State of New Jersey, the invalidity of such portion shall not affect the validity of the remaining portions of the applicable section.

8. Indemnity

Summary: You agree to indemnify and hold Ciitizen and its affiliates, employees and agents harmless from any losses arising out of your use of the Service, or User Content or your violation of these Terms or violation of another’s rights. 

By entering into these Terms and using the Services, you agree to indemnify and hold Ciitizen and its affiliates and their officers, employees, directors and agents (collectively, “Indemnitees”) harmless from any and all losses, damages, liability and expenses (including reasonable attorneys’ fees), rights, claims, costs, actions of any kind and injury arising out of or in connection with: (a) your violation or breach of any term of these Terms or any applicable law or regulation; (b) your violation of any rights of any third party; (c) any unauthorized use of the Services; (d) your User Content, or (e) your negligence or willful misconduct.

9. Dispute Resolution By Binding Arbitration. PLEASE READ THIS SECTION CAREFULLY AS IT INCLUDES IMPORTANT INFORMATION ABOUT YOUR LEGAL RIGHTS.

Summary: You agree that all disputes with Ciitizen will be subject to binding arbitration on an individual basis to the extent permitted under applicable law.

a. Agreement to Arbitrate

This Dispute Resolution by Binding Arbitration section is referred to in this Terms of Service as the “Arbitration Agreement.” You agree that any and all disputes or claims that have arisen or may arise between you and Ciitizen, whether arising out of or relating to this Terms of Service (including any alleged breach thereof), the Services, any advertising, any aspect of the relationship or transactions between us, shall be resolved exclusively through final and binding arbitration, rather than a court, in accordance with the terms of this Arbitration Agreement, except that you may assert individual claims in small claims court, if your claims qualify. Further, this Arbitration Agreement does not preclude you from bringing issues to the attention of federal, state, or local agencies, and such agencies can, if the law allows, seek relief against us on your behalf. You agree that, by entering into this Terms of Service, you and Ciitizen are each waiving the right to a trial by jury or to participate in a class action. Your rights will be determined by a neutral arbitrator, not a judge or jury. The Federal Arbitration Act governs the interpretation and enforcement of this Arbitration Agreement.

b. Prohibition of Class and Representative Actions and Non-Individualized Relief

YOU AND CIITIZEN AGREE THAT EACH OF US MAY BRING CLAIMS AGAINST THE OTHER ONLY ON AN INDIVIDUAL BASIS AND NOT AS A PLAINTIFF OR CLASS MEMBER IN ANY PURPORTED CLASS OR REPRESENTATIVE ACTION OR PROCEEDING. UNLESS BOTH YOU AND CIITIZEN AGREE OTHERWISE, THE ARBITRATOR MAY NOT CONSOLIDATE OR JOIN MORE THAN ONE PERSON’S OR PARTY’S CLAIMS AND MAY NOT OTHERWISE PRESIDE OVER ANY FORM OF A CONSOLIDATED, REPRESENTATIVE, OR CLASS PROCEEDING. ALSO, THE ARBITRATOR MAY AWARD RELIEF (INCLUDING MONETARY, INJUNCTIVE, AND DECLARATORY RELIEF) ONLY IN FAVOR OF THE INDIVIDUAL PARTY SEEKING RELIEF AND ONLY TO THE EXTENT NECESSARY TO PROVIDE RELIEF NECESSITATED BY THAT PARTY’S INDIVIDUAL CLAIM(S), EXCEPT THAT YOU MAY PURSUE A CLAIM FOR AND THE ARBITRATOR MAY AWARD PUBLIC INJUNCTIVE RELIEF UNDER APPLICABLE LAW TO THE EXTENT REQUIRED FOR THE ENFORCEABILITY OF THIS PROVISION.

c. Pre-Arbitration Dispute Resolution

You agree that in the event of any dispute between you and the Ciitizen Entities, you will first contact Ciitizen and make a good faith sustained effort to resolve the dispute before resorting to more formal means of resolution, including without limitation, any court action. 

Ciitizen is always interested in resolving disputes amicably and efficiently, and most user concerns can be resolved quickly and to the user’s satisfaction by emailing support at help@ciitizen.com. If such efforts prove unsuccessful, a party who intends to seek arbitration must first send to the other, by certified mail, a written Notice of Dispute (“Notice”). The Notice to Ciitizen should be sent to Ciitizen Corporation, 3000 El Camino Real, 3 Palo Alto Square, Suite 120, Palo Alto, California, 94306 (“Notice Address”). The Notice must (i) describe the nature and basis of the claim or dispute and (ii) set forth the specific relief sought. If Ciitizen and you do not resolve the claim within sixty (60) calendar days after the Notice is received, you or Ciitizen may commence an arbitration proceeding. During the arbitration, the amount of any settlement offer made by Ciitizen or you shall not be disclosed to the arbitrator until after the arbitrator determines the amount, if any, to which you or Ciitizen is entitled.

d. Arbitration Procedures

After the informal dispute resolution process, any remaining dispute, controversy, or claim (collectively, “Claim”) relating in any way to your use of Ciitizen’s services and/or products, including the Services, will be resolved by arbitration. You and the Ciitizen agree that any Claim will be settled by final and binding arbitration, using the English language, administered by JAMS under its Comprehensive Arbitration Rules and Procedures (the “JAMS Rules”) then in effect (those rules are deemed to be incorporated by reference into this section, and as of the date of these Terms). Arbitration will be handled by a sole arbitrator in accordance with the JAMS Rules. Judgment on the arbitration award may be entered in any court that has jurisdiction. Any arbitration under the Terms will take place on an individual basis – class arbitrations and class actions are not permitted. You understand that by agreeing to the Terms, you and Ciitizen are each waiving the right to trial by jury or to participate in a class action or class arbitration. Notwithstanding the foregoing, you and Ciitizen will have the right to bring an action in a court of proper jurisdiction for injunctive or other equitable or conservatory relief, pending a final decision by the arbitrator. You may instead assert your claim in “small claims” court, but only if your claim qualifies, your claim remains in such court and your claim remains on an individual, non-representative and non-class basis. An arbitrator shall not be bound by rulings in prior arbitrations involving different users, but is bound by rulings in prior arbitrations involving the same user to the extent required by applicable law.

e. Costs of Arbitration

Payment for any and all reasonable JAMS filing, administrative and arbitrator fees will be in accordance with the JAMS Rules. If the value of your claim does not exceed $75,000, Ciitizen will pay for the reasonable filing, administrative and arbitrator fees associated with the arbitration, unless the arbitrator finds that either the substance of your claim or the relief sought was frivolous or brought for an improper purpose.

f. Confidentiality

All aspects of the arbitration proceeding, and any ruling, decision, or award by the arbitrator, will be strictly confidential for the benefit of all parties.

g. Severability

If a court or the arbitrator decides that any term or provision of this Arbitration Agreement (other than the subsection (b) titled “Prohibition of Class and Representative Actions and Non-Individualized Relief” above) is invalid or unenforceable, the parties agree to replace such term or provision with a term or provision that is valid and enforceable and that comes closest to expressing the intention of the invalid or unenforceable term or provision, and this Arbitration Agreement shall be enforceable as so modified. If a court or the arbitrator decides that any of the provisions of subsection (b) above titled “Prohibition of Class and Representative Actions and Non-Individualized Relief” are invalid or unenforceable, then the entirety of this Arbitration Agreement shall be null and void, unless such provisions are deemed to be invalid or unenforceable solely with respect to claims for public injunctive relief. The remainder of these Terms will continue to apply.

h. Opt-Out

You have the right to opt-out and not be bound by the arbitration provisions set forth in these Terms by sending written notice of your decision to opt-out to legal@ciitizen.com or to the U.S. mailing address listed at the bottom of this Agreement. The notice must be sent to Ciitizen within thirty (30) days of your registering to use the Services or agreeing to these Terms, otherwise you shall be bound to arbitrate disputes in accordance with these Terms. If you opt-out of these arbitration provisions, Ciitizen also will not be bound by them.

i. Future Changes to Arbitration Agreement

Notwithstanding any provision in these Terms to the contrary, Ciitizen agrees that if it makes any future change to this Arbitration Agreement (other than a change to the Notice Address) while you are a user of the Services, you may reject any such change by sending Ciitizen written notice within thirty (30) calendar days of the change to the Notice Address provided above. By rejecting any future change, you are agreeing that you will arbitrate any dispute between us in accordance with the language of this Arbitration Agreement as of the date you first accepted these Terms (or accepted any subsequent changes to these Terms).

10. Termination

Summary: Ciitizen may suspend or terminate any licenses granted by us and/or your account if you have violated these Terms (including violations of the law and fraudulent or abusive activity). 

If you breach any of the terms of these Terms, all licenses granted by Ciitizen will terminate automatically. Additionally, Ciitizen may suspend, disable, or delete your account and/or the Services (or any part of the foregoing) with or without notice, for any or no reason. If Ciitizen deletes your account for any suspected breach of these Terms by you, you are prohibited from re-registering for the Services under a different name. In the event of account deletion for any reason, Ciitizen may, but is not obligated to, delete any of your Content. Ciitizen shall not be responsible for the failure to delete or deletion of your Content. All sections which by their nature should survive the termination of these Terms shall continue in full force and effect subsequent to and notwithstanding any termination of this Agreement by Ciitizen or you. Termination will not limit any of Ciitizen’s other rights or remedies at law or in equity. Any suspected fraudulent, abusive or illegal activity that may be grounds for termination of your use of Service, may be referred to appropriate law enforcement authorities. You agree that any termination of your access to the Service under any provision of this Terms of Service may be effected without prior notice, and acknowledge and agree that Ciitizen may immediately deactivate or delete your account and all related information and files in your account and/or bar any further access to such files or the Service. Further, you agree that Ciitizen will not be liable to you or any third party for any termination of your access to the Service.

11. User Disputes

Summary: You agree that you are solely responsible for interactions with other Ciitizen users, and Ciitizen is not obligated to get involved in disputes between its users. 

You agree that you are solely responsible for your interactions with any other user in connection with the Service and Ciitizen will have no liability or responsibility with respect thereto. Ciitizen reserves the right, but has no obligation, to become involved in any way with disputes between you and any other user of the Service.

The Patient Record Scorecard Methodology

The Patient Record Scorecard grades health care providers on how well they comply with a patient’s request, under the HIPAA Privacy Rule, to get copies of their medical records and how seamlessly they fulfill these requests. Although there are a number of state laws that set a higher bar for patient access to records, only compliance with the HIPAA Privacy Rule was evaluated.

The score – between 0 to 5 stars – is based on the response of health care providers to one or more actual records requests submitted by patients (the patients request that their information be sent to their Ciitizen personal health record accounts). Ciitizen helps these patients by following up with each provider to make sure the patients’ requests get fulfilled.

The goal of the Patient Record Scorecard is to encourage and guide every health care provider to ultimately reach and maintain five stars.

How we reach the score

The star ratings are based on compliance with four key components of the HIPAA Right of Access.

Accepts requests by email or fax: Providers may not create a barrier to access by requiring patients to submit requests in person or by mail. (45 CFR 164.524(b)(1), https://www.hhs.gov/hipaa/for-professionals/faq/2036/can-an-individual-through-the-hipaa-right/index.html)

Sent in format requested: The provider sends the records in the format the patient requests, which is electronically for electronic records, CD for images. (45 CFR 164.524(c)(2)(ii)). https://www.hhs.gov/hipaa/for-professionals/faq/2060/do-individuals-have-the-right-under-hipaa-to-have/index.html.

Sent within 30 days*: The provider responds to the request within 30 days of receipt. (45 CFR 164.524(b)(2)(i))

*Providers can get credit for meeting the “within 30 days” component if within 30 days they provide a written statement of reasons for the delay and the date by which the records will be provided, and if the records are received within 60 days of receipt.

No unreasonable fees: Providers may only charge patients reasonable, cost-based (i.e., minimal) fees to cover labor costs of copying and supplies. (45 CFR 164.524(c)(4))

Star Ratings

Zero Stars – Not Compliant, No Records Sent

A provider will receive a score of zero if they do not respond to a patient’s request for copies of their records.

One Star – Not Compliant, Records Received

A provider gets one star if they fail to meet one or more of the four key components of the right of access – for example, if they do not have a process for accepting requests by e-mail or fax; if they do not send records in the form or format requested by the patient; if they take more than 30 days to send records; or if they charge fees that are not compliant with HIPAA.

Two Stars – HIPAA Compliant With Intervention

A provider earns two stars if they:

  • Meet all four of the HIPAA compliant components but
  • Request had to be escalated to a supervisor or the provider’s privacy official to ensure it was fulfilled in compliance with HIPAA. The need for intervention puts undue burden on the patient.

Three Stars – HIPAA Compliant with Effort

A provider earns three stars if they:

  • Meet all four of the HIPAA compliant components but
  • Request required more than two follow-up phone calls to ensure it was fulfilled in compliance with HIPAA.

Four-Stars - HIPAA compliant with seamless process​

A provider earns four stars if they:

  • Meet all of the HIPAA-compliant components
  • Request was processed seamlessly (i.e. without the need for any additional escalations to supervisors or privacy officials or additional follow-up calls).

Five-Stars - HIPAA compliant and patient focused​

Providers who earn five stars go above and beyond to put patients first by doing the following:

  • Send records in five days or less
  • Accept external request forms (i.e., not requiring that patients use a specific form)
  • Provide patients their records for free
  • Records are sent directly to the destination requested by the patient.

For those health care providers where more than one request was submitted, the score reflects the provider’s performance based on the most recent records request. For multi-site health care provider systems with centralized medical record release offices, that system’s latest score is populated at each location in the Scorecard.