Safe Harbor Privacy Policy

Appistry believes in protecting your privacy. Appistry complies with the U.S.-E.U. Safe Harbor Framework and the U.S.-Swiss Safe Harbor Framework as set forth by the U. S. Department of Commerce regarding the collection, use, and retention of personal health information from the European Union member countries and Switzerland. Personal health information (PHI) means data that is 1) transferred from the EU or Swiss to the US; 2) is recorded in any form; 3) is about, or pertains to a specific individual; and 4) can be linked to that individual. Appistry certifies that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Safe Harbor program, and to view Appistry’s certification, please visit

These are promises to you:

  1. Notice. Appistry will not share PHI with third parties without prior consent except as required under federal law. Appistry will provide its vendors timely notice should it be required under federal law to share PHI with a third party.
  2. Choice. Appistry will offer its vendors the opportunity to choose whether PHI is used for a purpose other than for which it was originally authorized under a services contract.
  3. Relevance. Appistry will collect only PHI which is relevant for the specific, identified purpose under a services contract, and we will not use it for other purposes without first obtaining consent.
  4. Data Security. Appistry will take appropriate physical, technical and organizational measures to protect PHI from loss, misuse, unauthorized access or disclosure, or alteration.
  5. Data Integrity. Appistry will take appropriate steps to make sure the personal information in its records is accurate.
  6. Access. Appistry will provide ways for its vendors to access the PHI as required through Appistry’s internal procedures.
  7. Sharing. Appistry will not share PHI with third parties without prior consent except as required under federal law.
  8. Enforcement. Appistry uses a self-assessment approach to ensure compliance with this privacy policy. Appistry will regularly review how we’re meeting these privacy promises, and we’ll provide an independent way to resolve complaints about our privacy practices.
  9. Amendments. This privacy policy may be amended from time to time to be consistent with requirements of the Safe Harbor. We will post any revised policy to this website.
  10. Recourse Mechanism. Appistry chooses the American Arbitration Association (AAA) to investigate any potential unresolved complaints.

Appistry is committed to following the principles for all PHI within the scope of the Safe Harbor Agreement. However, certain information is subject to policies of Appistry that may differ in some respects from the general policies set forth in this privacy policy.

To ask questions about our privacy policies, or issue a complaint, please contact us at:

Appistry, Inc.
Attn: Legal Department
1141 S. 7th Street, Suite 300
St. Louis, MO 63104

Last updated 3/2013