Medtronic CareLink Network
About Medtronic CareLink Network

Overview

How It Works

When to Use the Monitor

Connected Devices

Convenience for Patients

Freedom to Travel

Continuity of Care

Find a clinic near you that offers Medtronic CareLink Service
 

Fact Sheet

Patient Stories

Frequently Asked Questions

Request More Info

Related Conditions

>Tachyarrhythmia
 

Data Use Policy

Important Safety Information
Email this page
Contact Medtronic
Medtronic

Data Use Policy

CRDM Data Warehousing and Analytics Services Patient Data Use Policy for the United States

Executive Summary:
CRDM DWAS1 data use policies, practices, and procedures for data received through the Medtronic CareLink® Network will be compliant with all applicable Medtronic policies and legal/regulatory requirements.

Data Regarding Patients:
Medtronic’s use of Protected Health Information (PHI)2 transmitted through the CareLink Network is governed by HIPAA, applicable state laws and the terms of the Business Associate Agreement (BAA) between Medtronic and each CareLink account. Medtronic will use PHI as allowed under these applicable laws and agreements.  Medtronic will not use PHI for marketing purposes.

Medtronic’s use of a Limited Data Set (LDS)2 will also be consistent with applicable laws and agreements. Medtronic will not use a LDS for marketing purposes.

In accordance with applicable law and agreements, Medtronic may also create a de-identified data (DID)2 set. As allowed by law, DID may be used for various internal and external purposes and may be shared with external organizations. However, it will not be used to re-identify patients for patient-specific marketing purposes.

Data Regarding Health Care Professionals and CareLink Accounts:
Medtronic may use information that identifies health care professionals and CareLink accounts for the operational purposes of managing, monitoring, and/or improving the operation and utilization of the CareLink Network and to meet any legal obligation Medtronic may have.  Medtronic will use reasonable safeguards to not otherwise use data that identifies specific accounts by name unless so requested by or allowed by the account.

As allowed by law, Medtronic may use aggregated or de-identified health care professional or health care facility information for various internal and external purposes.

Data Access and Control Procedures:
Access to PHI will be overseen in accordance with Medtronic policies with processes that meet the requirements of any applicable law or agreement.

Data will be secured using industry-standard physical and procedural security safeguards to prevent loss or unauthorized access of the data.

Any known security breaches will be reported to the affected account as required by applicable law or agreement.

1 Data Warehousing and Analytics Services

2 As defined by Standards for Privacy of Individually Identifiable Health Information (“Privacy Rule”) established to implement the requirements of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”).