U.S. Patient Privacy Principles

Medtronic is the world leader in medical technology providing life long solutions for people with chronic disease. To perform our jobs, we may create, develop or receive information about patients' experiences with our products and services in a variety of situations, including:

  • We provide therapy or technical support for our products.
  • We receive questions and suggestions about our products and services from patients and physicians.
  • We enroll patients in our clinical trials.
  • We collect information as required by the FDA and other governmental authorities to assure safe and effective use of our products.
  • We collect, analyze and re-analyze our data in a continuous effort to improve the design, quality and functioning of our devices.

Preservation of, and respect for, our customers' trust is critical to our continued success. We will always treat such patient information:

  • Confidentially, according to applicable laws.
  • Appropriately, according to the promises we make to our customers.
  • Respectfully, in honor of our patients' willingness to trust us to use sensitive information to oversee the quality, safety and effectiveness of the devices that they make part of their daily lives.

Medtronic's Commitment

Notice and Choice: Our customer may sometimes be a hospital, physician, or other healthcare provider; at other times, patients themselves are our customers or clinical trial participants. We obtain the patient information on which our business depends in accordance with applicable laws for assuring notice and choice to our customer regarding our data collection, whether our customer is the patient or a hospital, physician or other healthcare provider.

We recognize that our hospital and physician customers have obligations to comply with HIPAA and state privacy laws. These laws may affect our employees' activities at our customers' facilities – for example, when we are collecting data as required by FDA, supporting the safe and effective use of our devices, or servicing our technology. We understand that when Medtronic personnel are in a customer's facility, our presence must not be inconsistent with patients' privacy expectations under the policies and procedures that the customer has established to implement the HIPAA Privacy Rule and applicable state laws.

To support our customers' HIPAA implementation efforts, we have instructed our employees that:

  1. They must respect each customer's explicit and implicit instructions regarding their incidental exposure to sensitive health information.
  2. They must not record, discuss or otherwise divulge any protected health information to which they may be exposed as a provider of therapy or technical support on a customer's premises without the customer's permission.
  3. When they learn of a fact or occurrence that is related to our obligations regarding product safety, effectiveness or quality surveillance under the Federal Food Drug and Cosmetic Act, they must inform the customer's personnel when recording any protected health information.
  4. If a customer has elected to require individuals who represent vendors or other unaffiliated providers to register when visiting the customer's facility, we have instructed our employees to do so by notifying the customer's personnel, registering or signing in when visiting the facility.

Information Security: We maintain appropriate physical, technical and administrative security standards and procedures to safeguard our patient data and systems. Our employees are educated on the importance of our privacy and security policies and must comply with them. Employees are permitted to access and use only the patient information they need to perform their job duties.

Data Integrity and Access: The lawful operation of our business demands that we take steps to assure the accuracy and integrity of the data that we use. Where our data are used in making decisions that may affect the subject of the information, as in device tracking, we assure that the subject has access to inspect and correct the data in accord with applicable laws.

Medtronic is committed to supporting our customers in their efforts to protect the confidentiality of protected health information. We expect our employees to comply with our customers' instructions regarding their policies that govern visitor behavior in their facilities – and we expect to be accountable to our customers for appropriately sanctioning our employees who fail to do so.

For further information: call 888-775-2698 or send an e-mail to hipaa@medtronic.com

While Medtronic MiniMed adheres to these general principles of privacy set forth herein, Medtronic MiniMed's Notice of Privacy Practices describes Medtronic MiniMed's privacy policy with respect to the protected health information of its patients.