Medical professionals can instantly communicate with patients via text or chat, all secure. Seamlessly engage with patients to maximize health outcomes.
No patient portals or downloads
Easily share lab and other medical results
Share educational information with patients via SMS
Here’s why over 100,000 providers and healthcare professionals trust our patient chat
Seamless Communication
Simple and Secure
Easy Internal Collaboration
70+ EHR/PM Integration
Trusted by 16M+ Patients
HOW IT WORKS
Customizable, targeted automation empowers providers and engages patients
Clinic View
Care teams can seamlessly send personal health information, two-ways, through the secure chat portal
Send educational content to patients or notify them when they’re due for preventative screenings
Invite relevant team members into the conversation via @mentions to privately collaborate on a patient’s care
Patient View
Patients receive an SMS message from their care team, with customizable prompts
No app download or confusing patient portals to engage with your providers, get in touch with just one click
Respond back to your care team to communicate in real-time, all secure and HIPAA-compliant
USE CASES
Patients want better communication with their providers, and providers need a way to communicate that is easy and secure.
Test Results
With HIPAA-compliant secure chat, providers can share test results with their patients and ask or answer any follow-up questions.
Let your patients know when the results of important lab results are ready, and share with other relevant team members to coordinate patient follow-up.
Insurance Information
Prompt patients to upload their insurance information via SMS message prior to their appointment to streamline internal workflows.
Minimize staff and patient face-to-face interactions, and follow social distancing mandates by sending patients a link to upload their insurance information via SMS message pre-appointment.
Patient Monitoring
Check-in with patients pre- and post-appointment or procedure to monitor their symptoms.
Monitor key health risk factors post-procedure, like remote blood pressure monitoring.
Patient Education
Share health tips for certain high-risk populations or message patients to notify them when they are due for preventative screenings.
Educate patients about the importance of early detection to promote underused screenings, which can also generate more revenue.
OVER 70 EASY EHR AND PM INTEGRATIONS
A seamless, bi-directional integration to empower your care teams
OVER 100,000 HEALTHCARE PROFESSIONALS LOVE LUMA HEALTH
Trusted by clinics, community health centers, and health systems across the U.S.
Implementing Luma Health’s Broadcast tool in response to COVID-19 enabled us to reach out to 8,000 to 10,000 current patients at once to let them know not come to the hospital or clinic, and that we would replace their regular appointment with a telehealth visit. We also used the texting functionality to send surveys to employees to check for COVID-19 symptoms and get drive-through testing done. Text-first engagement has helped keep both our patients and our staff safe during this pandemic.”
Adam Weber, Director of Clinical Ancillary Applications
Medical professionals can instantly communicate with patients via text or chat, all secure. Seamlessly engage with patients to maximize health outcomes.
No patient portals or downloads
Easily share lab and other medical results
Share educational information with patients via SMS
Here’s why over 100,000 providers and healthcare professionals trust our patient chat
Seamless Communication
Simple and Secure
Easy Internal Collaboration
70+ EHR/PM Integration
Trusted by 16M+ Patients
HOW IT WORKS
Customizable, targeted automation empowers providers and engages patients
Clinic View
Care teams can seamlessly send personal health information, two-ways, through the secure chat portal
Send educational content to patients or notify them when they’re due for preventative screenings
Invite relevant team members into the conversation via @mentions to privately collaborate on a patient’s care
Patient View
Patients receive an SMS message from their care team, with customizable prompts
No app download or confusing patient portals to engage with your providers, get in touch with just one click
Respond back to your care team to communicate in real-time, all secure and HIPAA-compliant
USE CASES
Patients want better communication with their providers, and providers need a way to communicate that is easy and secure.
Test Results
With HIPAA-compliant secure chat, providers can share test results with their patients and ask or answer any follow-up questions.
Let your patients know when the results of important lab results are ready, and share with other relevant team members to coordinate patient follow-up.
Insurance Information
Prompt patients to upload their insurance information via SMS message prior to their appointment to streamline internal workflows.
Minimize staff and patient face-to-face interactions, and follow social distancing mandates by sending patients a link to upload their insurance information via SMS message pre-appointment.
Patient Monitoring
Check-in with patients pre- and post-appointment or procedure to monitor their symptoms.
Monitor key health risk factors post-procedure, like remote blood pressure monitoring.
Patient Education
Share health tips for certain high-risk populations or message patients to notify them when they are due for preventative screenings.
Educate patients about the importance of early detection to promote underused screenings, which can also generate more revenue.
OVER 70 EASY EHR AND PM INTEGRATIONS
A seamless, bi-directional integration to empower your care teams
OVER 100,000 HEALTHCARE PROFESSIONALS LOVE LUMA HEALTH
Trusted by clinics, community health centers, and health systems across the U.S.
Implementing Luma Health’s Broadcast tool in response to COVID-19 enabled us to reach out to 8,000 to 10,000 current patients at once to let them know not come to the hospital or clinic, and that we would replace their regular appointment with a telehealth visit. We also used the texting functionality to send surveys to employees to check for COVID-19 symptoms and get drive-through testing done. Text-first engagement has helped keep both our patients and our staff safe during this pandemic.”
Adam Weber, Director of Clinical Ancillary Applications
Patient care extends well beyond the minutes that a clinician and patient pass in an exam room together. The ensuing visit notes are just one piece of the continuum. Healthcare systems have long integrated selections from a smorgasbord of technology tools to document care, optimize practice operations, and integrate patients’ financial journeys…with varying degrees of interoperability and success.
Moving into 2024, healthcare providers report momentum towards consolidating tech stacks, looking to existing solutions for add-on capabilities before evaluating new vendors. Many EHR vendors are expanding beyond their core functionality of care documentation with solutions across the patient care journey. But organizations should tread with care.
Enterprise EHR is not one-size-fits-all
Every organization has unique aspects that influence operation. The gap between patient expectations and system capabilities can be massive, presenting many opportunities for patients to fall into the chasm between.
What’s holding patients back? Research indicates that barriers to self-service include access to the internet, lack of awareness of services, low computer skills, and change in the habit of making appointments over the phone or face-to-face. But even for patients who engage with technology, a challenging process is likely to disenchant and deter. Patients expect a frictionless experience. Anything less will stand between them and a completed appointment. No pressure, right?
The good news is, in a competitive marketplace, healthcare systems have a huge opportunity to deliver a seamless experience to keep patients coming back.
Most systems are designed to work when everything is going right: when patients are fully engaged with all of their tools.But data shows that only about 20-30% of patients make it through a manual scheduling process to a completed appointment. In their wake, they leave the debris of administrative burden, network leakage, missed appointments, and ultimately: lost revenue.
To capture maximum value from an enterprise EHR, you will need supplemental capabilities and patient engagement guardrails designed to keep the other 70 – 80% of patients in network.
10 Ways that Patient Engagement Platforms Support Patient Retention
End-to-end SMS capabilities: Patient portals can be limiting – many features hide behind walls of clicks and require a patient’s full, unsustained attention. Text message outreach can go beyond directing patients to their portal. Reach more patients by enabling them to make an appointment or complete pre-visit paperwork by way of text messages, start-to-finish.
Smart Waitlist Management: Automate the patient-cancel-staff-scramble with a graceful pivot to an integrated process, filling newly-emptied appointment slots as they arise via automated text outreach.
Streamlined Appointment Management: Enable patients to schedule, reschedule, or cancel appointments through the platform, reducing no-shows and optimizing scheduling efficiency.
Automated Appointment Reminders from a Recognized Phone Number: Text blasts are often ignored or filtered as spam. When patients receive reminders via a trusted organization’s phone number, practices realize improved appointment attendance rates and reduce administrative burdens.
Secure Communication Channels: Stay HIPAA-compliant. Secure communication between patients and healthcare providers can be integrated within the platform.
Health Risk Assessments: Administer and analyze health risk assessments through the platform, aiding in early identification of potential health risks and preventive interventions.
Feedback and Satisfaction Surveys: Collect patient feedback and satisfaction surveys through the platform to gauge the quality of care and identify areas for improvement. Automate post-visit follow-ups and surveys to gather insights into patient experiences and monitor recovery progress.
Pre-Visit Questionnaires: Collect relevant patient information before visits through digital questionnaires, optimizing visit efficiency and information accuracy.
Remote Check-Ins: The digital front door is in patients’ fingertips. Conduct virtual check-ins through the platform, allowing healthcare providers to focus on what’s important and keep schedules on pace patient well-being between scheduled appointments.
Billing and Payment Integration: Streamline billing processes by integrating payment functionalities within the platform, enhancing the financial aspects of healthcare service delivery.
Simple, right?
Having all of these in place is great, but if they don’t integrate deeply with your EHR, your organization won’t reap maximum returns. Overworked staff can’t spend time tracking these things down manually. For true Patient Success, these workflows must be deeply embedded in a native EHR, automating processes with closed-loop referrals and EHR writebacks.
Navigating the happy path in the complex landscape of enterprise EHRs requires a thoughtful approach to patient engagement. By addressing gaps with personalized strategies, proactive waitlist management, and consideration of generational nuances, healthcare providers can guide patients seamlessly through their journey, leading to improved outcomes and increased value from their EHR investments.
Alliance combines best-in-class solutions to reduce staff burdens and improve patient experience
NextGen Healthcare Inc. (Nasdaq: NXGN), a leading provider of innovative, cloud-based healthcare technology solutions, and Luma Health, innovator of the market-leading Patient Success Platform™, announced an expanded alliance to equip ambulatory organizations nationwide with artificial intelligence (AI)-enhanced solutions for patient communications, beginning with intake and self-scheduling.
NextGen® Patient Engage and NextGen® Self-Scheduling powered by Luma will enable patients to conveniently engage with their care providers in more than 20 languages from their mobile devices. Integrated seamlessly into NextGen Enterprise electronic health records (EHR), these solutions enable patients to confirm or cancel appointments, interact with staff, provide relevant documents, and complete pre-visit intake forms from the comfort of their homes without logging into a portal.
NextGen Healthcare clients will have the ability to send appointment reminders and surveys, invite patients to join the “smart” waitlist for earlier appointments that match their existing appointment type, announce new service lines, and share other time-sensitive updates. The technology employs AI and natural-language processing to provide automated conversational responses to patient texts, reducing manual work and double-documentation for staff. All communications are secure and HIPAA-compliant.
“Luma has a proven record of success in creating digital engagement solutions that address the complete patient journey and meaningfully improve the care experience for patients, providers, and staff,” said Srinivas (Sri) Velamoor, chief growth & strategy officer for NextGen Healthcare. “We are enthusiastic about this alliance and proud of how the enhanced offerings will empower patients to take even greater ownership of their care.”
“We’re thrilled to enter this strategic alliance to bring the power of Luma’s comprehensive Patient Success Platform™ to NextGen Healthcare’s extensive client bases. Luma’s market-leading capabilities natively integrated with award-winning NextGen Enterprise will help patients and providers partner together and will create scalable patient, staff, and system success,” said Aditya Bansod, chief technology officer and co-founder of Luma. “Together, our platforms will enable healthcare organizations to grow, while elevating the patient and provider experience.”
Luma already powers more than 500,000 patient engagements per day. Existing user Houston ENT & Allergy, a NextGen Healthcare client and one of the nation’s largest ENT clinics, has seen increased revenues of $1.2 million with the adoption of Luma’s smart waitlist and other products across 10 Houston, Texas, sites of care.
“The combined Luma Health and NextGen Healthcare patient engagement solutions are helping us meet our modern patient population exactly where they want us to be – on their phone or anytime they need care,” said Chuck Leider, CEO of Houston ENT & Allergy. “These solutions will keep us competitive for many years to come, as patients can schedule appointments any time they need, without playing phone tag or sitting on hold. Similarly, the solutions enable our staff to be more productive and increase job satisfaction by reducing provider burden.”
For more information on NextGen Healthcare’s patient experience platform, please visit the webpage.
System Status
You can view real-time information on our System Status here, as well as historical uptime and incident information. https://status.lumahealth.io
If you have a security concern with the Luma platform, or you have reason to believe you have discovered a security weakness or vulnerability in our platform, please contact security@lumahealth.io
Identity and Access Management
All system access at Luma Health is centrally managed, with Single Sign On required wherever possible. Multi-Factor Authentication is enforced across the organization. All access is Role-Based, follows the principle of least privilege and requires management and/or system owner approval. Access entitlement reviews take place every 90 days for regular accounts, and every 60 days for elevated accounts.
Infrastructure
Our Infrastructure is 100% cloud-based, with no on-premise infrastructure. We run a modern, auto-scaling microservices architecture, all managed by code. Infrastructure changes follow our standard, fully-documented change control process.
Vulnerability Management
We perform automated vulnerability scans of our infrastructure monthly, and scans of any emerging threats and vulnerabilities as soon as they are known. New infrastructure targets are automatically added to the scan rotation. Any discovered vulnerabilities are remediated in line with our defined schedule.
SDLC and Change Management
We have a fully documented SDLC which follows the OWASP Top Ten. All development is performed in-house, and all new code as well as changes to existing code are subject to both automated and manual security checks and peer review before being considered for a production release.
Every change and release follows our change control process, which includes peer review, testing and validation in lower environments, a backout plan, management approval, and separation of duties between development and release.
Audit and Compliance
Our Internal Audit team performs all our audit activities on an established schedule. This includes regular user entitlement reviews, and annual reviews of third-party vendors. The team reviews any requests for new software/vendors and any user access requests. The team continuously maintains our compliance program to ensure ongoing success with any certifications and attestations such as ISO 27001:2022, SOC 2 and HITRUST r2.
End User Security
All Luma employees are required to complete a background check, HIPAA training, Information Security training, and policy acknowledgement before accessing Luma systems. All employees are issued a Luma-owned device, which is centrally managed via an MDM solution and protected by various security controls including full disk encryption, activity lock, next-generation anti-virus, and an Endpoint Detection and Response solution.
Incident Management
Our fully documented Incident Management policy and procedures cover all aspects of an incident lifecycle, including what classifies as an incident, how and when an incident should be declared, running the incident, post-incident activities including a post-mortem exercise, lessons learned and action items as well as internal and customer communication. We test our incident response function no less than annually to verify it is operating effectively and to identify any areas for improvement.
Business Continuity and Disaster Recovery
We partner with Amazon Web Services (AWS) to provide cloud hosting, and we take advantage of AWS Availability Zones with real-time replication to ensure our 99.9% uptime target is met. Our code-based microservices architecture allows us to quickly deploy a production instance into any AWS data center should the need arise. We fully test our Business Continuity and Disaster Recovery function annually.
Healthcare providers have good reason to be concerned about data breaches. According to the HIPAA Journal, in the first half of 2022, there were 347 data breaches of 500 or more healthcare records, and healthcare providers are consistently the worst-affected type of HIPAA-covered entity.
At Luma, patient success must also mean comprehensive data security. We are proud to announce that Luma has earned HITRUST CSF certification, a validated security certification for healthcare IT companies. The HITRUST Risk-based, 2-year (r2) Validated Assessment is among the most rigorous industry security certifications, and involves the performance of onsite procedures, as well as an extensive testing program.
To find out more about HITRUST and what it means for Luma’s customers and partners, we caught up with Nick Lees, Luma’s information security and compliance director.
Why is HITRUST so important?
Our customers and partners are putting a huge amount of trust in us to securely handle their data—and their patients’ data—securely. When partnering with a vendor such as Luma, they want to ensure they are not introducing additional security risk into their business. For any HIPAA-compliant IT vendor, attaining HITRUST certification is essential.
What does attaining a HITRUST certification say about Luma?
HITRUST is the security gold standard for companies that are handling health information. By successfully completing all the steps needed to attain HITRUST Risk-based, 2-year (r2) Validated Assessment, we are assuring our customers and business partners that a) we are deeply committed to security, and b) the way we conduct business and handle sensitive data meets or exceeds recognized, industry-specific best practices.
What makes the HITRUST certification the gold standard?
Unlike security audits such as SOC 2, HITRUST certification requires that an authorized HITRUST assessor spend time onsite to observe data-handling practices and score a business across several dimensions. Luma was graded on security policy, process, and implementation, and had to achieve a specific score for all of the controls that HITRUST requires to qualify for certification.
Through this process, what did you learn about Luma’s systems and processes?
We discovered that we have a very strong and mature information security program, backed up with a fully documented set of policies, procedures and controls. These have now been independently audited and validated, so we can be sure we are supporting our customers securely.
How does this certification prepare us for the evolution of healthcare regulations?
The HITRUST certification is constantly evolving, with new control requirements being added as the healthcare tech landscape changes. Luma’s already excellent foundation is now certified against the HITRUST framework so we can drive continuous improvement and stay ahead of any new requirements.
At Luma Health your privacy is important to us. Our Privacy Policy describes the information we collect, how we
collect information, and the reasons we collect information. This Privacy Policy also describes the choices you
have with the information we collect, including how you can manage, update, or request to delete information.
Please take a moment to review this Privacy Policy. By using our Platform, you are agreeing to the terms of this
Privacy Policy. If you have any questions or concerns about this Privacy Policy, you may Contact
Us at any time.
Table of Contents
I.Who is Luma Health?
II.Key Terms & Definitions and Our Privacy Policy
When does our Privacy Policy apply?
When does our Privacy Policy not apply
Our Privacy Policy and Terms of Use.
III.Personal Information
What is Personal Information
What types of Personal Information do we collect?
How do we collect your Personal Information?
How do we use your Personal Information?
How do we share your Personal Information?
Your choices about how we share your Personal Information.
Rights under Applicable Law.
IV.Children’s Privacy
V.Does Luma Health respond to Do Not Track signals?
VI.Data Security
VII.California’s Shine the Light Law and other Applicable Laws.
VIII.Changes to our Privacy Policy
IX.Contact Us
I. Who is Luma Health?
Luma Health is a technology company that assists healthcare providers to communicate and engage with their
patients.
Luma Health is not a health care provider, nor does it provide medical advice. Please contact your health care
provider
II. Key Terms & Definitions and Our Privacy Policy
It is helpful to start by explaining some of our key terms and definitions used in this Privacy Policy.
Key Term
Definition
our “App(s)”
Our mobile applications
“Personal Information”
Any information relating to an identified or identifiable individual and any information listed below.
“Platform”
Our Website and/or App
“Privacy Policy”
This privacy policy.
“Products”
Any products available for purchase on our Platform.
This Privacy Policy describes the types of information we may collect from you when:
You visit or use our Platform;
We communicate in e-mail, text message, and other electronic messages between you and us; and
We communicate in person.
When does our Privacy Policy not apply?
This Privacy Policy does not apply to information collected by any other website operated either by us, unless
listed above, or by a third party.
This Privacy Policy does not apply to information collected from patients who interact with their health care
providers (“Provider Platform”). Do not send PHI directly to us; only to your health care provider. Your health
care provider is obligated to provide you with a notice of privacy practices describing their collection and use
of your health information. The Provider Platform allows patients to communicate with their health care
providers, such as texting them or enabling a telehealth visit. All information collected and stored by us or
added by patients or their health care providers into the Provider Platforms is considered Protected Health
Information (“PHI”) and/or medical information and is governed by applicable state and federal laws that apply
to that information, for example the Health Insurance Portability and Accountability Act (“HIPAA”).
Our Privacy Policy and Terms of Use.
This Privacy Policy is incorporated into our Terms of Use, which also apply when you use our Platform.
III. Personal Information
What is Personal Information?
Personal information is information from and about you that may be able to personally identify you. We treat any
information that may identify you as personal information. For example, your name and e-mail address are
personal information.
What types of Personal Information do we collect?
We may collect and use the following personal information (hereinafter, collectively referred to as “Personal
Information”):
Categories of Personal Information
Specific Types of Personal Information Collected
Personal Identifiers
A real name, birth date, e-mail address, home, billing, shipping address, or telephone number.
Information that identifies, relates to, describes, or is capable of being associated with a particular
individual
Physical characteristics or description, credit card number, debit card number, or any other financial information, health or medical information, photo, video or voice of an individual.
Characteristics of protected classifications under California or federal law.
Race, Color, Age, National origin, sexual orientation or preference or Disability
Internet or other electronic network activity information
IP address, device mode, device ID, advertising ID, OS version, device language, operating system, browser type, browsing history, search history, and information regarding a consumer’s interaction with an Internet Web site, application, or advertisement.
User Generated Content
Information you provide to be published or displayed (hereinafter, “Posted”) on public areas of our Website or transmitted to other users of the Website or other third parties.
How do we collect your Personal Information?
In part we collect Personal Information directly from you. For example, when we speak to you by phone, text
message, and e-mail. Additionally, we will collect information from you when you visit our Platform and fill out
forms, or otherwise purchase services from us.
We may also collect Personal Information in the following ways:
When you make payments through the Platform. We do not collect or store financial account
information, though we may receive transaction identifiers and summary information that does not include credit
card or bank account numbers.
When You Contact Us. When you contact Luma Health directly, such as when you contact our
customer support team, we will receive the contents of your message or any attachments you may send to us, as
well as any additional information you choose to provide.
We will also collect information automatically as you navigate through our Platform.
We, as well as third parties that provide advertising and analytics services to us, may use cookies, pixel tags,
local storage, and other technologies (“Technologies”) to automatically collect information through the
Services. Technologies are essentially small data files placed on your computer, tablet, mobile phone, or other
devices that allow us and our partners to record certain pieces of information whenever you visit or interact
with our Services.
Cookies. Cookies are small text files placed in visitors’ computer browsers to store their
preferences. Most browsers allow you to block and delete cookies. However, if you do that, the Services may not
work properly.
Pixel Tags/Web Beacons. A pixel tag (also known as a web beacon) is a piece of code embedded in
the Services that collects information about users’ engagement on that web page. The use of a pixel allows us to
record, for example, that a user has visited a particular web page or clicked on a particular advertisement. We
may use Facebook Pixel and Instagram
Analytics. We may also use Google Analytics, Marketo, LinkedIn Analytics, Gigya, Site Improve,
Facebook Analytics, and Twitter Analytics and other service providers to collect information regarding visit, or
behavior and visitor demographics on our Services. For more information about Google Analytics see: google.com/policies/privacy/partners/. You can
opt out of Google’s collection and processing of data generated by your use of the Services by going to: http://tools.google.com/dlpage/gaoptout. Google Ads
(AdWords) remarketing service is provided by Google Inc. You can opt-out of Google Analytics for Display
Advertising and customize the Google Display Network ads by visiting the Google Ads Settings page: http://www.google.com/settings/ads. Facebook’s Data Policy can
be found at: https://www.facebook.com/about/privacy/ and
withdraw your consent for use of your data with Facebook Pixel at: https://www.facebook.com/settings/?tab=ads#_=_
Other third party tools. We use other third party tools which allow us to track the performance
of our Platform. These tools provide us with information about errors, app and website performance, and other
technical details we may use to improve our Platform and/or the Services.
How do we use your Personal Information?
We may use your Personal Information for the following purposes:
Operate, maintain, supervise, administer, and enhance our Platform or the Services, including monitoring and
analyzing the effectiveness of content on the Platform, aggregate site usage data, and other usage of the
Platform and/or the Services such as assisting you in completing the registration process.
Provide our Products and Services to you, in a custom and user-friendly way.
Provide you with information, Products, or Services that you request from us or that may be of interest to you.
Promote and market our Platform and/or the Services to you. For example, we may use your Personal Information,
such as your e-mail address, to send you news and newsletters, special offers, and promotions, or to otherwise
contact you about Products or information we think may interest you. We also may use the information that we
learn about you to assist us in advertising our services on third party websites. You can opt-out of receiving
these e-mails at any time as described below.
To provide you notices or about your account.
Contact you in response to a request.
To notify you about changes to our Platform and/or the Services or any Products we offer or provide through
them.
Fulfill any other purpose for which you provide it.
To carry out our obligations and enforce our rights arising from any contracts entered into between you and us,
including for billing and collection.
Anonymize and aggregate information for analytics and reporting.
To respond to law enforcement requests, court orders, and subpoenas and to carry out our legal and contractual
obligations.
Authenticate use, detect fraudulent use, and otherwise maintain the security of our Platform and the safety of
others.
To administer surveys and questionnaires.
To provide you information about goods and services that may be of interest to you, including through
newsletters.
Any other purpose with your consent.
How do we share your Personal Information?
We may share Personal Information with third parties in certain circumstances or for certain purposes, including:
Our business purposes. We may share your Personal Information with our affiliates, vendors,
service providers, and business partners, including our data hosting and data storage partners, analytics and
advertising providers, technology services and support, and data security advisors. We may also share your
Personal Information with professional advisors, such as auditors, law firms, and accounting firms.
Your healthcare providers or family. With your consent, we may share your information, including
information collected from your use of our Platform, with your health care providers.
With your consent. We may share your Personal Information if you request or direct us to do so.
Compliance with law. We may share your Personal Information to comply with applicable law or any
obligations thereunder, including cooperation with law enforcement, judicial orders, and regulatory inquiries.
Business Transfer. We may share your Personal Information to a buyer or other successor in the
event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or
all of our assets, whether as a going concern or as part of a bankruptcy, liquidation, or similar proceeding, in
which Personal Information held by us about our users are among the assets transferred.
To enforce our rights. We may share your Personal Information to enforce any applicable terms
and conditions and Terms of Use, and to ensure the safety and security of our Services and our users.
De-identified information. We may also disclose de-identified information, so that it cannot be
reasonably used to identify any individual, with third parties for marketing, advertising, research, or similar
purposes.
To market our products and services. We may share your Personal Information with affiliates and
third parties to market our products and services.
Third Party Analytics. We use Google Analytics and other third-party analytics services to
understand and evaluate how visitors interact with our Platform and/or the Services. These tools help us improve
our Platform and/or the Services, performance, and your experience.
Our affiliated companies
International Data Transfers. Information processed by us may be transferred, processed, and
stored anywhere in the world, including but not limited to, the United States or other countries, which may have
data protection laws that are different from the laws where you live. Where required by applicable law, we will
ensure that appropriate safeguards are in place to protect your Personal Information. If we engage a third party
to process Personal Information on our behalf, we will also contractually require them to handle your Personal
Information appropriately. Further details can be provided upon request.
Except as provided in this Privacy Policy, we do not disclose or sell your personal
information.
Your choices about how we share your Personal Information.
This section of our Privacy Policy provides details and explains how to exercise your choices. We offer you
choices on how you can opt out of our use of tracking technology, disclosure of your Personal Information for
our advertising to you, and other targeted advertising. We do not control the collection and use of your
information collected by third parties. These third parties may aggregate the information they
collect with information from their other customers for their own purposes. You can opt out of third parties
collecting your Personal Information for targeted advertising purposes in the United States by visiting the National Advertising Initiative’s (NAI) opt-out
page and the Digital Advertising Alliance’s
(DAA) opt-out page.
Each type of web browser provides ways to restrict and delete cookies. Browser manufacturers provide resources to
help you with managing cookies.
If you do not wish to have your e-mail address used by Luma Health to promote our own products and services, you
can opt-out at any time by clicking the unsubscribe link at the bottom of any e-mail or other marketing
communications you receive from us. This opt-out does not apply to information provided to Luma Health as a
result of a product purchase, or your use of our Platform and/or the Services. You may have other options with
respect to marketing and communication preferences through our Platform.
Rights Under Applicable Law
In accordance with applicable law, you may have the right to:
Access Personal Information about you consistent with legal requirements. In addition, you may
have the right in some cases to receive or have your electronic personal information transferred to another
party.
Request correction of your Personal Information where it is inaccurate or incomplete. In some
cases, we may provide self-service tools that enable you to update your Personal Information or we may refer you
to the controller of your Personal Information who is able to make the correction.
Request deletion of your Personal Information, subject to certain exceptions prescribed by law.
Request restriction of or object to processing of your Personal Information, including the right
to opt in or opt out of the sale of your Personal Information to third parties, if applicable, where such
requests are permitted by law.
Obtain categories of Personal Information we have either disclosed or sold about consumers in
California for a business purpose in the past 12 months.
IV. Children’s Privacy
Our Services are not intended for children under 18 years of age. We do not knowingly collect or sell Personal
Information from children under the age of 18. If you are under the age of 18, do not use or provide any
information on or to the Platform or through any of its features. If we learn we have collected or received
Personal Information from a child under the age of 18 without verification of parental consent, we will delete
it. If you are the parent or guardian of a child under 18 years of age whom you believe might have provided use
with their Personal Information, you may Contact
Us to request the Personal Information be deleted.
V. Does Luma Health respond to Do Not Track signals?
Some web browsers have a “Do Not Track” feature. This feature lets you tell websites you visit that you do not
want to have your online activity tracked. These features are not yet uniform across browsers. Our Platform is
not set up to respond to those signals.
VI. Data Security
We have taken steps and implemented administrative, technical, and physical safeguards designed to protect
against the risk of accidental, intentional, unlawful, or unauthorized access, alteration, destruction,
disclosure, or use. The Internet is not 100% secure and we cannot guarantee the security of information
transmitted through the Internet. Where you have been given or you have chosen a password, it is your
responsibility to keep this password confidential.
The sharing and disclosing of information via the internet is not completely secure. We strive to use best
practices and industry standard security measures and tools to protect your data. However, we cannot guarantee
the security of Personal Information transmitted to, on, or through our Services. Any transmission of Personal
Information is at your own risk. We are not responsible for the circumvention of any privacy settings or
security measures contained on our Platform, in your operating system, or mobile device.
VII. California’s Shine the Light Law.
California Civil Code Section 1798.83 (California’s “Shine the Light” law) permits users of our Platform and/or
the Services that are California residents and who provide Personal Information in obtaining products and
services for personal, family, or household use to request certain information regarding our disclosure of
Personal Information to third parties for their own direct marketing purposes. If applicable, this information
would include the categories of Personal Information and the names and addresses of those businesses with which
we shared your Personal Information with for the immediately prior calendar year (e.g. requests made in 2021
will receive information regarding such activities in 2020). You may request this information once per calendar
year. To make such a request, please Contact
Us using the information below.
VIII. Changes to our Privacy Policy
We may update our Privacy Policy periodically to reflect changes in our privacy practices, laws, and best
practices. We will post any changes we make to our Privacy Policy on this page with a notice that the Privacy
Policy has been updated on our Website’s homepage or our App’s home screen. If we make material changes to our
practices with regards to the Personal Information we collect from you, we will notify you by e-mail to the
e-mail address specified in your account and/or through a notice on the Website’s home page or the App’s home
screen. The date this Privacy Policy was last revised is identified at the top of the page. You are responsible
for ensuring we have an up-to-date active and deliverable e-mail address for you, and for periodically accessing
the App or visiting our Website and reviewing this Privacy Policy to check for any changes.
IX. Contact Us
If you have any questions, concerns, complaints or suggestions regarding our Privacy Policy or otherwise need to
contact us, you may contact us at the contact information below or through the “Contact Us” page on the
Platform.
How to Contact Us:
Luma Health, Inc.
support@lumahealth.io
3 East 3rd Ave, Suite 401
San Mateo, CA 94401
By utilizing open standards and first-in-class integration capabilities, Luma Health improves the patient’s intake experience by sending information directly to the EHR, freeing up staff time to focus on patient care
Luma Health, the leading solution for Total Patient Engagement™, today announced an addition to its platform, EHR Forms, at HLTH 2021 in Boston.
Administrative staff across clinics and health systems are under constant stress today. The number of operational tasks they need to remember and complete when checking in a patient leaves them burned out, distracted, and prone to mistakes. EHR Forms will save administrative staff valuable time while reducing manual work, thus allowing them to focus on what really matters – patient care.
“EHR Forms is designed to keep the EHR as the source of truth,” said Aditya Bansod, CTO and co-founder of Luma Health.
This new launch eliminates the need for administrative staff to manually input paper forms into patients’ EMRs. Instead, data input by the patient on their mobile phone flows directly into the healthcare provider’s EHR system without any staff intervention. In addition to improving the patient’s overall experience over a paper-based system, it makes it easy for clinicians to approve changes in the patient’s medical records.
“Luma Health’s EHR Forms have really simplified our intake process,” said Christine Balestrieri, Administrator at Cokingtin Eye Center. “By automating the manual work for us, Luma Health has saved our practice time and effort when processing a patient’s intake information, so we can focus on our patients.”
Administrator Flexibility
By using EHR Forms, administrators can utilize a single tool to create forms for both general intake purposes and specialty situations. Administrators can use EHR Forms to create forms for any situation by incorporating the immunizations, procedures, and diseases from United States Core Data for Interoperability (USCDI) databases. With pre-created forms, EHR Forms can be used by clinics of any size and implemented in minutes.
Patient Experience
By eliminating the need to fill out lengthy paper forms, patients will be able to share information with their clinics, quickly and easily. Pre-built EHR Forms are designed with best practices in mind and can collect patient answers while also allowing for more specific clinical information to be captured.
Luma Health customers have used EHR Forms to streamline a variety of clinical, financial, and operational workflows, including new patient packets, HIPAA consents, financial authorizations, consents for treatment, and medical release forms. The end result is a patient experience that captures better quality data while being faster than other traditional methods.
Clinician Approval
EHR Forms free clinicians from the hassle of data entry and capture, so they can have meaningful conversations with patients. By having patient forms readily available in their EHR, clinicians can accept changes to patients’ medical records within a few clicks.
Open Standards
By leveraging open standards defined in the USCDI and Health Information Service Provider (HISP), EHR Forms works with any Meaningful Use Certified EHR using C-CDA and Direct Messaging. As EHR Forms support and are built on top of national interoperability standards, clinics can be assured of long-term compatibility between the vendor and their EHR.
“EHR Forms is designed to keep the EHR as the source of truth by leveraging Luma Health’s deep integration, historical knowledge of healthcare providers and technical expertise,” said Aditya Bansod, Luma Health’s co-founder and CTO. “This is an exciting step as we develop new ways to extend the power of the EHR and help our customers provide an even better patient experience.”
EHR Forms is now available to all healthcare organizations using any of the 80+ EHRs integrated with Luma Health.
Seamless Simplicity Across The Entire Patient/Provider COVID-19 Vaccine Journey, Rapid Speed To Impact, Built for Scale
Luma Health, the most complete and validated Total Patient Engagement Platform™, today announced a new set of solutions to enable rapid, end-to-end vaccine delivery and operations. The Luma Health COVID-19 Vaccine Operations Solution allows healthcare organizations to rapidly operationalize and execute COVID-19 vaccine education, deployment, and administration strategies into a single, integrated patient journey.
Vaccinating patients against COVID-19 requires a much greater level of logistical preparation than mainstream vaccines like flu shots. Healthcare providers must actively plan for CDC reporting requirements, shipment coordination, staff training, vaccine storage, scheduling, and keep up with the ever-changing directives from the local government, even before the vaccine reaches their doorsteps. Healthcare providers also need to engage effectively with patients, from educating them about vaccine safety to vaccine appointment scheduling and communicating the importance of adhering to the second dose.
“Vaccine adoption and adherence is our strongest weapon in the fight against COVID-19. Yet, the coordination and communication of vaccination eligibility, access, and scheduling is a gargantuan task,” said Aditya Bansod, co-founder and CTO, Luma Health. “We are proud to be part of the solution by helping healthcare organizations succeed in the crucial role of engaging patients quickly, at scale, and encouraging compliance throughout the vaccination process.”
Luma Health’s award-winning Vaccine Operations Solution, recognized as a UCSF COVID-19 Patriot, uses the most complete and validated patient engagement platform. It has been designed and built for health systems and community health networks to ensure providers can quickly ramp and manage entire vaccine program operations at scale.
The end-to-end patient engagement platform streamlines COVID-19 vaccine operations and enhances patient experience through the following features:
Patient Education: Luma Health’s Broadcast Messaging solution helps providers proactively inform patients on vaccine availability, eligibility and administration timelines, and address vaccine apprehensions while reducing inbound calls.
Screening and Consent: Luma Health’s Mobile Patient Intake solution automates patient eligibility verification using customized Self-Screening Surveys. Once verified, Luma Health’s Intake Forms capture patient consent and collect necessary PHI to kickstart the patient’s vaccination journey.
Scheduling: Luma Health’s Patient Scheduling+ solution offers patients the convenience of online self-scheduling based on the provider’s unique workflows. Luma Health’s Smart Waitlist tool offers available appointment slots in real-time when other patients cancel or reschedule.
Appointment Reminders: Luma Health’s automated, multilingual, and HIPAA-compliant Interactive Appointment Reminders help reduce no-show rates and phone volumes, manage cancellations, and ensure patients are prepared for the appointment with AI-powered conversational workflows.
Check-in and Vaccination: Luma Health’s Zero Contact Check-in™ and Zero Contact Waiting Room™ solutions enable patient self-check-in and move them through the virtual waiting room with automated text instructions. Luma Health’s Mobile Patient Intake tools can help capture a patient’s insurance information and driver’s license in advance to minimize physical exchange during appointments.
Post Appointment Follow-up: Luma Health’s Patient Screening Forms prompt vaccine recipients to assess and track their wellness following their appointment, and guide those experiencing adverse events to seek appropriate medical attention while complying with pharmaco-vigilance requirements.
Next-dose Reminder: Luma Health’s Appointment Reminders and Patient Communication solutions ensure patients schedule and show up to their booster dose appointments.
“With entire communities needing vaccinations faster than healthcare providers can manage, vaccine operations need to be streamlined and enhanced while reducing the burden on call centers and providers,” said Farooq Ajmal, Chief Information Officer of Ryan Health.
“Within a week of launching our vaccine deployment efforts, a premier academic medical center was booking approximately 10 COVID-19 vaccination appointments per minute through Luma Health. The health system needed speed and scalability, and we delivered,” said Aditya Bansod, co-founder and CTO, Luma Health.
“One of the largest health systems in the country looked to Luma Health’s Vaccine Operations Solution to help roll out the vaccine. Together we mapped out a workflow that used Luma Health’s Broadcast and Waitlist features to offer a seamless patient experience. We sent over one hundred thousand messages in just a few weeks,” said Aditya Bansod, co-founder and CTO, Luma Health.
Patient Scheduling
Patient Scheduling+
A guided scheduling workflow for patients to self-schedule online
Cancellation Management & Patient Rescheduling
Get patients to reschedule their canceled visits
Smart Waitlist
Automatically find patients to backfill canceled visits so that they can be seen sooner and avoid long wait times
Acquisition & Retention
Referral Management
Automatically reach out to patients who are referred for care and prompt them to schedule their visit
Patient Recalls
Let patients know when their due for care to schedule appointments like annual well visits
Attribution List Outreach
Attribution List Outreach
Appointment Reminders
AI Powered Appointment Reminders
Recognize your patients’ intent when they’re asked to confirm or cancel visits rather than conforming to “Yes” or “No”
requests like other reminder solutions
Pre/Post-Appointment Messaging
Send patients pre and post-visit information about their appointment or care conditions to guide them through the care
continuum
Patient Intake
Intake Forms
Digitize forms to have them sent out at any stage of the patient journey and be filled out via mobile device or computer
Insurance & Driver’s License Capture
Prompt patients to take pictures of their Photo ID or Insurance Card
Zero Contact Check-in
Prompt patients to text when they’ve arrived to wait instructions before seeing the doctor
Zero Contact Waiting Room
Allow your staff to manage patients in a virtual waiting room. You can text the patient, collect info from forms, and
then let them know the doctor is ready to see them
Patient Communications
Secure Chat & Collaboration Hub
Two-way text and HIPAA-compliant messaging initiated via text message, no app, username, or password required
Broadcast Messaging
Send mass notifications to your patient population providing important updates
Feedback & Reputation Management
Collect feedback from your patients on their visits and boost online reviews with positive scores while making sure
concerns from negative experiences go directly back to the practice
COVID-19 FORGES A NEW NORMAL FOR HEALTHCARE DELIVERY
COVID-19 has forever changed the way healthcare is delivered. Healthcare systems, primary care practices, specialty clinics, and FQHCs are adapting the way they deliver care to ensure patients receive routine, preventive, and chronic care services.
As the second wave of COVID-19 sweeps the US, Luma Health has the solutions to help you continue to adapt to the new normal of healthcare.
See the data behind how COVID-19 is transforming patient care and delivery
A dramatic increase in provider-patient communications during the pandemic forever changed patient expectations. Between-visit communications are the new normal for healthcare providers.
Healthcare has transformed and healthcare systems, primary care practices, specialty clinics, and FQHCs need solutions tailored to their unique needs to provide continued routine, preventive, and chronic care services.
Primary Care Practices
Convert in-person visits to telehealth visits to deliver immediate care
Maximize telehealth long-term to increase capacity and revenue, while meeting new patient expectations
Recall patients for routine and preventive care appointments
Deliver ongoing chronic care services
Improve health of patient populations
Manage outgoing care referrals
Screen patients for infection and route to appropriate care setting
Recapture and drive new revenue
Implement virtual waiting rooms to accommodate social distancing
Adopt drive-thru healthcare services where appropriate
Communicate scheduling and service changes
Specialty Clinics
Get patients back into clinics for regular, ongoing appointments
Provide essential care and procedures as usual for high-risk and chronic patients
Lean on telehealth when in-office procedures aren’t necessary
Maximize capacity utilization
Conduct care campaigns to retain patients
Convert new patient care referrals
Recapture and drive new revenue
Implement virtual waiting rooms to accommodate social distancing
Adopt drive-thru healthcare services where appropriate
Community Health Centers
Get dental, occupational, and behavioral health patients back into clinic for regular, ongoing care
Lean on telehealth when in-office procedures aren’t necessary
Recall patients for routine and preventive care appointments
Educate patients about importance of routine and preventive care
Deliver ongoing chronic care services
Improve health of patient populations
Convert patient care referrals
Screen patients for infection and route to appropriate care setting
Implement virtual waiting rooms to accommodate social distancing
Adopt drive-thru healthcare services where appropriate
Healthcare Systems
Reduce hospital readmissions
Monitor patient symptoms post discharge
Avoid unnecessary ER utilization, route patients to proper care setting
Convert in-person, follow-up appointments to telehealth visits
Convert patient care referrals
Screen patients for infection
Automate appointment scheduling and cancellations
Recapture and drive new revenue
Implement virtual waiting rooms to accommodate social distancing
Administer emergency department virtual services prior to admission, route patients to appropriate care setting
Adopt drive-thru healthcare services where appropriate
Our end-to-end COVID-19 solution ensures healthcare providers are prepared for the second wave of the pandemic and seamlessly adapt to healthcare’s New Normal. It’s built to ensure healthcare systems, primary care practices, specialty clinics, and FQHCs can efficiently deliver ongoing routine, preventive, and chronic care services in a way that meets new — more modern — patient expectations.
Telehealth Visits
Easily schedule and deliver HIPAA-compliant virtual visits to prevent care gaps, drive more revenue, meet new patient expectations.
Zero Contact Solutions
Get patients back to the clinic while maintaining social distancing best practices and abiding by mandates to limit the number of patients in the waiting room.
Emergency Department Virtual Visits
Reduce ER admissions by having curbside virtual visits prior to admission. Admit patients who need emergency services, route others to appropriate care settings.
Drive-Thru Healthcare Services
Implement curbside care for patients who need simple in-person services such as testing, blood pressure checks or vaccinations.
Patient Monitoring
Monitor patient symptoms post-discharge to avoid hospital readmissions and between doctor visits to ensure patient conditions don’t become acute.
Patient Screening
Screen patients electronically to identify COVID-19 exposure risks and safely schedule testing or route patients to the appropriate care setting.
Patient-Centric Chat
Engage in rapid, two-way communications with patients between visits, and with healthcare providers to collaborate and coordinate patient care. Keyword-based routing makes it a snap.
Broadcast Messaging
Send messages to educate mass patient populations about health and safety topics, and the availability of care services.
Recover revenue by bringing patients back
Automate outreach to convert in-person appointments to virtual visits, bring patients back into the clinic, and recall patients.
Luma Health’s solutions will help you adapt as the healthcare industry transforms.
Helping you create efficiencies through automation is ours.
Specialty clinics like yours partner with Luma Health to streamline workflows and offer more timely access to the specialized care patients need. Our industry-leading technology platform and deep understanding of the challenges facing specialty clinics make us the company healthcare clinics rely on for support.
We help maximize your schedule’s capacity and see patients sooner
Our innovative technology drives patient engagement and access
We specialize in helping clinics automate processes and improve efficiency
From cardiology to pain medicine, we’ve got you covered. A range of specialty practices rely on Luma Health, including clinics that specialize in:
Cardiology
Dermatology
Endocrinology
ENT and Allergy
Gastroenterology
OB-GYN
Ophthalmology
Orthopedics
Pain Medicine
Solving the Challenges that Impact You
From care and revenue disruptions, to implementing new safety protocols, clinics face countless challenges. Having solutions in place that address obstacles while driving efficiency across communication, scheduling, and care delivery is essential.
Communicating with Patients and Scheduling Care
COVID-19 forced cancellations and clinic closures. To help with recall, rescheduling, and referral management, Luma Health has tips and tools for leveraging mass messaging and automating outreach via text-first communications.
Care Between In-Person Appointments
Telehealth and remote patient monitoring are rapidly increasing in popularity because of their benefits to patients and clinics. Luma Health offers technology and best practices to help you master these modern methods of care delivery and expand patient access.
Improving Operational Efficiency
Clinics need to operate at full capacity. That means converting referrals into appointments quickly, reducing patient no-shows, and automatically refilling appointment cancellations with waitlisted patients. Improve efficiencies with our tools, tips and technology.
With Luma Health’s text-first approach, we've been able to engage patients more effectively and efficiently than we ever could by phone. Luma Health’s platform helped us increase appointment attendance and decrease last minute no-shows.”
We started using Luma Health’s two-way text messaging and watched patient engagement increase—even among our older population. We’re reaching patients and scheduling referral appointments faster. I’ve been so surprised by the simplicity of this process and the results.”
Luma Health helped us automate our referral process. We’re able to get more patients in the door quickly to receive the care they need. The solution paid for itself within just two months of implementing the waitlist feature.”
Before partnering with Luma Health, we were spending a lot of time manually calling patients and not making a lot of connections. Automating our outreach has drastically improved our referral conversions and made our clinic experience so much smoother for our patients and our staff.”
Luma Health has been a strong partner in assisting VCS with automating our patient engagement system and providing an online referral tool for reaching patients in a timely basis.”
Previous
Next
Ensuring Efficiency and Access at Every Step
Luma Health’s solution works across every step of the patient journey.
Innovative Solutions for Specialty Care Clinics
Referral Management
Automated outreach and scheduling helps you connect with referred patients and get them care sooner.
Telehealth Visits
HIPAA-compliant virtual visits offer a convenient alternative to in-person appointments.
Zero Contact Check In
Digitize check-in and complete patient intake forms electronically to maintain social distancing.
Patient Monitoring Surveys
Surveys allow you to monitor patients remotely to determine if they are experiencing health issues.
Patient Screening Surveys
Screening surveys identify COVID-19 exposure risks and route patients to the appropriate care setting.
Patient Feedback Surveys
Feedback surveys help capture patients’ perspectives on care, while driving higher HCAHPS scores.
Chronic Care Education
Educational content distributed to patients through a cadence of communication for ongoing support.
Preventive Care Scheduling
EHR data triggers automatic, self-scheduling for patients due for preventive exams or screenings.
Broadcast Messaging
Automated messaging enables you to reach all of your patients, or specific groups of patients, in 20+ languages.
Patient-Centric Chat
Two-way chat engages patients, and quickly connects healthcare providers to coordinate care.
Appointment Reminders, Refill, and Waitlist
Automated outreach helps recall and reschedule patients, while filling cancellations with waitlisted patients.
Notifications for Lab Results and Medications
Automated alerts notify patients about the status of lab tests and the availability of prescriptions.
Join These Specialty Clinics Getting Noticeable Results with Luma Health
Middle Tennessee Urology
Achieved 95% referral conversion using Luma Health’s platform
We help Health Systems communicate more effectively and efficiently to improve care quality and patient outcomes across all areas of care. Our experience and extensive knowledge of evolving healthcare challenges makes Luma Health a preferred partner among Health Systems like yours.
We help Health Systems achieve the best possible outcomes for patients
Our technology helps deliver quality care at every touchpoint.
We specialize in helping Health Systems operate efficiently, at capacity
Overcoming Care Delivery Obstacles While Improving Efficiency
COVID-19 is changing how organizations deliver care and how patients access it. What hasn’t changed is the need for efficiency, quality, and optimal outcomes across the entire patient journey. We’ll help you meet these demands.
Operating at Capacity
It’s estimated that the average hospital must run at 110% of previous capacity continuously for six months to recover lost patient volume. Luma Health offers strategies you can use to efficiently deliver more (and better) care to more patients.
Providing Patients Quality Care at Every Touchpoint
Even before COVID-19, it took coordinated efforts to deliver quality care and meet patients’ needs across the care continuum. We offer best practices and solutions to help you digitize the healthcare delivery process from beginning to end.
Improving Patient Outcomes
Achieving optimal health outcomes is important to patients and your organization. So is preventing hospitalizations and readmissions. Luma Health has tips and tools for monitoring patients, following up after hospitalizations, and routinely checking in with patients between visits.
Implementing Luma Health’s Broadcast tool in response to COVID-19 enabled us to reach out to 8,000 to 10,000 current patients at once to let them know not come to the hospital or clinic, and that we would replace their regular appointment with a telehealth visit. We also used the texting functionality to send surveys to employees to check for COVID-19 symptoms and get drive-through testing done. Text-first engagement has helped keep both our patients and our staff safe during this pandemic.”
“Our patient attribution list was too large to manage with manual outreach. Luma Health’s automated text outreach and online scheduling systems help us connect with more patients and get them through our doors. We scheduled an additional 1,556 appointments during a single month of outreach.”
Previous
Next
Enabling Efficient End-to-End Coordination of Patient Care
You can put Luma Health’s Total Patient Engagement™ Platform to work across your entire health system.
Primary Care and Urgent Care
Specialty Clinics
Hospitals and Emergency Rooms
Clinical Laboratories
Pharmacies
Innovative Solutions for Health Systems and Hospitals
Luma Health’s end-to-end solution gives you tools to improve access to care as COVID-19 drives healthcare toward a new normal.
Telehealth Visits
HIPAA-compliant virtual visits offer a safe and convenient way to provide care without disruption.
Contactless ER
Telehealth functionality allows you to virtually route patients to the appropriate care setting to alleviate stress and minimize contact in emergency rooms.
Patient Screening Surveys
Screening surveys identify COVID-19 exposure risks and route patients to the appropriate care setting.
Patient Monitoring Surveys
Surveys allow you to monitor patients remotely to determine if they are experiencing health issues.
Patient Feedback Surveys
Feedback surveys help capture patients’ perspectives on care, while driving higher HCAHPS scores.
Patient-Centric Chat
Two-way chat engages patients, and quickly connects healthcare providers to coordinate care.
Broadcast Messaging
Automated messaging enables you to reach all of your patients, or specific groups of patients, in 20+ languages.
Preventive Care Scheduling
EHR data triggers automatic, self-scheduling for patients due for preventive exams or screenings.
Appointment Reminders, Refill, and Waitlist
Automated outreach helps recall and reschedule patients, while filling cancellations with waitlisted patients.
Chronic Care Education
Educational content distributed to patients through a cadence of communication for ongoing support.
Notifications for Lab Results and Medications
Automated alerts notify patients about the status of lab tests and the availability of prescriptions for refill and pickup.
Zero Contact Check-In
Digitize check-in procedures and complete patient intake forms electronically to maintain social distancing.
Zero Contact Waiting Room
Leverage seamless workflows to allow patients to wait from virtually anywhere.
Quantifiable Efficiency, Quality, and Outcomes Improvements for These and Other Health Systems
UCSF Health Center
Streamlined care team workflows and generated more revenue by strategically increasing appointment slot utilization
YOU CARE FOR INDIVIDUALS AND MAKE POPULATIONS HEALTHIER
We support you through it all.
From preventive care to chronic care, we understand the patient engagement challenges primary care clinics face across the care continuum. Our technology platform makes it easier to engage and activate patients across all points of care for better health outcomes.
Our solutions help you engage individual patients and populations
Our technology automates communication and appointment scheduling
Whether you are working to reschedule appointments and recover lost revenue, or trying to find new ways to deliver the routine preventive and chronic care your patients need, we can help.
Prioritizing Preventive Care
Getting patients into clinics for preventive exams and screenings is challenging. Luma Health offers strategies and best practices to educate patients, schedule appointments, and prevent care gaps by getting patients in for preventive care.
Expanding Remote Patient Care and Monitoring
Telehealth and remote patient monitoring enable clinics to avoid revenue disruptions while continuing to deliver needed care. Our technology and best practices help you remotely offer various types of billable services — from routine to chronic care.
Improving Efficiency and Revenue Generation
Using mass communications, automating processes, and taking other steps to improve efficiency improves access to care and drives revenue. Luma Health has tips and tools to help you operate more efficiently and improve the financial health of your practice.
What started off as a simple change to offer available appointments to patients, quickly translated into a huge jump in appointment volume. Luma made a noticeable difference in our staff’s workload, and we started seeing value right away.”
Revolutionizing Communication and Access Across Primary Care
Luma Health’s end-to-end solution works to meet your entire populations’ needs at every stage of care.
Preventive Care
Wellness
Chronic Disease Management
Acute and Urgent Care
Behavioral and Mental Health
Care Coordination
Referral Management
Innovative Solutions for Primary Care Clinics
Luma Health’s end-to-end solution gives you tools to improve access to care as COVID-19 drives healthcare toward a new normal.
Telehealth Visits
HIPAA-compliant virtual visits offer a safe and convenient way to provide care without disruption.
Drive-Thru Healthcare Services
Curbside care allows you to provide services without bringing patients inside the doors of your clinic.
Patient Screening Surveys
Screening surveys identify COVID-19 exposure risks and route patients to the appropriate care setting.
Patient Monitoring Surveys
Surveys allow you to monitor patients remotely to determine if they are experiencing health issues.
Patient Feedback Surveys
Feedback surveys help capture patients’ perspectives on care, while driving higher HCAHPS scores.
Broadcast Messaging
Automated messaging enables you to reach all of your patients, or specific groups of patients, in 20+ languages.
Patient-Centric Chat
Two-way chat engages patients, and quickly connects healthcare providers to coordinate care.
Preventive Care Scheduling
EHR data triggers automatic, self-scheduling for patients due for preventive exams or screenings.
Appointment Reminders, Refill, and Waitlist
Automated outreach helps recall and reschedule patients, while filling cancellations with waitlisted patients.
Zero Contact Check-In
Digitize check-in procedures and complete patient intake forms electronically to maintain social distancing.
Chronic Care Education
Educational content distributed to patients through a cadence of communication for ongoing support.
Notifications for Lab Results and Medications
Automated alerts notify patients about the status of lab tests and the availability of prescriptions for refill and pickup.
Care Coordination and Outgoing Referral Management
Automated communications verify that patients referred to specialists receive appropriate care.
We Help Primary Care Clinics Like Yours Navigate Through The Pandemic
79% of primary care physicians continue to report fewer patient visits compared with before the pandemic, as of June 2020.
COVID-19 has had a negative financial effect on 97% of primary care practices.
40% of primary care physicians cite “affordability” as patients’ biggest obstacle to obtaining primary care.
Luma Health’s solution is quick to implement. Get started today.
Cut phone volume by 100 calls a week through adoption of Luma Health’s Patient Scheduling+ solution for guided online scheduling.
THE GOAL:
Signature Dermatology wanted to decrease call volume by giving patients the option to book appointments online.
Our office has a lot of different appointments of different lengths, certain diagnoses only seen by certain providers, etc., and we needed a better system to filter requests from in order to make online scheduling work for us. The customizability of Patient Scheduling+ enabled us to do that and has absolutely decreased our call volume. About half our new patients choose to self-schedule online, and it has saved a ton of time on the phone since new patient phone calls are typically 5-7 minutes a piece. It’s been great!”
THE PROBLEM:Manual patient outreach was taking too much time and producing minimal results
Patients calling in to schedule their appointments led to a high call volume for this small practice. Signature Dermatology was looking for a way to save staff time and empower patients to self-schedule more often.
THE SOLUTION:Giving patients the option to self-schedule improved operational efficiency
Luma Health’s Patient Scheduling+ solution enabled Signature Dermatology to create an online booking flow asking the same questions that front desk staff would ask on the phone to get new patients scheduled. This helped to reduce a significant amount of manual work. Additionally, this solution helped them navigate the switch to virtual appointments during the 2020 COVID-19 pandemic, as they modified their pre-scheduling flow to show televisit-appropriate appointment types only.
THE RESULTS:With support from Luma Health, Signature Dermatology achieved:
300% increase in appointments scheduled in first month of use
REASONS DERMATOLOGY CLINICS PARTNER WITH LUMA HEALTH FOR SCHEDULING
Customizable guided flows to lead patients to the right appointments
24/7 convenience for patients
Reduction in call volume for front desk staff
SUPERCHARGING EHRs
Nextech + Luma Health means improved engagement and access to quality care for patients, along with increased ROI for providers
Luma Health’s integration with Nextech’s EHR empowers healthcare practices with tools to better engage patients and provide exceptional healthcare experiences. This integration enables healthcare teams to automate patient outreach, appointment scheduling, appointment reminders, feedback requests and more.
We help you engage and activate patients to drive improved health outcomes. With a deep understanding of your unique challenges and a technology platform that integrates seamlessly across all points of care, Luma Health is the company community health centers have come to rely on.
We specialize in helping you get patients in the door
Our technology helps keep patients on track with treatment plans
We help you improve the health of specific patient populations
As a community health center, you face a unique set of challenges. COVID-19 has added to those challenges. From getting patients into your clinic for care, to meeting qualifications for funding, we’ll work with you to tackle your biggest challenges.
Getting Patients in for Care
The need for care is high, but staffing and available appointments are limited. Efficient communication and scheduling are critical. Luma Health offers strategies and best practices for quickly connecting with attributed patients and getting them in for care.
Keeping Patients on Course
When patients don’t adhere to treatment plans, the result is predictable: worse health outcomes and more hospitalizations. Our technology and best practices help you support patients with ongoing health management.
Obtaining Funding and Grants
Meeting qualifications for grants and funding is essential. Luma Health has tips, tools and best practices to help you qualify for the federal funding and grants that enable you to best serve your patients in your community.
“Our patient attribution list was too large to manage with manual outreach. Luma Health’s automated text outreach and online scheduling systems help us connect with more patients and get them through our doors. We scheduled an additional 1,556 appointments during a single month of outreach.”
“We wanted to turn cancelled appointments into opportunities to see patients waiting for care, but we lacked a simple way to notify waitlisted patients about openings. Luma Health’s Smart Waitlist helps us easily fill cancellations and serve more patients sooner. Scheduling is automatic, so there isn’t any extra work for our staff.”
“Luma Health helped us automate our process for responding to cancellations and refilling openings with waitlisted patients. We’re seeing happier patients, staff spending less time managing the phones, and we’re retaining revenue that would have been lost to cancellations.”
“The Automated Waitlist on Luma Health’s patient engagement platform has been especially helpful in getting our patients in sooner as we backfill empty appointment slots. It’s helped us keep revenue that could have been lost to cancellations.”
“As the only health center in a 20 mile radius, we have to provide timely access to care. Luma Health helps us offer and confirms appointments at any hour of the day, which gives patients quicker access to their primary care and behavioral health providers.”
“The nature of our patient population can make it difficult to ensure all patients are receiving the care they need. Luma Health’s text-first communication approach has improved our patient response rate immensely.”
Previous
Next
Making More Areas of Care Accessible to Patients
Luma Health’s solution works across multiple areas of care to meet your entire populations’ needs.
Preventive Care
Chronic Care
Women’s Health
Behavioral Health
Vision Care
Dental Care
Modern Patient Access Solutions for Community Health Centers
Telehealth Visits
HIPAA-compliant virtual visits offer a convenient alternative to in-person appointments.
Drive-Thru Healthcare
Curbside care allows you to provide services without bringing patients inside the doors of your clinic.
Patient Screening Surveys
Screening surveys identify COVID-19 exposure risks and route patients to the appropriate care setting.
Patient Monitoring Surveys
Surveys allow you to monitor patients remotely to determine if they are experiencing health issues.
Patient Feedback Surveys
Feedback surveys help capture patients’ perspectives on care, while driving higher HCAHPS scores.
Patient-Centric Chat
Two-way chat engages patients, and quickly connects healthcare providers to coordinate care.
Broadcast Messaging
Automated messaging enables you to reach all of your patients, or specific groups of patients, in 20+ languages.
Notifications for Lab Results and Medications
Automated alerts notify patients about the status of lab tests and the availability of prescriptions.
Preventive Care Scheduling
EHR data triggers automatic, self-scheduling for patients due for preventive exams or screenings.
Chronic Care Education
Educational content distributed to patients through a cadence of communication for ongoing support.
Appointment Reminders, Refill, and Waitlist
Automated outreach helps recall and reschedule patients, while filling cancellations with waitlisted patients.
Reporting
Sophisticated reporting tools built to help you secure funding and maximize revenue for your clinic.
Zero Contact Check In
Digitize check-in and complete patient intake forms electronically to maintain social distancing.
Zero Contact Waiting Room
Leverage seamless workflows to allow patients to wait from virtually anywhere.
Better Accessibility for Patients, Improved Outcomes for These and Other Community Health Centers
Salud Family Health Centers
Improved patient access with texting and automated appointment scheduling
We built our platform to modernize and simplify access to care. That’s why more health systems are choosing Luma Health. Whether it’s automating reminders for outpatient procedures or streamlining online scheduling, we’ve got your patient access and communication needs covered.
Automated patient engagement solutions custom-built for health systems help you maximize business results. Here are the results from one of our partners, a major academic medical center:
53%
referral conversion with automated outreach
2.4x
additional monthly
availabilities filled
$332,000
in estimated annual
revenue generated
The online scheduling solution you’ve been looking for
Luma Health partners with health systems to automate patient outreach and drive more patients to schedule online. The results are huge. Patients appreciate the added level of convenience, and health systems can watch their call volume decrease dramatically. Here’s how it works.
Automatically send patients a link to schedule online
Rules-based scheduling guides patients to the right appointment slot, with the right provider
Collect patient data in a HIPAA-compliant, mobile-friendly format
Real-time, two-way EHR integration ensures always accurate availability and patient data
We make integration with your EHR our number one priority, whether you use Epic, NextGen, or another system. You should always have the most accurate and up-to-date information at your fingertips.
Syncs in real-time
Bi-directional functionality
White-glove customer service
Custom-built to streamline the entire patient journey
We partner with hospitals and health systems to streamline the entire patient journey – from the time a patient is referred to you, to processing patient feedback.
Advanced, online self-scheduling
Actionable appointment reminders
Automated feedback and online reputation management
Here Are a Few of Our Happy Hospital and Health System Partners
with Epic
with Epic
with Epic
Customize how you use Luma to empower your staff and drive real revenue. Send HIPAA-compliant text, automate referral outreach, and even track which patients need follow-up appointments. Engage and do more for your patients.
reminders
Actionable, smart, and customizable reminders help your practice connect to your patients wherever they are: text, phone, or email. Significantly reduce your no-shows and better understand your patient flow.
Patients love Luma Health’s smart reminders. Luma Health’s HIPAA compliant appointment reminders allow patients to confirm or cancel an appointment via a simple text message. No more manual calls! It’s easy to use, and you can see who confirmed, canceled, and didn’t respond in a real-time dashboard.
Customizable
Only send reminders for one facility but not the other? Need to send texts but not emails? Want customized messages? Luma Health is fully customizable to match your needs.
Actionable
Patients interact with Luma Health reminders with a reply rate of over 60%. Patients can confirm, call, cancel, or ask to join a waitlist to get a future appointment.
Patient Focused
Connect with your patients where it’s most convenient for them: text message, email, or voice. With smart validation technology, Luma Health automatically detects contact type regardless of how it’s captured in your EHR/PM.
Business Associate Agreement
Effective date: March 1, 2015
This BUSINESS ASSOCIATE Agreement (“Agreement” or “BA Agreement”) is entered into on [Date] by and between [Covered Entity] (“Covered Entity”) and Luma Health, Inc. (“Business Associate”).
RECITALS
A. Covered Entity is a covered entity under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”).
B. Business Associate is a “business associate” under HIPAA.
C. Business Associate provides certain services to or on behalf of Covered Entity; and
D. Covered Entity and Business Associate have entered into certain contract(s) existing as of the effective date of this BA Agreement and may enter into other future contracts (the “Underlying Agreements”); and
E. In connection with these services, Covered Entity discloses to Business Associate certain protected health information that is subject to protection under HIPAA and the Health Information Technology for Economic and Clinical Health (“HITECH”) Act; and
F. HIPAA and the HITECH Act require that Covered Entity receive adequate assurances that Business Associate will comply with certain obligations with respect to the Personal Health Information received in the course of providing services to or on behalf of Covered Entity.
NOW, THEREFORE, in consideration of the foregoing and other good and valuable consideration, the parties agree as follows:
DEFINITIONS
The following terms are defined for purposes of this BA Agreement.
(a) Catch-All Definition: The following terms used in this Agreement (whether capitalized or not) shall have the same meaning as those terms in the HIPAA Rules: Breach, Data Aggregation, Designated Record Set, Disclosure, Health Care Operations, Individual, Minimum Necessary, Notice of Privacy Practices, Required By Law, Secretary, Security Incident, Subcontractor, Unsecured Protected Health Information, and Use. Terms used, but not otherwise defined in this BA Agreement shall have the same meaning as those terms in HIPAA and the HITECH Act.
(b) “Privacy Rule” shall mean the Standards for Privacy of Individually Identifiable Health Information at 45 CFR part 160 and part 164, subparts A and E.
(c) “Security Rule” shall mean the Standards for Security of Individually Identifiable Health Information at 45 CFR parts 160, 162 and 164.
(d) “Protected Health Information” (“PHI”) shall have the same meaning as the term “protected health information” in 45 CFR 160.103, limited to the information created or received by Business Associate from or on behalf of Covered Entity.
(e) “Electronic Protected Health Information” (“ePHI”) shall have the same meaning as the term “electronic protected health information” in 45 CFR 160.103, limited to information created, received, maintained, or transmitted by Business Associate on behalf of the Covered Entity.
OBLIGATIONS AND ACTIVITIES OF BUSINESS ASSOCIATE
(a) General Obligations: Business Associate agrees not to use or disclose PHI or ePHI (collectively, hereinafter, “PHI”, unless otherwise indicated) other than as permitted or required by the BA Agreement or as Required by Law. Business Associate shall not directly or indirectly receive remuneration in exchange for PHI, except with the prior written consent of Covered Entity and as permitted by the HITECH Act; however, this prohibition shall not affect payment by Covered Entity to Business Associate for services provided pursuant to the Underlying Agreements which is defined below in Section 2.0(b).
(b) Mitigation: Business Associate agrees to mitigate, to the extent practicable, any harmful effect that is known to Business Associate of a use or disclosure of PHI by Business Associate in violation of the requirements of this BA Agreement.
(c) Reporting: Business Associate shall notify in writing Covered Entity of any access, use or disclosure of PHI for a purpose that is not provided for in this BA Agreement, and any Breach of Unsecured PHI or Security Incident, of which Business Associate becomes aware without unreasonable delay and in no case later than 15 calendar days after discovery. Reports must be made to Covered Entity’s Privacy Office in writing; Reports may also be made by telephone, provided Business Associate also provides a follow-up written report as described above.
(d) Disclosure to Agents and Subcontractors: Business Associate shall ensure that any agent, including a subcontractor, to whom it provides PHI received from, or created on behalf of Covered Entity, agrees to the same restrictions and conditions that apply through this BA Agreement to Business Associate with respect to such information.
(e) Designated Record Set: As applicable, Business Associate shall provide access, at the request of Covered Entity to PHI in a Designated Record Set, to Covered Entity or, as directed by Covered Entity, to an Individual in order to meet the requirements under 45 CFR 164.524
(f) Amendments: Business Associate agrees to make any amendment(s) to PHI in a Designated Record Set that the Covered Entity directs or agrees to pursuant to 45 CFR 164.526 in the time and manner as reasonably requested by Covered Entity or an Individual.
(g) Internal Practices, Policies and Procedures: Business Associate shall make available its internal practices, books, and records, including policies and procedures and PHI, relating to the use and disclosure of PHI received from Covered Entity or PHI created or received by Business Associate on behalf of Covered Entity available to the Secretary for purposes of the Secretary determining Covered Entity’s compliance with the Privacy Rule and the HITECH Act.
(h) Accounting for Disclosures: As applicable, Business Associate agrees to maintain the information required to provide an accounting of disclosures of PHI in accordance with 45 CFR 164.528 and to make this information available to Covered Entity upon Covered Entity’s request in order to allow Covered Entity to respond to an Individual’s request for accounting of disclosures. For PHI maintained as an Electronic Health Record, Business Associate shall, beginning at such time as the law requires, maintain such information necessary to provide an accounting of disclosures for treatment, payment or Health Care Operations for a period of three years after such PHI is made in accordance with 42 U.S.C. 13405(c).
(i) Security Obligations: Business Associate shall implement appropriate safeguards as are necessary to prevent the use or disclosure of PHI that is not permitted by the Underlying Agreements or this BA Agreement including, but not limited to, administrative, physical, and technical safeguards that reasonably and appropriately protect the confidentiality, integrity, and availability of Covered Entity’s electronic PHI as required by 45 CFR 164. Subpart A and Subpart C, as amended from time to time, and in the same manner that such provisions apply to a HIPAA covered entity. Business Associate shall ensure that any agent, including a subcontractor, to whom it provides such electronic PHI, agrees to implement reasonable and appropriate safeguards to protect it.
(j) Breach Notification: In the event of a privacy or security Breach that triggers a breach notification requirement under HITECH, Business Associate shall inform Covered Entity of the following: the identification of each individual whose unsecured PHI has been, or is reasonably believed by the Business Associate to have been, accessed, acquired or disclosed during the Breach; date of Breach; description of how the Breach occurred; description of types of information (SSN, DOB, etc.) compromised in the Breach; description of Business Associate’s efforts to mitigate potential damages; description of what the affected individual(s) can do to mitigate damages; and description of actions Business Associate shall take to reasonably ensure a similar breach does not occur in the future. Business Associate shall cooperate in covered entity’s risk assessment to determine whether individual notification is required under 45 CFR 164.404.
PERMITTED USES AND DISCLOSURES BY BUSINESS ASSOCIATE
(a) Permitted Uses and Disclosures: Except as otherwise limited in this BA Agreement, Business Associate may use or disclose PHI to perform functions, activities, or services for, or on behalf of, Covered Entity as specified in the Underlying Agreements provided such use or disclosure would not violate the Privacy Rule or the HITECH Act if done by the Covered Entity.
(b) Inclusions: For purposes of this BA Agreement, the Underlying Agreements shall include all existing or future contracts between the parties. The Underlying Agreement or Services include a project to develop an application to improve patient scheduling.
(c) Uses for Management and Administration: Business Associate may use PHI for the proper management and administration of the Business Associate or to carry out the legal responsibilities of the Business Associate.
(d) Disclosure for Management and Administration: Business Associate may disclose PHI for the proper management and administration of the Business Associate, provided that disclosures are Required By Law, or the Business Associate obtains reasonable assurances from the person to whom the information is disclosed that it will remain confidential and used or further disclosed only as Required By Law or for the purpose for which it was disclosed to the person, and the recipient agrees to notify Business Associate of any uses or disclosures to the contrary.
(e) Minimum Necessary: Business Associate (and its agents or subcontractors) shall request, use, and disclose only the minimum amount of PHI necessary to accomplish the purpose of the request, use, or disclosure, in accordance with 42 USC 17935(b). Business Associate understands and agrees that the definition of “Minimum Necessary” is subject to change from time to time depending on governmental regulatory changes.
(f) Data Aggregation: Business Associate may use Protected Health Information to provide Data Aggregation services to Covered Entity as permitted by 45 CFR 164.504(e)(2)(i)(B).
(g) Report Violations of Law: Business Associate may use Protected Health Information to report violations of law to appropriate Federal and State authorities, consistent with 45 CFR 164.502(j).
OBLIGATIONS OF COVERED ENTITY
(a) Notice of Privacy Practices: Covered Entity shall notify Business Associate of any limitation(s) in its notice of privacy practices of Covered Entity in accordance with 45 CFR 164.520, to the extent that such limitation may affect Business Associate’s use or disclosure of PHI.
(b) Changes in Permission: Covered Entity shall notify Business Associate of any changes in, or revocation of, permission by Individual to use or disclose PHI, to the extent that such changes may affect Business Associate’s use or disclosure of protected Health Information.
(c) Notification of Restrictions: Covered Entity shall notify Business Associate of any restriction to the use or disclosure of PHI that Covered Entity has agreed to in accordance with 45 CFR 164.522, to the extent that such restriction may affect Business Associate’s use or disclosure of PHI.
(d) Indemnification: Business Associate is in no way liable for any breach by Covered Entity of Covered Entity’s HIPAA or HITECH obligations. Covered Entity agrees to indemnify Business Associate if such a breach results in any damages to Business Associate, including but not limited to direct or indirect damages, settlements, legal fees, and loss of reputation.
PERMISSIBLE REQUESTS BY COVERED ENTITY
Permissible Requests by Covered Entity: Covered Entity shall not request Business Associate to use or disclose PHI in any manner that would not be permissible under the Privacy Rule and the HITECH Act if done by Covered Entity.
TERM AND TERMINATION
(a) Term: The Term of this BA Agreement shall commence as of the effective date set forth above and shall terminate when all of the PHI provided by Covered Entity to Business Associate, or created or received by Business Associate on behalf of Covered Entity, is destroyed or returned to Covered Entity, or, if it is infeasible to return or destroy PHI, protections are extended to such information, in accordance with the termination provisions in this Section, regardless of the termination date of any of the Underlying Agreements.
(b) Termination for Cause: Upon either party’s knowledge of a material breach by the other, the party with knowledge of the other’s material breach shall either:
(1) Provide written notice specifying the nature of the breach or violation to the other. The other party shall have 30 days from the receipt of the notice to remedy the breach or violation. If such corrective action is not taken within the time specified, this BA Agreement shall terminate at the end of the 30-day period without further notice or demand. Each party is required pursuant to the HITECH Act to report any known or suspected violations of the Privacy Rule and/or Security Rule by the other to the Secretary if, after notification, that party does not cure such violation within 30 days;
(2) Immediately terminate this BA Agreement; or
(3) If neither termination nor cure is feasible, the party shall report the violation to the Secretary.
(c) Effect of Termination:
(1) Except as provided in paragraph (c)(2) of this Section 5, upon termination for any reason of this BA Agreement, the Business Associate shall return or destroy all PHI received from Covered Entity, created or received by Business Associate on behalf of Covered Entity. This provision shall apply to PHI that is in the possession of subcontractors or agents of Business Associate. Business Associate shall retain no copies of the PHI.
(2) In the event that Business Associate in good faith determines that returning or destroying the PHI is not feasible, Business Associate shall extend the protections of this BA Agreement to such PHI and limit further uses and disclosures of such PHI to only those purposes that make the return or destruction feasible. Business Associate shall notify Covered Entity in writing of Business Associate’s compliance with this paragraph.
MISCELLANEOUS
(a) Regulatory References: Any reference in this BA Agreement to HIPAA or the Privacy or Security Rule shall mean the referenced section as is then in effect or as amended.
(b) Amendments: The Parties agree to take such action as is necessary to amend this BA Agreement from time to time for Covered Entity to comply with the requirements of the Privacy and Security Rule(s) and the HITECH Act.
(c) Survival: The respective rights and obligations of Business Associate under Section 5(c) of this BA Agreement shall survive the termination of this BA Agreement.
(d) Interpretation: Any ambiguity in this BA Agreement shall be resolved to permit Covered Entity to comply with HIPAA and the HITECH Act.
(e) Compliance with Laws: In performing their respective obligations under this BA Agreement, Covered Entity and Business Associate shall at all times comply with all provisions of HIPAA and the HITECH Act.
(f) No Third Party Beneficiaries: Nothing in this BA Agreement shall be considered or construed as conferring any right or benefit on a person not party to this BA Agreement nor imposing any obligations on either Party hereto to persons not a party to this BA Agreement.
(g) Completeness: This Agreement, including any exhibits attached hereto, constitutes the entire Agreement among the parties with respect to the subject matter hereof, and supersedes any and all prior agreements or statements among the parties, both oral and written, concerning the subject matter hereof. This Agreement may not be amended or modified except by a writing signed by both parties. This Agreement may be executed in any number of counterparts, all of which together shall constitute one and the same instrument. This Agreement shall be binding upon and inure to the benefit of the parties and their respective successors and assigns. Neither party shall assign or delegate its rights, duties, or obligations under this Agreement, without the prior written consent of the other party.
(i) Dispute Resolution: Any dispute, claim, or controversy between the Parties arising under or related to this Agreement or the breach, termination, enforcement, interpretation or validity thereof, shall be resolved according to the laws of California and through the following procedures:
(1) The parties shall first attempt in good faith to resolve any dispute arising out of or relating to this Agreement promptly by negotiation between executives who have authority to settle the controversy and who are at a higher level of management than the persons with direct responsibility for administration of this Agreement. Any party may give the other party written notice of any dispute not resolved in the normal course of business. Within 15 days after delivery of the notice, the receiving party shall submit to the other a written response. The notice and response shall include with reasonable particularity (a) a statement of each party’s position and a summary of arguments supporting that position, and (b) the name and title of the executive who will represent that party and of any other person who will accompany the executive. Within 30 days after delivery of the notice, the executives of both parties shall meet at a mutually acceptable time and place; if no such place can be agreed upon, the parties shall meet via video-conference.
The above-described negotiation shall end at the close of the second meeting of executives described above. Such closure shall not preclude continuing or later negotiations, if desired.
All offers, promises, conduct and statements, whether oral or written, made in the course of the negotiation by any of the parties, their agents, employees, experts and attorneys are confidential, privileged and inadmissible for any purpose, including impeachment, in arbitration or other proceeding involving the parties, provided that evidence that is otherwise admissible or discoverable shall not be rendered inadmissible or non-discoverable as a result of its use in the negotiation.
(2) If the matter is not resolved by negotiation pursuant to the above paragraphs, only then will the matter proceed to non-binding mediation as set forth in this Subpart (2).
The parties agree that any and all disputes, claims or controversies arising out of or relating to this Agreement shall be submitted to JAMS, or its successor, for mediation. Either party may commence non-binding mediation by providing to JAMS and the other party a written request for mediation, setting forth the subject of the dispute and the relief requested.
The parties will cooperate with JAMS and with one another in selecting a mediator from the JAMS panel of neutrals and in scheduling the mediation proceedings. The parties agree that they will participate in the mediation in good faith and that they will share equally in its costs.
All offers, promises, conduct and statements, whether oral or written, made in the course of the mediation by any of the parties, their agents, employees, experts and attorneys, and by the mediator or any JAMS employees, are confidential, privileged and inadmissible for any purpose, including impeachment, in any arbitration or other proceeding involving the parties, provided that evidence that is otherwise admissible or discoverable shall not be rendered inadmissible or non-discoverable as a result of its use in the mediation.
All applicable statutes of limitation and defenses based upon the passage of time shall be tolled until 15 days after the Earliest Initiation Date. The parties will take such action, if any, required to effectuate such tolling.
(3) If the matter is not resolved by negotiation pursuant to the above paragraphs, only then will the matter proceed to binding arbitration as set forth in this Subpart (3).
Any dispute, claim or controversy arising out of or relating to this Agreement or the breach, termination, enforcement, interpretation or validity thereof, including the determination of the scope or applicability of this agreement to arbitrate, shall be determined by arbitration in San Francisco, CA before one arbitrator. The arbitration shall be administered by JAMS pursuant to its Streamlined Arbitration Rules and Procedures. Judgment on the Award may be entered in any court having jurisdiction. This clause shall not preclude parties from seeking provisional remedies in aid of arbitration from a court of appropriate jurisdiction.
(h) Notices: Any notices pertaining to this BA Agreement shall be addressed to the appropriate party as follows:
If to Covered Entity.
[Address on file of Covered Entity]
If to Business Associate:
Privacy Officer
Luma Health, Inc.
177 Post Street, Suite 920
San Francisco, CA 94108
We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it.OkPrivacy policy
