Skip to content

Hopscotch Data Retention Policy

 
 Version #1.0.2 
  • Last Modified: Sun, 19 Dec 2021 12:16:16 -0500 

Introduction 

This policy provides timeframes and guidelines for retaining different types of personal data. This policy applies to all personal data stored on systems and media that are owned, leased, or otherwise provided by Hopscotch, regardless of their location. This policy protects Hopscotch personal data by: 

  • Explaining why and how Hopscotch retains personal data 
  • Clarifying the retention requirements for personal data 
  • Explaining why and how Hopscotch destroys personal data that is no longer required 

Reasons for Data Retention 

Hopscotch doesn't want to adopt a ``save everything'' approach. This isn't practical or cost effective, and would place an excessive burden on Hopscotch and the Security Team to manage the constantly-growing amount of data. Some data, however, must be retained in order to protect the company's interests, preserve evidence, and generally conform to good business practices. Some reasons for data retention include: 

  • Litigation 
  • Accident investigation 
  • Security incident investigation 
  • Regulatory requirements 
  • Intellectual property preservation 

Data Duplication 

Hopscotch will store all personally identifiable information (PII) and protected health information (PHI) data se curely at Amazon AWS servers in encrypted formats. This includes data used in normal operations and also back ups of the operational data. When identifying and classifying data it is important to also understand where that data may be stored. This is especially true for duplicate copies of data, as this policy must also be applied to these duplicates. 

Retention Requirements 

This section sets guidelines for retaining the different types of company data: 

  • Personal customer data - Personal data will be held for as long as the individual is a customer of the company plus 6 years.
  • Personal employee data - General employee data will be held for the duration of employment and then for 6 years after the last day of contractual employment. 
  • Employee contracts - Will be held for 6 years after last day of contractual employment. • Records of leave - Will be held for 3 years. 
  • Recruitment details - Interview notes of unsuccessful applicants will be held for 1 year after interview. This personal data will then be destroyed. 
  • Planning data - 7 years. 
  • Health and Safety - 7 years for records of major accidents and dangerous occurrences. • Public data - Public data will be retained for 3 years. 
  • Operational data (Most company data will fall in this category) -Operational data will be retained for 5 years. • Critical data - Critical data must be retained for 6 years. 
  • Confidential data - Confidential data must be retained for 7 years. 

Retention of Encrypted Data 

  • If any information retained under this policy is stored in an encrypted format, considerations must be taken for secure storage of the encryption keys. 
  • Encryption keys must be retained as long as the data that the keys decrypt is retained. • Hopscotch stores all the personally identifiable information (PII) and protected health information (PHI) that we collect in secure, encrypted systems in Amazon AWS. The encryption keys are stored separately from the data. 

 

logo

Copyright YYYY Hopscotch all rights reserved

emergency

If you or a loved one is in crisis, please call 911 or go to your nearest emergency room.

phone
617-333-8740
phone
support@joinhopscotch.com
instagram
twitter
facebook
facebook
Find a provider
Join our team

All clinical services are provided by licensed clinicians practicing within independently owned and operated professional practices. For patients, this is known as “Hopscotch Health of NJ, P.C." Hopscotch Corp. does not itself provide any physician, behavioral health professional, or other healthcare provider services.