Applicant and Candidate Privacy Policy
Table of Contents
- Scope and Purpose
- Types of information we collect
- How we use the information we collect
- Who may have access to your information
- Our retention of your information
- California Privacy Rights Notice
- Updates to this Policy
I. Scope and Purpose
This privacy policy (“Policy”) covers the information you share with us and/or which may be acquired or produced by athenahealth, Inc., its subsidiaries and its affiliates including, but not limited to, VVC Holding Corp. and Epocrates, LLC, (collectively, “athenahealth”, “we”, or “us”) during the application or recruitment process, including:
- What information we collect during our application and recruitment process and why we collect it; and
- How we use that information.
This athenahealth Policy applies to athenahealth’s websites that link to this Policy but does not apply to those athenahealth websites that have their own Privacy Statement or Policy.
II. Types of information we collect
- Your name, address, email address, telephone number and other contact information;
- Your resume or CV, cover letter, previous and/or relevant work experience or other experience, education, transcripts, or other information you provide to us in support of an application and/or the application and recruitment process;
- Information from interviews and phone-screenings you may have, if any;
- Details of the type of employment you are or may be looking for, current and/or desired salary and other terms relating to compensation and benefits packages, willingness to relocate, or other job preferences;
- Details of how you heard about the position you are applying for which may include the name and information related to an individual who referred you to the application or recruitment tool for athenahealth;
- Any sensitive and/or demographic information obtained during the application or recruitment process such as gender, information about your citizenship and/or nationality, medical or health information, eligibility to work in the country of hire, and/or your racial or ethnic origin;
- Reference information and/or information received from background checks (where applicable), including information provided by third parties;
- Information relating to any previous applications you may have made to athenahealth and/or any previous employment history with athenahealth;
- Information about your educational and professional background from publicly available sources, including online, that we believe is relevant to your application or a potential future application (e.g. your LinkedIn profile);
- Information related to any assessment you may take as part of the interview screening process;
- Information related to the expenses (as applicable) incurred during the interview process which may include transportation, hotel and incidental costs;
- Your social security number, date of birth, Permanent Account Number (PAN) and/or ADDHAR number, as applicable; and/or Any other information you provide to us.
III. How we use the information we collect
- Your information will be used by athenahealth for the purposes of carrying out its application and recruitment process which includes:
- Assessing your skills, qualifications and interests against our career opportunities;
- Verifying your information and carrying out reference checks and/or conducting background checks (where applicable) if you are offered a job;
- Communicating with you about the recruitment process and/or your application(s), including, in appropriate cases, informing you of other potential career opportunities at athenahealth;
- Proactively conducting research about your educational and professional background and skills and contacting you if we think you would be suitable for a role with us.
- Where requested by you and only as applicable, assisting you with obtaining an immigration visa or work permit where required; and/or
- Making improvements to athenahealth’s application and/or recruitment process including improving diversity in recruitment practices.
We may also use your information, where applicable, to:
- Improve our application or recruitment process, in order to ensure we recruit the best possible candidates;
- Create and/or submit reports as required under any local laws and/or regulations;
- Comply with applicable laws, regulations, legal processes or governmental requests; and/or
- Detect, prevent or otherwise address fraud, security or technical issues, or to protect against harm to the rights, property or safety of athenahealth, our users, applicants, candidates, employees or the public or as otherwise required by law.
If you are offered and accept employment with athenahealth, the some of the information collected during the application and recruitment process will become part of your employment record, including, but not limited to, your resume (or similar output provided), text of the job description for the role you were hired into, background check information including the authorization and report, offer letter and your employee agreement.
IV. Who may have access to your information
- Your information may be shared with our affiliates, subsidiaries or joint ventures in the US and in other jurisdictions, in relation to the purposes described above.
- If you have been referred for a job at athenahealth by a current athenahealth employee, with your consent, we may inform that employee about the progress of your application and let the athenahealth employee know the outcome of the process. In some cases, if it is identified that you have attended the same university/school or shared the same previous employer during the same period as a current athenahealth employee we may consult with that employee for feedback on you.
- athenahealth may also use service providers acting on athenahealth’s behalf to perform some of the services described above (for example services providers who perform verification / background checks). These service providers may be located outside the country in which you live or the country where the position you have applied for is located;
- athenahealth may sometimes be required to disclose your information to external third parties such as to local labor authorities, courts and tribunals, regulatory bodies and/or law enforcement agencies for the purpose of complying with applicable laws and regulations, or in response to legal process;
- We will also share your personal information with other third parties if we have your consent (for example if you have given us permission to contact your references);
- It is your responsibility to obtain consent from references before providing their personal or contact information to athenahealth;
- An actual or potential buyer (and its agents and advisers) in connection with any actual or proposed purchase, merger, or acquisition of all or any part of our business.
V. Our retention of your information
While we maintain your information, we protect it using administrative, physical, and technical security safeguards designed to protect your information. When we collect certain sensitive information, we encrypt the transmission of that information using secure socket layer technology (SSL). Despite these measures, we cannot guarantee the security of the information we maintain about you.
We retain information for different periods of time depending on the purposes for which we collect and use it, as described in this Policy. We will not retain information for longer than needed to fulfill these purposes unless a longer retention period is required to comply with legal obligations. Also, there may be technical or other operational reasons where we are unable to delete or de-identify your information. Where this is the case, we will take reasonable measures to prevent further processing your information.
athenahealth operates globally, which means your information may be stored and processed outside of the country or region where it was originally collected including in the United States. In some of these countries, you may have fewer rights with respect to, your information than you do in your country of residence. By submitting your information to us, you consent to the processing, storage, transfer of your personal information by athenahealth in and to the United States.
If you do not want us to retain your information for consideration for other roles, or want us to update it, please contact askhr@athenahealth.com. Please note, however, that we may retain some information to comply with a legal obligation or for purposes connected to legal claims.
VI. California Privacy Rights Notice
This Privacy Notice for California Residents (“Notice”) supplements the information contained in this Policy and applies solely to individuals who reside in the State of California. The California Consumer Privacy Act (“CCPA”) provides California residents rights regarding their personal information, including but not limited to the ability to submit a request to know what personal information was collected about them and to delete their personal information. Personal information is information that identifies, relates to, or is reasonably capable of being associated with a particular consumer, household, or device. Please note that the CCPA has a number of exemptions regarding consumer rights and the definition of personal information, which we may utilize on appropriate consumer privacy requests. For more information on the CCPA and to submit a request, please see https://www.athenahealth.com/privacy-rights.
VII. Updates to this Policy
We reserve the right to amend this Policy at our discretion and at any time. When we make changes to this Policy, we will post the updated Policy and update the Policy’s effective date.
Effective date: June 28, 2024.