We reserve the right to change our privacy practices and the terms of this Notice at any time, provided such changes are permitted by the applicable law. We reserve the right to make the changes in our privacy practices and the new terms of our Notice effective for all health information that we maintain, including health information we created or received before we made the changes. Before we make a significant change in our privacy practices, we will change this Notice and make the new Notice available upon request.As I parse it, that comes down to a promise that they won't break the law, whatever that is. I thought I could assume that in any contract or commercial transaction. Maybe the new safe assumption is detailed in some Notice that I haven't been told I ought to request.
I am told by one who knows more that there are teeth to the law which required this Notice; denticles of several thousand dollars a day fine for incorrectly storing a citizen's medical data. Now, if that and the definition of misuse were published in the Notice, we'd see some spontaneous security testing. More than optimal, I'm sure; but what a sporting proposition!
So wrote clew in
History (21st c.).