Privacy Policy

This ACEs Aware Privacy Policy, (or “Privacy Policy”) is effective as of September 30, 2022 and is subject to change without notice.

ACEs Aware is committed to keeping users’ personal information private and secure, as required by law and policy. These laws and policies include the federal Health Insurance Portability and Accountability Act of 1996 (HIPAA); California Online Privacy Protection Act of 2003 (CalOPPA—Business & Professions Code §§ 22575-22579); California Information Practices Act of 1977 (IPA); California Public Records Act (PRA—Government Code §§ 6250-6276.48); California Government Codes § 11015.5 and §11019.9; State Administrative Manual (SAM) § 5310.1; and, Statewide Information Management Manual (SIMM) 5310-A.

The ACEs Aware website electronically gathers information about users’ visits to our website.  Additional demographic data (e.g., race, ethnicity, occupation, location, and zip code) is collected and used in various ACEs Aware reports.  We use this information to respond to user inquiries and to improve the website. The ACEs Aware site uses web analytics to gather user Internet Protocol (IP) addresses, to record the web browser being used (e.g., Google Chrome), and the name of your internet domain (e.g., Gmail, AOL). Web analytics records the date and time that users access our site and collects information on which files, pages, and links are visited. It also records the website address from which the ACEs Aware site was accessed.

Web analytics uses cookies and web beacons to gather information in order to serve users better. Cookies provide an ID that allows ACEs Aware to determine the number of unique visitors to our site. Web beacons track the pages viewed. ACEs Aware does not use this or any other information to identify users personally. ACEs Aware uses web analytics information to help us monitor and improve our website performance. If users do not want their browser to accept cookies, they can adjust the browser settings. However, some site features or services may not function properly without cookies. Web beacons do not upload to users’ computer and only work while browsing our site.

The goal of the ACEs Aware site is to help people live healthier lives and reach their full potential. The user information we request may include some or all of the following: name, email address, address, and/or employment information. We may also request health care plan and provider data.

ACEs Aware uses the information users provide in order to respond to their inquiries. When users provide said information, this constitutes consent for ACEs Aware to collect and share the information with their healthcare providers. If users choose not to provide the information requested, they will be unable to use some site features and services. However, users will still be able to use most of the website.

ACEs Aware will not distribute or sell electronically collected personal information about users to any third party without users’ written consent. We only use personal information for reasons stated in this privacy policy, or as stated at the time of collection, except with user consent or as authorized by law. ACEs Aware has legal authorization to share user personal information without consent 1) to perform duties authorized by state or federal law or regulation; 2) in response to a court order; or 3) to contribute to health care statistics—in which case ACEs Aware will provide anonymous information. In limited circumstances, ACEs Aware may also share information with federal or state law enforcement authorities to investigate or respond to attempts to access ACEs Aware data or information technology without authorization. This information may also be subject to PRA (or “Public Records Act”) requests by requestors, which could include media organizations.[1]

Electronically collected personal information is exempt from requests made under the California Public Records Act.

ACEs Aware uses many approaches to protect user personal information from loss, theft, or unauthorized use. These approaches include the use of physical, administrative, and technical access controls. Some of the controls ACEs Aware uses include data encryption, network intrusion prevention, data loss prevention and malware defense. ACEs Aware facilities are monitored 24 hours a day, seven days a week with surveillance, alarms, and access controls. ACEs Aware also takes other steps to protect personal information.

ACEs Aware respects users’ rights to access the information about them that we collect or maintain, and to make corrections. We also respect a user’s right to delete all of their electronically collected personal information without reuse or distribution. Parents and guardians may exercise these rights over the information of their child or charge. To pursue options related to privacy or personal access, or if users have questions, comments, or complaints, or want more information about this privacy policy statement, please contact:

UCAAN privacy contact information:

UCAAN BOX 951752, 12-362 MDCC

Los Angeles, CA 90095-1752

Phone: 310-825-8883

E-mail: ucaan@ucla.edu

and

DHCS Privacy Office

P.O. Box 997413, MS 4722

Sacramento, CA 95899-7413

Phone: 916-445-4646

E-mail: incidents@dhcs.ca.gov

This ACEs Aware privacy policy statement does not apply to external websites that users may access from this site. When you exit the ACEs Aware website to access a different website, users will be subject to that website’s privacy policy and practices. This site will notify users when they are leaving it to access an external site.

[1] Government Code Section 6250.

END USER SUBLICENSE AGREEMENT

PLEASE READ CAREFULLY: This End User Sublicense Agreement (the “Agreement” or “Sublicense”) is a legally binding agreement between you (an individual or an entity, hereinafter “You” or “Sublicensee”) and the Department of Health Care Services (“DHCS”) for the use of the Pediatric ACEs and Related Life-events Screener (“PEARLS”) for children and adults up to the age of 21.

BY WAY OF DOWNLOADING, COPYING, ACCESSING, OR OTHERWISE USING THE PEARLS TOOL, YOU ARE AGREEING TO BE LEGALLY BOUND BY THE TERMS OF THIS AGREEMENT. IF YOU DO NOT AGREE TO BE BOUND BY THE TERMS OF THIS AGREEMENT, THEN YOU HAVE NO RIGHTS TO THE PEARLS TOOL AND MAY NOT DOWNLOAD, COPY, ACCESS, OR OTHERWISE THE PEARLS TOOL.

THE PEARLS TOOL IS PROTECTED BY COPYRIGHT LAWS AND IS OTHERWISE PROTECTED INTELLECTUAL PROPERTY. THE PEARLS TOOL IS LICENSED AND IS NOT SOLD.

    1. The PEARLS Tool. The PEARLS tool is a unique tool that assess for both Adverse Childhood Experiences (“ACEs”) such as abuse, neglect, and household challenges, and related events, such as discrimination, food insecurity, and community violence, thought to be risk factors for toxic stress. The PEARLS tool was made in the course of research under the auspices of the Children’s Hospital Research Center at Oakland (“BCHO”) and the University of California, San Francisco. BCHO has licensed the PEARLS tool to DHCS and provided DHCS with the right to sublicense the PEARLS tool.
    2. Sublicensee Attestation. By agreeing to this Agreement, You attest that You are a provider of health care services to Medi-Cal beneficiaries, a Medi-Cal Managed Care Plan, a Medi-Cal beneficiary, a parent or guardian of a Medi-Cal beneficiary, or an Electronic Health Records (“EHR”) vendor.
    3. The Sublicense. Subject to the terms of this agreement, DHCS hereby grants to Sublicensee a non-exclusive, royalty-free, non-assignable, non-transferable sublicense (the “Sublicense”) to the PEARLS tool. Under the Sublicense, Sublicensee may use the PEARLS tool as directed, and may save, download, print, copy, reproduce, or distribute the PEARLS tool to facilitate such use.
    4. Use in a Remote Patient Portal. The PEARLS tool was developed as a screener of risk for toxic stress and has been tested for safe, reliable screening when used during in-person (i.e., synchronous) visits. The questions and responses of the PEARLS tool may be administered using the EHR as structured data fields to facilitate record and follow-up. Because the PEARLS tool was never studied under asynchronous screening formats, DHCS cannot provide recommendations regarding its use in a remote patient portal. This includes information around safety and adequate windows of response. Sublicensee acknowledges that DHCS is not responsible for providing any recommendations regarding the use of the PEARLS tool in a remote patient portal, and that DHCS is not responsible for overseeing implementation and use of the PEARLS tool in a remote patient setting. This includes information around safety and adequate windows of response.
    5. Disclaimer of Warranty. This Sublicense and the associated PEARLS tool are provided WITHOUT WARRANTY OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE OR ANY OTHER WARRANTY, EXPRESS OR IMPLIED. DHCS MAKES NO REPRESENTATION OR WARRANTY THAT THE PEARLS TOOL WILL NOT INFRINGE ANY COPYRIGHT, PATENT, OR OTHER PROPRIETARY RIGHT.
    6. Limitations of Liability.
      1. IN NO EVENT WILL DHCS BE LIABLE FOR ANY INCIDENTAL, SPECIAL OR CONSEQUENTIAL DAMAGES RESULTING FROM EXERCISE OF THIS SUBLICENSE OR THE USE OF THE PEARLS TOOL.
      2. DHCS WILL NOT BE LIABLE FOR ANY LOST PROFITS, COSTS OF PROCURING SUBSTITUTE GOODS OR SERVICES, LOST BUSINESS, ENHANCED DAMAGES FOR INTELLECTUAL PROPERTY INFRINGEMENT OR ANY INDIRECT, INCIDENTAL, CONSEQUENTIAL, PUNITIVE OR OTHER SPECIAL DAMAGES SUFFERED BY SUBLICENSEE, JOINT VENTURES, AFFILIATES, OR DEVELOPMENT PARTNERS ARISING OUT OF OR RELATED TO THIS AGREEMENT. DHCS WILL NOT LIABLE FOR ANY CAUSES OF ACTION OF ANY KIND (INCLUDING TORT, CONTRACT, NEGLIGENCE, STRICT LIABILITY, AND BREACH OF WARRANTY) EVEN IF DHCS HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
    7. Indemnity and Duty to Defend. Sublicensee shall indemnify, defend, and hold harmless DHCS from and against all claims, actions, damages, losses, liabilities (or actions or proceedings with respect to any thereof), whether or not rightful, arising from any and all actions or claims by any third party or expenses related thereto (including, but not limited to, all legal expenses, court costs, and attorney’s fees incurred in investigating, preparing, serving as a witness in, or defending against, any such claim, action, or proceeding, commenced or threatened) to which DHCS and/or any employee, contractor, or agent acting on DHCS’s behalf may be subject, whether or not Sublicensee is a party to any pending or threatened litigation, which arise out of or are related to (i) claims and losses accruing or resulting to any person, firm or corporation who may be injured or damaged by Sublicensee’s use, reproduction, manufacture, sale, offer to sell, distribution, import, export, modification, public and private  performance/display, license, and disposition of the PEARLS tool; (ii) the incorrectness or breach of any of the representations, warranties, covenant or agreements of Sublicensee pertaining the PEARLS tool; or (iii) any intellectual property infringement, or any other type of actual or alleged infringement claim, arising out of Sublicensee’s use, reproduction, manufacture, sale, offer to sell, distribution, import, export, modification, public and private performance/display, license, and disposition of the PEARLS tool. This indemnity obligation shall apply irrespective of whether the infringement claim is based on a patent, trademark or copyright registration that issued after the effective date of this Agreement. DHCS reserves the right to participate in and/or control, at Sublicensee’s expense, any such infringement action brought against DHCS.
    8. Governing Law. This Agreement is to be interpreted and construed in accordance with the laws of the State of California.
    9. Miscellaneous
      1. The relationship between DHCS and Sublicensee established by this Agreement is that of independent contractors. No joint venture or partnership is established by this Agreement. Neither party is the agent, broker, partner, employee, or legal representative of the other for any purpose.
      2. The headings of any sections are inserted for convenience of reference only and are not intended to be part of, or to affect the meaning or interpretation of this Agreement.
      3. This Agreement embodies the entire understanding of DHCS and Sublicensee and supersedes all previous communications, representations or understandings, either oral or written, between them relating to the subject matter of this Agreement.
      4. In the event that any provision of this Agreement is unenforceable or held to be unenforceable, all other provisions of this Agreement have force and effect and will not be affected thereby.
      5. This Agreement may only be amended, modified, or supplemented by an agreement in writing signed by each party hereto.