Last Updated: December 6, 2021
We (“we,” “us,” or “our”) respect your privacy and understand the importance of privacy to our customers. We developed this Internet Privacy Notice (“Notice”), which is a part of our Terms of Service (“Terms”), to describe how we collect, use, share, and protect your (sometimes referred to as “you” or “user”) privacy and Your Information (defined below) as a user of our Online Services (defined below).
This Notice applies to personal information collected or processed through the service you are currently using and the technology supporting the service (collectively the “Online Services”).
PLEASE READ THIS NOTICE CAREFULLY. By accessing and using the Online Services, you agree to be bound by the terms of this Notice. If you do not agree with the terms of this Notice, you should immediately cease all use of the Online Services. After you read this Notice, please read our Terms. This Notice and our Terms work in conjunction.
IN THE EVENT YOU EXPERIENCE AN EMERGENCY, GO TO THE EMERGENCY ROOM OF A LOCAL HOSPITAL OR DIAL 911 IMMEDIATELY IN THE EVENT OF AN EMERGENCY. Except when you receive direct communication from your healthcare provider, and the communication is provided to you by a caregiver, the Online Services do not constitute medical advice.
1. Your Information
A. Information that You Provide Us
To improve your overall experience with the Online Services, before permitting you to use certain parts of the Online Services, we may require you to create an account or provide your information, including personal information, to us (“Your Information”). We may request you provide certain personal information to us to assist in identifying you or relating to a particular individual for whom you are acting as a legal representative. Examples of personal information include, but are not limited to your:
In various places throughout the Online Services, we may request information from you via online forms to improve your overall experience with the Online Services. The exact information we need to collect will depend on the purpose of the form. For example, when you request to contact us through the Online Services you provide us: your name, your email address, and the name of the facility that rendered services to you. We will indicate on the form whether a particular field of information is mandatory or optional. If you choose not to provide certain information, we may not be able to provide the requested services.
To provide the requested Online Services to you, we may sometimes collect your Protected Health Information (“PHI”) as defined under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). We describe our protection and security of your PHI in the HIPAA Notice of Privacy Practices. Please read the HIPAA Notice of Privacy Practices to ensure you understand how we protect the PHI you provide to us.
B. Information We Automatically Collect from You
- Your use of the Online Services
Cookies are small data files that are transferred to your computer’s hard disk and are used to store information about website visits, preferences, and enhances website functionality. Most browsers provide you with the ability to block, delete, or disable cookies, and your mobile device may allow you to disable transmission of unique identifiers and location data. If you choose to reject cookies or block device identifiers, some features of the Online Services may not be available, or some functionality may be limited or unavailable. Please review the help pages of your browser or mobile device for assistance with changing your settings.
Most browsers provide you with the ability to block, delete, or disable cookies, and your mobile device may allow you to disable transmission of unique identifiers and location data. If you choose to reject cookies or block device identifiers, some features of the Online Services may not be available, or some functionality may be limited or unavailable. Please review the help pages of your browser or mobile device for assistance with changing your settings.
If you share location-based information, we may use the information together with Your Information to improve your overall experience with the Online Services. When you access the Online Services on your mobile device, we may obtain information from your mobile device. Certain features may require our collection of the phone number of your mobile device. Most mobile devices provide users with the ability to disable location services. These controls are usually located in the mobile device's settings menu. If you have questions about how to disable your mobile device’s location services, we recommend you contact your mobile provider or your mobile device manufacturer.
To improve your experience with the Online Services, we automatically record information including your Internet Protocol address (“IP Address”), browser type, referring URLs (e.g., the site you visited before coming to the Online Services), domain names associated with your internet service provider, information on your interaction with the Online Services, and other such information (collectively, “Log File Information”). We routinely gather and use aggregated Log File Information to analyze trends, administer the Online Services, track users’ movement, and improve the overall use of the Online Services.
C. Do Not Track
To help improve the quality of your online experience, we do not respond to Do Not Track (“DNT”) signals sent to us by your browser at this time.
2. How We Use Your Information
To provide user-friendly Online Services, we may use or disclose Your Information for the following purposes:
3. Disclosure of Your Information
We will not disclose Your Information except as set forth in this Notice or with your consent. This section describes to whom we disclose Your Information and for what purposes:
Our Service Providers. We employ service providers to perform tasks on our behalf and to assist in providing user-friendly Online Services. For example, we engage third parties to provide audit, legal, operational, or other services for us. We take commercially reasonable steps to help ensure our service providers provide at least the same level of protection for Your Information as we do.
Companies Involved in Mergers and Acquisitions Transactions. If we sell or otherwise transfer part or the whole of our business or assets to another organization (e.g., in the course of a transaction like a merger, acquisition, bankruptcy, dissolution, or liquidation), any information collected through the Online Services, including personal information, may be among the items sold or transferred.
Law Enforcement, Government Agencies, and Courts. We may disclose Your Information at the request of law enforcement or government agencies; in response to subpoenas, court orders, or other legal process; to establish, protect, or exercise our rights; to defend against a legal claim; to protect the rights, property, or safety of any other person; or as otherwise required by law.
We may use and share non-personal information (i.e. non-identifiable information that cannot be used to identify you) for any lawful business purpose, including improving the Online Services. We may use your personal information to generate non-personal information, which cannot be used to identify you. We may also disclose non-personal information collected from users to investors or other third parties.
4. Protection of Your Information
The Online Services have security measures in place to help protect against the loss, misuse, or alteration of Your Information under our control. We use commercially reasonable safeguards, such as industry-standard encryption technology, to help keep Your Information collected through the Online Services secure.
Despite these efforts to store Your Information in a secure operating environment, we cannot guarantee the security of Your Information during its transmission or its storage on our systems. Although we strive to securely store Your Information, we cannot guarantee that our security measures will prevent third parties such as hackers from illegally obtaining access to Your Information. We do not represent or warrant that Your Information will be protected against, loss, misuse, or alteration by third parties. If you have any questions or concerns related to the protection of Your Information, you may contact us via the contact information identified in Section 11 (How to Contact Us) below.
5. Accessing, Updating, or Deleting Your Information
If Your Information changes, or if you no longer want to receive information from us beyond information related to our services, you can correct, update, or remove Your Information. If you would like to otherwise access, update, or delete Your Information related to you, you may submit a request via the contact information listed in Section 11 (How to Contact Us) below. We will promptly review all such requests in accordance with applicable law.
In certain circumstances, we may not be able to completely remove your information from our systems. For example, we may retain your personal information for legitimate business purposes, our customer requirements, or your health care provider’s requirements, or if it may be necessary to prevent fraud or future abuse, for account recovery purposes, if required by law, or as retained in our data backup systems or cached or archived pages.
6. Opting Out of Receiving Electronic Communications
If you make a request to receive information in an ongoing manner through the Online Services by providing your e-mail address or we send you information about the Online Services, you may choose to stop receiving communications from us by following the opt-out instructions that will be included in all communications we may send you. Please note that certain communications are necessary for the proper functioning and use of the Online Services and you may not have the ability to opt out of those communications.
7. Personal Information Transferred from the U.S.
The Online Services are hosted in the United States and are governed by United States law. If you are using the Online Services from outside the United States, please be aware that your information may be transferred and stored in the United States where our servers are located, and our central database is operated. The data protection and other laws of the United States and other countries might not be as comprehensive as those in your country. By using the Online Services, you consent to your information being transferred to our facilities and to the facilities of those third parties with whom we share it as described in this Notice.
8. Children’s Privacy
To maintain the security and safety of the Online Services, the Online Services are not for use by children under the age of thirteen. If you use the Online Services, you hereby represent and warrant that you are at least thirteen years of age. If we believe a user is under the age of thirteen, we will delete the user’s information from our online database.
9. Non-Controlled Websites
We are not responsible for the practices employed by any other organizations’ websites or services linked to or from our Online Services, including the information or content contained therein. A link to another organization’s website should not be construed as an endorsement. While we expect our affiliates and vendors to respect the privacy of our users, we cannot be responsible for the actions of other organizations. WE ENCOURAGE YOU TO READ AND ASK QUESTIONS OF OTHER ORGANIZATIONS BEFORE YOU PROVIDE THEM YOUR INFORMATION.
10. Changes to the Notice
We may revise and update this Notice from time to time, so please review this Notice periodically. If we make a change to this Notice that, in our sole discretion, is material, we will notify you as appropriate under the circumstances. Unless otherwise indicated, any changes to this Notice will apply immediately upon posting to the Online Services.
11. How to Contact Us
If you have any questions about this Notice, please contact us at:
CommonSpirit Health Privacy Officer
Email: [email protected]