Note: This policy relates specifically to our website. For HIPAA Notice of Privacy Practices, please visit this page.
The websites and services provided through the website (this “Site”) are provided by Hospital Sisters Health System and its affiliates (“We,” “Us” or “Our”). You (“You” or “Your”) have a limited right to access and use the Site for Your noncommercial, personal use and information only.
What Information Do We Collect?
Information that You provide to Us. For example, You provide information when you:
- Fill out forms on the Site
- Provide information to open an account
- Communicate with us by phone, email or chat
- Respond to surveys.
Some areas of the Site are available without opening an account. Other areas of the Site cannot be accessed without registering, which requires you to provide personal information to us. This personal information may include your:
- Phone number
- e-mail address
- Information pertaining to Your health
- Information related to Your employment or affiliation with Us
- Other demographic information, such as
- Your ZIP code
- Preferences, interests and favorites.
Information about Your visit to the Site.
For example, we may collect:
- Information about the network You use to access the Internet, such as the domain and the host information.
- Information about computer or mobile device that you are using, including the IP address, location data, browser, and operating system.
- Information about which pages on our Site you visit.
How We Use Information
We do not sell or license your information. We use the information You provide and We collect to:
- Operate the Site
- Provide the services You request.
- Administer the Site and diagnose problems with Our server and networks;
- Verify Your identity;
- Provide You with information about the Site;
- Measure the number of visitors to the Site and how the Site is used in order to make the Site as useful as possible to Our visitors;
- Deliver customized content and advertising to You;
- Provide authorities or relevant individuals with information related to the Site as required by law; and
- Fulfill any other purpose for which You provide information.
These are the limited ways we interact with your information in connection with our mobile applications:
- When you choose to add a profile photo to our mobile applications, you may select an existing photo on your device or take a new photo using the camera app on your device. If you select an existing photo on your device, we store a copy of your chosen photo in app-private storage on your device. If you use the camera app on your device to take a new photo, the photo you take is first saved to your camera app and then also saved to app-private storage on your device. If you remove the photo from your profile or delete our mobile apps, the copy of the photo is deleted from the app-private storage, but the photo saved to your camera app remains available in your camera app until you choose to delete it. If you already have a photo stored in your profile through your healthcare organization – we do not interact with that photo in any way.
- When you choose to use Apple’s HealthKit or Google Fit, we create encrypted identifiers to identify recipients of your Apple’s HealthKit or Google Fit data and store them on your device in app-private storage. If you choose to stop using Apple HealthKit or Google Fit or delete our mobile apps, the identifiers are deleted.
- When you choose to view documents from your healthcare organization (such as letters or images) using our mobile apps, to make the files viewable for you we temporarily store copies on your device in app-private storage. The temporary copies are deleted when you close your session on our mobile apps.
- If your healthcare organization offers automatic appointment arrival and you choose to enable it, we temporarily store identifiers and times for your upcoming appointments in app-private storage to detect when you arrive for an upcoming appointment. If you choose to stop using our mobile apps or you disable automatic appointment arrival, the identifiers are deleted.
- If your healthcare organization offers location-based check in for in-person appointments, or allows you to find healthcare providers near you, you may choose to allow our mobile apps to interact with your location data for those purposes. We do not store your location data.
- If your healthcare organization allows you to notify front desk staff electronically when you arrive for an appointment, you may choose to allow our mobile apps to interact with your Bluetooth data for this purpose. We do not store your Bluetooth data.
- While you use our apps, we collect non-identifying information so we can provide customer service to you or your healthcare organization and understand how people use our mobile apps so we can improve our products. This information includes the time you began using the app, the healthcare organization you interacted with, any error messages or codes, the model of device used and its operating system, and the version of our mobile app used. If you use Android devices, we also collect your connection type (cellular or WiFi) during an error.
- You may contact us through the methods listed on Our Website. If you contact us, we may keep a record of the communication. You can decide how much information you want to share with us in those cases.
Your Healthcare Organizations
How Can We Share Information?
We do not use or disclose sensitive personal information, such as race, religion, or political affiliations, without Your express consent.
We expect that all collection, use and disclosure of Your information will occur in the United States and will be governed by United States law; however, some information may travel over the Internet outside of the United States. Even if some information does travel outside the United States, You agree that the laws of the United States will apply.
Any Other Sharing of Information?
We will not sell or rent Your information to anyone, but We may share Your basic demographic information (such as your name, IP address, and physical or email address) with others, such as Our subsidiaries, contractors, trusted partners and affiliates as necessary to operate Our business, and as permitted by law.
- If We share data with trusted partners to help Us perform statistical analysis, send You email or postal mail, provide customer support, or arrange for deliveries, such third parties are prohibited from using Your personal information except to provide these services to Us, and they are required to maintain the confidentiality of Your information.
- We do not share Your personal information with third parties for their direct marketing purposes.
What About Aggregated Data?
We may aggregate (combine) data about visitors to Our Site in a non-identifiable manner and use it for Our business purposes unrelated to Your use of the Site.
- For example, We may aggregate data for product development and improvement activities and disclose such aggregated data to third parties.
- No personally identifiable information is available or used in this process.
- We may use information You provide to promote the products or services of strategic partners, but will not directly provide Your personally identifiable information to these strategic partners for promotional purposes.
What About Governmental and Legal Disclosures?
Except as described above, We do not disclose the identities of visitors or users of the Site unless legally required to do so, or unless We believe, in good faith, that sharing is necessary:
- to protect Your safety or the safety of others,
- to protect Our rights,
- to investigate fraud, or
- to respond to a government request.
We will respond to any subpoena received from a government agency (i.e., the Securities and Exchange Commission or law enforcement agencies) without prior notice to You. Unless prohibited by law or by a valid court order, We will attempt to notify You of any subpoena received from any other party (i.e., for civil litigation) which requires Us to disclose Your identity, and will wait ten (10) days, or a lesser amount of time as required by the deadline in the subpoena, before providing the information requested by the subpoena.
What About Other Information and Websites?
We do not control these third parties' tracking technologies or how they may be used. You should review the privacy policies posted on these websites carefully before providing any information. We are not responsible for the privacy policies or the content of any other websites. If You have any questions about an advertisement or other targeted content, You should contact the responsible provider directly.
What About Do Not Track?
What About Compliance with COPPA?
The Site is not directed at children under the age of 13. We comply with the Children's Online Privacy Protection Act ("COPPA") and do not knowingly permit registration or submission of personally identifiable information by anyone under 13 years of age. This age requirement is posted each time We request personally identifiable information. If You believe information of a child under 13 has been submitted, please advise Us in writing and We will delete it.
What About International Privacy Laws?
If you are visiting our websites from outside the United States, please be aware that you are sending information (including personal data) to the United States, where our servers are located. That information may then be transferred within the United States or back out of the United States to other countries.
All data collected by through the Site will be stored exclusively in secure hosting facilities provided by Us or Our service providers. We have data processing agreements in place with Our service providers consistent with applicable privacy and data security laws.
Hospital Sisters Health System and its affiliates are located in, and provide services in, the United States, and are governed by United States law. For visitors from the European Union, countries outside of the EU (such as the United States) may not necessarily have data protection laws as comprehensive or protective as those in your country of residence. The United States has not been issued an adequacy decision finding the data privacy laws to provide an adequate level of protection, and no other basis for transfer exists. Therefore, the collection and transfer of data will occur on one of the following bases, depending on the type of transfer and the surrounding factual situation:
- The transfer is necessary for performance of a contract between you and an Hospital Sisters Health System entity. This will apply when, for example, you are buying a product or signing up for information.
- The transfer is necessary for the conclusion or performance of a contract between Hospital Sisters Health System and another person or entity, that is in your interest. This will apply when, for example, you request a product or further information from a third party through our Site.
- The transfer is necessary for the establishment, exercise, or defense of legal claims. This would apply if there developed a dispute between you and an Hospital Sisters Health System entity.
What About Marketing Use?
You agree that We can store information that You provide to us on a form and use it to assist You in making an appointment, providing other services, or for future marketing purposes.
How Secure is the Site?
The Site has security measures in place to protect against the loss, misuse or alteration of information under Our control. However, no security is perfect, and no security system can prevent all security breaches. You transmit information to Us at Your own risk. You acknowledge that the Site is not HIPAA compliant. You should not store or transmit Protected Health Information on this Site. You acknowledge and agree that the Site is not intended to provide any medical advice. We are not Your business associate under HIPAA as a result of Your use of the Site.
Can You Change this Policy?
How Can You Contact Us?
Hospital Sisters Health System
Attn: Privacy Officer
4936 Laverna Road
Springfield, Illinois 62794-9456
We will use commercially reasonable efforts to promptly respond to Your inquiry, and if necessary determine and remedy any problem.
What If My Information is Wrong?
You may write to us at the contact address above if you believe information you have submitted to us through the Site is incorrect. We may not be able to correct that information, because, for example, we did not save the information in question, or because we do not yet have a process to update the information.
Can I Get a Copy of My Information?
You may write to use at the contact address above to request a copy of the information you have submitted or We have collected about you through the Site. If we are able to collect and provide the information, we will do so. In some cases, we may not be able to collect and provide the information, because of the way the data is used and stored.