This website should NOT be used in urgent or emergency medical situations. If you have a medical emergency, call 911 immediately.

Effective Date: 4/1/2020

This Privacy Policy applies to the website or mobile application that is linked to this Privacy Policy (a “Service” or the “Services”) and that are provided by Deborah Heart and Lung Center (“we,” “us,” or “our”).

IMPORTANT NOTE: This Privacy Policy applies to individually identifiable information that you provide to us for purposes of obtaining medical care through the Services (such information is also referred to as “Protected Health Information” or “PHI”), which is subject to our Health Insurance Portability and Accountability Act Notice of Privacy Practices (the “HIPAA Notice”), and information that is not PHI. The HIPAA Notice describes how we can use and share your PHI and also describes your rights with respect to your PHI. This Privacy Policy supplements the HIPAA Notice for PHI. If there is ever any conflict between this Privacy Policy and the HIPAA Notice, the HIPAA Notice will apply. The HIPAA Notice does not apply to information that is not PHI.

Deborah Heart and Lung Center’s Notice of Privacy Practices is a separate document that governs how medical information about you may be used and disclosed by Deborah Heart and Lung Center.

I. Collection of Information

We may collect the following kinds of information when you use a Service:

Information you provide directly to us.

For certain Services or activities, such as when you register with a Service, subscribe to our alerts, or contact us directly, we may collect some or all of the following types of information:

• Contact information, such as your full name, email address, mobile phone number, and address;
• Username and password;
• Payment information, such as your credit card number, expiration date, and credit card security code;
• Personal health information, including information about your diagnosis, previous treatments, general health, and health insurance;
• Doctor reviews; and
• Any other information you provide to us.

You should not use these “Contact Us” forms for urgent or emergency questions or questions of a medical nature. Using these “Contact Us” forms does not constitute or create a doctor-patient relationship between us and any recipient. You should not send us any confidential or sensitive information for physicians in the “Contact Us” forms. Whatever you disclose to us in that manner will not be privileged or confidential.

Information we collect automatically.

We may collect certain information automatically when you use the Services, such as your computer’s Internet protocol (IP) address, device and advertising identifiers, browser type, operating system, Internet service provider, pages that you visit before and after using the Services, the date and time of your visit, information about the links you click and pages you view within the Services, and other standard server log information. We may also collect certain location information when you use the Services, such as your mobile device’s GPS signal, or information about nearby WiFi access points and cell towers.

We may use cookies, pixel tags, Local Shared Objects, and similar technologies to automatically collect this information. Cookies are small bits of information that are stored by your computer’s web browser. Pixel tags are very small images or small pieces of data embedded in images, also known as “web beacons” or “clear GIFs,” that can recognize cookies, the time and date a page is viewed, a description of the page where the pixel tag is placed, and similar information from your computer or device. By using the Services, you consent to our use of cookies and similar technologies.

We may also collect technical data to address and fix technical problems and improve the Services. Your device or browser settings may permit you to control the collection of this technical data. By using the Services, you are consenting to us or any party acting on our behalf collecting this technical data.

Information from Third-Party Services.

If you access the Services from an advertisement on a third-party website, application, or other service (a “Third-Party Service”) we may receive information from the owner of the Third-Party Service related to you or that advertisement.

Information we obtain from your health care providers and other sources.

In connection with Services that involve medical treatment, we may collect medical records from your past, current, and future health care providers. This may include information about your diagnosis, previous treatments, general health, laboratory and pathology test results and reports, social histories, any family history of illness, and records about phone calls and emails related to your illness.

We may also receive information about you from other sources, including through third-party services and organizations. We may combine our first-party data, such as your email address or name, with third-party data from other sources and use this to contact you (e.g. through direct mail). For example, if you access third-party services, such as Facebook, Google, or Twitter, through the Services to login to the Services or to share information about your experience on the Services with others, we may collect information from these third-party services.

II. Use of Information

We may use the information we collect online to:

• Provide and improve the Services;
• Contact you;
• Fulfill your requests for products, services, and information;
• Send you information about additional clinical services or general wellness from us or on behalf of our affiliates;
• Analyze the use of the Services and user data to understand and improve the Services;
• Conduct research using your information, which may be subject to your separate written authorization;
• Prevent potentially prohibited or illegal activities and otherwise in accordance with our Terms of Use; and
• For any other purposes disclosed to you at the time we collect your information or pursuant to your consent.

III. Sharing of Information

We are committed to maintaining your trust, and we want you to understand when and with whom we may share the information we collect.

• Authorized third-party vendors and service providers. We may share your information with third-party vendors and service providers that help us with specialized services, including billing, payment processing, providing medical advice for telemedicine services, management and hosting of telemedicine services, customer service, email deployment, business analytics, marketing (including but not limited to advertising, attribution, deep-linking, direct mail, mobile marketing, optimization and retargeting) advertising, performance monitoring, hosting, and data processing. These third-party vendors and service providers may not use your information for purposes other than those related to the services they are providing to us.• Corporate affiliates. We may share your information with Deborah Hospital Foundation, our fund-raising affiliate.
• Legal purposes. We may disclose information to respond to subpoenas, court orders, legal process, law enforcement requests, legal claims or government inquiries, and to protect and defend the rights, interests, health, safety, and security of Deborah Heart and Lung Center.
• Business Transfers. HIPAA permits organizations to transfer PHI in certain circumstances. We can transfer your information as part of a transfer of the assets of the organization, merger, or consolidation or in the unlikely event of bankruptcy, if such transfer is permissible under HIPAA and the HIPAA Notice.
• Protected Health Information. We may transfer your PHI as described in the HIPAA Notice and permitted under HIPAA.
• With your consent or at your direction. We may share information for any other purposes disclosed to you at the time we collect the information or pursuant to your consent or direction. If you choose to engage in public activities on the third party sites that we link to, you should be aware that any information you share there can be read, collected, or used by other users of these sites and forums. You should use caution in disclosing personal information while participating in these areas. We are not responsible for the information you choose to submit in public areas. No information provided by patients during medical consultations or requests for medical appointments is ever used for marketing purposes.

IV. Security

We use measures to protect Protected Health Information from loss, theft, misuse, and unauthorized access, disclosure, alteration, and destruction in accordance with HIPAA. We use measures designed to protect other information from loss, theft, misuse, and unauthorized access, disclosure, alteration, and destruction. You should understand that no data storage system or transmission of data over the Internet or any other public network can be guaranteed to be 100 percent secure.

We do not share Protected Health Information with third parties for their own direct marketing purposes.

V. Third-party Links and Content

Some of the Services may contain links to content maintained by third parties that we do not control. We are not responsible for the privacy practices of these third parties, and the information practices of these third parties are not covered by this Privacy Policy.

Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of our Service in order to help us better monitor and manage our services.

For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page: https://policies.google.com/privacy.

VI. International Users

We maintain information in the United States of America and in accordance with the laws of the United States, which may not provide the same level of protection as the laws in your jurisdiction. By using the Services and providing us with information, you understand and agree that your information may be transferred to and stored on servers located outside your resident jurisdiction and, to the extent you are a resident of a country other than the United States, that you consent to the transfer of such data to the United States for processing by us in accordance with this Privacy Policy.

VII. Children

We do not knowingly allow individuals under the age of 18 to create accounts that allow access to our Services.

VIII. Changes to the Privacy Policy

We may update this Privacy Policy from time to time. When we update the Privacy Policy, we will revise the “Effective Date” date above and post the new Privacy Policy. We recommend that you review the Privacy Policy each time you visit the Services to stay informed of our privacy practices.

IX. Questions?

If you have any questions about this Privacy Policy or our practices, please email us at WebsitePrivacy@deborah.org