Last Updated August 15, 2022
It does not apply to information collected by:
Table of Contents
The goal of the HSS Sites is
We may collect several types of information from and about users of our HSS Sites, specifically information:
We may collect this information:
Information that We Collect Automatically. Each time a user comes to or uses our HSS Sites, we automatically collect some information to help us assess what users wish to know. We collect a user’s IP address(es) and the types of domains from which the user visits the HSS Sites (for example, whether the user logged on from a .com, .gov, .edu, or other domain), referral data (for example, the address of the last URL a user visited prior to clicking through to the HSS Sites), browser and platform type (for example, a Microsoft browser or an Apple platform), and information regarding how frequently our users request or indicate an interest in certain types of information on our HSS Sites. We collect this information to improve our content and keep it in line with the needs of our users. We will use this information to direct our efforts to better meet the needs of our users, by analyzing how often users are accessing certain features of the HSS Sites.
Information that You Provide to Us. Our HSS Sites may also collect Personal Information about you that you provide to us and/or Personal Information, including health and demographic information, we may gather in preparation for, at or in relation to your visiting our facilities, including medical facilities. We use that Personal Information for the purpose of providing information, services, or materials to you that you have requested, unless you specifically consent to (or, if required by applicable law, authorize in writing) other uses of your information. If you register at any of the HSS Sites in order to use special services for registered users only, we will require that you provide your name and e-mail address, and may also require that you provide additional information, such as your address, and indicate your affiliation with HSS. We use this information to improve your experience at the HSS Sites and to enable you to maintain and gain access to your specially personalized areas of the HSS Sites. We share your Personal Information with authorized HSS employees and staff, health care providers affiliated with HSS, certain third-party vendors who provide services to HSS (as described more fully below), and other third-parties as required by applicable law. We do not otherwise share your Personal Information without your consent (or, if required by applicable law, written authorization). If you are using our HSS Sites to register and pay for an educational program, please read “Registration for Education Institute Programs Through Eventbrite® or HSS eAcademy® below. If you are using the HSS Sites to make a charitable donation to HSS, please read “Giving to HSS - Online Donations” below.
Health Information, including COVID-19 Information
As mentioned above, our collection of Personal Information may include our collection of your health information, including, but not limited to, COVID-19 historical or current symptoms, diagnosis, testing, and/or vaccination status, to the extent such information becomes part of your EMR at any time when you are under the care of a healthcare provider at HSS (which may include your provision of such information in advance of an appointment), or if you otherwise provide such information to us through the MyHSS Portal or MyHSS App. The MyHSS Portal and the MyHSS App both give you the ability to view and share health information which is stored in the EMR, communicate with your healthcare providers, schedule appointments, learn about health and wellness, and other related activities.
We may use information that we collect about you or that you provide to us, including any Personal Information:
We may also use your information to contact you about goods and services that may be of interest to you, including through newsletters that you request. If you wish to opt-out of receiving such communications, you may do so at any time by clicking unsubscribe at the bottom of these communications.
Additional Information About Our Android and Apple Mobile Applications
If you choose to add a profile photo to our Applications, you may select an existing photo on your device or take a new photo using the camera app on your device. If you select an existing photo on your device, we store a copy of your chosen photo in app-private storage on your device. If you use the camera app on your device to take a new photo, the photo you take is first saved to your camera app and then also saved to app-private storage on your device. If you remove the photo from your profile or delete our Applications, the copy of the photo is deleted from the app-private storage, but the photo saved to your camera app remains available in your camera app until you choose to delete it.
When you choose to use Apple’s HealthKit or Google Fit, we create encrypted identifiers to identify recipients of your Apple’s HealthKit or Google Fit data and store them on your device in app-private storage. If you choose to stop using Apple HealthKit or Google Fit or delete our Applications, the identifiers are deleted.
When you choose to view documents from your healthcare provider at HSS (such as letters or images) using our Applications, to make the files viewable for you we temporarily store copies on your device in app-private storage. The temporary copies are deleted when you close your session on our Applications.
If you enable automatic appointment arrival, we temporarily store identifiers and times for your upcoming appointments in app-private storage to detect when you arrive for an upcoming appointment. If you choose to stop using our Applications or you disable automatic appointment arrival, the identifiers are deleted.
We may provide functionality that offers location-based check in for in-person appointments, or allows you to find healthcare providers near you. You may choose to allow our Applications to interact with your location data for those purposes. We do not store your location data.
If we allow you to notify front desk staff electronically when you arrive for an appointment, you may choose to allow our Application to interact with your Bluetooth data for this purpose. We do not store your Bluetooth data.
While you use our Applications, we collect non-identifying information so we can provide customer service to you and understand how people use our Applications so we can improve our products. This information includes the time you began using the Application, any error messages or codes, the model of device used and its operating system, and the version of our Application used. If you use Android devices, we also collect your connection type (cellular or WiFi) during an error.
You may contact us through the methods listed under “Contact Us” below. If you contact us, we may keep a record of the communication. You can decide how much information you want to share with us in those cases.
Our Applications interact with your microphone only if you choose to use your microphone to navigate our Applications. Our Applications interact with your camera roll only if you choose to add a profile photo to a profile in our Applications.
Our Applications were not created specifically for the COVID-19 pandemic. They existed before the COVID-19 pandemic to allow you to access your health information on file with HSS. We may allow you to access COVID-19-related vaccination information, laboratory test results, and documents with illness-related information using our Applications. You may choose if or how you want to access, display, or use the information – just like you can make those decisions about health information relating to other conditions, services, tests, or vaccinations.
We may allow you to use our Applications to conduct telehealth appointments with your healthcare providers at HSS. Our Applications only provide the technical support for those appointments to happen. We do not interact with any health information about you exchanged during any telehealth appointments.
We may also disclose your Personal Information:
Instances when we collect Personal Information from you through the HSS Sites, and how we may use and/or disclose that information in those instances, include, without limitation:
Strictly Necessary Cookies: These cookies would be necessary for our HSS Sites to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the HSS Site will not then work.
Performance Cookies: These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our HSS Sites. They help us to know which pages are the most and least popular and see how visitors move around the HSS Sites. These cookies collect and aggregate data. If you do not allow these cookies we will not know when you have visited our Sites, and will not be able to monitor its performance.
Advertising Cookies: These cookies may be set through our HSS Sites by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.
If you would like to review the Personal Information collected about you through our HSS Sites, you may contact us at the contact information provided below (“Contact Us”).
Any e-mail that you receive from the HSS Sites will also offer the option of removing your name and e-mail address from our mailing lists. If you would like to advise us of changes required in the Personal Information that you have submitted through the HSS Sites, or to remove your e-mail address from any e-mail services on this site to which you have subscribed, you may contact us at the contact information provided below (“Contact Us”).
Protecting the privacy of children is important to HSS. We do not knowingly collect information provided by children under the age of eighteen (18) years of age through our HSS Sites without verified parental consent.
The HSS Sites use a variety of measures to maintain the security of your Personal Information. Protocols have been developed to comply with the security requirements of government agencies and commercial organizations.
We take steps to help protect the integrity of any credit card information you submit to and through the HSS Sites. As noted above, we use third parties to facilitate confidential online business transactions, which includes, without limitation, billing and collecting for healthcare services you receive, enrollment in Education Institute programs, and making charitable online donations. When linking through the HSS Sites, your credit card information is encrypted using secure socket layer (SSL) technology and sent to the applicable third party server. The third party uses security technologies to facilitate secure on-line transactions and to protect your credit card information when it transfers it to the appropriate financial institutions. In some cases, HSS may have access to information maintained by the third party. In such instances, access to the third party database by designated HSS employees and officers is limited to those with a need to know such information, through the use of restricted passwords.
Although we make efforts to preserve user privacy, we may need to disclose Personal Information when required by law or when we have a good faith belief that such action is necessary to comply with a judicial proceeding, a court order, or other legal process. In addition, we reserve the right to report to law enforcement agencies any activities that we reasonably believe to be unlawful, and to release to such agencies information about users of the HSS Sites who we reasonably believe to be engaged in or involved with such activities.
Finally, in the event that HSS is (or all or substantially all of our assets are) acquired by a third-party, merges or affiliates with a third-party, or is bankrupt or ceases operations and dissolves, you should expect that any information you submitted through the HSS Sites may be disclosed to a third-party in connection with such business transaction, and will be transferred to a third-party.