Effective Date: 12/20/2014
Changes to Our Policy
Health Insurance Portability and Accountability Act of 1996 (HIPAA)
This website’s use and disclosure of certain of your information may be subject to the requirements of the Health Insurance Portability and Accountability Act of 1996, commonly referred to as HIPAA, as amended by the Health Information Technology for Economic and Clinical Health Act (“HITECH Act”). Any information that you submit to us that constitutes “Protected Health Information,” as defined by HIPAA, is subject to HIPAA and HITECH. The term “Protected Health Information” or “PHI” refers to personally identifiable information about your past, present or future physical or mental health or condition, the provision of health care to you or the past, present or future payment for such care. If any information collected on this Website constitutes PHI, then our Notice of Privacy Practices will apply.
Information We May Collect
Non-Personally Identifiable Information
When you visit our Website, we may passively collect non-personally identifiable information about you via certain Internet technology tools. This information consists of your IP address, cookies and web beacons, as well as information regarding the type of browser and operating system that you use, along with other similar analytic data. Additionally, if you are using your mobile device to access this website, we may also obtain the location of your mobile device with your express consent.
Your “IP address” is usually associated with the network location and physical location from which you enter the Internet.
The term “cookies” refers to electronic data stored by your computer browser. The cookies enable us to facilitate your access to different aspects of the Website. For example, by showing when and how you visit our Website, cookies help us to see which pages of the Website are popular and which are not. Cookies can also help us to improve your enjoyment of this Website, for example, by remembering your address or other information when you request information or services on the Website. Most web browsers automatically accept cookies, but you can disable this function so that your browser will not accept cookies. Please be aware that if you disable this function, it may impact your use and enjoyment of the Website.
The term “web beacons” refer to Internet tools, such as transparent images on the Website or in emails that we may send to you that help us to determine, for instance, whether a page has been viewed or an email opened. For example, when you ask us to send you information on a promotion or newsletter, we may use web beacons to determine how many of the emails that we sent you were actually opened. In general, any electronic image viewed as part of a web page, including a banner ad, can contain a web beacon. These Internet technology tools allow us to track the internet browser most commonly used to access our site and the pages that are most popular, which statistics assist us in making our Website more user-friendly and accessible.
If you are on our mobile website, you will be asked whether you want us to access your geographic location based on the location of your mobile device. If you select yes, and save that setting, we will access and collect that data to be used as set forth below.
We may also ask that you participate in anonymous surveys, which allow us to collect additional data to help us improve our site. Participation in such surveys is voluntary and is not connected to any of your personal information.
We may use third party service providers to assist us in collecting and analyzing this non-personally identifiable information.
Personally Identifiable Information
We may use third party service providers to assist us in collecting and maintaining this personally identifiable information. However, we require such service providers to maintain the confidentiality of such information.
How We Use the Information We Collect
Non-Personally Identifiable Information
We use non-personally identifiable information in the aggregate to determine how much traffic the Website receives, to statistically analyze Website usage, to improve our content, and to customize the Website’s content, layout and services. In addition, we may use your IP address to help diagnose problems with our server, to manage the Website and to enhance the Website based on the usage pattern data we receive. Furthermore, if you are using our mobile website, upon you first granting us permission, we will obtain the location of your mobile device in order to allow us to provide you with information.
Personally Identifiable Information
We will use personally identifiable information for: (i) the purpose for which you provide it; (ii) as otherwise may be disclosed at the point of collection; and/or (iii) for the purposes described below. For example, we may use your contact information as provided to us, such as email address, telephone number, and/or mailing address, to contact you regarding administrative notices and communications related to your use of the Website or otherwise as you may request, such as for an employment application. As another example, we may use your financial and insurance information to process payments you request or otherwise adjust your account. We will not send you promotions or announcements unless you give us permission to do so.
We may use your personal information to provide you with certain medical content and information that we believe may be of interest or use to you and provide you with a customized experience on the Website.
In addition, we may use your personal information in the aggregate in a non-identifiable way in order to better understand the services being provided, how to improve these services and how to improve the Website. We may provide this aggregated information to third parties, but when we do so we do not provide any of your information without your express permission.
Access to Your Personally Identifiable Information
Upon written request and verification of your identity, we will provide you with your personal information in our possession as well as the personal information, if any, that we have disclosed to third parties. Requests for such information should be sent to the contact information below.
You may also update, correct, or delete your personal information in our possession by contacting us using the contact information below.
Handling of Electronic Records and Backup
In general, we will retain all information collected through the Website for, at a minimum, the length of time permitted by law. However, we will delete any personally identifiable information in our database upon your request or as otherwise required by law. We may, however, retain non-personally identifiable information indefinitely.
We maintain backup files as a protection against natural disasters, equipment failures, or other disruptions. Backup files protect you and us because they lower the risk of losing valuable data. Backup files may contain records with your personal information. Removing a record from our active files and databases does not remove that record from any backup systems. Such backup data will eventually be passively deleted as backup records are erased through the normal recycling of backup files. In the meantime, as long as backup records exist, they receive the same security protections as our other records.
Communications between your browser and portions of the Website containing personally identifiable information are protected with Secure Socket Layer (SSL) encryption. This encryption is to help protect your information while it is being transmitted. Once we receive your information we strive to maintain the physical and electronic security of your personal information using commercially reasonable efforts.
NO DATA TRANSMISSION OVER THE INTERNET OR ANY WIRELESS NETWORK CAN BE GUARANTEED TO BE PERFECTLY SECURED. AS A RESULT, WHILE WE STRIVE TO PROTECT YOUR PERSONAL INFORMATION USING COMMERICALTY AVAILABLE AND INDUSTRY STANDARD ENCRYPTION TECHNOLOGY, WE CANNOT ENSURE OR GUARANTEE THE SECURITY OF ANY INFORMATION YOU TRANSMIT TO US, AND YOU DO SO AT YOUR OWN RISK.
In the Event of a Security Breach of Your Personal Information
If we determine that your personal information has or may reasonably have been disclosed due to a security breach of our systems, we will notify you, at the contact information provided to us, in accordance with and to the extent required by applicable state and federal law.
Third Party Privacy Practices
Children under the Age of 18
No part of the Website, or any services made available through the Website, are designed or intended to attract children under the age of 18. No personal information is knowingly collected from any person under the age of 18.
Weill-Cornell Medicine & NewYork-Presbyterian Hospital Privacy Policies
To view these policies, you may click on each of the following links:
T. Sloane Guy, MD
Associate Professor of Cardiothoracic Surgery
Weill Cornell Medicine/NewYork-Presbyterian Hospital
525 East 68th Street, Suite M404
New York, NY 10065