Patient Privacy

LAST UPDATED: May 21, 2015

Privacy Policy for the HepCure Platform The Mount Sinai Hospital and Icahn School of Medicine at Mount Sinai (together, “Mount Sinai,” “us” or “we”) is concerned about privacy issues and wants you to be familiar with how we collect, use and disclose information. This Privacy Policy describes our practices in connection with information that we collect through the general HepCure website, currently located at http://www.hepcure.org (and not the provider HepCure website, currently located at https://providers.hepcure.org) (together with any materials and services available therein, and successor site(s) thereto, the “Site”), and through the HepCure application (together with any materials and services available in connection therewith, and successor application(s) thereto, the “App”). The Site and the App are referred to collectively herein as the “Platform.” By downloading, accessing or using the Platform, or providing information to us in connection with the Platform, you acknowledge that we may use and disclose such information in accordance with this Privacy Policy. If you object or do not consent to our use and disclosure of such information in accordance with this Privacy Policy, please do not provide such information on or through the Platform (which may mean that you will be unable to use the Platform).

THIS PRIVACY POLICY DOES NOT ADDRESS, AND WE ARE NOT RESPONSIBLE FOR, THE PRIVACY, INFORMATION OR OTHER PRACTICES OF ANY THIRD PARTY, INCLUDING ANY THIRD-PARTY SERVICE PROVIDERS, BUSINESS PARTNERS, AND ANY OTHER THIRD PARTY OPERATING ANY SOFTWARE APPLICATION OR WEBSITE TO WHICH THE PLATFORM CONTAINS A LINK. THE INCLUSION OF A LINK ON THE PLATFORM DOES NOT IMPLY ENDORSEMENT BY US OF THE LINKED SOFTWARE APPLICATION OR WEBSITE.

JURISDICTIONAL ISSUES

The Platform is controlled by us from the United States; accordingly, this Privacy Policy, and our collection, use and disclosure of your information, is governed by U.S. law, and not by the laws of any country, territory or jurisdiction other than the United States. We do not represent or warrant that the Platform, or any functionality or feature thereof, is appropriate or available for use in any particular jurisdiction. Those who choose to download, access or use the Platform do so on their own initiative and at their own risk, and are responsible for complying with all local laws, rules and regulations. By downloading, accessing, using or submitting any information to the Platform, users from outside the United States acknowledge that the Platform is subject to U.S. law, and consent to the transfer of their information to the United States and any other jurisdiction, which may provide a different level of data security than in their country of residence, and waive any claims that may arise under the laws of any country other than the United States.

PERSONAL INFORMATION

Personal Information We May Collect

Personal Information” is information that identifies someone as an individual. In addition to Personal Information, Other Information (as defined below) may be collected in connection with the Platform; the collection, use and disclosure of Other Information is addressed separately below, under the heading “OTHER INFORMATION”

We and our third-party service providers may collect the following Personal Information:

  • Name.
  • Date of birth.
  • Physical and mailing addresses.
  • Telephone number.
  • E-mail address.
  • Other personally identifiable information (including personally identifiable information contained within files or video and certain of your health information, if provided by you) about you and third parties that you may choose to transmit or otherwise make available through the Platform to Mount Sinai and/or its third-party service providers and business partners, including by completing profile forms, completing applications, questionnaires or similar documents, communicating with customer service personnel, and otherwise interacting with Mount Sinai and its third-party service providers and business partners.

Certain Personal Information is voluntary and not required to access or use the Platform; other Personal Information may be mandatory and required to access or use the Platform or certain portions of the Platform.

IF YOU SUBMIT ANY PERSONAL INFORMATION OF OR RELATING TO A THIRD PARTY TO US OR OUR THIRD-PARTY SERVICE PROVIDERS OR BUSINESS PARTNERS IN CONNECTION WITH THE PLATFORM, YOU REPRESENT THAT YOU HAVE THE AUTHORITY TO DO SO AND TO PERMIT US TO USE AND DISCLOSUE SUCH INFORMATION IN ACCORDANCE WITH THIS PRIVACY POLICY.

How We May Use Personal Information

We and our third-party service providers may use Personal Information:

  • To respond to your inquiries and fulfill your requests, such as to send notifications to you, complete your transactions and otherwise operate the Platform.
  • To send administrative information to you, including information regarding the Platform and changes to our terms, conditions and policies.
  • To allow you to send and receive messages (including files, video and text messages) to and from other individuals, through or in connection with the Platform, and to send and receive such messages on your behalf.
  • To help us improve your experience, including by learning more about your preferences to help personalize your experience with us.
  • For our business purposes, such as quality assessment, data analysis, audits, developing new products and services, improving the Platform, identifying usage trends and determining the effectiveness of our promotional campaigns.
  • To protect the security or integrity of our businesses and online properties, including the Platform.
  • As we believe to be necessary or appropriate: (a) under applicable law, including laws outside your country of residence; (b) to comply with legal process; (c) to respond to requests from public or government authorities, including public or government authorities outside your country of residence; (d) to enforce our terms and conditions; (e) to protect our operations or those of any of our affiliates; (f) to protect our rights, privacy, safety or property, or that of our affiliates, service providers, members, you or others, including through credit-fraud protection and risk reduction; (g) at our discretion ny-1180765 2 under emergency circumstances, to notify emergency services or your family members, personal representative or other individuals involved in your care of your location and condition; or (h) to allow us to pursue available remedies or limit the damages that we may sustain.

How Personal Information May Be Disclosed

Your Personal Information may be disclosed:

  • To our third-party service providers that may provide services such as hosting of the Site, providing the App for download, data analysis, IT services and infrastructure, customer service, e-mail delivery, auditing, information and identity verification and other similar services. Any such disclosures will always be subject to confidentiality obligations so that your information may not be used or further disclosed in a manner inconsistent with this Privacy Policy or applicable law.
  • To identify you to anyone to whom you send information or messages(including files, video and text messages) through or in connection with the Platform, including messages that we may send on your behalf.
  • By you, through messages (including files, video and text messages), profile pages, user directories and other functionality with which you are able to share or post information and materials. We are not responsible for such recording, access, use, alteration, manipulation or disclosure. We urge you to be very careful when deciding to disclose your Personal Information, or any other information, in connection with the Platform.
  • To our affiliates, for all uses permitted under this Privacy Policy, unless you opt-out in accordance with the “CHOICES AND ACCESS” section below.
  • To a third party in the event personal information is transferred or made available to such third party in connection with any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock (including in connection with any bankruptcy or similar proceeding).
  • As we believe to be necessary or appropriate: (a) under applicable law, including laws outside your country of residence; (b) to comply with legal process; (c) to respond to requests from public or government authorities, including public or government authorities outside your country of residence; (d) to enforce our terms and conditions; (e) to protect our operations or those of any of our affiliates; (f) to protect our rights, privacy, safety or property, or that of our affiliates, service providers, members, you or others, including through credit-fraud protection and risk reduction; (g) at our discretion under emergency circumstances, to notify emergency services or your family members, personal representative or other individuals involved in your care of your location and condition; or (h) to allow us to pursue available remedies or limit the damages that we may sustain.

OTHER INFORMATION

Other Information We May Collect

Other Information” is any information that does not reveal a person’s specific identity, such as:

  • Browser information.
  • Server log files.
  • Technical information about your device and Internet connection.
  • Statistics concerning messages (including files, video and text messages) sent or received through the Platform, such as the length of such messages, the IP Addresses involved and other technical parameters.
  • Information collected through cookies, pixel tags and other technologies.
  • Physical location information.
  • Demographic information.
  • Aggregated information.

How We May Collect Other Information

We and our third-party service providers may collect Other Information in a variety of ways, including:

  • Through server log files: Your “IP Address” is a number that is automatically assigned to the device that you are using by your Internet Service Provider (ISP). An IP Address is identified and logged automatically in our server log files whenever a user uses the Platform, along with the time of the use and the pages or areas visited within the Platform. Collecting IP Addresses is standard practice on the Internet and is done automatically by many websites and applications. We and our third-party service providers use IP Addresses for purposes such as helping to calculate usage levels of the Platform, diagnose server problems and administer the Platform.
  • Through your browser or device: Certain information is collected automatically through your device, such as your operating system name and version, device manufacturer, device identity and model, language, and the name and version of the software application you are using.
  • Device location information: We may collect the physical location of your device by, for example, using satellite, cell phone tower, your IP Address or WiFi signals. We may use your device’s physical location to provide you with personalized location-based services and content. In some instances, you may be permitted to allow or deny such uses and/or sharing of your device’s location, but if you choose to deny such uses and/or sharing, we and/or our marketing partners may not be able to provide you with the applicable personalized services and content.
  • Using cookies: Cookies allow a server to transfer data to a device for recordkeeping and other purposes. We and our third-party service providers use cookies and other technologies to, among other things, better serve you with more tailored information and facilitate your ongoing access to and use of the Platform, as well as for online tracking purposes. If you do not want information collected through the use of cookies, there is a simple procedure in most devices that allows you to decline the use of cookies. To learn more about cookies, please visit http://www.allaboutcookies.org/. If you choose to decline cookies, some or all of the features, functionality and promotions available through the Platform may not be available to you.
  • Using pixel tags and other similar technologies: Pixel tags (also known as web beacons and clear GIFs) and other similar technologies may be used in connection with some pages and areas of the Platform and HTML-formatted e-mail messages to, among other things, track the actions of users of the Platform and e-mail recipients, measure the success of our marketing campaigns and compile statistics about usage and response rates of the Platform.
  • From you: We may collect demographic information such as, for example, your age, occupation and family status, as well as other information when you voluntarily provide such information to us. We may also collect such information about you from third parties. Unless combined with Personal Information, this information does not personally identify you or any other user of the Platform.
  • By aggregating information: Aggregated Personal Information does not personally identify you or any other user of the Platform. For example, we may aggregate Personal Information to calculate the percentage of our users who have attended a particular event.

How We May Use and Disclose Other Information

Because Other Information does not personally identify you, we may use and disclose Other Information for any purpose. In some instances, we may combine Other Information with Personal Information (such as combining your zip code with your name). If we combine any Other Information with Personal Information, the combined information will be treated by us as Personal Information as long as it is so combined.

SECURITY

We seek to use reasonable organizational, technical and administrative measures to protect Personal Information under our control. Unfortunately, no data transmission over the Internet or data storage system is guaranteed to be 100% secure. Please also be aware that we may use third-party cloud service providers that provide hosting, data storage and other services pursuant to standard terms and conditions; accordingly, we conduct reasonable due diligence on such service providers and seek to require them to protect Personal Information. We cannot, however, be ultimately responsible for the data security measures of any third parties If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of any account you might have with us has been compromised), please immediately notify us of the problem by contacting us in accordance with the “CONTACTING US” section below.

HOW YOU CAN ACCESS YOUR PERSONAL INFORMATION

If you would like to review or update your Personal Information that has been previously provided to us, you may do so by logging into your account within the Platform, or, for certain Personal Information that is not reviewable through the Platform, you may contact us in accordance with the “CONTACTING US” section below. We will try to comply with your request to update your Personal Information as soon as reasonably practicable. We are not responsible for changing information from the databases of third parties with whom we have already shared your Personal Information.

RETENTION PERIOD

We will retain your Personal Information for the period necessary to fulfill the purposes outlined in this Privacy Policy unless a longer retention period is required or allowed by law.

UPDATES TO THIS PRIVACY POLICY

We may change this Privacy Policy. Please review the “LAST UPDATED” legend at the top of this page to determine when this Privacy Policy was last revised. Any changes to this Privacy Policy will become effective when we post the revised Privacy Policy on the Services. Your use of the Platform following these changes means that you accept the revised Privacy Policy.

CONTACTING US

If you have any questions about this Privacy Policy, please contact us by email at hepcure@mountsinai.org or by mail at: Ponni Perumalswami, 1 Gustave Levy Pl, New York, New York 10029. Please note that information you submit through e-mail may not be secure; so please do not include financial information or other sensitive information in your messages to us.