RETINA ASSOCIATES OF WESTERN NEW YORK
HIPAA NOTICE OF PRIVACY PRACTICES
I. INFORMATION WE COLLECT
II. HOW WE USE YOUR INFORMATION
III. LINKS TO THIRD-PARTY WEBSITES AND SOCIAL MEDIA FEATURES
IV. OUR RIGHT TO CONTACT YOU
V. INFORMATION PROTECTION
VI. CONSENT TO TRANSFER
VII. UPDATING AND ACCESSING YOUR INFORMATION
VIII. CHILDREN’S INFORMATION
IX. CONSENT AND OPT-OUT
To operate our Website and provide you with access to certain services, we may collect the following types of information which are described in more detail below: (A) information you provide to us, (B) information we automatically collect, and (C) information we receive from third parties. All of the information listed in (A)-(C) above, are detailed below, and hereinafter referred to as “Information.”
A. Information You Provide To Us: You may provide your personal Information to us during your direct interactions through our Website, such as when you access various content or features, contact us directly, sign up for services, or other areas in which you otherwise interact with our Website. In using our Website, you may provide us with Information, including, without limitation:
- Your contact information including name, address, telephone number and email address;
- Information you may submit to schedule an appointment such as information about your diagnosis, date of birth, services sought, referring doctor, and patient status; and
- Any other information you provide to us.
We may combine such information with information we already have about you. We may also collect the email addresses of our visitors that we communicate with through questionnaires, surveys, email messages, social media, and other digital online features and platforms (including demographic and personal profile data).
We also use third parties to collect and process payment information or provide you access to our Patient Portal. In using those third parties, you may provide information such as credit card information and log in credentials (username and password).
B. Information We Automatically Collect:
We also collect Information about you from your visit to our Website including:
- IP address;
- Your geographic location;
- Date and time of your visit;
- Domain server;
- Type of computer, web browsers, search engine used, operating system, or platform or web browser you use;
- Data identifying the web pages you visited prior to and after visiting our Website; and/or
- Your movement and activity within the Website, which is aggregated with other information.
We use a few different technologies to collect this Information:
- Cookies. The Website may place small files, called “cookies” onto your computer. Cookies are data files that websites write onto computer hard drives for record keeping purposes when you visit them. The cookie file then identifies you as a unique user. Cookies make your use of the Website more pleasing and efficient by “personalizing” your Website experience and gathering Website statistical data, such as which parts of the Website you have previously visited, what material you downloaded, your Internet provider’s domain name and country, and the addresses of websites you visited immediately before and after our Website. They enable us to tailor the Information you receive and to assist us in identifying you as a customer or Website user. Most web browsers automatically accept cookies, unless you have configured yours not to accept them. You can program your browser not to accept cookies, but if you do, you may not be able to use certain portions of the Website and the Website will not be able to customize certain features according to your preferences.
- Web Beacons. Small graphic images or web programming code called web beacons (also known as “pixel tags” or “clear GIFs”) may be included on the pages of the Website and in email messages we send you. Web beacons or other similar technologies may be used for several purposes, such as to count visitors to the Website, monitor how you navigate the Website or to count how many particular links posted on the Website were actually viewed.
- Mobile Device Identifiers. Certain mobile service providers uniquely identify mobile devices and we and our third-party service providers may receive such device information if you access the Website through a mobile device. Certain features on the Website may require collection of mobile phone numbers and we may associate that phone number to mobile device identification information. Additionally, some mobile service providers operate systems that pinpoint the physical location of devices that use their services. Depending on the provider, we and our third-party service providers may receive this Information.
- Embedded Scripts. An embedded script is programming code designed to collect Information about your use of the Website, such as the links you click on. The code is temporarily downloaded to your computer from our web server or a third-party provider, is active only while you are connected to the Website and is deactivated or deleted once you leave the Website.
You can opt-out of having your activity on the Website made available to Google Analytics by installing the Google Analytics opt-out browser add-on (https://tools.google.com/dlpage/gaoptout) for your web browser.
- We, or third-party companies with whom we collaborate or hire to perform services on our behalf, may use your Information to text, email, or contact or share with you with information that we believe may be useful to you, such as information about products or services provided by or through us through permissible targeted advertisements or related to our Website. You may opt-out of receiving permissible targeted advertisements by using the NAI Opt-out tool available at http://optout.networkadvertising.org/?c=1.
- Some users engage a Do Not Track (DNT) setting to indicate a preference regarding tracking by advertisers and other parties. We do not respond to DNT signals.
C. Information We Receive from Third-Parties
We may collect additional Information about you from third-party websites, or sources providing publicly available information, to help maintain and support your account. We reserve the right to request any additional information necessary to establish and maintain your account for use of the services and access to the restricted areas.
D. Information We Receive from Your Health Care Providers and Other Sources
In connection with services that involve medical diagnosis and treatment, we may collect health care records from your past, current, and future health care providers. This may include information about your diagnosis, previous treatments, general health, laboratory and pathology test results and reports, social histories, any family history of illness, and records phone calls and emails related to your health status contained in your health care records.
A. Use and Purpose Of Processing Your Information
We, and through the use of third party providers, use and process your Information above for things that may include, but are not limited to, the following:
- Fulfill your requests for services and information;
- Respond to your inquiries;
- Communicate with you about our services or general information from us or on behalf of our affiliation, provided that you have not already opted-out of receiving such communications;
- Improve our Website and resolve any technical problems;
- Provide targeted advertisements to you;
- Analyze the use of the Website and Information about visitors to our Website to understand and improve our service offerings and, in accordance with our sharing policies, discussed below, to produce anonymous or aggregated data and statistics that might help third-parties develop their own products and service offerings;
- Comply with our Terms & Conditions of Use (which is available on our Website);
- Comply with any applicable laws and regulations and respond to lawful requests; and/or
- For any other purposes disclosed to you at the time we collect your Information or pursuant to your consent.
B. Lawful Basis For Processing Your Information
We believe the foregoing handling of your Information furthers our legitimate interests in commercial activities that are not overridden by the interest or fundamental rights and freedoms of the individuals at issue. We also may need to use and disclose your Information to comply with our legal obligations.
C. How Long We Keep Your Information
We generally keep Information for so long as it may be relevant to the purposes listed above, consistent with any applicable laws and agreements. To dispose of Information, we may anonymize it, delete it, or take other appropriate steps. Data may persist in copies made for backup and business continuity purposes for an additional time.
D. Sharing Your Information
- Third-Party Service Providers. In some cases we may employ third-party service providers to perform certain services on our behalf, including, without limitation: (i) processing your information to provide services to you or requests you have made; (ii) providing customer service; (iii) shipping, sending postal mail and emails; (iv) analyzing, updating and correcting information we receive on the Website; (v) performing business analysis, data processing and/or quality control; (vi) providing marketing assistance, search results and links (including, without limitation, paid listings and links); (vii) processing credit card and debit card payments; (viii) hosting our databases; (ix) providing you with information you requested, (x) scheduling appointments, and/or (xi) obtaining access to patient portal materials. Consequently, we may share your Information with these third-party service providers if they need it to perform services on our behalf. These are different third-party websites and we are not responsible for their website or services. You must review and agree to their Privacy Policies and Terms & Conditions when purchasing products from the Website. For more information regarding third-party service providers privacy policies, please see their websites, for convenience, links are provided below but check with their website for the most updated versions/links and opt-out capabilities. However, such third-party service providers are not authorized by us to use your Information for any other purpose.
- Disclosure of Customer Information for Legal and Administrative Reasons. We may disclose your Information without notice: (i) when required by law or to comply with a court order, subpoena, search warrant or other legal process; (ii) to cooperate in investigations of fraud, intellectual property infringement or any other activity that is illegal or may expose us or you to legal liability; (iii) to comply with legal, regulatory or administrative requirements of governmental authorities (including, without limitation, requests from the governmental agency authorities to view your Information); (iv) to protect and defend the rights, property or safety of us, our subsidiaries and affiliates and any of their officers, directors, employees, attorneys, agents, contractors and partners, and the Website’s users; (v) to enforce or apply the Website’s Terms & Conditions of Use; and (iv) to verify the identity of the Website’s users.
- Business Transfers. Your Information may be transferred, sold or otherwise conveyed (“Conveyed”) to a third party where we: (i) merge with or are acquired by another business entity; (ii) sell all or substantially all of our assets; (iii) are adjudicated bankrupt; or (iv) are liquidated or otherwise reorganize. You consent to any and all such Conveyances of your Information.
- Information Shared with our Subsidiaries and Affiliates. We may share your Information with our subsidiaries and affiliates. If you do not want us to share your Information with our subsidiaries and affiliates, please email us at email@example.com
Additionally, if you access links to third-party websites or Social Media Features through our Website to login to the Website, we may collect information from these third-party services. If you choose to engage in public activities on the third-party websites that we link to, you should be aware that any information you share there can be read, collected, or used by other users of these sites and forums. You should use caution in disclosing personal information while participating in these areas. We are not responsible for the information you choose to submit in public areas.
We may contact Website visitors who provide us information regarding account status, our privacy statement, or any other policies or agreements relevant to site visitors. We may contact you by way of text, email, or telephone and you consent to us contacting you in these matters concerning our Website or related services or information for which we believe you may be interested and you consent to such communications.
We use industry-standard procedures and safeguards to help protect the confidentiality of your Information. However, you should assume that no data transmitted over the Internet or stored or maintained by us or our third-party service providers can be 100% secure. Therefore, although we believe the measures implemented by us reduce the likelihood of security problems to a level appropriate to the type of data involved, we do not promise or guarantee, and you should not expect, that your Information or private communications will always remain private or secure. We do not guarantee that your Information will not be misused by third-parties. We will not have any liability for misuse, access, acquisition, deletion, or disclosure of your Information.
If you believe that your Information has been accessed or acquired by an unauthorized person, you are required to notify us so that necessary measures can be taken immediately.
The Website is hosted in the United States. If you are located outside of the United States, please be aware that information we collect will be transferred to and processed in the United States. By using the Website, or providing us with any Information, you consent to this transfer, processing and storage of your information in the United States, a jurisdiction in which the privacy laws may not be as comprehensive as those in the country where you reside and/or are a citizen. Portions of our site may be supported by a network of computers or cloud-based servers in other jurisdictions. We do not represent that our Website is appropriate or available in any particular jurisdiction.
To the extent certain European data protection laws apply and we hold your Information in our capacity as a data controller as defined under those laws, you may request that we:
- Restrict the way that we process and disclose your Information;
- Transfer your Information to a third-party;
- Revoke your consent for processing of your Information;
- Provide you with access to your Information;
- Remove your Information if no longer necessary for the purposes collected;
- Prevent the processing of your Information for direct-marketing purposes; and/or
- Update your Information so it is correct and not out of date.
You can make the above requests by contacting us in the following ways:
- E-mail: firstname.lastname@example.org
- Send mail to the following postal address:
Retina Associates of Western New York
160 Sawgrass Dr.
Rochester NY 14620
- Call us at: (585) 442-3411
The requests above will be considered and responded to in the time-period stated by applicable law. Note, certain Information may be exempt from such requests. We may require additional information from you to confirm your identity in responding to such requests. You have the right to lodge a complaint with the authorities applicable to you and your situation, although we invite you to contact us with any concern as we would be happy to try and resolve it directly.
VIII. CHILDREN’S INFORMATION
The Website is intended only for users over the age of eighteen (18). If we become aware that a user is under thirteen (13) (or a higher age threshold where applicable) and has provided us with Information, we will take steps to comply with any applicable legal requirement to remove such information. Contact us if you believe that we have mistakenly or unintentionally collected information from a child under the age of thirteen (13).
Last Updated on: October 31st, 2019