Website Privacy Practices

At Edward-Elmhurst Health (“EEH”, “we”, “our”, or “us”) we respect the right to privacy of our visitors to www.eehealth.org, MyChart.eehealth.org, and our mobile applications, including but not limited to the MyEEHealth mobile app (“EEH Websites” collectively). This Website Privacy Practices explains how we collect, use, disclose, and protect personal information provided to us via the EEH Websites by our online visitors. Please review this Website Privacy Practices, as it contains information, terms, and conditions that may affect your legal rights and ability to use the EEH Websites. We care about your personal information, and we want you to be fully informed about our practices.

Unless otherwise specified below, please note that this Website Privacy Practices only applies to personal information you provide through your use of EEH Websites. As otherwise not legally prohibited, EEH and third parties may collect Personally Identifiable Information (PII) that you choose to provide to the EEH Websites. When necessary, you will be prompted to accept additional terms and conditions when using MyChart via a web browser (for example: google chrome, Safari, or Firefox) or through the MyEEHealth mobile app (“MyChart T&Cs”).

These Website Privacy Practices do not apply to any Protected Health Information (“PHI”) gathered, by us. Rather, our Notice of Privacy Practices (links below) will govern our use and disclosure of our patients’ PHI. The Notice of Privacy Practices describes how information about our patients may be used and disclosed. Please review it carefully.

For more information, including information about your rights under the Health Insurance Portability and Accountability Act of 1996 and its implementing regulations (collectively, “HIPAA”), please review our Notice of Privacy Practices available here:

• Notice of Privacy Practices (English)
• AVISO DE PRÁCTICAS DE PRIVACIDAD (Spanish)
• إشعار ممارسا ت الخصوصي ة (Arabic)
• 개인정보보호 관행 고지 (Korean)
• POWIADOMIENIE O PRAKTYKACH W ZAKRESIE OCHRONY PRYWATNOŚCI (Polish)
• УВЕДОМЛЕНИЕ О ПОРЯДКЕ ИСПОЛЬЗОВАНИЯ КОНФИДЕНЦИАЛЬНОЙ ИНФОРМАЦИИ (Russian)
• THÔNG BÁO VỀ CÁC BIỆN PHÁP THỰC HÀNH BẢO VỆ QUYỀN RIÊNG TƯ (Vietnamese)

Acceptance of these terms

By using this site and/or or using any of the features or services provided on the EEH Websites, you signify your acceptance of the Website Privacy Practices. If you do not agree to these practices, please do not use our EEH Websites.

There are two types of information we collect on the EEH Websites:

1. Personally Identifiable Information
   In some instances, EEH, through the EEH Websites, and/or a Third Party Vendor or other third parties may collect PII (including but not limited to email address, Internet Protocol (IP) addresses, name, phone number, and other information as defined under the Illinois Personal Information Protection Act). This information may be collected when accessing the EEH Websites or affiliated EEH Websites or when volunteered by the user – for example, when completing a form to subscribe to a newsletter or answering the question prompts posed by EEH’s Virtual Chatbot tool or paying a bill through MyChart. Also, when you visit the EEH Websites, our servers automatically record certain information about the device (e.g., a computer, tablet, or mobile device) you used to access the EEH Websites. If a Third-Party Vendor collects your PII, such vendor may share and/or use all or part of your PII with us or another third party. In addition to other uses and disclosures in this Website Privacy Practices, we may also disclose PII, as required or permitted by law.
2. Non-personally Identifiable Information
   This site also collects non-personally identifiable user information, such as cookies, Internet tags and navigational data (“NPII”). This information is used for system/website management, to improve the content and navigation of the site.
   
   We do not match PII with NPII. In other words, we do not link any personal information (for example, your name and location) with visit information, such as pages visited or files downloaded. In effect, all such visit information is anonymous.

Other Information Including EEH Uses of PII and NPII:

The following provides you with other privacy information related to the EEH Website and describes other ways how EEH, through its EEH Websites, Third Party Vendors and other third parties may collect, store, use and disclose your PII and NPII.

Disclosure and Use of collected information

Unless legally prohibited and in addition to the uses and disclosures described in the Website Privacy Practices, EEH may use, store, disclose and/or share PII without your consent and allow third parties to do the same. In other circumstances, you will be given notice and have the option to participate in programs where you consent to our use of your PII.

Third Party Vendors and Cookies

In addition to other uses of PII as described in the Website Privacy Practices, we may allow Third Party Vendors and other third parties to collect, use, and disclose your PII.

• Third-party vendors and service providers.
  We may share your information with third-party vendors and service providers that help us with specialized services, including billing, payment processing, providing medical advice for telemedicine services, management and hosting of telemedicine services, customer service, email deployment, business analytics, talent acquisition services, marketing (including but not limited to advertising, attribution, deep-linking, direct mail, mobile marketing, optimization, performance monitoring, hosting, and data processing Specialized Services). These third-party vendors and service providers may not use your information for purposes other than those related to the Specialized Services they are providing to us.
  We may use third party ad servers or ad networks to serve advertisements. Advertisements are not on or within our site, they are on external sites and search engines. These advertisements link to our web site. Third party ad servers or ad networks may use other technologies such as cookies, scripting language or clear gifs to measure the effectiveness of their advertisements and to personalize the advertising content you see. Within our site, we may provide a hyperlink to a third-party vendor’s website for the purpose of that third-party vendor performing Specialized Services. While visiting their website, these third-party vendors may use their own cookies and tracking software and we recommend you review their website terms of use and privacy practices. We are not responsible for the terms of use, security and privacy practices these third-party vendors employ while you visit their website.
• We use third-party cookies that help us analyze how you use this website, store your preferences, and provide the content and advertisements that are relevant to you. You can choose to enable or disable some or all of these cookies but disabling some of them may affect your browsing experience. The following are the categories of cookies on our website:
  • Necessary Cookies are required to enable the basic features of this site, such as providing secure log-in.
  • Functional Cookies help perform certain functionalities like share the content of the website on social medial platforms, collecting feedback, and other third-party features.
  • Analytics Cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.
  • Performance Cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
  • Advertisement Cookies are used to provide visitors with customized advertisement based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.
  • Other Cookies Other uncategorized cookies are those that are being analyzed and have not been classified into a category as of yet.
• For more information about third party ad servers and your ability to opt-out of targeted advertising from such third parties, please visit the Network Advertising Initiative (link). and/or the Digital Advertising Alliance Self-Regulatory Program for Online Behavioral Advertising (link).
• If you reached this site via an EEH Ad
  If you access any EEH Websites from an advertisement on a third-party website, application, or other service (a “Third-Party Service”) we may receive information from the owner of the Third-Party Service related to you or that advertisement. The ad may have been served to you based on your interests or your browsing habits. If you want to opt out of being served EEH advertisements based on your browsing activity, you may opt out of cookies for multiple ad servers here.

Email communication, newsletters and related services

We may use your email address to deliver newsletters, as well as for other promotional (e.g., new service offerings, upcoming events or new location opening) purposes. Email messages we send you may contain code that enables our database to track your usage of the emails we send you, such usage includes but is not limited to whether the email was opened and what links (if any) were clicked.

You may indicate your preference to opt-out of receiving newsletter/promotional communications by following the unsubscribe instructions provided in the newsletter/promotional email you receive or by submitting the request via our Contact Us Form. You acknowledge that it may take up to 10 days for us to process an opt-out request.

Communication you send to us via email or form submission on our EEH Websites may be shared with the appropriate EEH staff member and/or third-party vendors. Email does not provide a completely secure and confidential means of communication. Please do not send any personal health information via unsecured email. For more information about you sharing PHI with us via email, please see the Notice of Privacy Practices.

Security Policy and Practices

We believe that protecting your PII and NPII is important. Therefore, we have taken security measures to protect your information. Furthermore, we monitor activities, events, which are addressed upon discovery or notifications.

When you give EEH personal information, we take steps to ensure that your information is treated securely to the extent reasonable. No data transmission over the Internet can be guaranteed to be 100% secure. As a result, while we strive to protect your personal information, EEH cannot ensure the security of any information you provide to us, and you do so at your own risk. Once we receive your information, we will make a reasonable effort to ensure its security on our systems to the extent possible.

Privacy of Children

We are committed to protecting the privacy of children. The EEH Websites are not intended or designed to attract children under the age of 13. We do not intentionally collect PII from any person we know is a child under the age of 13.

Links to other websites

The EEH Websites may link to other websites, many of which have their own privacy policies. Be sure to review the privacy policy on the site you're visiting.

MyEEHealth Mobile Application (Mobile App Users Only)

This section titled “MyEEHealth Mobile Application (Mobile App Users Only)” only applies to the access and use of MyChart via the MyEEHealth mobile app.

To provide patients and visitors with a useful and personalized mobile app experience, MyEEHealth mobile app may require access to the following phone features and/or information stored on your phone:

• Location: Our mobile apps do not store your location data or share it with third parties. Location data can be used by mobile app features, such as sending notifications to our registration staff when you've arrived for an appointment (or) suggesting healthcare providers or locations that are nearby.
• MyEEHealth mobile app may offer location-based check-in for in-person appointments or allow you to find healthcare providers near you. The first time you try to use any features that use your location, we will ask for your consent within the app and will only access your location if you give consent. You do not have to provide consent if you do not want to allow MyEEHealth mobile app to use your location.
• Camera: Our mobile apps may use the camera feature, allowing you to take and/or share photos or to capture video for virtual visits. Users can upload photos to personalize an account or to provide as health record attachments and may be accessed by the healthcare providers.
• Microphone: Our mobile apps do not store your audio data. Your phone’s microphone can be used to capture audio for video visits.
• Storage: Our mobile apps may store files you upload from your device's storage to your medical record. Our mobile apps may access your device's storage to read and write files you select in the application. These files may be used as file attachments that are sent to your healthcare provider or they may be created from file attachments sent to you from your healthcare provider.
• Bluetooth: Our mobile apps may access your device's Bluetooth feature. Bluetooth will be used to detect other nearby devices to help with appointment arrival. Our mobile apps do not store your Bluetooth data.
• Phone: Our mobile apps may use your phone to call phone numbers selected by you in the application. Our mobile apps will not store or share your call history or other any other call data.

In addition to giving you notice of technology changes, if subsequent versions of the MyEEHealth mobile app collects new types of medical information and/or personally identifiable information, you will be notified by a pop-up message of these changes on your web browser or mobile app with the reason on why the new data is being collected.

MyEEHealth mobile app may interact with your PII or PHI to provide certain features, such as video visits or mobile appointment check-in (please refer to our NPP on how we handle your PHI). The first time you try to use any of these features, we will ask for your consent within the app and will only allow you to use a feature if you give consent. You do not have to provide consent if you do not want to allow MyEEHealth mobile app to interact with your data as requested. MyEEHealth mobile app is developed by Epic Systems Corporation; please refer to Epic’s Mobile Application Privacy Policy for Patients for more detailed information about the limited ways they may interact with your information to make your use of MyEEHealth mobile app possible.

Website Privacy Practices updates

We may update our Website Privacy Practices at any time for any reason. We encourage you to review our Website Privacy Practices whenever you visit the EEH Websites to make sure that you understand how we may use any personal information you provide via the EEH Websites. If we make any changes to Website Privacy Practices, it is your responsibility to review these changes each time you access the EEH Websites. Your use of the EEH Websites following such changes shall constitute your acceptance of any such changes.

Law Applicable to This Website Privacy Practices

EEH is headquartered in the State of Illinois, and the EEH Websites are intended for users in the United States. By viewing any content or otherwise accessing the EEH Websites, you consent to the transfer of information to the United States to the extent applicable, and the collection, storage, and processing of information under the laws and regulations of the State of Illinois and the United States.