Online Privacy Policy
Your privacy is important to us. We are committed to care that includes protecting Personal Information (defined below) by being dedicated to maintaining information confidentially and complying with regulatory requirements by – among other things – limiting access to only those users that have a legitimate need to view it and regularly educating employees on information protection.
This Privacy Policy covers our online privacy practices with respect to the use and/or disclosure of information we may collect from you when you access our website, www.chcsno.org, Patient Portals, and any other websites or applications we may provide that link to this policy. This policy does not apply to information collected through other means, such as by telephone or in-person. By using this website, you signify your agreement to this Privacy Policy.
Information Collected through the Website.
Our website includes pages that allow you to provide us with Personal Information about yourself. As used in this Privacy Policy, “Personal Information” means any information that may be used, either alone or in combination with other information, to personally identify an individual.
We collect certain information, including Personal Information about our website users, in three ways:
- Information provided by you
- Information provided by our web server logs
- Information provided by cookies and tracking
Information Provided by You
Our service providers and we collect Personal Information through online forms to provide certain website features to you. For example, if you are applying for a job through the website, you may be asked to fill out a form with your name, email address, phone number, and work experience. If you do not provide the information required, we may not be able to provide you with related features on the website.
In some cases, you may be able to enter any content you choose into our secure forms. You are responsible for such content.
Web Server Logs
When you access or use our website, we may track information to manage our website and analyze usage. We use this information to analyze trends, administer and improve our website, monitor traffic and usage patterns to enhance security, and make our website more useful. Examples of information we may track include:
- Your Internet protocol address
- Information regarding your browser and computer
- Number of links you click within our website
- State or country from which you accessed our website
- Date and time of your visit
- Name of your Internet service provider
- Third-party websites you linked to from our website
- Pages or information you viewed using our website
Some features on our website (such as social media widgets that allow you to share content) may use cookies or other methods to gather information regarding your use of the website. This information may be combined with any Personal Information about you that you may have given us. The use of such information by a third party depends on the privacy policy of that third party.
Cookies and Tracking
We use various technologies, including “cookie” technology, to gather information from our website visitors, such as pages visited and how often they are visited, and to enable certain features on this website. “Cookies” are small text files that may be transferred to your computer when you visit a website. Cookies may include “single-session cookies” that generally record information during only a single visit to a website and then are erased, and “persistent” cookies, which are generally stored on a computer unless or until they are deleted or are set to expire. Cookies cannot be used to run programs or deliver viruses to your computer. One of the primary purposes of cookies is to provide a convenience feature to save you time.
Your browser software can be set to warn you of cookies or reject all cookies. Most browsers offer instructions on how to reset the browser to reject cookies in the “Help” section of the toolbar. If you reject our cookie, this may disable some of our website’s functionality, and you may not be able to use certain functions.
We use Google Analytics to help us analyze the traffic on our website. For more information on Google Analytics’ processing of Personal Information, please see http://www.google.com/policies/privacy/partners/.” You can opt out of Google Analytics by using a browser plugin provided by Google.
Some features on our website (such as social media widgets that allow you to share content) may use cookies or other methods to gather information regarding your use of the website. These pieces of information may be combined with any Personal Information about you that they may have. The use of such information by a third party depends on the privacy policy of that third party.
We reserve the right to share aggregated site statistics monitored by cookies with third parties as outlined in this policy and as otherwise permitted by law.
Your Access to and Control Over Information
You may opt-out of any future contacts from us at any time. You can do the following at any time by contacting us via the email address or phone number given on our website:
- See what data we have about you if any
- Change/correct any information we have about you
- Have us delete any information we have about you
- Express any concern you have about our use of your data
Geolocation Data
We do not collect precise information (e.g., GPS data; latitude and longitude) concerning the location you access the website. However, we do collect information on your region or postal code to help us gather information useful for improving the relevance of our content and securing our website.
Information Collected through the Patient Portal
As a service to our patients, links to the Patient Portal will be provided on our website to offer secure and private access to your own Personal Health Information (“PHI”). Services may include, among other things, access to health and patient education materials and secure messaging.
When you seek access to your PHI on the Patient Portal, we need to confirm your identity. We will ask you for information such as your name, email or physical address, and other information such as your date of birth and the answers to “secret questions” to which only you know the answers. This information may be used to help administer and manage your user account. We may need to ask you for the information again when you sign in from a new device.
We may also ask for your location and medical needs to assist with finding a physician. This information, which may include, where relevant, health information such as your patient history) may be used to assist you in scheduling appointments, pre-registering for procedures, and registering for classes.
We will never ask for or knowingly collect Personal Information from children through the Website or Portal without parental consent. If you think that we have collected personal information from a child through this website, please contact us.
Patient Portal for Minors
Washington state has laws that permit minors (children under the age of 18) to consent or agree to certain types of health care services confidentially.
When minors visit CHC, there are certain services they may consent to without parental involvement. CHC will take steps to ensure the confidentiality of those visits by turning off portal access for all patients ages 13 through 17 and will not share their health care information regarding those visits without written authorization from the minor.
The Purposes for Which We Use Personal Information
If you submit, or we collect Personal Information through our website, then such Personal Information may be used in the following ways: (i) to provide, analyze, administer, and improve our website; (ii) to contact you in connection with our website and appointments, events or offerings that you may have registered for; (iii) to send you surveys; (iv) for recruiting and human resources administration purposes; (v) to protect our rights or our property and to ensure the technical functionality and security of our website; and (vi) as required to meet our legal and regulatory obligations.
If you are a visitor from the European Economic Area, our legal basis for collecting and using the information described in this Privacy Policy will depend on the information concerned and the context in which we collect it. We collect information from you:
- Where we need it to perform our contract with you (i.e., our Terms);
- Where the processing is in our legitimate interests (provided that your interests or rights don’t override these, such as securing and improving our website, for example;
- Where the processing is for the provision of healthcare or the management of healthcare website (g., health information collected from you or made accessible to you through the Patient Portal in accordance with legal requirements governing the confidentiality of such information); or If we otherwise have your consent.
- If you have questions about or need further information concerning the legal basis on which we collect and use your information, please contact us using the contact details provided under the “Contact Us” section below.
How We Disclose Personal Information
We do not sell, lease, rent, or otherwise disclose the Personal Information collected from our website to third parties unless otherwise stated below or with your consent.
Our Third-Party Providers. We may transfer Personal Information to third-party service providers to perform tasks on our behalf and to assist us in providing our website. For example, we may use third-party service providers for security, website analytics, and payment processing. We use reasonable efforts to only engage or interact with third-party service providers and partners that post a privacy policy governing their processing of Personal Information. We require our service providers to maintain confidentiality and comply with applicable laws in the processing of Personal Information.
Other Disclosures. We may disclose Personal Information about you if we have a good faith belief that disclosure of such information is helpful or reasonably necessary to: (i) comply with any applicable law, regulation, legal process, or governmental request; (ii) enforce our terms of use, including investigations of potential violations thereof; (iii) detect, prevent, or otherwise address fraud or security issues; or (iv) protect against harm to our or third parties’ rights, property or safety.
In addition to the uses and disclosures of information outlined above, if you use the Portal, your information may also be used and disclosed as follows:
Authorized Representatives. If another individual is managing your account on your behalf (for example, a mother managing the account of her minor son), as authorized by you or as a personal representative under applicable law, that person can view all Personal Information about you in the Portal.
Health care Providers. Your health care providers may have access to Personal Information for administrative and health care services. We may also use Personal Information to respond to and fulfill your orders and requests.
Partners. We may share Personal Information with marketing or health care operations support partners, who are also required to protect the confidentiality of your information, which will enable them to send you targeted messages or serve you targeted advertising. This information sharing will occur with your authorization or otherwise in compliance with HIPAA (defined below) and other applicable laws.
What Can I Do to Protect My Privacy?
When you use Patient Portal or other secured services with a username and password, you are also responsible for taking steps to protect the privacy of Personal Information about you. To protect your privacy, you should:
- Never share your username or password.
- Always sign out when you are finished using the Portal.
- Use only secure web browsers.
- Employ common anti-virus and anti-malware tools on your system to keep it safe.
- Use a strong password with a combination of letters and numbers.
- Change your password often.
- Notify us immediately if you feel your login and/or password have been compromised.
Please note that if you share your Portal username and password with another person, this will allow that person to see your confidential medical record information. We have no responsibility concerning any breach of your confidential medical record information due to your sharing or losing your username or password.
Information Security
No website can guarantee security, but we maintain appropriate physical, electronic, and procedural safeguards to protect your personal information collected via our website in compliance with applicable law.
User Communications
Email communications that you send to us via the email links on our website may be shared with a customer service representative, employee, medical expert or agent that is most able to address your inquiry. We make every effort to respond in a timely fashion once communications are received. Once we have responded to your communication, it is discarded or archived, depending on the nature of the inquiry.
Email functionality on our website does not provide a completely secure and confidential means of communication. Your email communication may be accessed or viewed by another Internet user while in transit to us. Please do not assume that communications through email are private and secure.
Communications Opt Out
We may periodically send you electronic messages. These messages will include information on how to opt out of similar messages in the future.
HIPAA Policies
If you are our patient, your personal information in our possession is protected health information (“PHI”) protected by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the applicable provisions of the Health Information Technology for Economic and Clinical Health (HITECH) Act. In addition to this Privacy Policy, the HIPAA Notices of Privacy Practices of those Provider facilities apply to your PHI.
In collecting Personal Information, our website may also collect PHI. Just as we strive to protect Personal Information, we are committed to protecting your PHI. If there is a breach of your PHI, we are required by law to notify you. Your PHI will remain confidential and will only be disclosed to you or your representative unless otherwise required by state or federal law. In all circumstances, unless otherwise required by law, we will obtain your written authorization before using or disclosing your PHI. This protection extends to PHI that is oral, written, or electronic.
Policy Changes
We reserve the right to change the terms of this Privacy Policy at any time by posting those changes in revisions to this Privacy Policy so that you are always aware of our processes related to the collection, use, and disclosure of information. We urge you to check here for any updates to this Privacy Policy from time to time. Unless otherwise indicated, any changes to this Privacy Policy will apply immediately upon posting to the website.
What if I have questions or concerns regarding this Privacy Policy?
If you have any questions or concerns about this Privacy Policy or the management of our website, please contact us here or write to us at:
Compliance Officer
Community Health Center of Snohomish County
8609 Evergreen Way,
Everett, WA 98208