Effective Date: January 31, 2014

The owner and operator of this website and its affiliates (“Provider,” "we" or "us") provide a web site designed to offer you access to some of your records at Provider facilities, as well as certain internet-based services which may include assistance in finding a doctor, assistance in scheduling appointments, the ability to register for classes and pre-register for procedures, and health and patient education materials (the “Portal”). This Privacy Policy applies to the Portal and its services (the "Services"), for which you also must accept Provider’s Terms and Conditions governing use of the Portal.

Provider respects your privacy and takes Internet privacy and information security very seriously. Please read the following information carefully. Your continued use of the Portal will indicate your acceptance this Privacy Policy. If you do not agree to the terms of this Privacy Policy, you may not access or use the Portal.

If you are a patient of one or more Provider facilities, your personal information in our possession is protected health information (“PHI”) protected by the Health Insurance Portability and Accountability Act of 1996, as amended (“HIPAA”), and in addition to this Privacy Policy, the HIPAA Notices of Privacy Practices of those Provider facilities apply to that PHI.

How will you be notified about changes to this Privacy Policy?

Provider reserves the right to change the terms of this Privacy Policy at any time by posting those changes in revisions to this Privacy Policy, so that you are always aware of our processes related to collection, use and disclosure of information. We urge you to check here for any updates to this Privacy Policy from time to time.

What Information is Collected, and Why?

The Portal can provide you with access to some of your medical records. When you seek access to those records on the Portal, we need to make sure it is you. So we will need to ask you for information such as your name and email or physical address and other information such as your date of birth (which we may also use to make sure you are eligible to use the Portal in accordance with the Terms of Use) and the answers to “secret questions” to which only you know the answers. We may need to ask you for the information again when you sign in from a new device.

On the other hand, if you only want to use the Portal, for example, to look up some general health information not specific to you, we may not need to ask you any questions to make sure it is you.

We may ask for information about your location and medical needs to assist with finding a physician, and may collect and pass on information to assist you in scheduling appointments, register for classes and pre-register for procedures.

We may also collect and store the Internet Protocol (IP) address of the computer you are using; the name of the domain and host from which you access the Internet; the browser software you use and your operating system; the date and time you access the Service; and the Internet address of the web site from which you directly linked to the Portal. Provider uses this log file information to analyze trends, administer and improve the Services, and monitor Portal traffic and usage patterns for information security purposes and to help make the Portal more useful.

How Else May Your Information Be Used And Disclosed?

In addition to the uses and disclosures of information outlined above, your information may also be used and disclosed as follows:

- If another individual is managing your account on your behalf (for example, a mother managing the account of her son), as authorized by you or as a personal representative under applicable law, that person can view all of your information in the Portal.

- We may use your information to send you surveys.

- We may use your information respond to your requests.

- We may send you appointment reminders through messages or other alerts on the Portal.

- We may share information with marketing, treatment or health care operations support partners required to protect the confidentiality of your information, that will enable them to send you targeted messages or serve you targeted advertising, with your authorization or otherwise in compliance with HIPAA and other applicable laws.

- We may assign the information we have about you, including personally identifiable information, in the event that all or part of our assets are sold or acquired by another party, including all or substantially all of our websites or our top-level-domain, or in the event of a merger for the same.

- We may use or disclose your information as required by law.

The Portal will not disclose personal information (contact, health and/or billing) to third parties other than a provided for in this Privacy Policy, except when we believe in good faith that the law requires or permits it or you have otherwise consented to additional use or disclosure of the information.

Third-Party Websites and Payments

If you use the Portal to link to another web site, you may decide to disclose personal information at that web site. For example, you might provide your contact information to obtain an information packet from an organization. Please be aware that in contacting that site, or in providing information on that site, that third party may obtain personal information about you. This Privacy Policy does not apply when you leave the Portal and go to a third party web site from the Portal. [We structure the Portal so that no personal or health information goes in the search string or URL when you move from the HCA Service to a linked web site.] We encourage you to be aware when you leave the Portal and to read the privacy statements of each and every site that collects personally identifiable information.

Any payments you may make for services you have found on the Portal (such as enrolling in a class) are made exclusively through an affiliated third-party website the separate privacy policy of which applies, and not through the Portal.

Information Security

No web site can guarantee security, but we maintain appropriate physical, electronic, and procedural safeguards to protect your personal information collected via the Portal in compliance with applicable law. Please see the Portal Terms and Conditions for more specific information about information security and your responsibilities.

Cookies and Web Beacons

Cookies: A "cookie" is a small text file that Provider may transfer to your computer's hard drive in order to personalize our services for you and to collect aggregate, non-personal information regarding Service usage by all of our users. Each computer is assigned a different cookie that contains a random, unique number. The cookie does not contain personally identifiable information. HCA uses two different types of cookies: a “session cookie”, which is required to track a user session, for example, and which expires shortly after the session ends), and a “persistent” cookie, used to track unique visits to the Portal, as well as how the user arrived at the Portal (through an email link, or from a referral link, for example), and the type of user (patient, provider, etc.). So that users aren’t counted twice, this cookie can “persist” anywhere from six months to two years.

Your browser software can be set to warn you of cookies or reject all cookies. Most browsers offer instructions on how to reset the browser to reject cookies in the "Help" section of the toolbar. If you reject our cookie, you may not be able to use certain Services.

Since sponsors or partners of Provider may use their own cookies when you click on a hypertext link to their site or service, you should carefully review the privacy policy of other sites you link to from our Service.

Web Beacons. A "web beacon", "clear gif", "web bug", or "pixel tag" is a tiny graphic file with a unique identifier, that is similar in function to a cookie, but would allow us to count the number of users that have visited certain pages or screens of our websites, and to help determine the effectiveness of promotional or advertising campaigns. When used in HTML-formatted email messages, web beacons can tell the sender whether and when the email has been opened. In contrast to cookies, which may be stored on your computer's hard drive, web beacons are typically embedded invisibly on pages or screens.

What can I do to protect my Privacy?

In order to protect your privacy, you should:

- Never share you sign in name or password

- Always sign out when you are finished using the Portal.

- Use only secure web browsers.

- Employ common anti-virus and anti-malware tools on your system to keep it safe.

- Use a strong password with a combination of letters and numbers.

- Change your password often.

- Notify us if you feel your login and/or password have been compromised.

Please note that if you share your Portal user name and password with another person, this will allow that person to see your confidential medical record information. Provider has no responsibility concerning any breach of your confidential medical record information due to your sharing or losing your user name or password.

Children May Not Use the Portal

We will never ask for or knowingly collect information from children. Consistent with the Children's Online Privacy Protection Act, we will not knowingly collect any information from children under the age of 13. Parents of unemancipated minors may set up accounts for themselves to access their children’s medical records only as permitted pursuant to the Terms and Conditions governing the Portal.

What if I am accessing this Web Portal from outside of the United States?

If you are visiting our Web Portal from outside the United States, please be aware that your information may be transferred to, stored or processed in the United States, where our servers are located and our central database is operated. The data protection and other laws of the United States and other countries might not be as comprehensive as those in your country, but please be assured that we take steps to protect your privacy. By using our services, you understand that your information may be transferred to our facilities and those third parties with whom we share it as described in this privacy policy.

Connecticut Privacy Policy Notice

If collected, we will take reasonable measures to protect the confidentiality of Social Security numbers and limit access to those with a need for such information. We prohibit the unlawful disclosure of Social Security numbers.

Your California Privacy Rights

Under California Law, California residents have the right to request in writing from businesses with whom they have an established business relationship, (a) a list of the categories of personal information, such as name, e-mail and mailing address and the type of services provided to the customer, that a business has disclosed to third parties (including affiliates that are separate legal entities) during the immediately preceding calendar year for the third parties' direct marketing purposes and (b) the names and addresses of all such third parties. To request the above information, please contact us at the email or physical addresses listed below with a reference to California Disclosure Information.

We will respond to such requests to information access within 30 days following receipt at the e-mail or mailing address stated above. If we receive your request at a different e-mail or mailing address, we will respond within a reasonable period of time, but not to exceed 150 days from the date received. Please note that we are only required to respond to each customer once per calendar year.

We treat the data of everyone who comes to our site in accordance with this privacy policy, whatever their Do Not Track setting.

What if I have questions or concerns regarding this Privacy Policy?

If you have any questions or concerns about this Privacy Policy or the information practices of the Portal, please contact us at or call 855-849-3364 during business hours.