At NorthShore University HealthSystem, including Northwest Community Healthcare and Swedish Hospital (“NorthShore”, “we”, “our”, or “us”), we respect the privacy of every visitor to our websites, including www.northshore.org, and foundation.northshore.org, our web portals, including our NorthShoreConnect portal (available at www.northshoreconnect.org), and our mobile applications, including our NorthShoreConnect mobile application (collectively, “the Sites”). This Privacy Policy explains how we collect, use, disclose, and protect personal information provided to us via the Sites by patients and our online visitors. Please review this Privacy Policy, as it contains information, terms, and conditions that may affect your legal rights and ability to use the Sites. We know you care about your personal information, and we want you to be fully informed about our practices.
Please note that this Privacy Policy only applies to personal information you provide through your use of the Sites. This Privacy Policy does not apply to any Protected Health Information collected via the Sites. Rather, our Notice of Privacy Practices will govern our use and disclosure of your Protected Health Information. For more information, including information about your rights under the Health Insurance Portability and Accountability Act of 1996 and its implementing regulations (collectively, “HIPAA”), please review our Notice of Privacy Practices available here.
By accessing the Sites or using any of the features or services provided on the Sites, you consent to the information collection and use practices described herein. If you do not consent or otherwise do not agree with our Privacy Policy, please do not use or access the Sites.
1. PERSONAL INFORMATION WE COLLECT
NorthShore may collect certain information from you through the Sites, including personal information (i.e., individual information that may be used to personally identify or contact you). We may collect this information actively (i.e., by collecting information you voluntarily submit to us) and passively (i.e., by collecting information automatically gathered from your computer).
ACTIVE COLLECTION
At several places on the Sites, NorthShore may collect certain personal information you voluntarily provide. For example, when you create an account, schedule an appointment, fill out a form, or join an email distribution list, we or one of our vendors may collect your name, address, phone number, and/or email. If a vendor collects your personal information, such vendor may share all or part of your personal information with us.
You may also use the Sites to pay a bill, buy a gift from one our gift shops, or make a donation to NorthShore (collectively, “Transactions”). To process a Transaction, NorthShore or one of our vendors will collect personal information you, such as your name, billing address, credit or debit card number, email address, telephone number, and email address. Our vendors or we will process you credit card payments using established encryption techniques for protecting your information.
If a vendor processes your Transaction, we encourage you to read such vendor’s privacy policy and terms and conditions of use before entering any personal information. NorthShore may not receive complete payment information for a vendor-processed Transaction, but our vendors will provide us with some personal information upon completion of the Transaction, such as your name, billing address, email address, telephone number, amount paid or donated, how you heard about NorthShore, and the last four digits of your credit card number, the latter of which we use for verification and/or customer service purposes.
If you make a donation via the Sites, you will have the option to make the donation anonymously, but please note this does not mean that NorthShore will not receive your personal information. Rather, NorthShore will not publish the name of a donor who wishes to remain anonymous in any publication or publicly available document.
You may have the option to register for receipt of email communications, such as electronic newsletters, that we disseminate from time to time. Registration for such communications may include providing us with your name, email address, and potentially demographic information. If you send us an email request or participate in our forums, we may store that information as well, including any personal information included in a post, message, or email, as well as any personal information included in any attachments you may send include in such post, message, or email.
PASSIVE COLLECTION
When accessing, browsing, or using the Sites, our software may automatically collect certain information from your device (e.g., computer, smartphone, and tablet) using “cookies” and other tracking techniques, or by collecting platform information from our servers.
Information Collected by “Cookies” And Other Tracking Techniques
NorthShore, as well as our vendors, may use various technologies, such as cookies and web beacons, to collect information about you when you access, browse, or use the Sites. For additional information, including how to block cookies, please see “HOW WE USE COOKIES” below. You may still use the Sites if you reject, block, and/or delete our vendors’ or our cookies, but please note that you may not be able to access some areas or features of the Sites.
NorthShore may use third-party services, such as Google Analytics, to provide Site-usage analytics. Such third-party services may use cookies, web beacons, and/or other technologies to collect information about your use of the Sites. Such information may include your device’s Internet Protocol address, browser name and version, pages visited, time spent viewing each page, links clicked, and other information about your visit to and use of the Sites. Such analytics may help us track usage of the Sites, identify popular features, provide advertising and other content specific to your use of the Sites and other websites, and better understand the online activity of our patients and visitors of the Sites. If you wish to block, erase, or be warned of cookies used for analytic purposes, please refer to your browser’s instructions or help screen to learn about these functions.
Platform Information
When you visit the Sites, our servers automatically record certain information about the device (e.g., a computer or mobile device) you used to access the Sites. Such information, often referred to as “log file” information, may include your device’s Internet Protocol address, operating system name and version, and browser name and version, as well as the referring URL, number of times your device has accessed the Sites, pages of the Sites you viewed, links you clicked, and other information about your visit to and use of the Sites. With your consent, our servers may also collect information about the precise location of your device. If you do not wish to provide location data, please consult your device’s or browser’s instructions or help pages for information on how to disable these features.
If you access the Sites from a mobile device, such as a smartphone or tablet, our servers may also collect information specific to your mobile device. This information may include your mobile device’s hardware model, unique device identifier(s), and mobile network information. With your consent, we may also access and collect information from certain native applications on your mobile device, such as your device’s camera, photo album, phonebook, or calendar applications. If you do not wish to provide access to native applications, please consult your mobile device’s instructions or help pages for information on how to disable these features.
To provide patients and visitors with a useful and personalized mobile app experience, our mobile apps (“NorthShoreConnect” and “NorthShoreConnect 2.0 Premiere”) may require access to phone features and/or information stored on your phone. The following describes the ways we may access, collect, use and share your personal and sensitive data:
- Location: Our mobile apps do not store your location data or share it with third parties. Location data can be used by mobile app features, such as sending notifications to our registration staff when you've arrived for an appointment (or) suggesting healthcare providers or locations that are nearby.
- Camera: Our mobile apps interact with your camera roll only if you choose to add a profile image to a profile in our mobile apps and it may allow you to use the camera feature, to take and/or share photos or to capture video for virtual visits. Users can upload photos to personalize an account or to provide as health record attachments and may be accessed by the healthcare providers.
- Microphone: Our mobile apps interact with your microphone only if you choose to use your microphone to navigate our mobile apps. Our mobile apps do not store your audio data. Your phone’s microphone can be used to capture audio for video visits.
- Storage: Our mobile apps may store files you upload from your device's storage to your medical record. Our mobile apps may access your device's storage to read and write files you select in the application. These files may be used as file attachments that are sent to your healthcare provider or they may be created from file attachments sent to you from your healthcare provider.
- Bluetooth: Our mobile apps may access your device's Bluetooth feature. Bluetooth will be used to detect other nearby devices to help with appointment arrival. Our mobile apps do not store your Bluetooth data.
- Phone: Our mobile apps may use your phone to call phone numbers selected by you in the application. Our mobile apps will not store or share your call history or other any other call data.
- Telehealth: Our mobile apps may allow you to conduct telehealth appointments with your healthcare providers. Our mobile apps only provide the technical support for those appointments to happen. We do not interact with any health information about you exchanged during any telehealth appointments.
Our mobile apps were not created specifically for the COVID-19 pandemic. They existed before the COVID-19 pandemic to allow you to access your health information on file. We allow you to access COVID-19-related vaccination information, laboratory test results, and documents with illness-related information using our mobile apps. You may choose if or how you want to access, display, or use such information – just like you can make those decisions about health information relating to other conditions, services, tests, or vaccinations.
2. HOW WE USE THE PERSONAL INFORMATION WE COLLECT
NorthShore may use the personal information you provide via the Sites in the following ways:
- to contact you about your use of the Sites or about our programs, services, products, activities, special events, or other news that may be of interest to you;
- to provide, maintain, or improve the Sites;
- to process financial transactions, such bill payments, gift purchase, or donations;
- to detect, investigate, and prevent fraudulent credit card transactions;
- for general security monitoring;
- to publish in annual reports or other public documents that include donors’ names and information relating to the amount of their respective donations (e.g., by indicating a donation level or tier)
- to schedule appointments or place you in contact with one of our healthcare providers;
- for internal and marketing, promotional, informational, and fundraising purposes;
- • to provide you with technical notices, updates, alerts, and support or administrative messages;
- to process employment, fellowship, or grant applications;
- to monitor and analyze usage of the Sites; and
- to maintain administrative records.
If you do not want to receive informational communications from NorthShore, such as email communications informing you of programs, services, or products, please see “Choices You Have Regarding THE Use Of Your PERSONAL Information” below regarding your options to avoid receiving such communications.
3. HOW WE PROCESS YOUR PERSONAL INFORMATION
NorthShore is committed to processing your personal information in accordance with applicable data privacy laws and with transparency and fairness. We will only process your personal information if:
We have your consent to process and use your personal information;
We need to process your personal information in order to complete a transaction with you or to fulfill a contractual obligation owed to you;
We have a legitimate business purpose for processing your personal information, such as to improve and develop the Sites or services offered on or through the Sites, to prevent fraud or provide general security monitoring, or to improve user experience; or
We are required to process your personal information in order to comply with an applicable law or regulation.
Because NorthShore is committed to protecting the privacy of children, the Sites are not intended for use by or directed at children under the age of 13. We do not knowingly collect via the Sites personal information from anyone under 13 years of age. We encourage parents and guardians to take an active role in their children’s online and mobile activities and interests.
4. HOW WE SHARE PERSONAL INFORMATION WITH THIRD PARTIES
NorthShore will not sell, share, trade, or rent any personal information to others in ways different from what is disclosed in this Privacy Policy without first obtaining your authorization and consent. We may provide aggregate information (i.e., information collected from you that does not allow you to be personally identified or contacted) to third parties without your authorization, such as information about your access and use of the Sites.
We may disclose personal information you provide to independent contractors, volunteers, vendors, service providers, or consultants who are engaged by or working with NorthShore and who need access to such information to carry out their programs or services. We may collaborate with other vendors or organizations to provide specific programs or services and will share information with them in order to facilitate their provision of such programs or services. We may also disclose personal information we have collected if we are required to do so by law or if in our good faith judgment, such action is reasonably necessary to comply with legal process, to provide general security monitoring, to respond to any claims, or to protect the rights of NorthShore and/or our patients, physicians, healthcare providers, partners, vendors, and/or the its constituents and the public.
Please note that the Sites may contain links to third-party websites. Please be aware that NorthShore is not responsible for the privacy practices of such third-party websites. We encourage users of the Sites to be aware when they leave the Sites and to read the privacy policies or statements of every website that collects personally identifiable information.
Similarly, if you entered one of the Sites through another website, NorthShore is not responsible for the privacy practices of that site, and you should review the privacy policy of the originating website before providing any personal information to that website. This Privacy Policy applies solely to information collected by NorthShore via the Sites.
5. HOW WE PROTECT YOUR PERSONAL INFORMATION
While no website or electronic data can ever be completely secure, NorthShore is committed to maintaining up-to-date and appropriate security measures and safeguards. We maintain a variety of physical, electronic, and procedural safeguards to help prevent unauthorized access to and improper use of your personal information. For example, our employees’ computers are password protected, and we provide regular education to our employees regarding our security and privacy practices.
We want you to feel confident in our security when using the Services, but we cannot guarantee the security of any information from or about you 100% of the time. Please refer to the U.S. Federal Trade Commission’s website for information on how to protect yourself from identity theft.
6. HOW YOU CORRECT AND UPDATE YOUR PERSONAL INFORMATION
Patients or users with a NorthShoreConnect account may verify, correct, or update limited account information using our NorthShoreConnect portal or NorthShoreConnect mobile application. If you do not have a NorthShoreConnect account, or if you wish to verify, correct, or delete any personal information that you cannot modify or access using the NorthShoreConnect portal or mobile application, including deletion of a NorthShoreConnect account, please contact us at https://www.northshore.org/apps/contactus/. We will endeavor to correct, update, or delete the personal information as you request, provided that such personal information is not necessary to complete any service or transaction. If you wish to delete an account you have with NorthShore, please note that we may retain some information from or about you in accordance with applicable law, including for various legal, operational, accounting, and auditing purposes.
7. CHOICES YOU HAVE REGARDING THE USE OF YOUR PERSONAL INFORMATION
You may “opt-out” of receiving communications from NorthShore, except to the extent such information is necessary to complete any services or transactions you have entered into, by emailing us at marketing@northshore.org.
You may also opt out of receiving certain promotional communications from NorthShore by clicking the "unsubscribe" link in certain communications. Please note that you may not be able to opt out of receiving all communications from NorthShore, such as administrative messages, service announcements, messages regarding the terms and conditions of an account, or other messages that may contain important information regarding an account.
If you would prefer that we not share your personal information with our business partners or vendors for direct marketing purposes, you may opt-out of this by following the unsubscribe link in email communications, or by sending a request to marketing@northshore.org.
There is currently no consensus among industry participants as to what “Do Not Track” means and how to respond to "Do Not Track" browser signals. As such, we do not respond to such signals. Instead, to opt-out of website-based third-party interest-based or online behavioral advertising, please exercise one of the choices listed above.
8. HOW WE USE COOKIES
NorthShore, and some of our vendors, may use cookies to help us count how you access, browse, and use the Sites (i.e., by counting the number of times you and other users visit a webpage or access a feature), thereby providing us with information we can use to improve the Sites. Cookies are small data files locally stored on the device used to access the Sites (e.g., computer, smartphone, tablet). Web beacons are electronic images that we or our vendors may use in the Sites or in emails to deliver cookies, count visits, understand Site usage, and/or evaluate the effectiveness of marketing campaigns.
Cookies have different durations and functions. Regarding the duration, there are two types: session cookies and persistent cookies. A session cookie only lasts for the specific duration of your visit to a website and is deleted when you close your browser. A persistent cookie remains in your device's data storage until it is deleted or it expires, which occurs thirteen months after being generated.
As for functionality, there are also two types of cookies: essential cookies and non-essential cookies. An essential cookie is a cookie that is either (i) used solely to carry out or facilitate a transmission to server hosting a website, or (ii) is necessary to provide an online service you requested. A non-essential cookie, as the name suggests, is a cookie that is not an essential cookie. A non-essential cookie may enhance the performance or functionality of a website, be required to access a portion of a website, or be used for analytics or marketing (e.g., targeted advertising).
NorthShore and our vendors may use one or more of the above-described cookies to facilitate access to various features of the Sites.
How to Manage Cookies
There are several ways to manage cookies. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. The “Help” feature on most browsers provide information on how to accept cookies, disable cookies or to notify you when receiving a new cookie. Please note, however, that many of the cookies we use are "strictly necessary" cookies. By blocking or deleting them, you will not be able to access certain features of the Sites.
9. ADDITIONAL RESOURCES
Some third parties, which may collect information from or about you on the Sites in order to provide more relevant advertising to you on websites you visit, may provide you with the option to opt out of their services. For example, you can opt-out of the Google Analytics Advertising Features we use by indicating your preference using the Google Analytics User Deletion Tool here. Note that Google's opt-out mechanism is specific to Google activities and does not affect the activities of other ad networks or analytics providers that we may use.
Some third-party advertisers participate in the Digital Advertising Alliance Self-Regulatory Program for Online Behavioral Advertising. This program offers a centralized location where users can make choices about the use of their information for online behavioral advertising. To learn more and to make choices about the use of your information for online behavioral advertising on websites, please visit https://digitaladvertisingalliance.org/?_sm_au_=iVVQ2BRVMRP5VSD5. Please note that if you opt out of online behavioral advertising using this method, this opt-out will only apply to the specific browser or device from which you opt out.
In addition, some third-party advertisers, advertising technology companies, and service providers that perform advertising-related services for our business partners and us may be members of the Network Advertising Initiative (“NAI”), a cooperative of online marketing companies that offers a centralized tool for opting out of interest-based advertising delivered by each of its member companies. If you would like to obtain more information about interest-based advertising and the NAI and make choices about their members’ use of information from or about you on websites, please visit https://www.networkadvertising.org/?_sm_au_=iVVQ2BRVMRP5VSD5. Please note that if you opt out of interest-based advertising using this method, this opt-out will only apply to the specific browser or device from which you opt out.
10. LAW APPLICABLE TO THIS PRIVACY POLICY
NorthShore is headquartered in the State of Illinois, and the Sites are intended for users in the United States. By viewing any content or otherwise accessing the Sites, you consent to the transfer of information to the United States to the extent applicable, and the collection, storage, and processing of information under the laws and regulations of the State of Illinois and the United States.
11. HOW WE MAKE CHANGES TO OUR PRIVACY POLICY
NorthShore reserves the right to change the provisions of this Privacy Policy at any time, but we will alert you by identifying the date on which we last updated it. We may also inform you of changes to our Privacy Policy by posting a notice on the Sites and/or by sending you an email using the most recent email addresses you provided to us. Your use of the Sites following the posting of such changes or revised statement shall constitute your acceptance of any such changes.
Any material change to this Privacy Policy automatically becomes effective 30 days after we post the revised Privacy Policy or, for users who register or otherwise provide opt-in consent during this 30-day period, at the time of registration or consent, as applicable. We encourage you to review our Privacy Policy whenever you visit the Sites to make sure that you understand how we may use any personal information you provide via the Sites.
12. HOW YOU CAN CONTACT US WITH QUESTIONS ABOUT OUR PRIVACY POLICY
If there are any questions or concerns regarding this Privacy Policy, please contact NorthShore’s concierge services team at: 224.364.4968 or email: concierge@northshore.org for further assistance.
Last updated on November 21, 2023