Introduction and Applicability
PLEASE READ THIS PRIVACY AND SECURITY POLICY CAREFULLY BEFORE USING THIS SITE. EnvisionHealth.com, by Envision Healthcare., (“Envision Healthcare” “Site,” “we,” or “us”), is very sensitive to privacy and security issues. We respect your privacy and know that you want us to keep the information you send to us secure. This Privacy and Security Policy (“Privacy Policy”), along with the EnvisionHealth.com Site Usage Agreement, describe the terms and conditions under which we offer you access to EnvisionHealth.com, associated sites and the services contained on those sites (“Services”).
This Privacy Policy applies to EnvisionHealth.com which is owned or operated by Envision Healthcare. Envision Healthcare may share information among its affiliates, subsidiaries, or sites that it owns or controls in accordance with the practices set forth in this Privacy Policy. By using these services and this Site(s), you signify your agreement to this Privacy Policy. If you do not agree to this Privacy Policy, please do not use these services.
Notification of Changes to This Privacy Policy
Envision Healthcare may modify this Privacy Policy at any time in its discretion. If we are going to materially change our Privacy Policy regarding the use of your personally identifiable information, we will post a notice that the Privacy Policy has changed on our Site for a period of 30 days following the change. Your continued use of EnvisionHealth.com will indicate your acceptance of any material changes to the Privacy Policy.
How We Use Personal Information We Collect About You
Certain EnvisionHealth.com web sites provide visitors the opportunity to request information about Envision Healthcare’s services and may require the visitor to provide limited personal information (such as name, phone number and e-mail address) in order to allow a representative of Envision Healthcare, or one of its subsidiaries or affiliates, to contact the visitor. This Privacy Policy along with the EnvisionHealth.com Site Usage Agreement describe the terms and conditions under which we offer you access to request information.
Protecting Your Personal Information
We have reasonable and customary physical security (such as locks and alarm systems), electronic security (such as passwords and encryption methods), and procedural security methods (such as rules regarding the handling and use of information) in place designed to protect against the loss, misuse, or alteration of information that we have collected from you at our Sites.
Internet Information We Collect About You
We may use your IP address to help diagnose problems with our server and to administer our Site. Your IP address may also may be used to help identify visitors and to gather broad demographic information and to respond to legal requests.
Information We Disclose About You
We will only share your personal information with third parties as permitted by this Privacy Policy (in its current or future form) and as otherwise permitted by law.
We share and give access to personal information to our employees and agents in the course of operating our business. For example, if you sent us an e-mail asking a question, we would provide your e-mail address to one of our employees or agents, along with your question, in order for that person to reply to your e-mail. We may share personal information with other Envision Healthcare subsidiaries or affiliates.
We also share and give access to personal information with other companies that we hire or collaborate with to perform services or functions on our behalf. For example, we may hire an outside company to help us send and manage e-mail, and in that case we might provide the outside company with your e-mail address and certain other information in order for them to send you an e-mail message on our behalf. Similarly, we may hire outside companies to host or operate some of our websites and related computers.
However, if we share or give access to information to outside companies we require them to use the personal information only for limited purposes, such as for sending you the e-mail in the example above. If you believe we or any company associated with Envision Healthcare has misused any of your information please contact us immediately and report such misuse.
We may share personal information if all or part of Envision Healthcare is sold, merged, dissolved, acquired, or in a similar transaction.
We may share personal information in response to a court order, subpoena, search warrant, law or regulation. We may cooperate with law enforcement authorities in investigating and prosecuting website visitors who violate our rules or engage in behavior that is harmful to other visitors or is illegal.
Analytics & Customization Technology
We do not explicitly identify visitors to our Site unless they choose to identify themselves through requests for additional information. Like most web site operators, Envision Healthcare does collect non-personally identifying information that web browsers and servers typically make available such as:
- Our websites may deposit a small file called a “cookie” on a visitor’s computer hard drive to personalize their experience or track aggregate site visitation statistics;
- Our websites may use web beacons in combination with cookies to help Envision Healthcare identify and track usage of Envision Healthcare websites in order to gather aggregate data related to the usage and usability of Envision Healthcare websites. Envision Healthcare will use this “web analytics” data only as aggregate site visitation statistics or to personalize the end user experience.
- Our websites may customize the website viewing experience and/or capture web analytics by using either internal analytics software or by sending this information to vendors to help Envision Healthcare analyze this data. Envision Healthcare has agreements with its vendors that they will not share or use the information for purposes other than to maintain and enhance the services they provide to Envision Healthcare.
Envision Healthcare’s purpose in collecting web analytics information is primarily to better understand how Envision Healthcare’s visitors use its websites and to optimize visitor experience and interaction with our websites.
Because non-personal information does not identify who you are, we do not limit the ways we may use or share non-personal information. For example, we may share non-personal information with our affiliates, suppliers, employees and agents, other businesses, and the government.
The visitor may disable your “cookie” information by adjusting their browser preferences on your personal computer at any time.
General E-mail Communications
If you register your e-mail address with us, we use such information provided by you for internal purposes, and may send you information about new EnvisionHealth.com site features, services, or updates, information about our company and promotional material or offers from some of our corporate partners, and other news.
CALIFORNIA RESIDENTS
If you are a resident of California, this following information and rights are provided to you as required by the California Consumer Privacy Act of 2018 and its implementing regulations, as amended by the California Privacy Rights Act (“CCPA”). Any terms defined in the CCPA have the same meaning when used in this notice.
Information We Collect
We collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device (“personal information”). In particular, we may have collected the following categories of personal information from consumers within the last twelve (12) months:
Category
|
Examples
|
Collected
|
Sold or Shared
|
Identifiers
|
A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers.
|
Yes |
No |
Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e))
|
A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information.
Some personal information included in this category may overlap with other categories.
|
Yes |
No |
Protected classification characteristics under California or federal law
|
Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).
|
No |
No |
Commercial information
|
Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
|
No |
No |
Biometric information
|
Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.
|
No |
No |
Internet or other similar network activity
|
Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement.
|
No |
No |
Geolocation data
|
Physical location or movements.
|
No |
No |
Sensory data
|
Audio, electronic, visual, thermal, olfactory, or similar information.
|
No |
No |
Professional or employment-related information
|
Current or past job history or performance evaluations.
|
No |
No |
Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99))
|
Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.
|
No |
No |
Inferences drawn from other personal information
|
Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. |
No |
No |
Sensitive personal information
|
Social security, driver’s license, state identification card, or passport number; account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account; precise geolocation; racial or ethnic origin, religious or philosophical beliefs, or union membership; contents of a consumer’s mail, email, and text messages unless the business is the intended recipient of the communication; genetic data; biometric information for the purpose of uniquely identifying a consumer; personal information collected and analyzed concerning a consumer’s health; or personal information collected and analyzed concerning a consumer’s sex life or sexual orientation.
|
No |
No |
The above chart represents the personal information we intentionally collect from you. Certain areas of our website (such as our Contact page) allow you to enter a free-form message. We cannot control what you input into your messages to us. Please refrain from inputting sensitive personal information into these free-form messages.
Personal information does not include:
- Publicly available information from government records.
- De-identified or aggregated consumer information.
- Information excluded from the CCPA's scope, such as:
- Health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data.
- Financial Information covered by the Gramm-Leach-Bliley Act, and implementing regulations.
We obtain the categories of personal information listed above from the following categories of sources:
- Directly and indirectly from activity on our website. For example, from submissions through our website portal or website usage details collected automatically. Indirectly from you when you visit and interact with our website.
Retention of Personal Information
We will retain each category of your personal information for as long as necessary to fulfill the purposes described in the “Use of Personal Information” section below, unless otherwise required by applicable laws. Criteria we will use to determine how long we will retain your information include whether: we need your information to provide you with products or services you have requested; we continue to have a relationship with you; you have requested information, products, or services from us; we have a legal right or obligation to continue to retain your information; we have an obligation to a third party that involves your information; our retention or recordkeeping policies and obligations dictate that we retain your information; we have an interest in providing you with information about our products or services; and we have another business purpose for retaining your information.
Use of Personal Information
We may use or disclose the personal information we collect for one or more of the following business purposes:
- To provide you with information, products or services that you request from us.
- To provide you with email alerts, event registrations and other notices concerning our products or services, or events or news, that may be of interest to you.
- To improve our website and present its contents to you.
- For testing, research, analysis and product development.
- As necessary or appropriate to protect the rights, property or safety of us, our clients or others.
- To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.
- As described to you when collecting your personal information or as otherwise set forth in the CCPA.
- To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by us is among the assets transferred.
We will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated, or incompatible purposes without providing you notice.
Disclosure of Personal Information
We may disclose your personal information to a third party for a business purpose. When we disclose personal information for a business purpose, we enter a contract that describes the purpose and requires the recipient to both keep that personal information confidential and not use it for any purpose except performing the contract.
In the preceding twelve (12) months, we have disclosed the following categories of personal information for a business purpose:
- Personal Identifiers.
- Personal information categories listed in the California Customer Records statute.
- Internet or other similar network activity.
We disclose your personal information for a business purpose to the following categories of third parties:
- Our affiliates, service providers, third parties to whom you or your agents authorize use to disclose your personal information in connection with products or services we provide to you.
Sale of Personal Information
In the preceding twelve (12) months, we have not sold any personal information.
Your Rights and Choices
The CCPA provides consumers (California residents) with specific rights regarding their personal information. This section describes your CCPA rights and explains how to exercise those rights.
Access to Specific Information and Data Portability Rights
You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months. Once we receive and confirm your verifiable consumer request, we will disclose to you any of the following, as requested:
- The categories of personal information we collected about you.
- The categories of sources for the personal information we collected about you.
- Our business or commercial purpose for collecting or selling that personal information.
- The categories of third parties with whom we share that personal information.
- The specific pieces of personal information we collected about you.
- If we disclosed your personal information and identify the personal information categories that each category of recipient obtained.
Deletion Request Rights
You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies.
We may deny your deletion request if retaining the information is necessary for us or our service providers to:
- Comply with a legal obligations.
- Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
- Debug products to identify and repair errors that impair existing intended functionality.
- Make other internal and lawful uses of that information that are compatible with the context in which you provided it.
Correction Request Rights
You have the right to request that we correct any incorrect personal information that we collect or retain about you, subject to certain exceptions. Once we receive and confirm your verifiable consumer request (see below), we will correct (and direct any of our service providers that hold your data on our behalf to correct) your personal information from our records, unless an exception applies.
- We believe the personal information we maintain about you is accurate.
- Correcting the information would be impossible or involve disproportionate.
- If the request conflicts with our legal obligations
Right to Opt Out of Sales or Sharing of Personal Information
We do not sell or share your personal information. If we did, California consumers have the right to opt-out of the sale or sharing of their personal information.
Limit the Use of Sensitive Personal Information
We do not collect sensitive personal information. If we did, California consumers would have the right to limit our use and disclosure of sensitive personal information.
Response Timing and Format
We endeavor to respond to a verifiable consumer request within 45 days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing. If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option. Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request's receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable.
Non-Discrimination
We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:
- Deny you goods or services.
- Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
- Provide you a different level or quality of goods or services.
- Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.
Exercising Your Rights under CCPA
If you wish to exercise your rights under California law, please do not hesitate to contact us at:
Only you or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information.
You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:
- Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative.
- Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
You will not be discriminated against in any way by virtue of your exercise of the rights listed in this Privacy Notice which means we will not deny goods or services to you, provide different prices or rates for goods or services to you, or provide a different level or quality of goods or services to you.
Verification
We must verify your identity before fulfilling your requests. If we cannot initially verify your identity, we may request additional information to complete the verification process. We will only use personal information provided in a request to verify the requestor’s identity. If you are an authorized agent making a request on behalf of a California consumer, we will also need to verify your identity, which may require proof of your written authorization or evidence of a power of attorney.
We endeavor to respond to requests within the time period required by applicable law. If we require more time, we will inform you of the reason and extension period in writing.
If you have an account with us, we may deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option.
We do not charge a fee to process or respond to your request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
We cannot respond to your request or provide you with personal information if we cannot verify your identity and confirm the personal information relates to you. Making a verifiable consumer request does not require you to create an account with us.
We may deny certain requests, or only fulfill some in part, as permitted or required by law. For example, if you request to delete personal information, we may retain personal information that we need to retain for legal purposes.