Table of Contents
Information Collected by United Hospital Fund
United Hospital Fund’s Do Not Track Policy
How Is Personal Information Used?
Who Can Access the Information We Collect?
Selling of Personal Information
Children and Privacy
Security, Storage, & Retention
Information Correction, Removal, and Opting-Out
A. Privacy Statement.
B. Information Collected by United Hospital Fund.
When you access and use our Service, United Hospital Fund may collect information that you knowingly and voluntarily provide or that is sent to us automatically by your web browser.
1. Information that you Knowingly and Willingly Provide. United Hospital Fund collects the information that you knowingly and voluntarily provide as an Account Holder (noted in the HI Database as “Health Indicators Manager”)or User of the HI Database when you use our Service (such as through web forms or profile screens), including, without limitation, registration/account setup information and profile details. We primarily use this information so that we can communicate with you. You can choose not to provide us with certain Personal Information, but then you will not be able to use the Service at all. The information that we collect and use may include, without limitation, the following kinds of Personal Information:
First and Last Name of Account Holder and title
Phone number and email address of Account Holder
Organization’s Name and Postal Address
Account Holder user name
Names of Users to whom you will grant access to the Database
First and last name of User
Email address of User
Login and/or user name of User
Information From and/or About Others. We also store the Personal Information of the Clients about whom you collect and enter into the HI Database (“Client Personal Information”). If you or other users using our Service upload, share and/or distribute content (including, without limitation, Client answers to surveys, names of interviewer and Clients, age and date of birth of Clients, and interview dates, time and duration), and such content contains Client and/or User Personal Information, such information may be stored in order to allow for such uploading, sharing and/or distribution. As a requirement to use our Service, you acknowledge that you are solely responsible to follow your organization’s (i.e., the Account Holder’s) policies regarding appropriate consent(s) from any individual, in order to share such individual’s Personal Information with us. You also agree that every Client for whom you are entering data will be no younger than 18 years of age.
Health Information. The purpose of the HI Database is to organize health information that you provide about your clients. Health information may only be accessed by and disclosed to our employees and our website consultants who have a legitimate business “need to know” in accordance with applicable laws and regulations. Health information may be transmitted to such parties electronically. Whether in paper or electronic form, health data are subject to physical, electronic, and procedural safeguards, and must be stored, transmitted, and disposed of in accordance with Section J (Information Correction, Removal, and Opting-Out) below.
2. Non-Personal Information. United Hospital Fund may collect information that is sent to us automatically by your web browser. United Hospital Fund may use this information to generate aggregate statistics about visitors to the Service. This information typically includes, without limitation, details about when the account was created and when database content was last modified.
United Hospital Fund may use non-Personal Information for various business purposes such as providing customer service, and improving our Service. The information we receive depends on the settings on your browser. Please check your browser if you want to learn what information your browser sends or how to change your settings.
3. Aggregate Information. We may aggregate and/or anonymize all information that we collect from you, including, without limitation, Personal Information, for the purpose of analysis about the effectiveness of the program.
C. United Hospital Fund’s Do Not Track Policy.
Your navigation of our Service is not tracked by United Hospital Fund.
D. How Is Personal Information Used?
We may use Client or User Personal Information that we collect about you and your Clients, or from you on its own, or combine it with other information we have about you or your Clients or from you, in order to:
Create user accounts and/or profiles through registration;
Assess the database’s functionality and troubleshoot technical problems;
Conduct analysis about the effectiveness of the program using aggregate data; or
Comply with legal requirements, such as in response to a subpoena or similar investigative demand.
E. Who Can Access the Information We Collect?
United Hospital Fund may disclose Client or User Personal Information in the following instances:
Agents. We employ other companies and individuals to provide website programming and technical support on our behalf. In accessing the code it is possible that they could access all information entered on the HI Database.
Employees. Only authorized employees of United Hospital Fund have access to Client and User Personal Information.
To Comply with Legal Process, Protect United Hospital Fund, or Enforce our Rights. We may release Client and/or User Personal Information when it is necessary to (i) conform to legal requirements or comply with legal process; (ii) enforce or apply our conditions of use and other agreements; (iii) protect the rights, safety or property of United Hospital Fund, our service providers, our users, or the public; or (iv) prevent a crime or protect national security (including, without limitation, exchanging information with other companies and organizations for fraud protection and credit risk reduction).
F. Selling of Personal Information.
We will not sell Client or User Personal Information to third parties for their use without your consent.
G. Children and Privacy.
Our Service is not directed to children under the age of 18. If you or your Client are not 18 years or older, do not use our Service. We do not knowingly collect Personal Information from children under the age of 18. If we learn that User or Client Personal Information of persons less than 18 years-of-age has been collected from (or about) a minor through our Service, we will take the appropriate steps to delete this information. If you are a parent or guardian and discover that your child or a minor under the age of 18 has posted, submitted or otherwise communicated Personal Information to our Service without your consent, then you may alert us at firstname.lastname@example.org so that we may take appropriate action to remove the minor's Personal Information from our systems.
H. Security, Storage, & Retention.
United Hospital Fund takes reasonable technical and organizational precautions to protect the confidentiality, security and integrity of Client and User Personal Information. Although we use security measures to help protect Client and User Personal Information against loss, misuse or unauthorized disclosure, we cannot guarantee the security of information transmitted to us over the Internet. There is no guarantee that information may not be accessed, disclosed, altered or destroyed. You are responsible for maintaining the secrecy of your password and account information, and for controlling access to your email communications.
The Client and User Personal Information that you provide to United Hospital Fund is generally stored on servers located in the United States. If you are located in another jurisdiction, you should be aware that once Client and User Personal Information is submitted through our Service, it will be transferred to our servers in the United States and that the United States currently does not have uniform data protection laws in place.
We will retain your information for as long as your account is active or as needed to provide you with our Service, except that United Hospital Fund may periodically clean data from the HI Database for purposes of maintaining an effective and efficient database. Prior notification of maintenance will be provided to each Account Holder by email with instructions on how to export the associated data. If you wish to cancel your account or request that we no longer use your information to provide the Service to you, contact Debra Lally, Director, Information Systems at 212-494-0700. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. However, please be aware that United Hospital Fund will retain some information that you provide through our Service even after you have closed your account.
We aim to maintain our Service in a manner that protects information from accidental or malicious destruction. Because of this, after information is deleted (see Section J (Information Correction, Removal, and Opting-Out)) from our Service, we may not immediately delete residual copies from our active servers and may not remove information from our backup systems.
J. Information Correction, Removal, and Opting-Out.
1. Correction & Removal.
If any User information that you provide to us is incorrect, or you wish to have User information (including, without limitation, Personal Information) removed from our records, please make the changes to this information by logging in to the HI Database and changing or removing said information. Should you need assistance in this regard contact Debra Lally, Director, Information Systems at 212-494-0700. We will respond to such inquiries within fifteen (15) business days.
You are responsible for ensuring the accuracy of Client data and information prior to submission. Should you wish to remove any Client data or information from the HI Database, please contact Debra Lally, Director, Information Systems at 212-494-0700.
2. Opting Out-Marketing Purposes.
We do not release Client or User Personal Information to third parties for direct marketing purposes.
FOR RESIDENTS OF CALIFORNIA ONLY. Section 1798.83 of the California Civil Code requires select businesses to disclose policies relating to the sharing of certain categories of Personal Information with third parties. If you reside in California and have provided Personal Information to United Hospital Fund, you may request information about our disclosures of certain categories of Personal Information to third parties for direct marketing purposes. Such requests must be submitted to us using one of the following contact methods:
Call Debra Lally, Director, Information Systems at 212-494-0700 or
Send a letter in writing addressed to:
Ms. Debra Lally, Director, Information Systems
United Hospital Fund of New York
Attn: California Privacy Rights
1411 Broadway, 12th Floor
New York, NY 10018
Within thirty (30) days of receiving such a request, we will provide a list of the categories of Personal Information disclosed to third parties for third-party direct marketing purposes, if any, during the immediately preceding calendar year, along with the names and addresses of those third parties. This request may be made no more than once per calendar year. We reserve our right not to respond to requests submitted other than to the address specified in this Section.
K. Contact Us.