MyPrevea Mobile Privacy Policy

Note: This policy relates specifically to our MyPrevea application. For HIPAA Notice of Privacy Practices,  please visit this page.

WE RESPECT YOUR PRIVACY. THIS PRIVACY POLICY DESCRIBES HOW WE COLLECT AND USE YOUR PERSONAL INFORMATION. PLEASE READ IT CAREFULLY.

The websites, mobile applications and services provided through the internet (this "Site") are provided by Hospital Sisters Health System and its affiliates ("We," "Us" or "Our"). You ("You" or "Your") have a limited right to access and use the Site for Your noncommercial, personal use and information only.

What Information Do We Collect?

Information that You provide to Us. For example, you provide information when you:

  • Fill out forms on the Site 
  • Provide information to open an account 
  • Communicate with us by phone, email or chat 
  • Respond to surveys. 

Some areas of the Site are available without opening an account. Other areas of the Site cannot be accessed without registering, which requires you to provide personal information to us. This personal information may include your:

  • Name 
  • Address 
  • Phone number 
  • e-mail address 
  • Information pertaining to Your health 
  • Information related to Your employment or affiliation with Us 
  • Other demographic information, such as 
    • Your ZIP code 
    • Age 
    • Gender 
    • Preferences, interests and favorites. 

Information about Your visit to the Site

For example, we may collect:


  • Information about the network You use to access the Internet, such as the domain and the host information. 
  • Information about computer or mobile device that you are using, including the IP address, location data, browser, and operating system. 
  • Information about which pages on our Site you visit. 

Cookies

We use "cookies," which are small text files stored on Your computer/device (and maintained by Your browser), and often include a randomized unique identifier so that Our Site can 'recognize' this cookie again. We primarily use cookies that are considered 'mandatory' or 'technically necessary' to provide Our Site and its core functionality to You (e.g., cookies that store Your log-in information or remember other settings, so You don't have to re-enter them each time You return to Our Site), and Google Analytics for audience measurement purposes (as described below). Please note that We do not use, or engage other operational service providers or entities to use on Our behalf, retargeting cookies (e.g., cookies that track You on our Site and across other websites in order to serve You a targeted advertisement) or other cookies that may track Your experience on Our Site in order to build user profiles. Should Our use of cookies change in the future, We will update this Privacy Policy and attempt to notify You appropriately before such use (including obtaining Your consent, as applicable).

Google Analytics Notice. We also use Google Analytics, which uses cookies, to obtain high-level "audience measurement" data such as the referral web domain, type of operating system/browser used, date and time of visit, and other information relating to activities on Our Site to understand its usage better, analyze trends, and optimize the Site experience. To help ensure such data within Google Analytics cannot be linked back to an identifiable user, the last octet of all IP Addresses collected have been anonymized, 'Sharing With Google,' 'Remarketing and Advertising,' and 'Demographics and Interests' features have been disabled, and retention of analytics has been set to 14 months. For more information on Google Analytics, including how to opt-out please click here.

We do not use cookies to retrieve information from Your computer or device for purposes that are unrelated to Our Site or Your interaction with Our Site. You may stop or restrict cookies on Your computer or purge them from Your browser by adjusting Your web browser preferences and You should consult the operating instructions that apply to Your browser for instructions should You wish to do so and in general to determine how best to configure Your browser settings to meet Your requirements. Note that if You "turn off," purge, or disable cookies, although You may still use Our Site, You may not be able to use all of the features, functions, or services available on Our Site. 

How We Use Information

We do not sell or license your information. We use the information You provide and We collect to:

  • Operate the Site 
  • Provide the services You request. 
  • Administer the Site and diagnose problems with Our server and networks; 
  • Verify Your identity; 
  • Provide You with information about the Site; 
  • Assist You and help Us perform responsibilities described in the Terms of Use; 
  • Measure the number of visitors to the Site and how the Site is used in order to make the Site as useful as possible to Our visitors; 
  • Deliver customized content and advertising to You; 
  • Provide authorities or relevant individuals with information related to the Site as required by law; and 
  • Fulfill any other purpose for which You provide information. 

These are the limited ways we interact with your information in connection with our mobile applications:

  • When you choose to add a profile photo to our mobile applications, you may select an existing photo on your device or take a new photo using the camera app on your device. If you select an existing photo on your device, we store a copy of your chosen photo in app-private storage on your device. If you use the camera app on your device to take a new photo, the photo you take is first saved to your camera app and then also saved to app-private storage on your device. If you remove the photo from your profile or delete our mobile apps, the copy of the photo is deleted from the app-private storage, but the photo saved to your camera app remains available in your camera app until you choose to delete it. If you already have a photo stored in your profile through your healthcare organization - we do not interact with that photo in any way. 
  • When you choose to include a photo or video in a message sent to our healthcare organization using our mobile app, you may select an existing photo or video on your device or take a new photo or video using the camera app on your device. If you use the camera app on your device to take a new photo or video it will be saved to your device. This photo and video will remain available on your device until you choose to delete it. 
  • If you use the MyPrevea app for a telehealth video, when you join the visit, we will ask for your permission to access your device’s video and audio functionality to ensure the telehealth visit can take place. We do not record or store video or audio from your telehealth visit.
  • When you choose to use Apple's HealthKit or Google Fit, we create encrypted identifiers to identify recipients of your Apple's HealthKit or Google Fit data and store them on your device in app-private storage. If you choose to stop using Apple HealthKit or Google Fit or delete our mobile apps, the identifiers are deleted. 
  • When you choose to view documents from your healthcare organization (such as letters or images) using our mobile apps, to make the files viewable for you we temporarily store copies on your device in app-private storage. The temporary copies are deleted when you close your session on our mobile apps. 
  • If your healthcare organization offers automatic appointment arrival and you choose to enable it, we temporarily store identifiers and times for your upcoming appointments in app-private storage to detect when you arrive for an upcoming appointment. If you choose to stop using our mobile apps or you disable automatic appointment arrival, the identifiers are deleted. 
  • If your healthcare organization offers location-based check in for in-person appointments, or allows you to find healthcare providers near you, you may choose to allow our mobile apps to interact with your location data for those purposes. We do not store your location data. 
  • If your healthcare organization allows you to notify front desk staff electronically when you arrive for an appointment, you may choose to allow our mobile apps to interact with your Bluetooth data for this purpose. We do not store your Bluetooth data. 
  • While you use our apps, we collect non-identifying information so we can provide customer service to you or your healthcare organization and understand how people use our mobile apps so we can improve our products. This information includes the time you began using the app, the healthcare organization you interacted with, any error messages or codes, the model of device used and its operating system, and the version of our mobile app used. If you use Android devices, we also collect your connection type (cellular or WiFi) during an error. 
  • You may contact us through the methods listed on Our Website. If you contact us, we may keep a record of the communication. You can decide how much information you want to share with us in those cases. 

Your Healthcare Organizations

To use our mobile apps, you must have an account with a healthcare organization using Epic's software. Because of this, your use of our mobile apps is also subject to your healthcare organization's privacy policy. Please contact your healthcare organization if you have any questions about their privacy policy. 


How Can We Share Information?

We do not use or disclose sensitive personal information, such as race, religion, or political affiliations, without Your express consent. 

 

We expect that all collection, use and disclosure of Your information will occur in the United States and will be governed by United States law; however, some information may travel over the Internet outside of the United States. Even if some information does travel outside the United States, You agree that the laws of the United States will apply.

Any Other Sharing of Information?

We will not sell or rent Your information to anyone, but We may share Your basic demographic information (such as your name, IP address, and physical or email address) with others, such as Our subsidiaries, contractors, trusted partners and affiliates as necessary to operate Our business, and as permitted by law.

  • If we share data with trusted partners to help Us perform statistical analysis, send You email or postal mail, provide customer support, or arrange for deliveries, such third parties are prohibited from using Your personal information except to provide these services to Us, and they are required to maintain the confidentiality of Your information. 
  • We do not share Your personal information with third parties for their direct marketing purposes. 

What About Aggregated Data?

We may aggregate (combine) data about visitors to Our mobile app in a non-identifiable manner and use it for Our business purposes unrelated to Your use of the MyPrevea application.

  • For example, We may aggregate data for product development and improvement activities and disclose such aggregated data to third parties. 
  • No personally identifiable information is available or used in this process. 
  • We may use information You provide to promote the products or services of strategic partners, but will not directly provide Your personally identifiable information to these strategic partners for promotional purposes. 

What About Governmental and Legal Disclosures?

Except as described above, We do not disclose the identities of visitors or users of the Site unless legally required to do so, or unless We believe, in good faith, that sharing is necessary: 

  • to protect Your safety or the safety of others, 
  • to protect Our rights, 
  • to investigate fraud, or 
  • to respond to a government request. 

We will respond to any subpoena received from a government agency (i.e., the Securities and Exchange Commission or law enforcement agencies) without prior notice to You. Unless prohibited by law or by a valid court order, We will attempt to notify You of any subpoena received from any other party (i.e., for civil litigation) which requires Us to disclose Your identity, and will wait ten (10) days, or a lesser amount of time as required by the deadline in the subpoena, before providing the information requested by the subpoena.


What About Other Information and Websites?

Some content or applications, including advertisements, on the Site are served by third parties, including advertisers, ad networks and servers, content providers and application providers. These third parties may use cookies alone or along with other tracking technologies to collect information about You when You use Our Site. The information they collect may be associated with Your personal information or they may collect information, including personal information, about Your online activities over time and across different websites and other online services. They may use this information to provide You with interest-based (behavioral) advertising or other targeted content. 

 

We do not control these third parties' tracking technologies or how they may be used. You should review the privacy policies posted on these websites carefully before providing any information. We are not responsible for the privacy policies or the content of any other websites. If You have any questions about an advertisement or other targeted content, You should contact the responsible provider directly. 


We maintain internal data retention and deletion policies to help us ensure we only store information about your use of our mobile apps as we describe in this policy. 

 

What About Do Not Track?

Websites and web applications can track Your movements on the Internet to better tailor suggestions for You based on Your interests. We may track your movement through the MyPrevea application and across third party websites to provide targeted content, and therefore We do not respond to Do Not Track (DNT) signals. However, some people do not want their browsing behavior to be tracked. Your web browser allows You to set the DNT signal on Your browser so that third parties (particularly advertisers) know You do not want to be tracked. We also suggest that You read the privacy policies of third party websites to see if those websites track Your browsing. Information gathered using tracking technology will be used and disclosed as described in this Privacy Policy, and the privacy policies of the applicable privacy policies.

What About Compliance with COPPA?

The Site is not directed at children under the age of 13. We comply with the Children's Online Privacy Protection Act ("COPPA") and do not knowingly permit registration or submission of personally identifiable information by anyone under 13 years of age. This age requirement is posted each time We request personally identifiable information. If You believe information of a child under 13 has been submitted, please advise Us in writing and We will delete it.

What About International Privacy Laws?

If you are visiting our websites from outside the United States, please be aware that you are sending information (including personal data) to the United States, where our servers are located. That information may then be transferred within the United States or back out of the United States to other countries. 

 

All data collected by through the Site will be stored exclusively in secure hosting facilities provided by Us or Our service providers. We have data processing agreements in place with Our service providers consistent with applicable privacy and data security laws. 

 

Hospital Sisters Health System and its affiliates are located in, and provide services in, the United States, and are governed by United States law. For visitors from the European Union, countries outside of the EU (such as the United States) may not necessarily have data protection laws as comprehensive or protective as those in your country of residence. The United States has not been issued an adequacy decision finding the data privacy laws to provide an adequate level of protection, and no other basis for transfer exists. Therefore, the collection and transfer of data will occur on one of the following bases, depending on the type of transfer and the surrounding factual situation:

  • The transfer is necessary for performance of a contract between you and an Hospital Sisters Health System entity. This will apply when, for example, you are buying a product or signing up for information. 
  • The transfer is necessary for the conclusion or performance of a contract between Hospital Sisters Health System and another person or entity, that is in your interest. This will apply when, for example, you request a product or further information from a third party through our Site. 
  • The transfer is necessary for the establishment, exercise, or defense of legal claims. This would apply if there developed a dispute between you and an Hospital Sisters Health System entity. 
  • You explicitly consent to the transfer, having been informed of the possible risks of the transfer. This paragraph explains the possible risks: while We exercise great care to protect personal data, it is possible that We may be required to produce personal data to U.S. legal authorities upon presentation of a subpoena, court order, search warrant, or other legal process. We will evaluate the legal process and resist such legal demands on your behalf unless it is clearly valid based on the legal opinion of Our attorneys. The data protection laws in the United States may also provide for other uses of data, including uses for marketing that differ from the use for which the data was originally collected ("secondary uses"); however, except where otherwise compelled by law, Our collection, storage, and use of your personal data will at all times continue to be governed by this Privacy Policy. 

What About Marketing Use?

You agree that We can store information that You provide to us on a form and use it to assist You in making an appointment, providing other services, or for future marketing purposes.

How Secure is the Site?

The Site has security measures in place to protect against the loss, misuse or alteration of information under Our control. However, no security is perfect, and no security system can prevent all security breaches. You transmit information to Us at Your own risk. You acknowledge that the Site is not HIPAA compliant. You should not store or transmit Protected Health Information on this Site. You acknowledge and agree that the Site is not intended to provide any medical advice. We are not Your business associate under HIPAA as a result of Your use of the Site.

Can You Change this Policy?

We may update the Privacy Policy to reflect company and customer feedback. We encourage You to periodically review the Privacy Policy to remain informed of how We use and protect Your information. Our use of information gathered or obtained is subject to the Privacy Policy in effect at the time of such use.

What If My Phone Is an Android?

Google has determined that our mobile app is subject to their COVID-19 app requirements. We are required to provide the following information in order for our mobile app to be available to you in the Play store.

  • MyPrevea interacts with your microphone if you choose to use your microphone while using the mobile app. MyPrevea interacts with your camera if you choose to use your camera while using the mobile app. This information is not used in connection with COVID-19.
  • MyPrevea, our mobile app, accesses, collects, uses and shares your information (including video, audio, images, files, phone) as stated in our previous sections of this policy. We prominently highlight these uses, describe the type of data being accessed and obtain your consent for these purposes as you use our mobile app.
  • MyPrevea was not created specifically for the COVID-19 pandemic. Our mobile app was created before the COVID-19 pandemic and for purposes of accessing your health information that we have on file. Our app allows for you to access COVID-19 related information including vaccine information, laboratory test results and other documents related to illness related information.  You can choose how you want to access, display or use this information.  This is also the same for information related to other conditions, tests, services or vaccines. 
  • If you elect, your microphone and camera will be used to conduct telehealth visits with your healthcare provider while using the MyPrevea app. 


How Can You Contact Us?

We welcome Your comments regarding this Privacy Policy. If You believe that We have not adhered to this Privacy Policy, please contact us at:

Hospital Sisters Health System 
Attn: Privacy Officer 
4936 Laverna Road 
Springfield, Illinois 62794-9456 

Developer Information: 

We will use commercially reasonable efforts to promptly respond to Your inquiry, and if necessary determine and remedy any problem.

What If My Information is Wrong?

You may write to us at the contact address above if you believe information you have submitted to us through the Site is incorrect. We may not be able to correct that information, because, for example, we did not save the information in question, or because we do not yet have a process to update the information.

Can I Get a Copy of My Information?

You may write to use at the contact address above to request a copy of the information you have submitted or We have collected about you through the Site. If we are able to collect and provide the information, we will do so. In some cases, we may not be able to collect and provide the information, because of the way the data is used and stored. 

 

Your health and privacy matters

If you have a question or concerns and would like to speak with someone directly. Please fill out the contact form on the next page, or connect with us by calling our office.