Website privacy policy

Welcome to the websites, mobile applications, and digital or other online services (collectively, the “Sites”) provided by provided by Geisinger and its affiliates (collectively referred to as “Geisinger,” “us,” and “we”). We have created this privacy policy (this “Privacy Policy”) to disclose our “Information” (as described in detail below) gathering, distribution, storage, and destruction practices for the Information collected on Geisinger.org and our other public-facing Sites. In addition to this Privacy Policy, you should review the Sites’ Terms of Use.

This Privacy Policy applies to all Sites where it is posted but addresses only the use and disclosure of Information we collect when you use the Sites as described in detail below. You should be aware that when you are on the Sites, you may find links to other websites that Geisinger does not control, and we do not determine the privacy practices of third parties or the content of their websites. You should read the posted privacy policy of any website before you access it.

PLEASE NOTE! Geisinger’s Notices of Privacy Practices are separate documents that describe how the “Protected Health Information” about our patients’ and members’ protected under the Health Insurance Portability and Accountability Act (“HIPAA”) as well as other federal and Pennsylvania laws, rules and regulations may be used and disclosed by Geisinger. 

IMPORTANT NOTICE IF YOU ARE NOT A UNITED STATES RESIDENT 

CONSENT TO PROCESSING YOUR INFORMATION IN THE UNITED STATES 
The covered entities of Geisinger provide services only in the United States. We are subject to the United States laws and regulations that govern the privacy and security of patient healthcare information, as well as consumer protection laws and regulations of the United States and its individual states, as applicable. If you are a citizen or resident of a different country, the data protection laws of your country may differ as to how your personal information is protected.  We want you to understand that when you provide your personal information to us, or direct your healthcare provider to provide it to us, your personal information will be transmitted to and processed in the United States. In doing that, you will be giving the covered entities of Geisinger your consent to process your personal information in the United States, in accordance with United States law, for our legitimate purpose in fulfilling your request or addressing your healthcare needs.

If you would like to know how the covered entities of Geisinger process your personal information, please address your request to our System Privacy Officer at 570-271-7360 or at systemprivacyoffice@geisinger.edu. We will respond to your request in accordance with applicable United States laws.

Our Site Security

PLEASE NOTE THAT, BY ITS VERY NATURE, A WEBSITE CANNOT BE ABSOLUTELY SECURE OR OTHERWISE PROTECTED AGAINST INTENTIONAL OR MALICIOUS INTRUSION ATTEMPTS. FURTHERMORE, GEISINGER DOES NOT CONTROL THE DEVICES OR COMPUTERS OR THE INTERNET OVER WHICH YOU MAY CHOOSE TO SEND INFORMATION AND CANNOT, THEREFORE, PREVENT SUCH INTERCEPTIONS OR COMPROMISES TO YOUR INFORMATION WHILE IN TRANSIT TO GEISINGER. GEISINGER CANNOT AND DOES NOT GUARANTEE THE ABSOLUTE SECURITY OF ELECTRONIC INFORMATION, COMMUNICATIONS, OR TRANSMISSIONS. ANY TRANSMISSION MADE OVER THE INTERNET BY ANY ORGANIZATION OR ANY INDIVIDUAL RUNS THE RISK OF INTERCEPTION.

Types of Information We Collect

When you use our Sites, we collect and store “Information” from or about you, as well as the device you have used to access the Sites, in a variety of ways, including (but not limited to) the following:  

Information you provide to us:  We collect and store Information that you provide directly to us on or through the Sites.  For example, we collect Information about you when you pay a bill, sign up for emails, take a survey, make a donation, create an account or register for our Sites, use various features of the Sites, post comments on our Sites, fill out a form, schedule an appointment, conduct a search, call us, request support, chat or otherwise communicate with us.  Depending on the Site, we may collect the following kinds of Information from you, and we may use this Information to contact you or combine that Information with other information we have about you or your device:

• Account Information, such as your name, email address, password, postal address, billing address, shipping address, phone numbers, age, date of birth, drivers’ license number, and any other Information you provide;
• Transaction Information, such as your health insurance Information and limited payment Information from you, such as payment method and payment card Information;
• Information about others, such as the names and the contact Information of your providers, your representatives, and any dependents in your care;
• Health Information, such as your past and present medical condition, medication information, and treatment history; and
• Other Information you choose to provide, such as Information you provide to conduct a search; fill out a form; request an appointment; participate in a survey, assessment, contest, or promotion; use other interactive areas of the Sites such as chat or other communication features; have live audio and video visits or interactions; or request technical or customer support.

Browser or device Information:  We also collect, and may transmit, certain technical Information automatically when you use or navigate our Sites, and traffic between Geisinger and the Internet at times will be recorded for analysis (technical and physical). We do this to, among other things, help diagnose problems with our servers, collect Site usage statistics, and administer our Sites. This includes, but may not be limited to, the following types of Information:

• Log Information – Our systems may record certain log file and usage Information such as your Internet Protocol (“IP”) address, browser type and language, operating system, referring URLs, date and time of your visit, pages viewed, links clicked, movements through the Sites, and other Information about your activities on our Sites.
• Device Information, such as the device used to access or use the Sites, including the hardware model, operating system and version, unique device identifiers, and mobile network Information.  If your device settings permit, we may also collect Information about the location of your device to facilitate your use of certain features of the Sites.

Pixels, cookies, and similar tools:  We may use cookies, pixel tags, web beacons, embedded scripts, local objects, and other tracking technologies (collectively referred to as “Cookies”) to automatically collect the types of Log and Device Information described above, which may include third-party Cookies. By using our Sites, you consent to our use of Cookies. See the Cookies Notice below for additional information about our use of Cookies.

Third parties and their tools:  We may allow others to provide analytics, marketing, or other services using Cookies to collect Information about your use of our Sites.
Aggregated statistics:  We may collect statistics about the behavior of users on the Sites. For instance, we may monitor the most popular forums on the Sites. We may display this Information publicly or provide it to others.

Aggregated statistics:  We may collect statistics about the behavior of users on the Sites. For instance, we may monitor the most popular forums on the Sites. We may display this Information publicly or provide it to others.

How We Use the Information We Collect

We may collect and use Information in the following ways, depending on the Site, including:

• To communicate with you
• To provide you with information or services, including personalized Information
• To make features and functions on the Sites available for your use
• To optimize your web experience
• To provide or improve customer service
• To conduct surveys, research, and analysis, and generate reports
• To promote events
• To market and advertise to you
• To establish and manage your accounts
• To operate, evaluate, and improve Geisinger’s services and operations
• To monitor and analyze trends, usage, and activities in connection with our Sites
• To comply with applicable laws, regulations, and court orders

The above list is not comprehensive and may change without notice.

How Your Information Is Shared

We may share Information we collect about you in the following ways:  with our service providers, consultants, and vendors to maintain, improve, monitor, provide, protect, and promote our Sites and services; with other entities that are affiliates or subsidiaries of Geisinger; in the course of legal proceedings or in response to legal orders or government requests, and as otherwise required by law; as needed to support compliance, operations, and corporate governance functions; and in connection with a transfer of ownership or assets, a corporate reorganization, merger, or acquisition.

If you participate on the Sites by writing posts or responses, or importing a blog or other content, you should be aware that any Information you choose to disclose using these services can be read, collected, and used by other users of the Sites. We are not responsible for the Information you choose to submit to the Sites and any forums therein. Your contributions may be searchable on the Sites and some content on the Sites may be public and searchable on the Internet.

Please note: Information you have shared with others or that others have copied may also remain visible after you have closed your account or deleted the information from your own profile. In addition, you may not be able to access, correct, or eliminate any Information about you that other Site users copied or exported out of the Sites, because this information may not be in Geisinger’s control. 

Third Party Information Sharing

As a routine part of some business processes, we may share some Information from the Sites with third parties. We may disclose Information to such third parties that perform services for us in the processing of the Sites and/or the services made available thereon. For example:

• Service providers. We may engage trusted third-party companies and individuals to facilitate or provide services on our behalf or to perform Site-related services and analysis.
• Legal orders. We may disclose user Information if required by any applicable law or government agency to comply with a legal order. We may also disclose or use user Information in order to defend or enforce our legal rights and in accordance with any applicable law.
• Corporate transfers. We may disclose, share, or transfer user Information in connection with a merger, acquisition, reorganization or sale of our assets.

Cookies Notice

This Cookies Notice describes how we collect, use, and store information through Cookies on our Sites, the reasons we use Cookies, and how you can manage settings related to Cookies.  

What are Cookies and why does Geisinger use them?  A Cookie is a text, image, or other file stored on your computer, mobile, or other device by your web browser when you visit or use a Site, and that your browser provides to us each time you return to the Site. Almost every website uses these files. Cookies may store certain Information such as your IP address, operating system, device information, browser type and language, referring URLs, access times, pages viewed, links clicked, movements through the Sites, and other information about your activities or use of the Site. 
 
Cookies are used to identify the content you view, the content you provide so that you do not have to re-enter it each time you visit our Sites, and your preferences and settings. Cookies also help us provide you with customized content; speed navigation through our Sites; allow us to learn about your visit and use of our Sites; and to market products and services to you based on your interests and preferences. Cookies vary in duration. Session Cookies, for example, last for a defined amount of time such as while your internet browser is open. Persistent Cookies are stored on your device for longer periods. Both types of Cookies can create an identification that is unique to your device.

What types of Cookies does Geisinger use?  We may use different types of Cookies, depending on the Site.  We classify Cookies into the following main categories, described in detail below:  (1) necessary cookies; (2) performance cookies; (3) functional cookies; and (4) analytics cookies.

• Necessary Cookies:  Necessary Cookies are needed to make the Site work.  These Cookies are used for technical purposes such as enabling better navigation on the Sites.
• Performance Cookies:  Performance Cookies can be used for various performance purposes, including tracking the number of visitors to the Site and information such as the number of views a page gets, how much time a user spends on a page, and other pertinent web statistics. These Cookies improve the performance of the Sites and the user experience.
• Functional Cookies:  Functional Cookies enable the Sites to save Information already entered (such as user names, language choices, and your location), so that it can offer you improved and more personalized functions. Functional Cookies are also used to enable features you request, such as playing videos.
• Analytics Cookies:  Analytics Cookies collect Information such as IP address, device ID, browser information, geolocation, content viewed, or other Information for the purpose of analyzing and measuring how visitors use the Sites and specific functions and features.

How to manage and disable Cookies.  You can see various Cookies used on websites accessed through browsers like Google Chrome or Microsoft Edge by right clicking on the webpage, selecting the Inspect tool, and clicking on the word Cookies under the Application tab. You can also manage or disable certain Cookies by adjusting your browser or device settings. Browsers and devices are different, so refer to the settings menu of your browser or device control settings for instructions on how to see or change your Cookie preferences. If you choose not to receive Cookies, our Sites, or portions of our Sites, may not function properly or be available to you. You may also learn more about managing and disabling Cookies, and more information on Cookies generally at www.allaboutcookies.org.

How Long Do We Keep Your Information? (Data Retention)

We may retain collected your Information for an indefinite period of time or as otherwise required by law.

Changes to this Privacy Policy

We reserve the right to change, modify, add, or remove portions of this Privacy Policy at any time in our sole discretion and without prior notice. Updates will be posted here and be effective immediately upon posting. Please check the Site regularly for updates to this Privacy Policy.

Children

The Children's Online Privacy Protection Act of 1998 (COPPA) addresses how information is gathered and used from children under the age of 13.  While Geisinger is a non-commercial, nonprofit organization not subject to COPPA, Geisinger’s Sites are directed at an adult audience and are not intended or designed to attract children under the age of 13.  With the exception of certain information in our patient portals as authorized by law, we do not knowingly collect, maintain, or use personal information from children under 13 years of age. 
 
If you learn that your child has provided us with personal information through our Sites without your consent, you may alert us at systemprivacyoffice@geisinger.edu. If we learn that a child has provided such personal information, except as required and authorized by law, we will take steps to delete such information.

CMS Blue Button Program

Notwithstanding the other provisions of this Privacy Policy, if you are participating in the Centers for Medicare and Medicaid Services (“CMS”) Blue Button program through Geisinger the following provisions apply to you:

(a) Geisinger will notify you of any material changes to this Privacy Policy,

(b) we will notify you if Geisinger is sold or merged into another entity,

(c) the notice will be provided electronically though the Blue Button portal on Geisinger’s website, and

(d) if you inform Geisinger that you are opting out of the Blue Button program through the Blue Button portal, Geisinger will delete the Blue Button information that we received from CMS about you.