Skip to main content

Geisinger.org Privacy Policy

Maintaining your trust is important to us. We take your privacy seriously, and we have created this privacy policy (this “Privacy Policy”) to disclose our information gathering, distribution, storage, and destruction practices for the personally identifiable information (“PII”) we collect on Geisinger.org and its related websites (collectively, the “Site”). In addition to this Privacy Policy, you should review the Site’s Terms of Use.

This Privacy Policy only addresses the use and disclosure of information we collect from you as a result of your use of the Site. You should be aware that when you are on the Site, you can be directed to other websites that are beyond our control, and we are not responsible for the privacy practices of third parties or the content of such linked websites. You should read the posted privacy policy of any website you access.

PLEASE NOTE! Geisinger’s Notice of Privacy Practices is a separate document that governs how medical information about you may be used and disclosed by Geisinger.

Important notice to patients who are not Residents of the United States

CONSENT TO PROCESSING YOUR INFORMATION IN THE UNITED STATES
The covered entities of Geisinger Health only provide services in the United States. We are subject to the United States laws and regulations that govern the privacy and security of patient healthcare information, as well as consumer protection laws and regulations of the United States and its individual states, as applicable. If you are a citizen or resident of a different country, the data protection laws of your country may differ as to how your personal information is protected.  We want you to understand that when you provide your personal information to us, or direct your healthcare provider to provide your information to us, your personal information will be transmitted to and processed in the United States. In doing that, you will be giving the covered entities of Geisinger Health your consent to process your information in the United States, in accordance with United States law, for our legitimate purpose in fulfilling your request or addressing your healthcare needs.

If you would like information about how the covered entities of Geisinger Health process your personal information, please address your request to our System Privacy Officer at 570-271-7360 or at systemprivacyoffice@geisinger.edu. We will respond to your request in accordance with applicable US laws.

Our Site Security

The Site has security measures in place to reasonably protect against the loss, misuse, and alteration of the information under our control. Firewalls are in place to prevent unauthorized access to our systems. A firewall controls traffic between the Internet and our internal network and protects your information stored within our systems from outsiders. Systems are monitored for suspicious activity to prevent any breaches in security. Any data provided by you sits behind this firewall.

PLEASE NOTE THAT, BY ITS VERY NATURE, A WEBSITE CANNOT BE ABSOLUTELY PROTECTED AGAINST INTENTIONAL OR MALICIOUS INTRUSION ATTEMPTS. FURTHERMORE, GEISINGER DOES NOT CONTROL THE DEVICES OR COMPUTERS OR THE INTERNET OVER WHICH YOU MAY CHOOSE TO SEND CONFIDENTIAL PII AND CANNOT, THEREFORE, PREVENT SUCH INTERCEPTIONS OF COMPROMISES TO YOUR INFORMATION WHILE IN TRANSIT TO GEISINGER. BEYOND OUR REASONABLE CARE TO SAFEGUARD YOUR INFORMATION WHILE IN TRANSIT, GEISINGER CANNOT AND DOES NOT GUARANTEE THE ABSOLUTE SECURITY OF ELECTRONIC COMMUNICATIONS OR TRANSMISSIONS SINCE ANY TRANSMISSION MADE OVER THE INTERNET BY ANY ORGANIZATION OR ANY INDIVIDUAL RUNS THE RISK OF INTERCEPTION.

Types of Information We Collect

We collect non-PII of the sort that web browsers and servers typically make available, such as the browser type, language preference, and the date of time of each user request. We do not collect PII unless you choose to provide it. You are generally not required to submit any PII to use the Site. 
In addition, we may gather technical information such as:

  • Computer's IP (Internet Protocol) address or browser type: Our Web server automatically collects the IP address of the computers that access the Site. An IP address is a number that is assigned to your computer when you access the Internet. It is not truly personally identifiable information because many different individuals can access the Internet via the same computer. To help diagnose problems with our servers, collect site usage statistics, and administer our web site, traffic between Geisinger and the Internet at times will be recorded for analysis (technical and physical). Our Privacy Policy would apply to this recorded information.

  • Pixel tracking: A tracking pixel is a piece of code embedded on a web page of a website that collects information about a user’s engagement on that page. Tracking pixels may include a command to create cookies that can follow a user across different websites, including non-Geisinger sites.

  • Cookies: A cookie is a small text file that can be stored on a user's browser (on any type of device). Geisinger utilizes cookies in conjunction with certain applications (for example with our web security application) to allow you to easily move through secured pages once you have logged on. At times we may use cookies to know that you have accessed an online course or to administer certain surveys, for example, to allow a user to reply to a survey only once. Our cookie contains a unique random identifier that enables anonymous tracking activity from a browser.

  • Aggregated Statistics: We may collect statistics about the behavior of users on the Site. For instance, we may monitor the most popular forums on the Site. We may display this information publicly or provide it to others.


How We Use the Information We Collect

We may collect and use information in the following way:

  • To optimize your web experience
  • To improve customer service
  • To conduct surveys, research, and analysis 
  • To promote events
  • To establish and manage your accounts
  • To operate, evaluate, and improve Geisinger’s operations

The above list is not comprehensive and may change without notice.

How Your Information Is Shared

If you participate on the Site by writing posts or responses, or importing a blog or other content, you should be aware that any information you choose to disclose using these services can be read, collected, and used by other users of the Site. We are not responsible for the information you choose to submit to the Site and any forums therein. Your contributions may be searchable on the Site and some content on the Site may be public and searchable on the Internet.

Please note: Information you have shared with others or that others have copied may also remain visible after you have closed your account or deleted the information from your own profile. In addition, you may not be able to access, correct, or eliminate any information about you that other Site users copied or exported out of the Site, because this information may not be in Geisinger’s control.


Third Party Information Sharing

As a routine part of some business processes, we may share some information from the Site with third parties. We may disclose information to such affiliated third parties that perform services for us in the processing of the Site and/or the services made available thereon. While these vendors are contractually obligated to keep your information secure and private, we cannot guarantee the effectiveness of third party privacy policies and safety measures. 

  • Service providers. We may engage trusted third-party companies and individuals to facilitate or provide services on our behalf or to perform Site-related services and analysis. Such engagement will be only to the extent necessary and we require that such third parties will comply with the principles of this privacy policy.

  • Legal orders. We may disclose user data if required by any applicable law or government agency to comply with a legal order. We may also disclose or use user data in order to defend or enforce our legal rights and in accordance to any applicable law.

  • Corporate transfers. We may disclose, share or transfer user data in connection with a merger, acquisition, reorganization or sale of our assets.

How Long Do We Keep Your Information? (Data Retention)

We may retain collected user data for an indefinite period of time. We have reasonable security measures in place to help protect PII that we collect and retain. However, no system can be completely secure, and we make no guarantees as to the safety or security of any information transmitted through our services.

Changes to this Privacy Policy

We reserve the right to change, modify, add or remove portions of this Privacy Policy at any time and without prior notice. Please check the Site regularly for updates to this Privacy Policy.

 

CMS Blue Button Program

Notwithstanding the other provisions of this Privacy Policy, if you are participating in the Centers for Medicare and Medicaid Services (“CMS”) Blue Button program through Geisinger
the following provisions apply to you:

(a) Geisinger will notify you of any material changes to this Privacy Policy

(b) we will notify you if Geisinger is sold or merged into another entity

(c) the notice will be provided electronically though the Blue Button portal on Geisinger’s website

(d) if you inform Geisinger that you are opting out of the Blue Button program through the Blue Button portal, Geisinger will delete the Blue Button information that we received from CMS about you.