Introduction and Applicability
How We Use Personal Information We Collect About You
Protecting Your Personal Information
We have reasonable and customary physical security (such as locks and alarm systems), electronic security (such as passwords and encryption methods), and procedural security methods (such as rules regarding the handling and use of information) in place designed to protect against the loss, misuse, or alteration of information that we have collected from you at our Sites.
Internet Information We Collect About You
We may use your IP address to help diagnose problems with our server and to administer our Site. Your IP address may also may be used to help identify visitors and to gather broad demographic information and to respond to legal requests.
Information We Disclose About You
We share and give access to personal information to our employees and agents in the course of operating our business. For example, if you sent us an e-mail asking a question, we would provide your e-mail address to one of our employees or agents, along with your question, in order for that person to reply to your e-mail. We may share personal information with other Envision Healthcare subsidiaries or affiliates.
We also share and give access to personal information with other companies that we hire or collaborate with to perform services or functions on our behalf. For example, we may hire an outside company to help us send and manage e-mail, and in that case we might provide the outside company with your e-mail address and certain other information in order for them to send you an e-mail message on our behalf. Similarly, we may hire outside companies to host or operate some of our websites and related computers.
However, if we share or give access to information to outside companies we require them to use the personal information only for limited purposes, such as for sending you the e-mail in the example above. If you believe we or any company associated with Envision Healthcare has misused any of your information please contact us immediately and report such misuse.
We may share personal information if all or part of Envision Healthcare is sold, merged, dissolved, acquired, or in a similar transaction.
We may share personal information in response to a court order, subpoena, search warrant, law or regulation. We may cooperate with law enforcement authorities in investigating and prosecuting website visitors who violate our rules or engage in behavior that is harmful to other visitors or is illegal.
Analytics & Customization Technology
We do not explicitly identify visitors to our Site unless they choose to identify themselves through requests for additional information. Like most web site operators, Envision Healthcare does collect non-personally identifying information that web browsers and servers typically make available such as:
- Our websites may deposit a small file called a “cookie” on a visitor’s computer hard drive to personalize their experience or track aggregate site visitation statistics;
- Our websites may use web beacons in combination with cookies to help Envision Healthcare identify and track usage of Envision Healthcare websites in order to gather aggregate data related to the usage and usability of Envision Healthcare websites. Envision Healthcare will use this “web analytics” data only as aggregate site visitation statistics or to personalize the end user experience.
- Our websites may customize the website viewing experience and/or capture web analytics by using either internal analytics software or by sending this information to vendors to help Envision Healthcare analyze this data. Envision Healthcare has agreements with its vendors that they will not share or use the information for purposes other than to maintain and enhance the services they provide to Envision Healthcare.
Envision Healthcare’s purpose in collecting web analytics information is primarily to better understand how Envision Healthcare’s visitors use its websites and to optimize visitor experience and interaction with our websites.
Because non-personal information does not identify who you are, we do not limit the ways we may use or share non-personal information. For example, we may share non-personal information with our affiliates, suppliers, employees and agents, other businesses, and the government.
The visitor may disable your “cookie” information by adjusting their browser preferences on your personal computer at any time.
General E-mail Communications
If you register your e-mail address with us, we use such information provided by you for internal purposes, and may send you information about new evhealth.net site features, services, or updates, information about our company and promotional material or offers from some of our corporate partners, and other news.
If you are a resident of California, this following information and rights are provided to you as required by the California Consumer Privacy Act of 2018 (“CCPA”). Any terms defined in the CCPA have the same meaning when used in this notice.
Information We Collect
We collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device (“personal information”). In particular, we have collected the following categories of personal information from consumers within the last twelve (12) months:
|A. Personal Identifiers
||A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, NPI #, or other similar identifiers.
|B. Financial Information
||Debit card, credit card, or bank account information.
|C. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).
||Name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, reference checks, malpractice history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information.
|D. Internet or other similar network activity.
||Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement.
Personal information does not include:
- Publicly available information from government records.
- De-identified or aggregated consumer information.
- Information excluded from the CCPA’s scope, such as:
- Health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data.
- Financial Information covered by the Gramm-Leach-Bliley Act, and implementing regulations.
We obtain the categories of personal information listed above from the following categories of sources:
- Directly and indirectly from activity on our website. For example, from submissions through our website portal or website usage details collected automatically. Indirectly from you when you visit and interact with our website.
Use of Personal Information
We may use or disclose the personal information we collect for one or more of the following business purposes:
- To provide you with information, products or services that you request from us.
- To provide you with email alerts, event registrations and other notices concerning our products or services, or events or news, that may be of interest to you.
- To improve our website and present its contents to you.
- For testing, research, analysis and product development.
- As necessary or appropriate to protect the rights, property or safety of us, our clients or others.
- To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.
- As described to you when collecting your personal information or as otherwise set forth in the CCPA.
- To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by us is among the assets transferred.
We will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated, or incompatible purposes without providing you notice.
Disclosure of Personal Information
We may disclose your personal information to a third party for a business purpose. When we disclose personal information for a business purpose, we enter a contract that describes the purpose and requires the recipient to both keep that personal information confidential and not use it for any purpose except performing the contract.
In the preceding twelve (12) months, we have disclosed the following categories of personal information for a business purpose:
- Category A – Personal Identifiers
- Category C – Personal Information categories listed in the California Customer Records statute
- Category D – Internet or other similar network activity
We disclose your personal information for a business purpose to the following categories of third parties:
- Our affiliates
- Service providers
- Third parties to whom you or your agents authorize us to disclose your personal information in connection with products or services we provide to you.
Sale of Personal Information
In the preceding twelve (12) months, we have not sold any personal information.
Your Rights and Choices
The CCPA provides consumers (California residents) with specific rights regarding their personal information. This section describes your CCPA rights and explains how to exercise those rights.
Access to Specific Information and Data Portability Rights
You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months. Once we receive and confirm your verifiable consumer request, we will disclose to you any of the following, as requested:
- The categories of personal information we collected about you.
- The categories of sources for the personal information we collected about you.
- Our business or commercial purpose for collecting or selling that personal information.
- The categories of third parties with whom we share that personal information.
- The specific pieces of personal information we collected about you.
- If we disclosed your personal information and identify the personal information categories that each category of recipient obtained.
Deletion Request Rights
You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies.
We may deny your deletion request if retaining the information is necessary for us or our service providers to:
- Comply with a legal obligations.
- Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
- Debug products to identify and repair errors that impair existing intended functionality.
- Make other internal and lawful uses of that information that are compatible with the context in which you provided it
Response Timing and Format
We endeavor to respond to a verifiable consumer request within 45 days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing. If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option. Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable.
We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:
- Deny you goods or services.
- Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
- Provide you a different level or quality of goods or services.
- Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.
Exercising Your Rights under CCPA
If you wish to exercise your rights under California law, please do not hesitate to contact us at:
Only you or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information.
You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:
- Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative.
- Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.