Montefiore Health System, Inc. Web Site & Mobile Application Privacy Policy

Montefiore Health System, Inc. ("Montefiore" or "we," "us," or "our") established this policy to demonstrate our commitment to your privacy. This Web Site and Mobile Application Privacy Policy ("Privacy Policy") describes our information gathering and sharing practices as well as the security for Montefiore's website located at MontefioreEinstein.org and all other websites owned, operated, licensed, or controlled by Montefiore (collectively, the "Websites"). This Privacy Policy also applies to all mobile applications offered by Montefiore or its affiliates that do not have a separate privacy policy or that link to this Privacy Policy (collectively, the "Apps"). Collectively, the Websites and Apps are referred to as the "Services."

By accessing or using the Services, you agree to the terms outlined in this Privacy Policy. If you do not agree with this Privacy Policy, do not access or use the Services.

This Privacy Policy applies to the use of the Services and the information provided by and obtained from users of the Services. Montefiore maintains a separate policy regarding its collection and use of Protected Health Information under the Health Portability and Accountability Act (“HIPAA”) that can be viewed here (https://montefioreeinstein.org/patient-care/privacy-policy.

INFORMATION THAT WE COLLECT

The personal information we collect depends on how you choose to make use of the Services. We will not collect any personally identifiable information unless you deliberately submit such information in the course of using the Services.

Information That You Provide Voluntarily. In using certain of the Services, Montefiore may require your personally identifiable information to process your request or transaction. This may include your name, address, telephone and fax numbers, e-mail address and in some instances, with your permission, your health, financial and account information.

Usage Information That Is Automatically Collected.When you access the Websites, Montefiore may collect certain generalized information without your actively providing such information. This information may include, for example, your browser type, your operating system, and your IP address. This information may be collected using various technologies including cookies, as explained below.

HOW WE USE INFORMATION THAT WE COLLECT

Montefiore will use your personally identifiable information (PII) only as is permitted under institutional policies and in compliance with federal and state laws and regulations. Montefiore uses the PII that it collects to ensure the proper functionality of the Services across various devices, to process user inquiries and respond to user requests, to analyze usage trends, to improve the Services, and to develop new Services. Montefiore processes PII only for the purposes for which it was collected and in accordance with this Privacy Policy.

Montefiore does not share your PII with third parties without your consent, except for third-party vendors that perform essential business or administrative services for us (for example, our web hosting provider). Montefiore provides these vendors only with the information they need to perform such services.

We reserve the right to change this Privacy Policy. We reserve the right to make the revised or changed Privacy Policy effective for health information we already have as well as any health information we receive in the future. We will post a summary of the current Privacy Policy at each Montefiore inpatient unit, physician office or outpatient location and on our website. The end of our Privacy Policy will contain the Privacy Policy’s effective date.

SECURITY

Montefiore has implemented reasonable physical, technical, and administrative procedures to safeguard and secure all information we collect against loss, misuse, or alteration of the information under our control. Please note that while we always attempt to protect the security of your information, Montefiore cannot guarantee the security of any information transmitted through the Services.

COOKIES

We, along with the service providers that help us provide the Services, may use small text files called “cookies,” which are small computer files sent to or accessed from your web browser or your computer’s or tablet’s hard drive that contain information about your computer, such as a user ID, user settings, browsing history and activities conducted while using the Services. Cookies are not themselves personally identifiable, and Montefiore does not use cookies to store your PII or health information. A cookie typically contains the name of the domain (internet location) from which the cookie originated, the “lifetime” of the cookie (i.e., when it expires) and a randomly generated unique number or similar identifier.

Cookies can help us improve the Services by, for example, tracking users’ navigation habits and storing users’ password, customizing users’ experience with the Services; enabling us to analyze technical and navigational information about the Services; and helping to detect and prevent fraud.

Web browsers allow some control of most cookies through the browser settings. Some web browsers provide settings that allow a user to reject cookies or to alert a user when a cookie is placed on the user’s computer, tablet, or mobile device. Most mobile devices also offer settings to reject mobile device identifiers. Although users are not required to accept cookies or mobile device identifiers, blocking or rejecting them may prevent access to some features available through the Services.

THIRD-PARTY WEBSITES

In order to provide you with other valuable information, Montefiore may provide links to third-party websites outside the Montefiore network. Montefiore exercises no authority over, and does not necessarily endorse, such third-party websites. These destination links are provided only for your convenience and, as such, you access them at your own risk. If you decide to visit a third-party website, you are subject to its privacy policy and practices and not this Privacy Policy. We encourage you to carefully review the legal and privacy notices of all other digital services that you visit.

LEGAL DISCLOSURES

Although we make efforts to preserve user privacy, we may need to disclose PII when required by law or when we have a good faith belief that such action is necessary to comply with a judicial proceeding, a court order, or other legal process. In addition, we reserve the right to report to law enforcement agencies any activities that we reasonably believe to be unlawful, and to release to such agencies information about users of the Services who we reasonably believe to be engaged in or involved with such activities.

CHILDREN’S PRIVACY

The Services are not intended for use by individuals under the age of 18. In accordance with the Children’s Online Privacy Protection Act of 1998 (COPPA), Montefiore does not knowingly collect PII from anyone under the age of 13 through the Services without parental consent.

CHANGES TO PRIVACY POLICY

Montefiore may change this Privacy Policy from time to time. We encourage you to check this page for any changes to the Privacy Policy and for new versions thereof. By continuing to access, browse, and/or use the Services, you agree to accept any posted revised terms.

Effective date: October 2021
Revised date: September 2024