Privacy Policy
Updated on 1 August, 2024
1. Introduction
This Privacy Policy outlines the practices of The Institute of Chest Wall Surgery (‘’ICWS’’, "we," "us," or "our") regarding the collection, use, and protection of your personal information in compliance with applicable laws, including the Health Insurance Portability and Accountability Act (HIPAA), the California Consumer Privacy Act (CCPA), and the General Data Protection Regulation (GDPR). We are committed to safeguarding your privacy and ensuring that you are informed about how your data is handled.
This policy applies to all information you provide through our website. We strongly encourage you to review this Privacy Policy to fully understand our practices and your rights concerning your personal information.
2. Collection of Information
We collect various types of information from users of our website to provide and improve our services, ensure security, and offer a personalized experience. The information we collect includes:
2.1. Information You Provide Directly
When you interact with our website, you may provide us with personal information. This includes, but is not limited to:
-
Contact Information: Your full name, email address, phone number, and mailing address.
-
Account Information: If you create an account, we may collect your username, password, and other registration details.
-
Health Information: If you provide us with health-related details, such as information about your medical conditions, treatments, or health insurance, we will collect this as necessary to provide our services. We are fully compliant with the Health Insurance Portability and Accountability Act (HIPAA), ensuring that your health-related information is collected, processed, and stored in accordance with its privacy and security rules. Any medical information shared with us, including health records and treatment plans, will be handled with the highest standard of care as required under HIPAA regulations.
-
Communications: We may collect any information you provide when you contact us directly, whether through email, phone, or online forms. This includes records of your correspondence and any other details you share during your communications with us.
2.2 Information Collected Automatically
As you use our website, certain information is collected automatically to enhance your experience and maintain the security and functionality of our services. This includes:
-
Technical Data: We collect information about your device and internet connection, including your IP address, browser type, operating system, and device identifiers.
-
Usage Data: We monitor how you interact with our website, including the pages you visit, the time and date of your visits, the links you click, and the resources you access.
-
Cookies and Tracking Technologies: We use cookies, pixel tags, and similar technologies to collect data about your browsing behavior. Cookies are small data files stored on your device that help us remember your preferences and improve our website's functionality. Pixel tags, also known as web beacons or clear GIFs, are tiny images embedded in web pages or emails that allow us to track user activity, such as whether an email has been opened.
-
Location Data: If your device settings allow, we may collect information about your location, such as your mobile device’s GPS signal or information about nearby Wi-Fi access points and cell towers.
2.3. Information from Healthcare Providers
In connection with our services, particularly those involving medical treatment, we may collect medical records and other health-related information from your healthcare providers. This may include:
-
Medical Records: Information about your diagnosis, previous treatments, health status, lab results, and other medical details that are relevant to the services we provide.
-
Communications with Providers: Records of communications between your healthcare providers and The Institute of Chest Wall Surgery related to your care.
3. Use of Information
The Institute of Chest Wall Surgery uses the information we collect from you for various purposes, all aimed at providing you with the best possible care and service. These purposes include:
-
Providing and Improving Services: We use your information to deliver the medical services you request, enhance our offerings, and ensure the smooth operation of our website and services.
-
Communication: We may use your contact information to respond to your inquiries, provide updates about your care, send you important notifications, and inform you about additional services or general wellness information.
-
Fulfilling Requests: Your information is used to process and fulfill your requests for products, services, or information, including appointments, medical treatments, and other healthcare-related services.
-
Research and Analysis: We may analyze the data we collect to improve our services, understand user behavior, and conduct research. Some research activities may require your separate written consent.
-
Security and Fraud Prevention: To protect our patients, staff, and the integrity of our services, we use your information to prevent, detect, and respond to potential security issues or fraudulent activities.
-
Compliance with Legal Obligations: We may use your information to comply with applicable laws, regulations, and legal requests, such as fulfilling reporting requirements or responding to lawful governmental inquiries.
Where required under GDPR and CCPA, we will obtain your explicit consent before processing sensitive personal data, including health information, or using your information for marketing purposes. You have the right to withdraw consent at any time. You may also opt-out of data collection and certain cookies by adjusting your browser settings or submitting a request through our website.
Personalization: If you choose to personalize your interactions with our services, we may use your information to tailor the content and communications we provide to better suit your preferences and needs.
Other Purposes: We may also use your information for other purposes disclosed to you at the time of collection or with your consent.
We are committed to using your information responsibly and only for the purposes that align with your interests and our mission to provide exceptional healthcare services. Your information is retained only as long as necessary to fulfill these purposes or as required by law.
4. Sharing of Information
The Institute of Chest Wall Surgery is committed to protecting your privacy and ensuring that your personal information is shared only when necessary and in accordance with legal and ethical standards. Below is a summary of the circumstances under which we may share your information:
4.1. Authorized Third-Party Vendors and Service Providers
We may share your information with third-party vendors and service providers who assist us in delivering specialized services. These services may include billing, payment processing, medical advice, telemedicine services, customer support, data analysis, marketing, and IT infrastructure. These third parties are obligated to use your information solely for the services they provide to us and are required to protect your data in accordance with our standards.
4.2. Corporate Affiliates
Your information may be shared with our corporate affiliates for purposes consistent with this Privacy Policy. These affiliates are also bound by confidentiality obligations and are required to protect your information.
4.3. Legal Purposes
We may disclose your information to comply with legal obligations, such as responding to subpoenas, court orders, or government requests. Additionally, your information may be shared to protect the rights, safety, and security of The Institute of Chest Wall Surgery, our affiliates, patients, and the public.
4.4 With Your Consent or At Your Direction
We may share your information for any other purposes disclosed to you at the time of collection or pursuant to your explicit consent or direction.
4.5 Protection and Security
Your information may be shared as necessary to prevent fraud, secure our services, and protect our patients, staff, and others. This may include sharing information with law enforcement or other entities responsible for security and compliance.
The Institute of Chest Wall Surgery does not sell your personal information or share it for cross-context behavioral advertising purposes. Any sharing of your information is done with the utmost care and in strict compliance with applicable laws and regulations.
5. Protection of Personal Data
The Institute of Chest Wall Surgery is committed to safeguarding your personal information through a comprehensive security framework that includes administrative, technical, and physical measures.
In compliance with HIPAA, CCPA, and GDPR, we will notify you and relevant authorities of any data breaches affecting your personal information within the legally required timeframes. Our incident response procedures ensure that we address security risks promptly and transparently.
We implement Secure Sockets Layer (SSL) encryption to protect data during transmission and enforce strict access controls, ensuring that only authorized personnel can handle sensitive information. Our facilities are secured with robust physical protections to maintain the confidentiality and integrity of your data.
Our security protocols are regularly reviewed and enhanced to stay ahead of emerging threats and vulnerabilities. In the event of a data breach, we have established procedures to respond swiftly and will notify affected individuals and relevant authorities as required by law.
By using our website, you consent to our practices and agree to take appropriate precautions to protect your personal information.
6. Your Privacy Rights
The Institute of Chest Wall Surgery is committed to protecting your privacy rights. You have the right to access, correct, or update the personal information we hold about you. If you believe any of your data is inaccurate, you may request corrections.
You may also request the deletion of your personal information. While we will make every effort to comply, certain data may need to be retained to meet legal obligations, such as maintaining medical records.
If you have given consent for data processing, you can withdraw it at any time, though this may affect our ability to provide some services. You also have the right to request a copy of your data or to restrict its processing under certain conditions.
Exercising your privacy rights will not result in any discriminatory treatment. You can manage cookies and similar technologies through your browser settings, but be aware that this may limit website functionality.
If you believe your privacy rights have been violated, you can file a complaint with the appropriate regulatory authority. For any questions or to exercise your rights, please contact us via info@icwsorg.com.
7. International Users
All information we collect is maintained in accordance with the laws of our operating country. These laws may differ from the data protection laws in your home country. By using our website and providing us with your information, you acknowledge and consent to the transfer, storage, and processing of your data on servers located in our country of operation.
If you are accessing our services from outside our operating country, please be aware that your information may be transferred to and processed in our country or other countries where our affiliates or service providers operate. These transfers are made to fulfill the purposes outlined in this Privacy Policy, and by using our services, you consent to such transfers.
If you are located in the European Economic Area (EEA), the United Kingdom, or Switzerland, we adhere to the General Data Protection Regulation (GDPR) for the collection, processing, and storage of your personal data. This includes the right to access, rectify, delete, and restrict the processing of your data. You also have the right to data portability and to lodge a complaint with a supervisory authority. We only transfer personal data outside the EEA under appropriate safeguards, such as Standard Contractual Clauses or adequacy decisions as defined by the GDPR.
To protect your rights, we only transfer your personal data to countries that have been recognized by the European Commission as providing an adequate level of data protection, or we use other lawful mechanisms such as Standard Contractual Clauses to ensure your data is safeguarded during international transfers.
The Institute of Chest Wall Surgery values the privacy of our California residents and complies with the California Consumer Privacy Act (CCPA). California residents have the right to request information about the categories and specific pieces of personal information we collect and how we use it. You also have the right to request deletion of your personal data, opt-out of the sale of your personal information (if applicable), and exercise these rights without facing any discriminatory treatment. We do not sell personal information and only share data as outlined in this policy.
We collect personal information such as your name, contact details, medical records, and internet activity. This information is used to provide medical services, process transactions, communicate with you, and comply with legal requirements. We may share your data with service providers and to meet legal obligations, but we do not sell your personal information.
As a California resident, you have the right to know what data we collect, request its deletion, and opt-out of data sales (though we do not sell data). You also have the right to non-discrimination for exercising these rights.
8. Children
The Site is not intended for individuals under the age of 18. We do not knowingly collect personal information from anyone under 18 years of age. If you are under 18, please do not use our website or provide any personal information.
9. Privacy Policy updates
We may update this Privacy Policy periodically to reflect changes in our practices, technology, or legal requirements. When we make updates, the "Effective Date" at the top of the policy will be revised, and the new Privacy Policy will be posted on our website.
We encourage you to review this Privacy Policy regularly to stay informed about how we are protecting your information. If we make significant changes to the policy, we will provide a prominent notice on our website.
10. Privacy Questions
If you have any questions or concerns about this Privacy Policy or our privacy practices at The Institute of Chest Wall Surgery, please feel free to contact us. We take your privacy inquiries seriously and will make every effort to respond promptly.
You can reach our Privacy Office at info@icwsorg.com or use the contact form on our website. If you prefer to speak directly, please call our support number provided on the website. We are here to assist you with any privacy-related questions or concerns you may have.
Should you feel that your concerns are not adequately addressed, you have the right to contact the appropriate regulatory authority for further assistance. We will also endeavor to provide you with information about relevant avenues for filing a complaint, if needed.