General Content

Privacy Policy

PLEASE READ THIS POLICY CAREFULLY TO UNDERSTAND HOW WE TREAT YOUR INFORMATION AS WELL AS YOUR CHOICES AND RIGHTS IN THIS REGARD. IF YOU DO NOT AGREE WITH THE TERMS OF THIS POLICY, YOU SHOULD NOT ACCESS OR USE THE SITE OR THE APP.

Introduction

Rochester Regional Health (also referred to herein as “we,” “us,” and “our”) is committed to protecting the privacy and security of the information we collect, use, share, and otherwise process. We also believe in transparency, and we are committed to informing you about how we treat your information.

When Does This Policy Apply?
This Privacy Policy (the “Policy”) describes our practices regarding your personal information when you visit our websites that link to this Policy (the “Site”) or use our MyCare Mobile App (the “App”). However, this Policy does not apply to any information that is Protected Health Information (“PHI”), as defined by the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). We only collect, receive, maintain, use, and disclose PHI as permitted or required by applicable law, and you may learn more about how we use and disclose PHI and your rights under HIPAA by reviewing our Notice of Privacy Practices.

United States
The Site and the App are only intended for individuals located in the United States, and they are not intended for users located in other countries, including the European Union and the European Economic Area.

How Do We Collect and Process Information?

Protected Health Information
Our collection, use, and disclosure of PHI is governed by our Notice of Privacy Practices. To the extent any of the information described in this Policy is PHI, our use and disclosure of it is governed by our Notice of Privacy Practices.

What Other Information Do We Collect Online?
We may also collect information that is not PHI, as described below. If any of the information described below is PHI, we will only use and disclose that information as described in our Notice of Privacy Practices.

When you visit the Site or use the App, we automatically collect information from your browser and your device, including: the date and time of your visit; logs of error messages; data about which pages you visit; the version of the App you are using; and your Internet Protocol (IP) address, device identifier, device type, operating system, and browser type. If you use an Android device, the App also collects your connection type (cellular or WiFi) during an error.
You may grant the following device permissions in the App:
- Camera and Photos. This permission allows the App to access your device’s camera as well as images and video stored on your device. If this permission is granted, the App can create and save photos and videos on your device and access photos and videos already stored on your device.
- Telephone. This permission allows the App to access your device’s telephony features. If you choose to call a phone number displayed within the App, the App will ask for permission to access your device’s phone to place a call to the selected phone number.
- Microphone. This permission enables the App to access the microphone on your device. Granting access will allow you to use your device’s microphone for voice-based features in the App, including dictation.
- Health Features. If you choose to use Apple Health, Google Fit, or a similar integration, the App will create identifiers to identify recipients of your data and store those identifiers on your device.
- Bluetooth. If this permission is enabled, the App may use your device’s Bluetooth connectivity, which will enable features like notifying front desk staff electronically when you arrive for an appointment. These features are not available in all locations.
- Location. If this permission is enabled, the App can access your device’s precise location, which will enable certain features like location-based check-in for in-person appointments and enabling you to find healthcare providers near you. Location-based check-in is not available in all locations.
- Push Notifications. This permission allows the App to send push notifications on your device. If granted, we may send a push notification to alert you of a notification in the App.
The App utilizes, stores, and shares the data collected through these permissions as described in this Policy, although our collection, use, and disclosure of PHI is governed by our Notice of Privacy Practices. You may control and change the permissions granted through the user settings on your device.
The App allows you to access and interact with your health information maintained in our electronic medical record system. In general, this information is PHI that is subject to HIPAA and our Notice of Privacy Practices.

Choices. You can choose how you want to create, access, use, and share the information made available to you through the App. For example:
- You may add a profile photo to your account in the App by selecting an existing photo on your device or by taking a new photo using the camera on your device. You may also include a photo or video in a message you send to your healthcare provider via the App. If you select an existing photo or video, we will store a copy of your chosen photo or video. If you take a new photo or video, the content is first saved to your camera app and then stored by us. The photo or video saved to your camera app remains available until you delete it.
- The App may enable you to conduct a telehealth appointment with your healthcare provider.
- Where automatic check-in upon arrival is enabled, the App temporarily stores identifiers and times for your upcoming appointments to detect when you arrive for your appointment.
- If you view documents from your healthcare provider (such as letters or images) via the App, a copy is temporarily stored on your device so that the files are viewable. The temporary copies are deleted when you close your session on the App.
Reminder About Security. Any person with access to your device (including if it is lost or stolen) may be able to access the App and the information available through it, so it is important for you to safeguard your device. Also, if you share information available via the App with a third party, that third party may not be required to keep it confidential. Please remember that emails and text messages are not secure and can be intercepted and read by third parties. Your sharing of information made available to you through the App is at your own risk.

COVID-19. Although you may access COVID-19-related vaccination information, laboratory test results, and documents with illness-related information via the App, the App was not created specifically for the COVID-19 pandemic. The App existed before the COVID-19 pandemic to allow you to access your health information.

Terms. Your use of the App is subject to the MyCare Terms and Conditions of Use.

Cookies and Similar Technologies

What are first and third-party cookies?
A “cookie” is a small file created by a web server that can be stored on your device (if you allow) for use either during a particular browsing session (a “session” cookie) or a future browsing session (a “persistent” cookie). “Session” cookies are temporarily stored on your device and remain there until they expire at the end of your browsing session. “Persistent” cookies remain stored on your device until they expire or are deleted by you. Local shared objects (or “flash” cookies) are used to collect and store information about your preferences and navigation to, from, and on a website. First-party cookies are set by the website you are visiting, and they can only be read by that site. Third-party cookies are set by a party other than that website.

What are “similar technologies”?
In addition to cookies, there are other data collection technologies, such as Internet tags, web beacons, pixels (clear gifs, pixel tags, and single-pixel gifs), and navigational data collection (log files, server logs, etc.) that can be used to collect data as you navigate through and interact with a website. For example, web beacons are tiny graphics with unique identifiers that are used to understand browsing activity. UTM codes are strings that can appear in a URL when you move from one web page or website to another. The string can represent information about your browsing, such as which advertisement, page, or publisher sent you to the receiving website.

What cookies and similar technologies are in use on the Site?
Depending on which page you are on, the Site uses cookies and similar technologies to improve functionality, to measure and track user interactions, to perform analytics, to market, to track ad-driven activity, and to otherwise tailor our communications.

Pages within the mycare.rochesterregional.org subdomain do not use tracking technologies.

Informational pages with the careers.rochesterregional.org subdomain use the following technologies:

We use certain Google marketing technologies to track user activity on the Site and to serve personalized advertisements for job candidates. Your browser is assigned a pseudonymous ID used to track the ads that have been served to your browser and to identify those on which you’ve clicked. The cookies enable Google and its partners to select and display ads based on your browsing behavior. For more information on how Google uses this information, you can visit:
We use Google Tag Manager, which allows marketed website tags to be managed using an interface. The tool itself (which implements the tags) does not use cookies and does not register identifiable data. The tool causes other tags to be activated which may, for their part, register personal data under certain circumstances. Google Tag Manager does not access this information. Google Tag Manager is subject to the Google Privacy Policy.
We use Google Analytics to collect and process statistical data about the number of people using the Site and to better understand how they find and use the Site. The data collected includes data related to your device/browser, your IP address, and on-site activities to measure and report statistics about user interactions. The information stored is reduced to a random identifier. Any data collected is used in accordance with this Policy and Google’s privacy policy. You may learn more about Google Analytics by visiting:
- How Google uses information from sites or apps that use it's services
- Safeguarding your data with Google
- Learn more about Google’s restrictions on data use by visiting the Google Privacy Policy.
- To opt-out of Google Analytics, you can install the opt-out browser add-on feature. For more details, visit the “Google Analytics opt-out browser add-on” page.
We use LinkedIn’s technologies for analytics and to add tags to our Site to allow for conversion tracking of LinkedIn ad campaigns to job candidates. These tools allow us to learn about user activity and LinkedIn audiences, to find trends in user engagement, to analyze trends with those groups to track user activity and to serve personalized advertisements. For more information on LinkedIn’s technologies and to view LinkedIn’s Privacy Policy, visit the following:
We use Xandr, a Microsoft product, to serve relevant advertisements to job candidates. For more information on Xandr, visit the following:

Other pages on the Site use the following technologies:

We use Google Translate to enable you to translate pages of the Site into your preferred language. For more information about how Google uses this information, you can visit:
- Google's Data Usage FAQ
- Google’s Privacy Policy
We use Piwik Pro Analytics to collect and process statistical data about the number of people using the Site and to better understand how they find and use the Site. The data collected includes data related to your device/browser, your IP address, and data about your on-site activities to measure and report statistics about user interactions. The information stored is reduced to a random identifier. Any data collected is used in accordance with this Policy and Piwik Pro’s privacy policy. Learn more about Piwik Pro Analytics. View Piwik Pro’s privacy policy.
We use SiteImprove Analytics to measure Site performance and to track how users interact with the Site. Information collected includes: the URL visited; the title of the page; the SiteImprove account ID of the Site’s owner; the resolution of the user’s monitor/size of the browser window’ the referring address, if any (this is used to pick up search keywords, visits that came through links from other sites, etc.); the time it took to fetch and render the page; a session identifier, allowing us to view a series of page views as a coherent visit; and a random number to avoid caching. For more information on SiteImprove, view the following:
- How SiteImprove Analytics uses cookies
- SiteImprove's Privacy Policy
We use New Relic to measure and monitor the performance of applications and infrastructure on portions of the Site. New Relic collects information such as how long it takes users’ browsers to load pages on the Site, where users come from, and what browsers they use. New Relic briefly collects and leverages your IP address as part of the data collection process. The IP address is used as a lookup value that maps to additional details, allowing us to diagnose performance issues. IP address lookup values include: countryCode, regionCode, city, asn, asnOrganization, asnLatitude, and asnLongitude. The mapping process for the IP address lookup value can range from minutes up to 24 hours to process. Once the mapping process is complete, New Relic no longer retains the IP address. New Relic sets cookies by default. If you elect to use a cookie consent manager to prevent cookies from being stored, the New Relic browser agent will continue to capture performance details. For more information regarding the cookies created by New Relic, please see:
- New Relic Cookies used in Browser
- New Relic's Privacy Policy

Other third-party technologies
Some third parties may use data collection technologies to collect information about you when you browse the Internet. We do not control these third parties’ technologies or how they may be used. If you have questions about targeted content, you should contact the responsible party directly or consult their privacy policies.

Choices about cookies and similar technologies
Most web browsers are set by default to accept cookies. However, you may disable certain cookies and similar technologies via the cookies consent tool included on the Site. In addition, if you do not wish to receive cookies, you may set your browser to refuse all or some types of cookies or to alert you when cookies are being stored. These settings may affect your enjoyment of the Site’s functionality. Adjusting the cookie settings may not fully delete all of the cookies that have already been created. To delete them, you should review your web browser settings after you have changed your cookie settings. The links below provide additional information about how to disable cookies or manage the cookie settings:

For more information about how to modify your browser settings to block or filter cookies, visit http://www.aboutcookies.org/. You may learn more about internet advertising practices and related consumer resources at https://youradchoices.com/control, https://thenai.org/about-online-advertising/faq, and http://www.networkadvertising.org/choices.

How Do We Use Your Information?

We only use PHI as described in our Notice of Privacy Practices. We may use your other information for the purposes described below where permitted by applicable law:

Operate and improve our operations, services, the Site, and the App
Provide you with services, content, and functionality
Improve our services and develop new services
Honor our terms of service and contracts
Manage our relationship with you and your use of the Site and the App
Communicate with you and respond to your feedback, requests, questions, or inquiries
Register you for our email list and send you periodic messages
Engage with you on social media
Enable you to share comments, questions, and answers
Improve our marketing efforts, including by providing more tailored advertising
Promote our services and contact you about other services
Administer a contest, promotion, or survey
Assess the success of marketing and advertising campaigns
Ensure the privacy and security of our Site, App, and services
Maintain our databases and back-ups, including records of our communications with you
Process payments and donations
Detect fraud and prevent loss
Support and improve the Site and the App, including evaluations of functionality and features
Analyze use of the Site, the App, and our services and prepare aggregate traffic information
Recognize your device and remember your preferences and interactions
Provide you with a more personal and interactive experience on the Site and the App
Determine and track user interests, trends, needs, and preferences
General operational support, including procurement, financial and fiscal management, risk and compliance management, and reporting
Facilitate corporate mergers, acquisitions, reorganizations, dissolutions, or other transactions
Obtain and maintain insurance coverage and professional advice
Accomplish any other purpose (a) that is related or ancillary to any of the purposes described in this Policy, (b) that is described to you when you provide the information or to which you consent, or (c) for which we have a legal basis under law
Comply with federal, state, or local laws
Comply with a civil, governmental, or regulatory inquiry, order, subpoena, summons, or process
Cooperate with law enforcement agencies
Exercise or defend legal rights or claims
Create, use, retain, or disclose de-identified or aggregated data

How Do We Share Your Information?

We only disclose PHI as described in our Notice of Privacy Practices. We may share your other information for the purposes described below where permitted by applicable law:

We may disclose information in response to subpoenas, warrants, court orders or other legal process, or to comply with relevant laws. We may also share information in order to establish or exercise our legal rights or claims; to defend against a legal claim; and to investigate, prevent, or take action regarding possible illegal activities, suspected fraud, safety of person or property, or a violation of our contracts or terms.

How Long Do We Keep Your Information?

We maintain PHI as required by law and as described in our Notice of Privacy Practices.

We will keep your other information for as long as is necessary to fulfill the purposes for which it was collected, to comply with our business requirements and legal obligations, to resolve disputes, to protect our assets, to operate our business, and to enforce our agreements. We may delete your other information if we believe it is incomplete, inaccurate, or that our continued storage of it is contrary to our objectives or legal obligations. When we delete data, it will be removed from our active servers and databases, but it may remain in our archives when it is not practical or possible to delete it.

We may retain and use anonymous, de-identified, or aggregated information for as long as is permitted under applicable law.

How Do We Protect Your Information?

We have adopted security measures that are designed to protect the information under our control. From time to time, we review our security procedures and consider new technologies and methods.

But, no security system is perfect, and no data transmission is 100% secure. Although we strive to protect your information, we cannot guarantee or warrant the security of any information transmitted to or from the Site or the App. Your use of the Site and the App is at your own risk. We cannot guarantee that your data will remain secure in all circumstances.

If a data breach compromises your information, we will notify you and any applicable regulator when we are required to do so by applicable law.

Your Rights and Choices

Please use the “Contact Us” details provided at the end of this Policy to exercise your rights and choices under this Policy. We honor requests when we are required to do so under applicable law.

HIPAA
For information about your rights under HIPAA with respect to PHI, please see our Notice of Privacy Practices.

Email Preferences
If you do not want to continue receiving emails from us, you may opt-out by clicking the “unsubscribe” button at the bottom of our emails or by contacting us at [email protected]. Please provide your name and contact information in your request, and we will respond to your request in accordance with applicable law.

Update Your Information
Our goal is to keep your information accurate, current, and complete. If any of your information changes, please let us know via the “Contact Us” details at the end of this Policy.

Complaints
If you believe your rights relating to your personal information have been violated, please contact us via the “Contact Us” details provided at the end of this Policy.

Third-Party Sites and Services

This Policy only applies to the Site and the App. It does not apply to any websites, applications, or services from third parties.

The Site and the App may include links to, or content from, third parties. These links are to external resources and third parties that have their own privacy policies. It may not always be clear which links are to external, third-party resources. If you click on a third-party link, you will be redirected away from the Site or the App. You can check the URL to confirm whether you have left the Site.

We cannot and do not (1) guarantee the privacy or security practices of third parties or any content provided by third parties; (2) control third parties’ collection or use or your information; or (3) endorse any third-party information, products, services, applications, or websites.

Any information provided by you or collected from you by a third party will be governed by that party’s privacy policy and terms of use. You should review their privacy policy and terms of use carefully.

Children's Online Privacy Protection Act

We are a nonprofit organization, and the Site and the App are not directed to children under the age of 13, and we do not knowingly collect information online from children under the age of 13. No one under the age of 13 may access, browse, or use the Site or the App or provide any information to us online. If we learn that we have collected or received personal information from a child under the age of 13 online without a parent’s or legal guardian’s consent, we will take steps to stop collecting that information and to delete it. If you believe we have any received information from a child under the age of 13 online, please contact us using the “Contact Us” details provided below.

For more information about Children’s Online Privacy Protection Act, please visit the Federal Trade Commission’s website.

Updates and Changes

We may update this Policy from time to time. If we change this Policy, we will post the revised version on the Site and the App. Any changes, updates, and modifications will be effective immediately upon posting. If we make material changes, we may also notify you through a notice on the Site’s homepage and in the App, and/or we may send you an email regarding the updates.

You should read this Policy carefully before using the Site or the App, and you should review it from time to time so that you are aware of its current terms. Your continued use of the Site or the App after the “Last Updated” date will constitute your acceptance of and agreement to any changes and to our collection, use, and sharing of your information according to the then-current Policy. If you do not agree with this Policy, you should not use the Site or the App.

Contact Us

For more information or if you have questions about this Policy, you may contact us using the information below:

Mail:
Rochester Regional Health
Chief Privacy Officer
1425 Portland Avenue
Rochester, NY, 14621

Call Center: (585) 922-LINK (922-5465)

Toll-free: 1-877-922-5465

Email: [email protected]

Outpatient Locations

Hospitals

Popular Searches

Plan Your Visit to

Your Hospital Stay

Resources

Education

Research Efforts