The PII you provide on a ChanceLight website will be used only for its intended purpose. We will protect your information consistent with the principles of the Privacy Act of 1974, the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), and the Family Educational Rights and Privacy Act (FERPA).
Personally Identifiable Information
As a general rule, ChanceLight does not collect PII about you when you visit our website, unless you choose to provide such information to us. Submitting PII through our website is voluntary. By doing so, you are giving ChanceLight your permission to use the information for the stated purpose. However, not providing certain information may result in ChanceLight’s inability to provide you with the service you desire.
If you choose to provide us with PII on a ChanceLight website, through such methods as completing a web form or sending us an email, we will use that information to help us provide you the information or service you have requested or to respond to your message. The information we may receive from you varies based on what you do when visiting our sites.
Generally, the information requested by ChanceLight will be used to respond to your inquiry or to provide you with the service you request. When this information is requested, the reasons for collecting it, a description of ChanceLight’s intended use of the information, how to grant consent to use mandatorily provided information, and how to grant consent for other than statutorily mandated uses will be fully described in a separate customized “Privacy Notice.”
Many of our programs and websites allow you to send us an email. We will use the information you provide to respond to your inquiry. We will only send you general information via email or newsletter. You should be reminded that email may not necessarily be secure against interception. Therefore, we suggest that you do not send sensitive personal data (such as your Social Security number) to us via email. If your intended email communication is very sensitive, or includes information such as your bank account, credit card, or Social Security number, you should instead send it by U.S. mail. Another alternative may be submission of data through a secure web page, if available.
Automatically Collected Information
We collect and temporarily store certain information about your visit for use in site management and security purposes only. We collect and analyze this information because it helps us to better design our website to suit your needs. We may also automatically collect information about the web content you view in the event of a known security or virus threat. This information includes:
- The Internet domain from which you access our website (for example, “xcompany.com” if you use a private Internet access account, or “yourschool.edu” if you connect from an educational domain);
- The Internet Protocol (IP) address (a unique number for each computer connected to the Internet) from which you access our website;
- The type of browser (e.g., Firefox, Internet Explorer, Chrome) used to access our site;
- The operating system (e.g., Windows, Mac OS, Unix) used to access our site;
- The date and time you access our site;
- The Universal Resource Locators (URLs), or addresses, of the pages you visit;
- Your username, if it was used to log in to the website; and
- If you visited this website from another website, the URL of the forwarding site.
We may share the above information with our employees or representatives with a “need-to-know” in the performance of their official duties, or other named representatives as needed to quickly process your request or transaction. This information is only used to help us make our site more useful for you. Raw data logs are retained temporarily as required for security and site management purposes only.
Disclosure to Third Parties
General Disclosures. ChanceLight may disclose your personal information when we believe release is appropriate to comply with the law, enforce our Website’s policies, or protect ours or others rights, property, or safety.
General Contractors/Vendors. ChanceLight uses third parties (including contractors and service providers) to help with certain aspects of its operations, which may require disclosure of your Personal Information to them. For example, ChanceLight may use a third party to communicate with you (via telephone, email, or letter) about our services, to send information to you, to host the Website and related databases, and to perform other work that we may choose to outsource. ChanceLight requires these third parties to use your Personal Information only as necessary to perform the services they are asked to perform and these third parties must agree to keep this information confidential.
Non-personally identifiable visitor information. Non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.
Third-Party Websites and Applications
ChanceLight uses social media websites and other kinds of third-party websites. Social media websites are used to publicize ChanceLight events and engage with members of the public. ChanceLight also uses web measurement and customization technologies to measure the number of visitors to our websites and their various sections and to help make our websites more useful to visitors. In such cases, the third-party application may request an email address, username, password, and geographic location (e.g., State, region, or ZIP code) for account registration purposes. ChanceLight uses third-party websites to solicit and collect PII from individuals for the purposes clearly stated when the PII is collected, specifically for enrollment, recruiting or lead capture. Any PII passively collected (i.e., not solicited) by the third-party website will not be transmitted or stored by ChanceLight; no PII will be disclosed, sold or transferred to any other entity outside ChanceLight, unless required for law enforcement purposes or by statute.
Information Collected for Tracking and Customization (Cookies)
A cookie is a small file that a website transfers to your computer to allow it to remember specific information about your session while you are connected. Your computer will only share the information in the cookie with the website that provided it, and no other website can request it. There are two types of cookies:
Session: Session cookies last only as long as your web browser is open. Once you close your browser, the cookie is deleted. Websites may use session cookies for technical purposes such as to enable better navigation through the site, or to allow you to customize your preferences for interacting with the site.
Persistent: Persistent cookies are saved on a user’s hard drive in order to determine which users are new to the site or are returning, and for repeat visitors.
If you do not wish to have session or persistent cookies stored on your machine, you can turn cookies off in your browser. You will still have access to all information and resources at ChanceLight websites. However, turning off cookies may affect the functioning of some ChanceLight websites. Be aware that disabling cookies in your browser will affect cookie usage at all other websites you visit as well.
ChanceLight takes the security of all PII very seriously. We take precautions to maintain the security, confidentiality, and integrity of the information we collect. We also employ various security technologies to protect the information stored on our systems. We routinely test our security measures to ensure that they remain operational and effective.
We take the following steps to secure the information we collect:
- Employ internal access controls to ensure that only personnel who have access to your information are those with a need to do so to perform their official duties.
- Train appropriate personnel on our privacy and security policies and compliance requirements.
- Secure the areas where we retain paper copies of the information we collect online.
- Perform regular backups of the information we collect online to ensure against loss.
- Use technical controls to secure the information we collect online including, but not limited to:
- Secure Socket Layer (SSL)
- Password protections
- Periodically test our security procedures to ensure personnel and technical compliance.
- Employ external access safeguards to identify and prevent unauthorized access by outsiders that attempt to “hack” into, or cause harm to, the information contained in our systems.
We hold our contractors and other third-party providers to the same high standards that we use to ensure the security, confidentiality, and integrity of personal information they may have access to in the course of their work completed on behalf of ChanceLight.
Visiting Other Websites
Our website may contain links to governmental agencies, private organizations, and some commercial entities. These websites are not within our control and may not follow the same privacy, security, or accessibility polices. Once you link to another site, you are subject to the policies of that site.
Interaction with Children Online
ChanceLight is committed to the protection of children’s online privacy. The Children’s Online Privacy Protection Act (COPPA) governs information gathered online from or about children under the age of 13. Verifiable consent from a child’s parent or guardian is required before collecting, using, or disclosing personal information from a child under age 13. If a ChanceLight website intends to collect information about children under 13 years old, COPPA-required information and instructions will be provided by the specific web page that collects information about the child. The web page will specify exactly what the information will be used for, who will see it, and how long it will be kept.
When you submit online application form to request admission for your child to a ChanceLight program, you will provide Personal Information, Educational and/or Health Information, and Family Information. If your child is referred to ChanceLight by a referring school district, his or her permanent files are maintained by the school district. ChanceLight retains files for students who are enrolled in non-public schools, charter schools or who are private-pay students. ChanceLight retains files for clients or patients who are referred by a doctor or admitted for therapy services. In all cases, ChanceLight follows all standard records retention regulations and all policies and procedures of the federal Family Educational Rights and Privacy Act (FERPA) and Health Insurance Portability Accountability Act (HIPAA).
ChanceLight uses health information about you for treatment, to obtain payment for treatment, for administrative purposes, and to evaluate the quality of care that you receive. Your health information is contained in a medical record that is the physical property of ChanceLight.
How ChanceLight May Use or Disclose Your Health Information
- FOR TREATMENT
- FOR PAYMENT
- FOR HEALTH CARE OPERATIONS
- REQUIRED BY LAW
- PUBLIC HEALTH
- HEALTH AND SAFETY
- GOVERNMENT FUNCTIONS
- WORKERS COMPENSATION
Uses and Disclosures that Require your Prior Authorization
The following uses and disclosures will require your authorization:
- Uses and disclosures for marketing, except the following communications: i) a face-to-face communication by us to you; or ii) a promotional gift of nominal value.
- Disclosures that constitute a sale of protected health information.
- Other uses and disclosures not described in this Notice will be made only with your written authorization, such as media release and directory opt out forms.
Individual Rights under HIPAA
You have the right to:
Request a restriction on certain uses and disclosures of your information as provided by HIPAA; however, ChanceLight is not required to agree to a requested restriction unless it is a request to restrict disclosure of protected health information about you to your health plan and i) the disclosure is for the purpose of carrying out payment or health care operations and is not otherwise required by law; and ii) the protected health information pertains solely to a health care item or service for which you have paid in full.
Patients have the right to see copies of their electronic health records if the agency uses electronic health records.
- Obtain a paper copy of the notice of information practices upon request;
- Inspect and obtain a copy of your health record as provided by HIPAA;
- Amend your health record as provided by HIPAA;
- Request communications of your health information by alternative means or at alternative locations;
- Revoke your authorization to use or disclose health information except to the extent that i) action has already been taken, or ii) if the authorization was obtained as a condition of obtaining insurance coverage, other law provides the insurer with the right to contest a claim under the policy or the policy itself; and
- Patients can receive an accounting of where their protected health information was disclosed within six years of request.
You may contact ChanceLight and the Department of Health and Human Services if you believe your privacy rights have been violated. You will not be retaliated against for filing a concern. You may file a complaint with ChanceLight by sending a written notice to the address below.
If you have any questions or concerns, please contact:
1321 Murfreesboro Pike, Suite 702
Nashville, TN 37217
Obligations of ChanceLight
ChanceLight is required by law to:
- Maintain the privacy of protected health information;
- Provide you with this notice of its legal duties and privacy practices with respect to your protected health information;
- Notify you following a breach of unsecured protected health information;
- Abide by the terms of this notice;
- Notify you if we are unable to agree to a requested restriction on how your information is used or disclosed;
- Accommodate reasonable requests you may make to communicate health information by alternative means or at alternative locations; and
- Obtain your written authorization to use or disclose your health information for reasons other than those listed above and permitted under law.
ChanceLight reserves the right to change its information practices and to make the new provisions effective for all protected health information it maintains. Revised notices will be made available to you by written notification.