Last Updated: April 23, 2021
Epic Systems Corporation (“Epic”) builds software and tools with the patient at the heart. No matter who you are or what brought you here, we appreciate that we’ve earned your time and attention. Whether you engage with Epic.com or other websites that link to the Privacy Policy (“Our Website(s)”) through your mobile device, desktop computer, or your web browser, we may collect your personal information for a number of purposes as described in this Privacy Policy.
This Privacy Policy is designed to inform you about how Epic collects and uses information you directly provide when you visit Our Websites and how Epic processes your personal information when you apply for a position through careers.epic.com (our “Careers Site”). Epic may update this Privacy Policy, or other privacy notices established for other Epic websites, at any time we deem appropriate. Updated versions of this Privacy Policy will be indicated by the “Last Updated” date and updated versions will be in effect as soon as they are posted on this page. If you are interested, you should check back from time to time and make sure that you have reviewed the most current version of this Privacy Policy.
Information That You Give Us
You may contact us through the methods listed on Our Website, and we may keep a record of the communication to help answer or resolve the matter you contacted us about. You can decide how much information you want to share with us in those cases.
Our Website and Servers, Your Use of Browsers
When you communicate with us or access Our Websites and servers through a browser, application, or other client, our servers may automatically collect and record information. In most cases, this information is generated by various tracking technologies, such as “cookies,” “flash LSOs,” web beacons” or “clear GIFs.” You can read more about how we use cookies below.
Your browser or device may tell us:
Your browser may also tell us information such as:
Cookies
We use Google Analytics cookies in areas of the Careers Site on the epic.avature.net domain to recognize you and collect information about your access to and use of that website. Cookies are small data files that are placed on your computer when you visit a website. Cookies are widely used by many website owners to make their websites work, operate more efficiently, and collect information. Our use of the Google Analytics cookie enables us to collect certain data about your visits to areas of the Careers Site on the epic.avature.net domain, including:
You have the right to decide whether to accept or reject certain cookies. You can exercise your cookie rights by adjusting cookie usage in your browser settings. Google’s ability to share and use your information collected via Google Analytics is restricted by the commitments made in the Google Analytics Terms of Service and the Google Privacy Policy.
Do-Not-Track
Some web browsers and operating systems include a Do-Not-Track (DNT) setting that you can activate to signal your preference not to have information about your online activities monitored. There is currently no uniform standard for recognizing and implementing DNT signals. As a result, Our Websites and the Careers Site do not respond to DNT signals. If a standard for recognizing DNT signals is adopted in the future and we follow that standard, we will inform you about our approach in an update to this Privacy Policy.
Epic uses our Careers Site to help facilitate our recruitment process. When you contact Epic through our Careers Site to inquire about career opportunities at Epic, we may ask you to provide us with certain information so that we can evaluate you as a candidate and meet certain legal obligations. The personal information you provide directly to our Careers Site as part of the application process is in addition to the information you provide through Our Websites and may include:
How Do We Collect Your Information?
During the recruitment process, you may provide information to us directly in the following ways:
How Do We Use Your Information?
The information that you provide to us directly during the recruitment process is retained and processed as we evaluate your interest in and fit for a position. We may use this information for purposes such as:
Epic has a legitimate interest in processing your data in order to manage our overall recruitment process and to assess whether you are a viable candidate for a career at Epic. All applicants, regardless of location, may opt out of any future contacts from Epic at any time.
Who Has Access to Your Information?
When you provide your information directly to Epic as part of the recruitment process, your information may be shared with Epic staff and certain third party service providers working with Epic, such as Avature Recruiting Solutions. Epic staff includes members of the human resources and recruitment teams, interviewers involved in the recruitment process, personnel in the business area to which you are applying, and information technology (IT) staff. Other third party service providers or contractors may also have access to your information if we reach out to references or conduct background checks.
How Long Does Epic Keep Your Information?
Epic will retain your information for as long as it makes use of such information as a part of the recruitment process and for other permitted purposes. If your application for employment is successful, information gathered during the recruitment process will be added to your human resources file and may be retained throughout your employment with Epic.
If you are a data subject as defined by the General Data Protection Regulation, (EU) 2016/679, you have a number of rights and can do any of the following by contacting Epic at EUPrivacyInquiries@epic.com:
Please note that if you contact us to assist you, for your safety and ours we may need to authenticate your identity before fulfilling your request.
We use a combination of process, technology and physical security controls to help protect your information from unauthorized access, use, or disclosure, but remember that no method of transmission over the Internet, or method of storage, is 100% secure.
When you submit your information through Our Websites or our Careers Site, that information is encrypted and transmitted to us in a secure way. You can verify this by looking for a closed lock icon at the top or bottom of your web browser, or looking for “https” at the beginning of the URL address of the web page. We have internal policies and processes directed toward limiting access to your information to those employees, contractors, and agents of Epic who need to know such data to perform their jobs and develop or improve our websites, products, and services.
Our Websites, including the Careers Site, contain links to other sites and may contain embedded media hosted by other sites, such as YouTube videos. Please be aware that Epic is not responsible for the content or privacy practices of other sites. We encourage you to be aware when you leave our site or engage with media hosted by another site and to read the privacy statements of any other site that collects your information.
If you are a California resident, California law may provide you with additional rights regarding our use of your personal information. To learn more about your California privacy rights, visit our CCPA privacy notice for California residents.
If you have any questions about this Privacy Policy or privacy concerns, you may contact Epic at 608-271-9000 or at PrivacyInquiries@epic.com. In any correspondence, please include the website or reason that led you to contact us.
If you need to contact Epic’s Data Protection Officer or EU Representative as defined by the General Data Protection Regulation, (EU) 2016/679, please email EUPrivacyInquiries@epic.com or call +1 608-271-9000.
Epic is a member of Carequality, an initiative of The Sequoia Project. Epic makes functionality available to its customers to enable them to exchange data with other healthcare organizations using the Carequality Framework. Epic does not handle information transmitted in the course of its customers’ use of Carequality.
Last updated: April 22, 2022
Dutch Translation / Nederlandse Vertaling
Mobile Apps for Patients
Our mobile applications for patients, including MyChart for iOS and Android, connect to servers and systems operated and maintained by healthcare organizations that use Epic – to provide patients with secure, mobile access to health information in those servers and systems.
We refer to our mobile applications for patients as “mobile apps” in this policy.
This Privacy Policy
This policy describes how we collect and use your information when you use our mobile apps.
We may update this policy at any time, and future updates are effective as soon as they are published. Your use of any of our mobile apps is also subject to the applicable End User License Agreement. If you use our mobile apps, you agree to the applicable End User License Agreement and consent to the use of your information as described in this policy.
The Limited Ways We Use Your Information
We do not sell or license your information. These are the limited ways we interact with your information in connection with our mobile apps:
Your Healthcare Organizations
To use our mobile apps, you must have an account with a healthcare organization using Epic’s software. Because of this, your use of our mobile apps is also subject to your healthcare organization’s privacy policy. Please contact your healthcare organization if you have any questions about their privacy policy.
Google has determined our mobile apps are subject to their COVID-19 apps requirements. As a result, we are required to provide the following information so we can make our mobile apps available to you in the Play store.
We use technical controls and safeguards to protect the privacy, security, integrity, and availability of your personal information.
Each healthcare organization you connect to through our mobile apps also uses safeguards to protect your information. Contact them if you have any questions about their safeguards.
You can take other steps to protect your information:
GDPR and UK GDPR Privacy Questions
If you need to contact our Data Protection Officer or EU Representative, please email EUPrivacyInquiries@epic.com or call +1 608-271-9000. If you are a Data Subject as defined by GDPR, you should reach out to your healthcare organization for requests related to your personal data accessed through our mobile apps.
California Privacy Questions
Please visit our Privacy Notice for California Residents.
If you have any questions about this policy, contact us at +1 608-271-9000 or at PrivacyInquiries@epic.com.
If you have questions about your information in an account with a healthcare organization using Epic’s software, please reach out to your healthcare organization using the contact information in their privacy policy.
Last Updated: June 18, 2020
Epic takes very seriously its obligation to protect the confidentiality of your personal information. Epic’s mobile applications for healthcare providers, including Haiku, Canto, Rover, and Limerick, are intended to connect to servers and systems operated and maintained by Epic community members in order to provide you secure, mobile access to those systems.
This Privacy Policy
This Privacy Policy describes how Epic Systems Corporation’s (“Epic”) mobile applications for providers (our “Applications”) use, store, and transmit information and data. Epic may modify this Privacy Policy at any time effective upon its posting. Your use of our Applications is subject to the of the applicable Applications’ End User License Agreement.
When you use our Applications, Epic does not receive any personal data directly from you or your device. As described below, our Applications connect with systems operated and maintained by a healthcare institution that uses Epic’s software.
Connections to Healthcare Institutions
To use our Applications, you must have an account with a healthcare institution who uses Epic’s software. Your use of our Application with that healthcare institution may be subject to that healthcare institution’s policies and terms. You understand that while connected or attempting to connect to a healthcare institution’s system, the healthcare institution may collect, store, process, maintain, upload, sync, transmit, share, disclose, and use certain data and related information, including but not limited to information or data regarding the characteristics or usage of your device, system and application software, and peripherals as well as your personal information, location data, and other content.
Please contact your healthcare institution if you have any questions about their policies or terms.
Using Third Party Tools and Features
If you use any third-party tools and features, such as third-party speech-to-text dictation or third-party video, your use of those features is subject to the terms and policies of those third parties. If you have any questions about those terms or policies, you should contact your healthcare institution or the provider of the third-party tool.
The security of your information and data while using our Applications is very important to us. Our Applications employ a variety of technical safeguards to protect the confidentiality, integrity, and availability of your personal information including supporting Transport Layer Security (TLS)/Secure Sockets Layer (SSL) certificate technology and encryption.
In addition, healthcare providers with whom you connect may use a variety of physical, administrative, and technical measures to protect your personal information.
If you have any questions about this Privacy Policy, you may contact Epic at 608-271-9000 or at PrivacyInquiries@epic.com.
If you need to contact Epic’s Data Protection Officer or EU Representative as defined by the General Data Protection Regulation, (EU) 2016/679 (“GDPR”), please email EUPrivacyInquiries@epic.com or call +1 608-271-9000. If you are a Data Subject as defined by GDPR, you should reach out to your healthcare institution for requests related to your personal data within our Applications.
If you are a California resident, California law may provide you with additional rights regarding our use of your personal information. To learn more about your California privacy rights, visit our CCPA privacy notice for California residents or contact your healthcare institution.