Last Updated: March 23, 2026
Epic Systems Corporation (“Epic”) builds software and tools with the patient at the heart.
This Privacy Policy describes how we collect and use your information when you visit the websites listed below (“Our Websites”):
We may update this policy at any time, and future updates are effective as soon as they are published. If you are interested, you should check back from time to time and make sure that you have reviewed the most current version of this policy.
You may contact us through the methods listed on Our Website. If you contact us, we may keep a record of the communication to help answer or resolve the matter you contacted us about. You can decide how much information you want to share with us in those cases.
You may sign up for a campus tour by providing us with your name, email address, and phone number via the sign-up form on our Visiting Us page. If you sign up for a campus tour, your information will be stored in Microsoft Bookings, and you can find more details about this on Microsoft’s website.
If you submit your story and contact information to us via the Share My Story page on the MyChart Site, we may use the information you provided to contact you about your story.
You may also provide us with your name, phone number, email address, organization, and credentials when you submit your information to Epic via the form linked on the Provider Efficiency Training Site. This information will be stored on Epic-owned servers in the United States and used for purposes such as:
We use Issuu to host a digital copy of Epic’s magazine, the Epic Almanac. If you view the Epic Almanac, your information may be subject to the Issuu Privacy Policy.
When you use Our Websites, our servers may automatically collect and record information. In most cases, this information is generated by technologies, such as “cookies,” “flash LSOs,” “web beacons” or “clear GIFs.” You can read more about how we use cookies below.
Your browser or device may tell us your:
Your browser may also tell us:
We use strictly necessary cookies on Our Websites to prevent unauthorized access to or misuse of our systems, prevent cybersecurity incidents, and to keep website visitors on the same server they initially connect to when they navigate to one of our websites (i.e., for load balancing).
If you select a language preference on our MyChart Site, we will place a cookie in your browser to maintain your language selection. You may clear this cookie at any time in your browser settings.
We use Squarespace to build our Taste of Epic Site, which means those websites include the “functional and required” cookies from Squarespace, described on the Squarespace website.
Note that Epic does not use the optional Squarespace “analytics and performance” cookies. However, independent of Epic, Squarespace collects information about you when you visit our websites built on the Squarespace platform as described in section 4(b) of their privacy policy (see references to End Users of Users’ sites).
Some web browsers and operating systems include a Do-Not-Track (DNT) setting that you can activate to signal your preference not to have information about your online activities monitored. There is currently no uniform standard for recognizing and implementing DNT signals. As a result, Our Websites do not respond to DNT signals. If a standard for recognizing DNT signals is adopted in the future and we follow that standard, we will inform you about our approach in an update to this Privacy Policy.
If you have a MyChart Central account, we store limited personal information on Epic-owned servers in the United States. This information includes your name, date of birth, and the contact information you used to create your account and link it with your MyChart accounts at the healthcare organizations that care for you. This information is used to provide services or functionality for MyChart Central, including: helping you log into your MyChart accounts at your healthcare organizations, MyChart Central password recovery, and MyChart Central user support. You can edit and share MyChart Central account information with the healthcare organizations you have linked to your MyChart Central account. If you need to delete the information used by Epic to create your MyChart Central account, you can do so via the “Account Deactivation” page within MyChart Central. Once you submit an account deactivation request, your account information will be deleted via an automatic deletion process that runs periodically (typically once per day). The deletion only applies to the information used to create your MyChart Central account. For guidance on deleting health data viewable within MyChart, please contact your healthcare organizations.
We use our Careers Site to help facilitate our recruitment process. When you contact us through our Careers Site about career opportunities at Epic, we may ask you for certain information so we can evaluate you as a candidate and meet certain legal obligations. The information you provide directly to our Careers Site as part of the application process is collected with your consent, and is collected in addition to the information you provide through Our Websites (as listed above) and may include:
During the recruitment process, you may provide information to us in the following ways:
The information that you provide to us during the recruitment process is retained and processed as we evaluate you for a position. We may use this information for purposes such as:
In addition to processing your data with your consent, Epic has a legitimate interest in processing your data to manage our recruitment process and assess whether you are a viable candidate for a career at Epic. All applicants, regardless of location, may opt out of any future contacts from Epic at any time.
When you provide your information to Epic as part of the recruitment process, your information may be shared with Epic staff and certain third party service providers working with Epic, such as Avature Recruiting Solutions. Epic staff includes members of the human resources and recruitment teams, interviewers involved in the recruitment process, staff in the business area to which you are applying, and information technology (IT) staff. Other third party service providers or contractors may also have access to your information if we reach out to references or conduct background checks.
Epic will retain your information for as long as it makes use of such information as a part of the recruitment process and for other permitted purposes. If your application for employment is successful, information gathered during the recruitment process will be added to your human resources file and may be retained throughout your employment with Epic.
We use a combination of process, technology and physical security controls to protect the privacy, security, integrity, and availability of your personal information.
Our Websites contain links to other sites and may contain embedded media hosted by third parties, such as YouTube videos. Epic is not responsible for the content or privacy practices of other sites. We encourage you to be aware when you leave our site or engage with media hosted by third parties and to read the privacy statements of any other site that collects your information.
Share Everywhere allows patients to share a one-time, web-based view of their health record from their healthcare organization with anyone they choose, and the individual viewing the record can use Share Everywhere to add documentation to a patient’s electronic health record. In addition to your use of our Share Everywhere website being subject to this policy, your use of Share Everywhere is also subject to the terms of use and privacy policy of the participating healthcare organization. Please contact the participating healthcare organization for more information.
If you are a Data Subject as defined by GDPR and you have questions related to personal data held by a healthcare organization that uses Epic software, you should reach out to your healthcare organization for requests related to that personal data. If you have questions related to your personal data held by Epic (for example, if you have applied for a job via our Careers Site or submitted your contact information to Epic via the form linked on the Provider Efficiency Training Site), you can exercise your rights by contacting Epic at PrivacyInquiriesEurope@epic.com.
Additionally, if you are a resident in the European Economic Area, the United Kingdom, or Switzerland, you may have certain rights related to your personal information you send to Epic directly to facilitate your use of certain features on Epic.com and other websites that link to this policy. Details about this can be found in the Epic US Data Privacy Framework Privacy Policy.
Please visit our Privacy Notice for California Residents.
If you have questions about your medical information in an account with a healthcare organization using Epic’s software, please reach out to your healthcare organization using the contact information in their privacy policy.
If you have any questions about this policy, contact us at +1 608-271-9000 or at PrivacyInquiries@epic.com.
If you need to contact our Data Protection Officer or EU Representative, please email EUPrivacyInquiries@epic.com or call +1 608-271-9000.
Epic is a member of Carequality, an initiative of The Sequoia Project. Epic makes functionality available to its customers to enable them to exchange data with other healthcare organizations using the Carequality Framework. Epic does not handle information transmitted in the course of its customers’ use of Carequality.