Privacy & Security

At NYU Langone Medical Center, we are serious about doing our part to safeguard your personal information. We take reasonable and appropriate security measures to protect against unauthorized access to, or unauthorized alternation, disclosure or destruction of data. These include internal reviews of our data collection, storage and processing practices, and security measures, as well as physical security measures to guard against unauthorized access to systems where we store personal data.

To help protect the security and privacy of your personal information, you are responsible for taking all reasonable steps to ensure that no unauthorized person shall have access to your site password or account, where applicable. It is your sole responsibility to:

  • Control the dissemination and use of activation codes and passwords.
  • Authorize, monitor and control access to and use of your site account and password.
  • Promptly inform the site of any need to deactivate a password.

The answers below explain what we do to keep information about you private and secure. We want you to be better informed of how we manage the information and what kind of information we have.

What information do you collect from me?
To provide services and to help meet your needs, we collect information about you from our various applications and systems.

  • We get information from your requests for our products or services.
  • We get information about your transactions with us.  
  • We get incidental information from your visit to our web sites. Examples include IP addresses and the date and time of your visits. This information is used to help us monitor the traffic volume at our sites and determine if we need to enhance our environment to support increased capacity. In addition, we can use this information to troubleshoot any issues with connectivity to our sites.

How do you safeguard my personal information?
We take a number of steps to protect the security and privacy of information about you. Here are some examples:

  • We keep information under physical, electronic, and procedural controls in compliance with governmental standards.
  • We have corporate policies that limit employee access to confidential information, and limit the use and disclosure of such information only to authorized processes and transactions. Our employees, agents, and contractors are instructed to access information about you only when they require it to do their work for us.
  • We use Secure Socket Layer (SSL) technology to encrypt your personal information such as your user ID, password, and account information over the Internet. You may check that your web session is secure by looking for a small lock symbol usually located in the lower corner of your web browser window. You may also look for https:// at the beginning of your website; the “s” means that the web connection is encrypted.
  • We require companies working for us to protect your information. They agree to use it only to provide the services we ask them to perform for us.
  • We do not store your credit card information that you enter on our web sites.

Is my information shared with other companies or organizations?
We may share information about you with other companies that work for us. We may also share information with other organizations for the purposes of scientific and health research.

  • Any information that is shared is protected under the same controls as if the information is residing in our environment.
  • We are bound by policy and law to safeguard confidential information for all of our clients.

How are your processes and practices verified?
Periodically, our operations and business practices are reviewed for compliance with corporate policies and procedures governing the confidentiality of information.

  • These reviews are conducted by external auditing firms, government regulators, accreditation agencies, as well as our own internal staff.
  • Included in these examinations and self-assessments are review of the controls and safeguards related to consumer privacy.

How would I know if my personal information was compromised?
We take great care of personal information and any situation that involves misuse or theft of confidential information is treated very seriously.

  • If your information is compromised at our site you will receive a letter from us informing you of the situation and what the next steps are.

If you think you are a victim of stolen identification resulting from the use of our services, please call the Compliance Helpline at 1-866-NYU-1212.

For more information on protecting yourself against identify theft and fraud, please go to http://ftc.gov/IDtheft.

What happens to the security and privacy of my personal information if I follow links to third-party sites?
In order to provide visitors with other valuable information, NYU Langone Medical Center may provide links to third-party sites. However, NYU Langone Medical Center exercises no authority over third-party sites, each of which maintains independent privacy and data collection policies and procedures.

  • We do not warrant or represent that the information submitted to the site will be protected against, loss, misuse, or alteration by third parties.
  • NYU Langone Medical Center assumes no responsibility or liability for these independent methods or actions and is not responsible for the independent policies or procedures of destination sites.
  • The site cannot and does not assume responsibility or liability for any information you submit to the site or for third parties' use or misuse of information transmitted or received from this site.

These destination links are provided only for your convenience and, as such, you access them at your own risk.  However, NYU Langone Medical Center wishes to assure the integrity of its site and its destination links, so any comments pertaining to our site or any sites accessed through our site links are greatly appreciated.