This Privacy Program explains how your personal health information may be used and disclosed. Please review it carefully
Purpose: The Blood Center collects certain personal health information when you donate blood. This information is necessary for identification purposes, safeguarding the blood supply, recruitment, matching blood donors with recipients, testing and follow-up activities, and other donation-related activities that may be necessary for medical purposes or required by law. Although The Blood Center is not a HIPAA covered entity, we respect the confidentiality of your health information, subject to the necessary uses described herein, and will protect the privacy of your information to the best of our ability and to the extent required by law.
This program describes our privacy practices and explains how we use and maintain your health information to ensure the adequacy and safety of the blood you so generously donate to patients in need.
How The Blood Center May Use Personal Health Information
We may use your personal health information for the following purposes and in the following ways:
- To send you appointment reminders.
- To schedule your next donation or to contact you with a request to donate blood.
- To notify a volunteer donor chairperson (if you participate in a company campaign) for purposes of scheduling donations (i.e. name, blood type, phone number), or for contacting you if there is an urgent need for your blood type.
- To provide information to a disaster relief agency, if you are involved in a disaster relief effort.
- To prevent a serious threat to health or safety.
- To share information with health care providers involved in your treatment. For example, we may share information about your test results with your physician, if you are an autologous donor (you are giving blood for your own use), you are giving blood for therapeutic treatment, or you are undergoing a therapeutic apheresis procedure.
- To conduct internal operations, including, but not limited to, quality control, quality improvement, training, employee evaluations, attorneys and insurers for professional liability or risk management purposes, or licensing or accreditation.
- To conduct business operations through business associates, for example, to install a new computer system requiring technicians to have access to records.
- In the event you experience a medical emergency, we may notify a family member or other responsible person of the medical emergency and provide information necessary to make treatment decisions. For example, if you have an adverse reaction to a blood donation, we may need to explain what happened and instructions regarding your care to a person driving you home or to receive medical care.
- Under limited circumstances, we may use and disclose medical information for research purposes. All research projects are subject to an approval process, and we generally ask for your written authorization before using your personal health information for research purposes.
- As permitted or required by law. For example,
- Texas law permits blood banks to share certain information for the safety of the blood supply and for public health activities, including, but not limited to, other blood banks, state agencies for donor safety, disease prevention, injury or disability, reporting deaths, reporting reactions, product problems, notification of recalls, and infectious disease control.
- Health oversight activities by governmental or accrediting agencies, for example, audits, inspections, investigations and licensure.
- Judicial process related to lawsuits and disputes.
- Law enforcement activities, for instance, in response to a court order or other legal process.
- To military command authorities if you are a member of the armed forces or a member of a foreign military authority.
- National security and intelligence activities.
- Protection of the President, other authorized persons, or foreign heads of state, or to conduct special investigations.
- Notifying the National Marrow Donor Program (NMDP), if you have consented to participate in the NMDP.
- Fundraising activities by The Blood Center, but such information will be limited to your name, address, and phone number. You will have an opportunity to refuse to receive these communications.
- Informing you of a community need for additional blood and encouraging you to continue to be a blood donor.
The Blood Center may electronically use or disclose your personal information for one or more of the ways or purposes above.
Your Authorization Is Required for Other Disclosures.
Except as described above and as permitted or required by law, we will not use or disclose your personal health information unless you authorize us in writing to disclose the information for the purpose you authorize. You may revoke your authorization by written letter, which will be effective only after the date of your written revocation.
You Have Options Regarding Your Health Information.
You may request special confidentiality protections regarding your personal health information by written letter; however, there may be some requests that we cannot accommodate.
Confidential Communications. You may request communications in a certain way (for example, telephone or email) or at a certain location, but you must specify how or where you wish to be contacted.
Copy of Personal Health Information Record. You may request in writing a copy of the record containing your personal health information. We may require you to provide proof of identity and charge a fee for copying, mailing and supplies.
Additional Data We Collect
The Blood Center collects additional data to operate effectively and provide you the best experiences with our services. You provide some of this data directly, such as when you create a Digital Donor account, or contact us for customer service. We get some of it by recording how you interact with our services by, for example, using technologies like cookies.
The data we collect depends on the services and features you use, and includes the following:
- Name and contact data. We collect your first and last name, email address, postal address, phone number, and other similar contact data.
- Credentials. We collect passwords, password hints, and similar security information used for authentication and account access.
- Demographic data. We collect data about you such as your age and gender.
- Payment data. We collect data necessary to process your payment if you make a payment or financial donation, such as your payment instrument number (such as a credit card number).
- Usage data. We collect data about how you interact with our services. This includes data, such as the features you use, the items you purchase from the Commit for Life Store, and the web pages you visit. This also includes data about your device and the network you use to connect to our services, including IP address, operating system, and web browser used.
How to Access and Control Your Personal Data
You can view or edit your personal data online within Digital Donor and/or Digital Coordinator. You can also contact The Blood Center by using our Customer Service web form, email address, or phone number. We will respond to requests to within one regular business day.
Your Communications Preferences
You can choose whether you wish to receive promotional communications from The Blood Center by email, postal mail, and telephone. If you receive promotional email from us and would like to opt out, you can do so by following the directions in that message. You can also make choices about the receipt of promotional email, postal mail, and telephone calls by signing into Digital Donor, which allows you to update contact information and manage contact preferences. If you do not have a Digital Donor account, you can manage your contact preferences by contacting Customer Service. These choices do not apply to some communications that are part of certain required notification services, or to confirmations or transaction receipts.
- Sign-in and Authentication. When you sign into a site using your Digital Donor account, we store a unique ID number, and the time you signed in, in an encrypted cookie on your device. This cookie allows you to move from page to page within the site without having to sign in again on each page.
Security of Personal Data
The Blood Center is committed to protecting the security of your personal data. We use a variety of security technologies and procedures to help protect your personal data from unauthorized access, use or disclosure. For example, we store the personal data you provide on computer systems that have limited access and are in controlled facilities. When we transmit highly confidential data (such as a credit card number or password) over the Internet, we protect it through the use of encryption.
Changes to This Privacy Program
The Blood Center may change this Privacy Program, and these changes will be effective with regard to existing health information, additional data, as well as any information we receive in the future.
At your request, we will provide you with a printed copy of this Privacy Program.
If you believe your privacy has been violated, you may file a complaint with The Blood Center on our confidential compliance and privacy hotline at 1(877) 874-8420. You will not be penalized or retaliated against in any way for making a complaint to The Blood Center.
Contact: Send an email to firstname.lastname@example.org if you wish to discuss a complaint, review your personal information collected, request corrections to that information, or if you have any questions about this Privacy Program. Written requests can be mailed to Privacy Program, Gulf Coast Regional Blood Center, 1400 La Concha Lane, Houston, Texas 77054.