Data privacy policy

PLEASE READ THIS PRIVACY POLICY BEFORE USING ANY ATLANTIC HEALTH SERVICES.

At Atlantic Health System Inc. (“Atlantic Health,” “us,” “we,” or “our”), we take your privacy seriously. This Privacy Policy (this “Policy”) explains how we collect, use, protect and disclose information about you when you engage with Atlantic Health, including when you interact with atlantichealth.org, our mobile apps, and any other services that may display this Policy, including, but not limited to, the Atlantic Health MyChart website and app; the Atlantic Health App; and the Atlantic Health Take Me There App, (collectively, the “Services”).

We encourage you to read this Policy, in addition to our Terms of Use, carefully in its entirety to understand our methods and practices regarding your information and how we treat it. If you have any questions or concerns, please contact us using the Contact Us section below. By accessing and/or using our Services, you acknowledge that you have read, understand, and agree to be bound by this Policy. If you do not agree with any term of this Policy, please do not access or use our Services.

PLEASE NOTE: Atlantic Health maintains a separate policy in connection with the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) that explains how Atlantic Health uses and discloses medical information about you, which can be viewed here: <Notice of Privacy Practices><Aviso Sobre Practicas De Privacidad> You may also request a paper copy from the Atlantic Health Privacy Officer using the contact methods provided in the Contact Us section below.

Types of Personal Information We Collect

We collect personal information from and about consumers who use our Services, including when consumers submit surveys, request information from us, sign up to receive emails, register for an event, create or activate an account, or otherwise interact with us. Depending on the context of your interactions with us, we may collect the following personal information about you:

(1)     Contact details, such as name, email address, mailing address, phone number, and username

(2)    Demographics, such as age, race, gender, and date of birth

(3)    Professional information, such as job title and company name

(4)    Network activity information, collected via cookies and other tracking technologies, including IP addresses, mobile advertising IDs, other unique online identifiers, and related browsing information

(5)    Health-related information

(6)    Inferences drawn from any of the information listed above

(7)    Sensitive personal data, including physical health conditions and precise geolocation data.

The Atlantic Health App may interact with your sensitive data to provide certain features, such as video visits or mobile appointment check-in. The first time you try to use any of these features, we will ask for your consent within the app and will only allow you to use a feature if you give consent. You do not have to provide consent if you do not want to allow the Atlantic Health App to interact with your data as requested. MyChart and the Atlantic Health App are developed by Epic Systems Corporation; please refer to Epic’s Mobile Application Privacy Policy for Patients for more detailed information about the limited ways they may interact with your information to make your use of MyChart and the Atlantic Health App possible.

MyChart and the Atlantic Health App may offer location-based check-in for in-person appointments or allow you to find health care providers near you. The first time you try to use any features that use your location, we will ask for your consent within the app and will only access your location if you give consent. You do not have to provide consent if you do not want to allow MyChart and the Atlantic Health App to use your location.

How We Use Personal Information

We may use the personal information we collect for the following purposes:

(1)      to provide the information, products, and services you request;

(2)      to provide, manage, analyze, and improve the utility and functionality of our Services;

(3)      to communicate with consumers;

(4)      to analyze and understand consumers’ needs, preferences, and interests;

(5)      to improve our marketing and promotional efforts;

(6)      to comply with a legal process, applicable laws, regulations, and government requests;

(7)      to enforce our rights and policies; and

(8)      to detect, prevent, or otherwise address fraud, security, or technical issues relating to our Services.

Sources of Personal Information

  • Directly From You. Atlantic Health collects information you provide to us when you use our websites or when you otherwise interact with us. For example, we collect the information you provide when you ask us a question, sign up to receive emails, register for an event, or otherwise interact with us.
  • From Vendors & Third Parties. Atlantic Health also collects personal information from our vendors and from third parties when they disclose personal information to us.
  • Via Cookies & Other Tracking Technologies. Atlantic Health collects personal information passively via cookies and other tracking technologies (“Cookies”).

How We Disclose Personal Information

We disclose the categories of personal information listed above in the following contexts:

  • To our Vendors. We disclose personal information we collect to our vendors who act on our behalf. We contractually restrict our vendors from using such personal information for their own purposes and require them to take reasonable measures to protect the personal information they process on our behalf.
  • To Third Parties for Marketing Purposes. We disclose personal information to third parties for marketing purposes. This includes disclosures of personal information via Cookies, as explained in more detail below.
  • As Described in a Privacy Notice or With Your Consent. We may disclose personal information as described in any privacy notice we provide to you via our Services, or with your consent if we obtain it from you in a particular context.
  • In Aggregate or De-Identified Form. We may aggregate or de-identify the personal information we collect, and we may disclose aggregated and/or de-identified information to our vendors, other companies within our family of businesses, and to third parties to analyze and improve utility, accessibility, design, and functionality our Services and for any other purposes permitted by applicable law. When we aggregate/de-identify personal information, we take reasonable measures to ensure that the information cannot be associated with a consumer or household, and we maintain and use the information in de-identified form.
  • Our vendors cannot re-identify information that has been de-identified
  • Data that we store as de-identified will not be re-identified.
  • After it has been de-identified, the information is no longer personal information and is not subject to this Policy.

We may also disclose personal information in the following contexts:

  • As Part of a Business Transfer. We may disclose personal information to a successor organization if, for example, we transfer the ownership or operation of all or a portion of our Services to another organization, we merge with or are acquired by another organization, or if we liquidate our assets. If such a transfer occurs, we will seek assurances that the successor organization will treat the personal information we disclose to it in accordance with this Policy.
  • To Comply with Laws and Protect Our Rights and the Rights of Others. We may disclose personal information when we, in good faith, believe disclosure is appropriate to comply with the law, a court order, or a subpoena. We may also disclose personal information to prevent or investigate a possible crime, such as fraud or identity theft; to protect the security of our Services; to enforce or apply our online Terms of Use or other agreements; or to protect our own rights or property or the rights, property, or safety of our users or others.

Cookies & Other Tracking Technologies

We use Cookies to collect information and support certain features of our websites. For example, we use Cookies to:

  • collect information about our website visitors—which pages they visit, which links they use, and how long they stay on each page;
  • support our website features and functionality—for example, to save you the trouble of reentering information already in our database or to prompt the settings you established on previous visits; 
  • personalize your experience when you use our websites; and
  • improve our marketing efforts, including through use of targeted advertising.

We also use Google Analytics, a web analytics tool that helps us understand how visitors engage with our Sites. To learn more about Google Analytics, click here.

How Can You Limit or Reject Cookies? You can use the cookie consent banner to accept or reject cookies and other technologies.  Also, depending on your browser or device, you may be able to limit or reject Cookies via settings on your browser or device. Please note that some functionality of our websites may not work if you limit or reject Cookies.

Third-Party Links on Our Services

This Policy applies only to information that we collect through your engagement with our Services. This Policy does not apply to information collected outside of our Services through your engagement with affiliated or third-party web pages, mobile applications, social media sites, discussion boards, or email lists. Our Services may contain links to affiliated or third-party websites or mobile applications that are not owned, operated, licensed, or controlled by Atlantic Health. Atlantic Health is not responsible for the privacy practices or content of such other websites or mobile applications, and Atlantic Health makes no representations or endorsements about them. Third-party websites and mobile applications may be governed by their own separate privacy policies. We encourage you to read any applicable privacy statements before accessing or using third-party websites or mobile applications.

Security & Retention

We implement reasonable security measures to protect consumers’ personal information.

While we take measures to protect consumers’ personal information, please note that no digital property can be absolutely protected against intentional or malicious intrusion attempts. Furthermore, Atlantic Health does not control the devices or the Internet over which you may choose to convey personal information to us and cannot, therefore, prevent interceptions or compromises to your personal information while in transit to Atlantic Health. We cannot and do not guarantee the absolute security of electronic communications or transmissions, since any transmission made over the Internet by any organization or individual runs the risk of interception.

Our Services are hosted in the United States and are governed by United States law. If you are using any of our Services from outside the United States, please be aware that your data shall be transferred and stored in the United States where our servers are located.

We store personal information we collect for as long as necessary for the purpose(s) for which Atlantic Health collected it and in accordance with applicable law and our legitimate business interests.

Children Under the Age of Thirteen

Our Services are not intended for children under the age of 13 and are not designed to attract the attention of one under the age of 13. We encourage all parents and guardians to instruct their children in the safe and responsible use and disclosure of their personal information while using the Internet. We will not knowingly collect personal information via our Services covered by this Policy from children under the age of 13.

However, please note that our patient portal is available for use by children ages 12-17. Use of our patient portal is governed by the separate policy we maintain in connection with the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) that explains how Atlantic Health uses and discloses medical information about you. That separate policy can be viewed here: <Notice of Privacy Practices><Aviso Sobre Practicas De Privacidad>

Additional Disclosures for New Jersey Residents

This section provides disclosures applicable to residents of New Jersey. It does not apply to residents of other states or countries.

  • Data Subject Rights. New Jersey residents have certain rights with respect to the processing of their personal information. These rights include rights to access, correct, delete, obtain a copy of your personal information, and to opt out of certain types of processing of personal information.
  • Exercising Data Subject Rights & Authorized Agents. To exercise data subject rights available to you, you may contact us by filling out the form on our Contact Us webpage. New Jersey residents may also authorize an agent to make data subject requests on your behalf. In such instances, authorized agents may use the same methods as you to submit requests on your behalf. To verify your identity and protect your personal information, we may ask the requestor to provide information that will enable us to verify your identity in order to comply with your data subject request, such as asking your agent to provide proof of signed permission from you, or by asking you to confirm with us directly that you provided the agent with permission to submit the request. In some instances, we may decline to honor your request if an exception applies under applicable law. We will respond to your request consistent with applicable law.
  • Appeals. If we deny your request, New Jersey residents may appeal our decision by filling out the form on our Contact Us webpage. If you submit an appeal, please enclose or otherwise specifically reference your initial request so that we may appropriately assess and respond to your appeal. We will process appeals in accordance with applicable law.
  • Sales & Processing for Purposes of Targeted Advertising. We sell personal information and process personal information for targeted advertising purposes, as those terms are defined by New Jersey’s comprehensive privacy law. Specifically, we disclose personal information we collect via Cookies, such as IP address and browsing data, to third parties for marketing purposes. To opt-out of such processing, you may use the cookie consent banner that appears at the bottom of all pages.
  • Opt-Out Preference Signals. Some web browsers, browser add-ons, or devices offer settings where you may pre-set a signal to tell websites that you do not want to have your online activity and behavior sold or processed for targeted advertising purposes. We recognize opt-out preference signals to the extent we are required to do so for compliance with applicable law. Our Services are set up to recognize the Global Privacy Control signal.  
  • Profiling. We do not process personal information for profiling in furtherance of legal or similarly significant effects.

Changes to This Policy

We may update this Policy from time to time. When we do so, we will post the revised version of this Policy on this page and will post a prominent notice of the change on our homepage when required by applicable law. Following any amendment of this Policy, your continued use of our Services, including, but not limited to, your disclosure of any information to us through our Services, will signify your consent to and acceptance of its revised terms for all previously collected information and information collected from you in the future.

For your convenience, whenever this Policy is changed, we will update the “last updated” date at the top of this page. When you use our Services, please check the “last updated” date to see if this Policy has been revised since your last visit.

Contact Us

If you have any questions regarding our privacy practices, please fill out the form on our Contact Us webpage, or contact us at the address or phone number listed below.

Atlantic Health Privacy Officer
Compliance and Internal Audit Department
475 South Street
Morristown, NJ 07962
Phone: 973-660-3143

Last updated: February 17, 2026