Skip to Content
800-533-8762
  • Careers
  • Newsroom
  • Health Care Professionals
  • About Us
  • Contact Us
UPMC
  • Find a Doctor
  • Services
    • Frequently Searched Services
    • Frequently Searched Services
      Allergy & Immunology Behavioral & Mental Health Cancer Ear, Nose & Throat Endocrinology Gastroenterology Heart & Vascular Imaging Neurosciences Orthopaedics
      Physical Rehabilitation Plastic & Reconstructive Surgery Primary Care Senior Services Sports Medicine Telemedicine Transplant Surgery Walk-In Care Weight Management Women’s Health
      See all Services
    • Services by Region
    • Find a UPMC health care facility close to you quickly by browsing by region.
      UPMC in Western Pa. Western Pa. and New York
      UPMC in Central Pa. Central Pa.
      UPMC in North Central Pa. North Central Pa.
      UPMC in Western Md. Maryland & West Virginia
    • See All Services
  • Locations
    • Locations by Type
    • Locations by Type
      UPMC hospitals
      Hospitals
      Physical Therapy
      Physical Therapy
      Urgent care
      Walk-In Care
      UPMC Outpatient Centers
      Outpatient Centers
      UPMC Imaging Services
      Imaging
      Community Health Centers
      Community Health Centers
      See All Locations
    • Locations by Region
    • Locations by Region
      UPMC in Southwest Pa. Southwest Pa.
      UPMC in North Central Pa. North Central Pa.
      UPMC in Northwest Pa and Ny. Northwest Pa. & Western N.Y.
      UPMC in West Central Pa. West Central Pa.
      UPMC in Central Pa. Central Pa.
      UPMC in Western Md. Maryland & West Virginia
    • See All Locations
  • Patients & Visitors
    • Patient & Visitor Resources
    • Patient & Visitor Resources
      Patients and Visitors Resources Pay a Bill Classes & Events Medical Records Health Library Patient Information
      Patient Portals Privacy Information Shared Decision Making Traveling Patients Visitor Information
      Man uses mobile phone
      Pay a Bill
      Nurse reviews medical chart
      Request Medical Records
  • Patient Portals
  • Find Covid-19 updates
  • Schedule an appointment
  • Request medical records
  • Pay a bill
  • Learn about financial assistance
  • Find classes & events
  • Send a patient an eCard
  • Make a donation
  • Volunteer
  • Read HealthBeat blog
  • Explore UPMC Careers
Skip to Content
UPMC
  • Patient Portals
  • For Patients & Visitors
    • Find a Doctor
    • Locations
    • Patient & Visitor Resources
    • Pay a Bill
    • Services
    • More
      • Medical Records
      • Financial Assistance
      • Classes & Events
      • HealthBeat Blog
      • Health Library
  • About UPMC
    • Why UPMC
    • Facts & Stats
    • Supply Chain Management
    • Community Commitment
    • More
      • Financials
      • Support UPMC
      • UPMC Apps
      • UPMC Enterprises
      • UPMC International
  • For Health Care Professionals
    • Physician Information
    • Resources
    • Education & Training
    • Departments
    • Credentialing
  • Careers
  • Contact Us
  • Newsroom
  • UPMC >
  • Patient and Visitor Resources >
  • Privacy Information >
  • EU Notice of Privacy Practices
Patient and Visitor Resources
Safe Haven Program
Patient Portals
Pre-Registration
Classes and Events
Traveling Patients
Patient Education
Food and Nutrition Services
Information for Patients
Information for Visitors
Medical Records
Paying My Bill
Privacy Information
Privacy and Breach Alerts
Notice of Privacy Practices
EU Notice of Privacy Practices
Organized Health Care Arrangements
Website Terms of Use
Social Media Post Policy
Web Accessibility
Text Messages (SMS/MMS) Terms of Use
Shared Decision Making
Ecards
Patient and Visitor Resources
Safe Haven Program
Patient Portals
Pre-Registration
Classes and Events
Traveling Patients
Patient Education
Food and Nutrition Services
Information for Patients
Information for Visitors
Medical Records
Paying My Bill
Privacy Information
Privacy and Breach Alerts
Notice of Privacy Practices
EU Notice of Privacy Practices
Organized Health Care Arrangements
Website Terms of Use
Social Media Post Policy
Web Accessibility
Text Messages (SMS/MMS) Terms of Use
Shared Decision Making
Ecards

Chat Keywords List

  • cancel or exit: Stops your conversation
  • start over: Restarts your current scenario
  • help: Shows what this bot can do
  • terms: Shows terms of use and privacy statement
  • feedback: Give us feedback
Continue
Chat with UPMC
RESTART
MENU
CLOSE

EU Notice of Privacy Practices - Effective August 27, 2021

Summary

At UPMC, we are committed to protecting the privacy of your Personal Data, as European Union (“EU”) regulations require. When we say “Personal Data,” we mean any information relating to an identified or identifiable natural person (‘data subject’). An identifiable natural person is one who can be identified, directly or indirectly, using identifiers that can include a name, an identification number, location data, an online identifier, or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Attached is UPMC’s “Notice of EU Privacy Practices” (“EU Notice”). The EU Notice explains how we meet this commitment. The EU Notice also explains the Personal Data we collect and process and your rights under the European Union and its member states.

In this EU Notice, the words “we,” “us,” and “our” mean UPMC and all the people and places that follow this EU Notice. All people and places that make up UPMC who collect Personal Data from individuals who are in the EU at the time the Personal Data is collected must follow the EU Notice.

Personal Data We Collect

For our Patients – UPMC may collect your Personal Data to deliver healthcare services related to health promotion, disease prevention, diagnosis, treatment, and rehabilitation at your request. We may also collect your Personal Data for administrative and accounting activities closely related to the healthcare services you intend to receive. Types of Personal Data we may collect include:

  • Personal identification information (Name, birthdate, address, phone number, gender, next of kin, etc.)
  • Health information (Medical history, diagnosis, test and procedure results, clinical notes, etc.)
  • Financial information (Health insurance and payment details)

For our Workforce – UPMC may collect your Personal Data for employment and staff-related purposes. Types of Personal Data we may collect include:

  • Personal identification information (Name, birthdate, address, phone number, gender, next of kin, employee number, ID number, etc.)
  • Job-related information (resume/application, job title, salary, length of employment, training, time and attendance data, etc.)

We will not collect Personal Data about you if the collection of such Personal Data is in violation of your fundamental rights as an individual and/or a minor.

How We Use Your Data

UPMC may process your Personal Data for the business, treatment, payment, or health care operations purposes that this EU Notice describes.

For our Patients - UPMC may create and maintain records with Personal Data about your care. We may collect, process, and store your Personal Data for purposes such as:

  • Providing healthcare services to you.
  • Designing, implementing, and/or maintaining patient care and patient-related information systems.
  • Maintaining medical records (including transcriptions, laboratory results, diagnostic images, and other types of clinical information).
  • Performing government reporting.
  • Conducting auditing, accounting, financial, quality assurance and economic and clinical analyses.

For our Workforce - UPMC normally creates and maintains records with Personal Data about your employment or staff-related services. We may collect, process, and store your Personal Data, and/or transfer this Personal Data to the U.S. for purposes such as:

  • Management and administration of employment-related matters.
  • Designing and administering compensation, benefits, and human resource programs.
  • Designing and implementing employment-related education and training programs.
  • Monitoring and evaluating employee conduct and performance.
  • Maintaining plant and employee security, health, and safety.
  • Facilitating communications, negotiations, transactions, and conferences.
  • Compliance with contractual and legal obligations.

UPMC shall not use your Personal Data in a way that is incompatible with the purposes for which it has been collected unless authorized by you. UPMC will also take reasonable steps to ensure that Personal Data collected is relevant for its intended use, and is accurate, complete, and current.

Recipients of Your Personal Data

Our workforce includes our staff, physicians, students, residents, trainees, volunteers, and others providing services within or for these facilities, who may or may not be directly employed by UPMC and may have access to your Personal Data.

UPMC may transfer Personal Data to a third party acting as its agent (e.g., health care operations, medical consultants, tax advisors and preparers, accountants, auditors, lawyers, financial services, and benefit administrators) without the necessity to provide additional notice to you, as long as UPMC has entered into an appropriate agreement under which such third party is obligated to adhere to requirements at least as restrictive as those set forth in this EU Notice. Personal Data that is transferred shall comply with the EU GDPR and any other applicable EU individual provider-based data protection agreements. With respect to sensitive Personal Data (for example, political or religious beliefs, union membership, health matters etc.), UPMC will not share such information except as otherwise described in this EU Notice unless specifically authorized by you. UPMC may disclose sensitive Personal Data if required to comply with the legal process.

International Data Transfers

UPMC may create or maintain records containing Personal Data in conjunction with its patient care and employment-related activities at UPMC’s EU-based operations. UPMC may also receive and/or manage Personal Data for organizations within EU member countries that UPMC does business with. UPMC may transfer your Personal Data to the United States for processing. With respect to the handling and protection of your Personal Data, UPMC adheres to the EU GDPR. All UPMC operations that have access to Personal Data from an EU member country shall follow this EU Notice and other Privacy rules required under US law (as applicable), or under EU data protection agreements.

Data Retention Period

All Personal Data processed and stored by UPMC will be maintained for no less than the minimum number of years as required by applicable laws and only for a period deemed strictly necessary to fulfill the purposes for which it serves.

Your Rights Concerning Your Data Protection

The law gives you the following rights about your Personal Data:

  • The right to access. You have the right to request UPMC for copies of your Personal Data.
  • The right to rectification. You have the right to request that UPMC correct any information you believe is inaccurate. You also have the right to request that UPMC complete any information you believe is incomplete.
  • The right to erasure. You have the right to request that UPMC delete your Personal Data, under certain conditions.
  • The right to restrict processing. You have the right to request that UPMC restrict the processing of your Personal Data, under certain conditions.
  • The right to data portability. You have the right to request that UPMC transfer the data that we have collected to another organization, or directly to you, under certain conditions.
  • The right to object to processing. You have the right to object to UPMC processing your Personal Data, under certain conditions.
  • The right to withdraw consent. You have the right to withdraw your consent for the processing of your Personal Data, where consent is the basis on which UPMC processes such data.
  • The right to object to automated processing. You have the right not to be subject to a decision based solely on automated processing.

Upon request, UPMC will provide you with reasonable access to Personal Data that it holds about you and will take reasonable steps to permit you to correct or amend any Personal Data which is inaccurate or incomplete. If you want access to your Personal Data, you should provide a written request to the Data Controller and/or Data Protection Officer of the facility where you provided your Personal Data.

Cookies

UPMC’s Cookie Policy is available on our Website using the following link.

Data Security

UPMC understands that your Personal Data, particularly health and employment information, is sensitive and confidential. Therefore, we take reasonable security measures to protect your Personal Data from loss, misuse, and unauthorized access, disclosure, alteration, and destruction. These measures include, but are not limited to, password protection for online information systems and restricted access to your Personal Data.

Violation of Data Protection Rights

If you believe your data protection rights have been violated by us, you may file a confidential complaint with us. You can do this by contacting UPMC’s Office of Consumer and Patient Privacy, 600 Grant Street, 58th Floor, Pittsburgh, PA 15219; telephone: 412-647-6286, Fax: 412-623-6476; or email at: privacyaskus@upmc.edu.

You also have the right to make a complaint with a competent supervisory authority if you believe that the processing of your Personal Data carried out by UPMC is unlawful. UPMC will participate in the dispute resolution process established by the EU Data Protection Authorities.

You will not be penalized for making a complaint.

If You Have Questions About This EU Notice

Questions or concerns regarding the use or disclosure of Personal Data should be directed to the Data Controller and/or Data Protection Officer of the facility where you provided your Personal Data, or to the UPMC’s Office of Consumer and Patient Privacy US Steel Tower, 600 Grant Street, 58th Floor, Pittsburgh, PA 15219; telephone: 412-647-6286, Fax: 412-623-6476; or email at: privacyaskus@upmc.edu.

UPMC
200 Lothrop Street Pittsburgh, PA 15213

412-647-8762 800-533-8762

Patients And Visitors
  • Find a Doctor
  • Locations
  • Pay a Bill
  • Patient & Visitor Resources
  • Disabilities Resource Center
  • Services
  • Medical Records
  • No Surprises Act
  • Price Transparency
  • Financial Assistance
  • Classes & Events
  • Health Library
Health Care Professionals
  • Physician Information
  • Resources
  • Education & Training
  • Departments
  • Credentialing
Newsroom
  • Newsroom Home
  • Inside Life Changing Medicine Blog
  • News Releases
About
  • Why UPMC
  • Facts & Stats
  • Supply Chain Management
  • Community Commitment
  • Financials
  • Supporting UPMC
  • HealthBeat Blog
  • UPMC Apps
  • UPMC Enterprises
  • UPMC Health Plan
  • UPMC International
  • Nondiscrimination Policy
Life changing is...
Follow UPMC
  • Contact Us
  • Website/Email Terms of Use
  • Medical Advice Disclaimer
  • Privacy Information
  • Active Privacy Alerts
  • Sitemap
© 2025 UPMC I Affiliated with the University of Pittsburgh Schools of the Health Sciences Supplemental content provided by Healthwise, Incorporated. To learn more, visit healthwise.org
Find Care
Providers
Video Visit
Portal Login