McGill Society Privacy Policy

Horizontal Bar

It is the McGill Society’s (hereafter referred to as "The Society") policy to respect your privacy regarding any information we may collect while operating our websites.

Website Visitors

Like most website operators, The Society collects non-personally-identifying information of the sort that web browsers and servers typically make available, such as the browser type, language preference, referring site, and the date and time of each visitor request. The Society’s purpose in collecting non-personally identifying information is to better understand how The Society’s visitors use its website. From time to time, The Society may release non-personally-identifying information in the aggregate, e.g., by publishing a report on trends in the usage of its website.

The Society also collects potentially personally-identifying information like Internet Protocol (IP) addresses for logged in users and for users leaving comments on the Society’s member sites. The Society only discloses logged in user and commenter IP addresses under the same circumstances that it uses and discloses personally-identifying information as described below, except that site commenter IP addresses are visible and disclosed to the administrators of the site where the comment was left.

Gathering of Personally-Identifying Information

Certain visitors to The Society’s websites choose to interact with The Society in ways that require The Society to gather personally-identifying information. The amount and type of information that The Society gathers depends on the nature of the interaction. Those who engage in transactions with The Society are asked to provide additional information, including as necessary, the personal and financial information required to process those transactions. In each case, The Society collects such information only insofar as is necessary or appropriate to fulfill the purpose of the visitor’s interaction with The Society. The Society does not disclose personally-identifying information other than as described below. And visitors can always refuse to supply personally-identifying information, with the caveat that it may prevent them from engaging in certain website-related activities.

Aggregated Statistics

The Society may collect statistics about the behavior of visitors to its websites. For instance, The Society may monitor the most popular member sites on the The Society site. The Society may display this information publicly or provide it to others. However, The Society does not disclose personally-identifying information other than as described below.

Protection of Certain Personally-Identifying Information

The Society discloses potentially personally-identifying and personally-identifying information only to those of its employees, contractors and affiliated organizations that (i) need to know that information in order to process it on The Society’s behalf or to provide services available at The Society’s websites, and (ii) that have agreed not to disclose it to others. Some of those employees, contractors and affiliated organizations may be located outside of your home country; by using The Society’s websites, you consent to the transfer of such information to them. The Society will not rent or sell potentially personally-identifying and personally-identifying information to anyone. Other than to its employees, contractors and affiliated organizations, as described above, The Society discloses potentially personally-identifying and personally-identifying information only in response to a subpoena, court order or other legal request, If you are a registered user of a McGill Society website and have supplied your email address, The Society may occasionally send you an email to tell you about new features, solicit your feedback, or just keep you up to date with what’s going on with The Society and our products. We expect to keep this type of email to a minimum. If you send us a request (for example via a support email or via one of our feedback mechanisms), we reserve the right to publish it in order to help us clarify or respond to your request or to help us support other users. The Society takes all measures reasonably necessary to protect against the unauthorized access, use, alteration or destruction of potentially personally-identifying and personally-identifying information.


A cookie is a string of information that a website stores on a visitor’s computer, and that the visitor’s browser provides to the website each time the visitor returns. The Society uses cookies to help The Society identify and track visitors, their usage of The Society’s website, and their website access preferences. The Society’s visitors who do not wish to have cookies placed on their computers should set their browsers to refuse cookies before using The Society’s websites, with the drawback that certain features of The Society’a websites may not function properly without the aid of cookies.


The Society maintains a list of email addresses of users who have specifically opted to receive mailings and newsletters from us relating to the The Society and The Masonic Village at Elizabethtown Retirement Living community, services and events. Participation in this mailing list is strictly voluntary, and any user may opt out at any point by emailing a message with a subject of “unsubscribe” from the email address they wish removed from the list. Email addresses from this mailing list are only used for these notifications, and will not be distributed to any third party.

Business Transfers

If The Society, or substantially all of its assets were acquired, or in the unlikely event that The Society goes out of business or enters bankruptcy, user information would be one of the assets that is transferred or acquired by a third party. You acknowledge that such transfers may occur, and that any acquirer of The Society may continue to use your personal information as set forth in this policy.

Privacy Policy Changes

Although most changes are likely to be minor, The Society may change its Privacy Policy from time to time, and at The Society’s sole discretion. McGill Society encourages visitors to frequently check this page for any changes to its Privacy Policy. Your continued use of this site after any change in this Privacy Policy will constitute your acceptance of such change.

HIPAA– Health Insurance Portability and Accountability Act: Privacy Notice


Revised Date: January, 2015


We are required to protect the privacy of your health information. We call this information “protected health information,” or “PHI” for short and it includes information that can be used to identify you. We are required by law, to notify you if there is a breach of your unsecured PHI. We must provide you with this notice about our privacy practices that explains how, when, and why we use and disclose your PHI. With some exceptions, we may not use or disclose any more of your PHI than is necessary to accomplish the purpose of the use or disclosure.

However, we reserve the right to change the terms of this notice and our privacy policies at any time. Any changes will apply to the PHI we already have. Before we make an important change to our policies, we will promptly change this notice and post a new notice on public bulletin boards. You can also request a copy of this notice from the admissions or marketing office at any time.

We use and disclose health information for many different reasons. For some of these uses or disclosures, we need your prior consent or specific authorization. Below, we describe the different categories of our uses and disclosures and give you some examples of each category.

A. Uses and Disclosures Relating to Treatment, Payment, or Health Care Operations. We may use and disclose your PHI for the following purposes:

1. For treatment. We may disclose your PHI to physicians, nurses, medical students, and other health care personnel who provide you with health care services or are involved in your care. For example, if you’re being treated for a knee injury, we may disclose your PHI to the rehabilitation department in order to coordinate your care.

2. To obtain payment for treatment. We may use and disclose your PHI in order to bill and collect payment for the treatment and services provided to you. For example, we may provide portions of your PHI to our billing department and your health plan to get paid for the health care services we provided to you. We may also provide your PHI to our business associates, such as billing companies, claims processing companies, and others that process our health care claims. If we disclose PHI to a business associate, we will do so subject to a contract that requires the business associate to appropriately safeguard and restrict the use of your medical information to the purposes of the arrangement, as required under HIPAA and its regulations, including requiring the business associate to have a contract with any subcontractors the business associate may use to perform a function involving medical information.

3. For health care operations. We may disclose your PHI in order to operate this facility. For example, we may use your PHI in order to evaluate the quality of health care services that you received or to evaluate the performance of the health care professionals who provided health care services to you. We may also provide your PHI to our accountants, attorneys, consultants, and others in order to make sure we’re complying with the laws that affect us.

B. Certain Additional Uses and Disclosures Do Not Require Your Consent. We may use and disclose your PHI without your consent or authorization for the following reasons:

1. For public health activities. For example, we report information about births, deaths, and various diseases, to government officials in charge of collecting that information, and we provide coroners, medical examiners, and funeral directors necessary information relating to an individual’s death.

2. For health oversight activities. For example, we will provide information to assist the government when it conducts an investigation or inspection of a health care provider or organization.

3. For purpose of organ donation. We may notify organ procurement organizations to assist them in organ, eye, or tissue donation and transplants.

4. For research purposes. In certain circumstances, we may provide PHI in order to conduct medical research.

5. To avoid harm. In order to avoid a serious threat to the health or safety of a person or the public, we may provide PHI to law enforcement personnel or persons able to prevent or lessen such harm.

6. When a disclosure is required by federal, state, or local law, judicial or administrative proceedings, or law enforcement. For example, we make disclosures when a law requires that we report information to government agencies and law enforcement personnel about victims of abuse, neglect, or domestic violence; when dealing with gunshot and other wounds; or when ordered in judicial or administrative proceedings.

7. For specific government functions. We may disclose PHI of military personnel and veterans in certain situations. And we may disclose PHI for national security purposes, such as protecting the president of the United States or conducting intelligence operations.

8. Coroners, Medical Examiners, and Funeral Directors. We may disclose your medical information to coroners, medical examiners or funeral directors as necessary for them to carry out their duties.

9. For workers’ compensation purposes. We may provide PHI in order to comply with workers’ compensation laws.

10. Appointment reminders and health-related benefits or services. We may use PHI to provide appointment reminders or give you information about treatment alternatives, or other health care services or benefits we offer.

11. Fundraising activities. We may use PHI to raise funds for our organization. The money raised through these activities is used to expand and support the health care services and educational programs we provide to the community. See Section IV. for "The Right to Opt-Out of Receiving Future Fundraising Notices".

C. Uses and Disclosures for Which You Have the Opportunity to Object.

1. Patient directories. We may include your name, location in this facility, general condition, and religious affiliation, in our patient directory for use by clergy and visitors who ask for you by name, unless you object in whole or part. The opportunity to consent may be obtained retroactively in emergency situations.

2. Disclosures to family, friends, or others. We may provide your PHI to a family member, friend, or other person that you indicate is involved in your care or the payment for your health care, unless you object in whole or in part. The opportunity to consent may be obtained retroactively in emergency situations.

D. Uses and Disclosures Require Your Prior Written Authorization. In any other situation not described in sections III A, B, and C above, we will ask for your written authorization before using or disclosing any of your PHI. If you choose to sign an authorization to disclose your PHI, you can later revoke that authorization in writing to stop any future uses and disclosures (to the extent that we haven’t taken any action relying on the authorization), including:

A. For marketing purposes. Marketing purposes include subsidized treatment communications, as well as for communications about health-related products or services if we receive “financial remuneration” in exchange for making the communication from or on behalf of the third party whose product or service is being described.

B. For Sale of PHI. If we directly or indirectly receive remuneration from or on behalf of the recipient of the PHI in exchange for the disclosure of PHI. This can include but not limited to transfers of ownership of PHI, agreements to access PHI, licenses to use PHI and lease agreements.

C. For most Psychotherapy notes. We may not use or disclose your psychotherapy notes without your written authorization.


You have the following rights with respect to your PHI:

A. The Right to Request Limits on Uses and Disclosures of Your PHI. You have the right to ask that we limit how we use and disclose your PHI. We will consider your request but are not legally required to accept it. If we accept your request, we will put any limits in writing and abide by them except in emergency situations. You may not limit the uses and disclosures that we are legally required or allowed to make.

B. The Right to Choose How We Send PHI to You. You have the right to ask that we send information to you to an alternate address or by alternate means (for example, e-mail instead of regular mail). We must agree to your request so long as we can easily provide it in the format you requested.

C. The Right to See and Get Copies of your PHI. In most cases, you have the right to look at or get copies of your PHI that we have, but you must make the request in writing. In certain situations, we may deny your request. If we do, we will tell you, in writing, our reasons for the denial and explain your right to have the denial reviewed. There may be charges for copies made.

D. The Right to Get a List of the Disclosures We Have Made. You have the right to get a list of instances in which we have disclosed your PHI. The list will not include uses or disclosures that you have already consented to, such as those made for treatment, payment, or health care operations, directly to you, to your family, or in our facility directory. The list also won’t include uses and disclosures made for national security purposes, to corrections, or law enforcement personnel.

E. The Right to Correct or Update your PHI. If you believe there is a mistake in your PHI or that a piece of important information is missing, you have the right to request that we correct the existing information or add the missing information. You must provide the request and your reason for the request in writing. We will respond within 60 days of receiving your request. We may deny your request in writing if the PHI is (i) correct and complete, (ii) not created by us, (iii) not allowed to be disclosed, or (iv) not part of our records. Our written denial will state the reasons for the denial and explain your right to file a written statement of disagreement with the denial. If you don’t file one, you have the right to request that your request and our denial be attached to all future disclosures of your PHI. If we approve your request, we will make the change to your PHI, tell you that we have done it, and tell others that need to know about the change to your PHI.

F. The Right to Restrict Disclosure of PHI when Paying Out of Pocket. You have the right to ask that we do not disclose PHI to a health plan for payment, or health care operations, where service is paid out-of-pocket in full by you, someone on your behalf or another health plan, unless required by law.

G. The Right to Opt-Out of Receiving Future Fundraising Notices. You have the right to request we no longer contact you with future fundraising notices. Please note: If you would like to start receiving fundraising notices again after you have opted-out, you will need to contact us to add your name back on the fundraising notice list. To opt-out or add your name back on the list for fundraising notices, please contact the, Gift Planning Office at 1-800-599-6454.

H. Right to Notice if Your Medical Information is Breached. You have the right to be notified following a breach involving your unsecured medical information. We will provide you with written notice of a breach unless we determine through a risk assessment that there is a low probability that the privacy and/or security of your medical information has been compromised.

I. Right to a Paper Copy of this Notice. You have the right to obtain a paper copy of this Notice, even if you have previously agreed to receive this Notice electronically. You may request a copy of this Notice at any time.

If you think that we may have violated your privacy rights, or you disagree with a decision we made about access to your PHI, you may file a complaint with the person listed in Section VI below. You also may send a written complaint to the Secretary of the Department of Health and Human Services. We will take no retaliatory action against you if you file a complaint about our privacy practices.


If you have any questions about this notice or any complaints about our privacy practices, or would like to know how to file a complaint with the Secretary of the Department of Health and Human Services, please contact: the, Chief Compliance Officer, 717-367-1121, Ext. 33223.