Hoag Websites and Applications Privacy Policy

Last Updated: May 6, 2026

This privacy policy (“Privacy Policy”) describes how Hoag Memorial Hospital Presbyterian (“Hoag MHP”), including its subsidiaries and affiliates such as Hoag Medical Group, (collectively, “Hoag”, “we”, “us”, “our”) collects, uses, and discloses personal information that Hoag collects through websites it maintains with a link to this Privacy Policy, including website domains and subdomains such as hoag.org, careers.hoag.org, jobs.hoag.org, hoaghospitalfoundation.org, hoaghealth.org, hoagmedicalgroup.com, hoagurgentcare.com, hoagconciergemedicine.com, hoagprime.com, hoagfunctionalmedicine.com and hoagexecutivehealth.com (collectively, the “Sites”), as well as any applications offered by Hoag, including, Hoag Compass, Hoag On-Demand, Ask Hoag and Nona (collectively, our “App(s)”).

This Privacy Policy does not apply to personal information collected through other online services, including website subdomains, that Hoag maintains, but does not post a link to this Privacy Policy.

This Privacy Policy does not govern our collection, use, or disclosure of protected health information or our privacy practices related to any patient portals available or accessible through the Sites, or while logged in and using our Apps; both of which are subject to the federal Health Insurance Portability and Accountability Act, and are separately addressed in Hoag’s Notice of Privacy Practices.

We reserve the right to revise this Privacy Policy at any time, as reflected by the “Last Updated” date. If we make any material changes, we may provide additional notice.

Collection of Personal Information

We, and our vendors, may collect personal information through the Sites, such as when you submit information through webforms, including name, phone number, email address, type of insurance, employer and a description of your inquiry. If you apply for a job or fellowship, we may also collect professional, educational, or employment‐related information, including resume, certifications, eligibility documentation, and demographic information. In addition, the Sites may include interactive features, for example a customer service chat function. When you participate in an interactive customer service chat, either with a virtual or live agent, the contents of the chat may be captured and kept as a transcript. By submitting personal information through interactive features, you understand that our vendors may process the information obtained through the feature to provide services on our behalf.

Tracking Technologies

In addition to the personal information that you provide to us, we, and our vendors, may use tracking technologies such as cookies, web beacons, and pixels on certain webpages of the Sites.

Tracking technologies collect information such as IP addresses, device ID, pages visited, approximate geographic location, content interacted with, time of visit, clicks, movement, scrolling, keystroke activity, and browser information.

We, and our vendors, use tracking technologies and the information they collect for various purposes, such as to provide functionality of the Sites or of interactive features on the Sites, conduct analytics on Sites visitors to improve the Sites, improve the performance of the Sites, and targeted marketing. Certain tracking technologies may collect information about your online activities over time and across different devices and websites, and we may combine such information with other information about you, including data obtained from external parties.

For more information on certain tracking technologies that may be enabled on the Sites, refer to the following:

For more information about Google Analytics, visit: google.com/policies/privacy/partners. To opt out of Google Analytics cookies, visit: google.com/settings/ads and tools.google.com/dlpage/gaoptout

For further details, please see the ‘about Hotjar’ section of Hotjar’s support site

Certain advertising networks offer you a way to opt out certain kinds of targeted online advertising, which is conducted on certain webpages. If you would like to find out more information, visit aboutads.info/choices or youronlinechoices.com

We are not responsible for any privacy practices of external parties, including tracking technology opt-out tools, signals, or mechanisms provided by external parties.

Generative AI Features

When you use Ask Hoag or other generative artificial intelligence (“AI”) features available through our Apps, we may collect the following categories of information: (i) the text, voice, or other content of your prompts, questions, or inputs (“User Inputs”); (ii) the AI-generated responses provided to you (“AI Outputs”); and (iii) interaction data such as session duration, conversation history, feedback you provide on AI Outputs (e.g., ratings, corrections, or flagged responses), and feature usage patterns. We may retain User Inputs and AI Outputs in association with your account or device identifiers. User Inputs and AI Outputs may be reviewed by Hoag personnel or our service providers for purposes of quality assurance, safety monitoring, improving the accuracy and performance of our AI systems, and ensuring compliance with applicable laws and policies. We do not use User Inputs or AI Outputs to train third-party AI models unless you have provided explicit consent.

Third-Party AI Infrastructure. Ask Hoag is hosted within Hoag’s HIPAA-compliant Amazon Web Services (AWS) cloud infrastructure. Within this secure environment, we utilize AWS Bedrock, a HIPAA-compliant service, to access and invoke large language models provided by third parties, currently Anthropic’s Claude models. We may change or supplement the underlying AI models in the future based on performance, capabilities, or other operational considerations. Your User Inputs are processed by these third-party AI model providers to generate AI Outputs. All third-party providers are contractually bound to privacy and security commitments that are no less protective than Hoag’s own policies and are required to comply with applicable law, including HIPAA where applicable. We do not permit third-party AI model providers to use your User Inputs to train their general-purpose AI models.

The third-party infrastructure disclosure is necessary because, even though Hoag maintains control over its HIPAA-compliant AWS environment, User Inputs are processed by Anthropic’s AI models to generate responses. Transparency about the involvement of third-party AI providers, and the assurance that their commitments are no less protective than Hoag’s, addresses user concerns about data sharing while maintaining flexibility to change underlying models as the technology evolves. This disclosure also supports Hoag’s position that it has conducted appropriate due diligence on its AI supply chain.

Use and Disclosure of Personal Information

We, and our vendors, may disclose personal information, including at your direction, to our affiliates, subsidiaries, business partners, and vendors.

We, and our vendors, may use or disclose personal information obtained through the Sites, including for the following purposes:

Communicate with and market to you. To respond to your inquiries, including requests for technical support, donation, or service information, including through email, phone call or customer service chat features available on the Sites. To communicate with you such as for participation in surveys, send our newsletters, and send you information on products and services we think may interest you.

Process Job or Fellowship Applications. If you submit a job or fellowship application, to assess eligibility, conduct interviews, and generally process professional applications.

Maintain, improve, and protect the Sites. For security purposes, such as to protect against unauthorized disclosure of personal information, as well as detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible for that activity.

Legal and Safety. To meet our legal obligations, such as court orders; to cooperate with law enforcement; to protect and defend our rights and property, or the rights or safety of third parties; to enforce our applicable terms, this Privacy Policy, or agreements with external parties.

Business Transactions. As part of a business transaction such as in the event we sell or transfer all or a portion of our business or assets (including a reorganization, dissolution, or liquidation) and as part of negotiations of such transactions.

Operate and Improve Generative AI Features. To operate, maintain, and improve Ask Hoag and other generative AI features, including analyzing User Inputs and AI Outputs for accuracy, safety, bias detection, and performance optimization; to detect and prevent misuse, harmful content generation, or attempts to manipulate AI systems; and to develop and improve our AI technologies and related services.

We reserve the right to convert, or permit others to convert, your personal information into deidentified, anonymized, or aggregated data, as permitted by law.

Retention of AI Interaction Data

We retain User Inputs, AI Outputs, and associated interaction data for as long as reasonably necessary to fulfill the purposes described in this Privacy Policy, including to operate and improve our generative AI features, maintain conversation history for your convenience, comply with legal obligations, and resolve disputes. You may request deletion of your AI interaction history through your account settings or by contacting us as described below, subject to our legal and operational retention requirements.

Your Choices

If you have a registered account on the Sites, such as a careers account that enables you to apply for jobs at Hoag, you may be able to update your personal information and preferences through your account settings.

You may also opt out of receiving promotional e-mails from us by clicking on the unsubscribe link in the e-mail. Please note that unsubscribing from promotional e-mails will not affect subsequent subscriptions or non-promotional communications from us, such as such as administrative and service announcements.

Links to Other Websites

The Sites may include hyperlinks to other websites, platforms, or services. Such linked online services may be operated by external parties that are not owned by, controlled by, or affiliated with Hoag. We are not responsible for the content or privacy practices of online services that we do not maintain or control.

Data Security

We take reasonable measures to help protect personal information collected through the Sites from loss, theft, misuse, and other unauthorized access, disclosure, alteration, or destruction. Nevertheless, transmission via the Internet is not completely secure and we cannot guarantee the security of your information collected through our Sites.

California “Shine the Light”

California residents may request a list of external parties to whom we have disclosed certain types of personal information, during the preceding calendar year for the external parties’ direct marketing purposes. To submit a request for this information, please write us at feedback@hoag.org or One Hoag Drive, Newport Beach, CA 92658-6100. Requests must include “California Shine the Light Privacy Rights Request” in the first line of the description, and include your name, street address, city, state, and ZIP code. Please note that we are only required to respond to one request per customer each year, and we are not required to respond to requests made by means other than through the provided email address or mailing address.

Contact Us

You may contact us through the methods indicated on our Contact Us page.