Types of Information Collected
Types of Information Collected From Unregistered Visitors
Visitors can access the home pages of the Clinical Education Alliance Sites and browse some areas of these Web sites without disclosing any personal data. We do track information provided to us by your browser", including the Web site from which you came (known as the “referring URL”), the type of browser you use, the time and date of access, and other information that does not personally identify you. You must register with us to access most CEA materials and programs.
Information Collected When Users Register
Users registering with a Clinical Education Alliance Site are asked to provide identifying information, including name; professional qualifications; contact information; areas of technical or medical interest and/or expertise; preference for types of information and marketing, continuing education, and other events; and other information that are personal data. Our registration screen clearly labels which information is required for registration and which information is optional and may be given at the user’s discretion.
Registered users can access their account information and make corrections or updates at any time via the My Profile pages. You can manage your communications preferences and interests with your account information by updating your account email and content preferences. You can also use the “opt-out” or unsubscribe mechanism or other means provided within the communications that you receive from us or you can unsubscribe by contacting us and telling us that you wish to do so. We reserve the right to notify you of changes or updates to the services provided to you through the Clinical Education Alliance Sites whenever necessary.
If you request us to deactivate your account or to delete, correct, or modify your personal data, we will endeavor to fulfill your request, but some personal data may persist in backup copies for a certain period of time and may be retained as necessary for our legitimate interests or to comply with our legal obligations, resolve disputes, and perform or enforce our agreements. To deactivate your account or to request us to delete, correct, or modify any of your personal data, please email email@example.com.
Information From Outside Sources
We may also collect information about physicians or other healthcare professionals who register for the Clinical Education Alliance Sites through other sources in order to verify their licensure status and identity. In some cases, we may ask visitors to our Clinical Education Alliance Sites for information after they register, such as credit card information. Where necessary (eg, to process a symposium registration request), we or our authorized data processors may contact financial or credit organizations to confirm credit card data. All credit card data are secured using a secure payment gateway provided by a third party to prevent unauthorized access to that information.
In addition, we automatically gather certain information about you as you interact with the Clinical Education Alliance Sites, such as your IP address and referring URL. CEA will process this information as part of the services we have agreed to supply to you in order to personalize our offerings and presentations to you, facilitate your movements throughout our Web sites, provide personalized services, and communicate with you individually.
Your Web browser can be set to allow you to control whether you will accept cookies, reject cookies, or to notify you each time a cookie is sent to you. If your browser is set to reject cookies, Web sites that are cookie enabled will not recognize you when you return to the Web site, and some Web site functionality may be lost. The Help section of your browser will tell you how to prevent your browser from accepting cookies.
Use of Information
We will only process your personal data where:
We will not disclose or share your personal data without your consent, except as detailed below. We may send you promotional or informational messages by email, fax, or text messaging, if you consent to same.
We may use your data, including your personal data:
We may also use aggregate data about users for program and/or product use analysis, program development, and site improvement. We may also use it for market analysis and provide information from our Web sites in aggregate form, with identifying information removed, to third parties. For example, we may tell a grant funder what percentage of our registered users resides in a particular geographical area or their practice specialty. Depending on our agreements with third parties, we may or may not charge for this information.
Disclosure of Information
We do not and will not sell, rent out, or trade your personal data. We will only disclose your personal data in the ways set out in this notice and, in particular, to the following recipients:
CEA may also disclose personal data about users to accrediting bodies as is required by them in order to grant users continuing education credit or other forms of credit for programs successfully completed. We may also disclose personal data in aggregated form to grant funders to analyze the demographics and practice patterns of healthcare professionals visiting the funded programs. Please note that registering for such continuing education or other credit constitutes consent to such disclosure.
Companies and People Who Work With Us
We contract with other companies and individuals to help us provide our services to you. Such persons act as our data processors and act only on our instructions. For example, we may host some of our sites on another company’s computers, hire technical consultants, or work with companies to remove repetitive information from customer lists, analyze data, provide marketing assistance, and provide customer service. In addition, as a healthcare professional, we may validate your licensure status and other information against available databases that list licensed healthcare professionals. In order to perform their jobs, these other companies may need to have access to your personal data. We require our employees and all such companies and contractors to comply with the terms of our privacy policies, to limit their access to any information to the minimum necessary to perform their obligations, and not to use such information for any purpose other than fulfilling their responsibilities to us or servicing orders or requests you have made.
We partner with various companies that provide a variety of medical education and communications services. We share personal data about our users with these partner companies to permit them to contact our users concerning medical education services that may be of interest. Any communications you receive from our partner companies will provide a method for declining further communications.
We reserve the right to transfer all databases and information, including your personal data, to any successor entity or company that acquires all or the relevant part of CEA operations or business without notice to you.
Marketing and Advertising
We may contact you about the services and products we offer where we have received your consent to do so or we believe that you may be interested in the material as it relates to similar products or services you have previously acquired, or indicated your interest in acquiring, from us. For example, a user may receive publicity information for programs on hepatitis-related issues if it is known that user may have an interest in that information. In no case in such circumstances will the advertiser or grant funder have access to any personal data about a specific user.
We may also personalize Clinical Education Alliance Sites based on your interests. For example, you may be provided with content based on information you have shared with us, your previous Web site browsing behavior, or information we may have gained from your interactions with a third party that shares information with us. In addition, we may use information for our own internal marketing, research, and related purposes.
We may send offers to selected groups of users on behalf of other groups. When we do this, we do not disclose your personal data to such groups or to other users in the same group. We provide a variety of mechanisms for you to tell us you do not want to receive such communications.
Public Forums and Other Online Resources
CEA may make message boards, forums, and/or interest groups available to our users. Please remember that any information that is disclosed in these areas becomes public information, including any of your personal data you choose to share as well as comments that you may leave or alias/nickname identifiers you may use when interacting with any of our online resources. Any of your personal data that you disclose in such a way is disclosed and processed by us with your consent. We urge you to exercise caution when deciding to disclose your personal data in that context.
We may process your personal data including by disclosing it to regulators and other authorities including the police when we believe such processing is necessary in order to comply with our legal obligations including those that are regulatory.
Electronic Communication and Anti-Spam Policy
CEA abides by all applicable state and federal laws governing electronic communication over the Internet, including the following:
Protection of Information
We have implemented technology and security policies, rules, and other measures appropriate to protect the personal data that we have under our control from accidental or unlawful destruction, loss, alteration, unauthorized disclosure of or access to personal data transmitted, stored, or otherwise processed. We also protect your information by requiring that all our employees and others who have access to or are associated with the processing of your data respect your privacy and confidentiality and we have trained them aCEArdingly.
CEA uses security methods to determine the identity of its registered users, so that appropriate rights and restrictions can be enforced for that user. Reliable verification of user identity is called authentication. CEA uses passwords associated with users’ email addresses to authenticate users. Users are responsible for maintaining their own passwords. Although we take appropriate precautions to protect the security of our users’ personal data from loss, misuse, unauthorized access or disclosure, alteration, or destruction, we cannot guarantee the total security of such data or that we will be immune from hacking incidents or security breaches.
Storage of Health Information
Information in our data centers is backed up routinely in order to aid in the recovery of information in the event of accidental damage of information or due to a natural disaster. The backup media is stored in a physically secure storage facility.
Access to Information and Your Rights
If you wish to:
you can request this by emailing us at the address set out below. We endeavor to respond to such requests within a month or less, although we reserve the right to extend this period for complex requests.
In any of the situations listed above, we may request that you prove your identity by providing us with a copy of a valid means of identification in order for us to comply with our security obligations and to prevent unauthorized disclosure of data.
We reserve the right to charge you a reasonable administrative fee for any manifestly unfounded or excessive requests concerning your access to your personal data and for any additional copies of the personal data you request from us.
Duration of Retention of Personal Data
We will only retain your personal data for as long as necessary to fulfill the purpose for which it was collected or to comply with legal, regulatory, or internal policy requirements.
Privacy Questions or Concerns
For privacy questions or concerns about the way in which CEA processes your personal data or about the Clinical Education Alliance Sites, please contact firstname.lastname@example.org.
Clinical Education Alliance
12001 Sunrise Valley Drive
Reston, VA 20191