Stanford University (“Stanford”) and the Continuing Medical Education (“CME”) Program know you care about the privacy and confidentiality of your information. We take protecting your privacy very seriously. Please read the following to learn more about how we treat your information collected as part of the CME Program.
Information CME Collects
When visiting the CME website or participating in CME activities, certain information about you will be collected. We will obtain information from you in one or both of the following two ways:
1. Information you provide:
a. Registration and Account Setup
When you use our websites or communicate with us to create your account during the registration process, we collect personal information about you, which is stored on a Third Party online learning management system that is required to meet our security standards. You are asked to provide certain information, including name, gender, mailing address, email address, phone number, day and month of birth, SUNet ID, department, professional designation and affiliations, license and specialty information, national provider identification number, and university affiliation. If a payment is required as part of the registration, payment information will be collected.
b. Payment information
Some CME services require payment of a fee. If you choose to pay these fees online, a Third Party vendor will collect and process your credit or debit card information. The Third Party vendor will have their own privacy policies and procedures. The CME Program does not have access to your credit card information if you register online.
If you are unable to, or choose not to, register online, our staff may assist you over the telephone. If you request registration by phone, we will collect your credit card information, including name as it appears on the card, card number, expiration date, security code, email and billing address, and immediately enter it into a secure PCI-compliant workstation. Once the credit card information is entered into the workstation, it is processed by a Third Party vendor that meets our security standards. We securely destroy any credit card information that is recorded on paper immediately after entering it into the system. The Stanford CME Program does not store any credit card information in our facilities, online database or files.
c. Online CME Courses
As part of the online CME Program, we collect information to maintain a record of participation. We collect personal information, including your name, phone number, and email address. We also collect responses to quizzes and tests to assess your understanding of the content.
d. Conferences and Workshops
When you attend conferences and workshops in person, we may collect information to maintain a record of participation. We also conduct online pre- and post-activity tests, which collect your name, email address, and test scores.
e. Course Evaluations/Surveys/Feedback/Comments
We periodically use surveys/course evaluations to gather additional information about you and the CME Program. The surveys/course evaluations collect personal information, including name, professional designation, and email address. We may also collect information to assess the effectiveness of our programs, such as your achievement of the learning objectives, changes you plan to implement in your practice, changes you have implemented in your practice, and your feedback on the course content and speakers. The survey/course evaluations are voluntary.
f. Mailing Lists
If you choose to join our mailing list, we will collect your name and email address.
2. Information we collect automatically:
The CME Program does not use Stanford’s WebAuth system but may redirect visitors to other Stanford websites that may require Stanford affiliated visitors to use the WebAuth system. WebAuth will send your SUNet ID, name, email address, phone number, Stanford employee ID, Stanford affiliation, and organization unit to us automatically.
b) HTTP Referrer
We may collect non-personal identification information about you whenever you interact with the CME Program website. Non-personal information may include the browser name, geographic location, referral link, the type of computer, and technical information about your means of connection to our website, such as the operating system and the Internet service providers utilized and other similar information.
c) Web browser cookies
We do not knowingly collect or solicit personal information from anyone under the age of 18 or knowingly allow such persons to register for the CME Program.
How CME Uses Your Information
We will only use your data as described below or as required or permitted by law.
We will use your data primarily for the purpose of providing you with training in medical education. As such, your personally identifiable data are accessible only by limited parties within Stanford, such as the staff of the CME Program, course directors, department chairs, and the IT personnel that maintain the data and websites.
Your data may be used for the following purposes:
a) To allow you to access the CME websites and education materials. Your information is also used to allow you to register and confirm eligibility for the resources available to you.
b) To evaluate your understanding of course content and knowledge, competence, needs and interests.
c) To process course tuition and fees.
d) To provide you with transcripts and reports of your participation.
e) To notify you of programs, classes, surveys, events, or research studies taking place at Stanford or as part of the CME Program.
f) To provide you support for registration, training, website service, and other transactions.
g) To solicit feedback about the CME program.
h) To evaluate the effectiveness of CME programs.
i) To suggest and plan future CME programming at Stanford.
j) For use in research projects.
When used for purposes h through j, your data will be combined with data provided by other participants and subjected to aggregate data analysis for research, educational, and publication purposes. No identifiable information will be used for these purposes.
Authentication and tracking logs will be used to produce usage statistics and identify potential website improvements. This information does not contain any personally identifiable information.
Information CME Shares with Third Parties
We may share some of your identifiable CME data with university-approved Third Parties of the CME Program. If you register for certain programs or request credit, we will share your CME data with the Third Parties responsible for administering those activities. Your information may be shared with:
a) Accrediting bodies external to the Stanford CME Program for which you seek credit.
b) Credit card processing Third Party vendors for the payment of registration and activity fees.
c) Educational partners associated with the activity for which you register.
d) Any Maintenance of Certification program for which you register.
e) Other service providers, if you wish to receive credit, with your permission.
The CME Program will never sell, rent or lease your information.
How CME Protects Your Personal Information
The CME Program is committed to protecting the security of your personal information. We are required by law to maintain the privacy of certain types of information. We maintain safeguards to protect the security, confidentiality or integrity of your data, including the following practices:
a) Protecting the transmission of your information over the Internet, through the use of encryption, such as the Secure Socket Layer (SSL) protocol;
b) Storing information we collect on computer systems located in controlled facilities with limited access;
c) Using a variety of security technologies and procedures to help protect your personal information from unauthorized access, use, or disclosures;
d) Limiting data access to only authorized personnel with a need to perform a specific job; and
e) Training all CME employees on our security and privacy practices.
As required by our accreditation agency, we will maintain your data for a minimum period of at least six years.
We endeavor to protect the privacy of the personal information we hold in our records, but we cannot guarantee complete security. Unauthorized entry or use, hardware or software failure, and other factors, may compromise the security of your personal information. We will notify you of any security incidents that compromise the security, confidentiality or integrity of your personal information in accordance with applicable state and federal laws and Stanford University policies and procedures.
Any credit card, or other sensitive personal data, will be transmitted on appropriately secured, encrypted systems.
Knowing Your Choices
You may choose not to visit or use the CME website or participate in the CME Program. If you choose not to use the CME website, you will be unable to participate in online CME courses.
When providing personal information, you will have the option of choosing to be contacted regarding additional Stanford CME activities and services. Notifications about additional CME programs and services will provide the opportunity to “opt-out” of future notifications.
If you do not wish to receive information or other notices from us in the future, you can "opt-out" by contacting us at the e-mail address indicated at the end of this policy or by following the "unsubscribe" instructions in any electronic communication you receive from us. Please be aware that you are not able to opt out of receiving communications about your account or your transactions with us.
Reviewing and Updating Your Information
You may access and edit some portion of your user profile information on the CME website. You may review your registration and course information and transcripts on the CME website. Your updated information will replace your obsolete information in our CME files.
You may also request a correction to your personal and profile data, or submit any questions or concerns to the CME team using the procedure under "Contacting Us." Please do not include any sensitive information, such as credit card information, in an email or voicemail message.
This policy is effective as of July 29, 2016.
1520 Page Mill Road
Mail Code: 5190
Palo Alto, CA 94304
Fax: 650-497-8585 or