Privacy Policy

Notice of CME Privacy Policy

Stanford University (“Stanford”) and the Continuing Medical Education (“CME”) Program know you care about the privacy and confidentiality of your information.  We take protecting your privacy very seriously.  Please read the following to learn more about how we treat your information collected as part of the CME Program.

If you are interested in the general Stanford Univeristy Privacy Policy, you can find that here:

The CME Program is a program administered by the Stanford University School of Medicine through the Stanford Center for Continuing Medical Education.  By using the CME website and participating in the CME Program in any manner, you acknowledge that you accept the practices and policies outlined in this CME Program Notice of Privacy Practices (“Privacy Policy”).

Privacy Policy Coverage/Applicability

This Privacy Policy covers our treatment of personal information that we gather when healthcare professionals or other visitors (“you”) use the CME website or participate in the CME Program and activities.

The CME Program website may include hyperlinks to other websites maintained or controlled by others. Our Privacy Policy does not apply to the information practices or services offered by other organizations or individuals (“Third Parties”), including service providers, vendors, accreditation agencies, other healthcare and education providers, and others.  Stanford is not responsible for and does not routinely screen, approve, review or endorse the contents of or use of any of the products or services that may be offered at these websites.  If you choose to follow a link to another website, you should read that website’s privacy policy or consent form and make sure that you agree with it and can accept it.

Information CME Collects

When visiting the CME website or participating in CME activities, certain information about you will be collected.  We will obtain information from you in one or both of the following two ways:

    1.     Information you provide:

            a.     Registration and Account Setup

When you use our websites or communicate with us to create your account during the registration process, we collect personal information about you, which is stored on a Third Party online learning management system that is required to meet our security standards. You are asked to provide certain information, including name, gender, mailing address, email address, phone number, day and month of birth, SUNet ID, department, professional designation and affiliations, license and specialty information, national provider identification number, and university affiliation.  If a payment is required as part of the registration, payment information will be collected.

            b.     Payment information

Some CME services require payment of a fee.  If you choose to pay these fees online, a Third Party vendor will collect and process your credit or debit card information.  The Third Party vendor will have their own privacy policies and procedures.  The CME Program does not have access to your credit card information if you register online.

If you are unable to, or choose not to, register online, our staff may assist you over the telephone.  If you request registration by phone, we will collect your credit card information, including name as it appears on the card, card number, expiration date, security code, email and billing address, and immediately enter it into a secure PCI-compliant workstation.  Once the credit card information is entered into the workstation, it is processed by a Third Party vendor that meets our security standards.  We securely destroy any credit card information that is recorded on paper immediately after entering it into the system. The Stanford CME Program does not store any credit card information in our facilities, online database or files.

            c.     Online CME Courses

As part of the online CME Program, we collect information to maintain a record of participation.  We collect personal information, including your name, phone number, and email address.  We also collect responses to quizzes and tests to assess your understanding of the content.

            d.     Conferences and Workshops

When you attend conferences and workshops in person, we may collect information to maintain a record of participation.  We also conduct online pre- and post-activity tests, which collect your name, email address, and test scores.

            e.     Course Evaluations/Surveys/Feedback/Comments

We periodically use surveys/course evaluations to gather additional information about you and the CME Program.  The surveys/course evaluations collect personal information, including name, professional designation, and email address.  We may also collect information to assess the effectiveness of our programs, such as your achievement of the learning objectives, changes you plan to implement in your practice, changes you have implemented in your practice, and your feedback on the course content and speakers.  The survey/course evaluations are voluntary.

            f.      Mailing Lists

If you choose to join our mailing list, we will collect your name and email address.

    2.     Information we collect automatically:

            a)     WebAuth

The CME Program does not use Stanford’s WebAuth system but may redirect visitors to other Stanford websites that may require Stanford affiliated visitors to use the WebAuth system.  WebAuth will send your SUNet ID, name, email address, phone number, Stanford employee ID, Stanford affiliation, and organization unit to us automatically.

            b)     HTTP Referrer

We may collect non-personal identification information about you whenever you interact with the CME Program website.  Non-personal information may include the browser name, geographic location, referral link, the type of computer, and technical information about your means of connection to our website, such as the operating system and the Internet service providers utilized and other similar information.

            c)     Web browser cookies

Our website may use "cookies" to enhance your experience.  Your web browser places cookies on your hard drive for record-keeping purposes and sometimes to track information about you.  You may choose to set your web browser to refuse cookies, or to alert you when cookies are being sent.  If you choose to reject cookies, some parts of the website may not function properly.

We do not knowingly collect or solicit personal information from anyone under the age of 18 or knowingly allow such persons to register for the CME Program.

How CME Uses Your Information

We will only use your data as described below or as required or permitted by law.

We will use your data primarily for the purpose of providing you with training in medical education.  As such, your personally identifiable data are accessible only by limited parties within Stanford, such as the staff of the CME Program, course directors, department chairs, and the IT personnel that maintain the data and websites.

Your data may be used for the following purposes:

a)    To allow you to access the CME websites and education materials. Your information is also used to allow you to register and confirm eligibility for the resources available to you.

b)     To evaluate your understanding of course content and knowledge, competence, needs and interests.

c)     To process course tuition and fees.

d)     To provide you with transcripts and reports of your participation.

e)     To notify you of programs, classes, surveys, events, or research studies taking place at Stanford or as part of the CME Program.

f)      To provide you support for registration, training, website service, and other transactions.

g)     To solicit feedback about the CME program.          

h)     To evaluate the effectiveness of CME programs.

i)      To suggest and plan future CME programming at Stanford.

j)      For use in research projects.

When used for purposes h through j, your data will be combined with data provided by other participants and subjected to aggregate data analysis for research, educational, and publication purposes.  No identifiable information will be used for these purposes.

Authentication and tracking logs will be used to produce usage statistics and identify potential website improvements. This information does not contain any personally identifiable information.

Information CME Shares with Third Parties

We may share some of your identifiable CME data with university-approved Third Parties of the CME Program.  If you register for certain programs or request credit, we will share your CME data with the Third Parties responsible for administering those activities.   Your information may be shared with:

a)     Accrediting bodies external to the Stanford CME Program for which you seek credit.

b)     Credit card processing Third Party vendors for the payment of registration and activity fees.

c)     Educational partners associated with the activity for which you register.

d)     Any Maintenance of Certification program for which you register.

e)     Other service providers, if you wish to receive credit, with your permission.   

The CME Program will never sell, rent or lease your information.

How CME Protects Your Personal Information

The CME Program is committed to protecting the security of your personal information.  We are required by law to maintain the privacy of certain types of information.  We maintain safeguards to protect the security, confidentiality or integrity of your data, including the following practices:

a)     Protecting the transmission of your information over the Internet, through the use of encryption, such as the Secure Socket Layer (SSL) protocol;

b)     Storing information we collect on computer systems located in controlled facilities with limited access;

c)     Using a variety of security technologies and procedures to help protect your personal information from unauthorized access, use, or disclosures;

d)     Limiting data access to only authorized personnel with a need to perform a specific job; and

e)     Training all CME employees on our security and privacy practices.

As required by our accreditation agency, we will maintain your data for a minimum period of at least six years.

We endeavor to protect the privacy of the personal information we hold in our records, but we cannot guarantee complete security. Unauthorized entry or use, hardware or software failure, and other factors, may compromise the security of your personal information.  We will notify you of any security incidents that compromise the security, confidentiality or integrity of your personal information in accordance with applicable state and federal laws and Stanford University policies and procedures.

Any credit card, or other sensitive personal data, will be transmitted on appropriately secured, encrypted systems.

Knowing Your Choices

You may choose not to visit or use the CME website or participate in the CME Program.  If you choose not to use the CME website, you will be unable to participate in online CME courses.     

When providing personal information, you will have the option of choosing to be contacted regarding additional Stanford CME activities and services.  Notifications about additional CME programs and services will provide the opportunity to “opt-out” of future notifications.

If you do not wish to receive information or other notices from us in the future, you can "opt-out" by contacting us at the e-mail address indicated at the end of this policy or by following the "unsubscribe" instructions in any electronic communication you receive from us. Please be aware that you are not able to opt out of receiving communications about your account or your transactions with us.

Reviewing and Updating Your Information

You may access and edit some portion of your user profile information on the CME website.  You may review your registration and course information and transcripts on the CME website.  Your updated information will replace your obsolete information in our CME files.

You may also request a correction to your personal and profile data, or submit any questions or concerns to the CME team using the procedure under "Contacting Us." Please do not include any sensitive information, such as credit card information, in an email or voicemail message.

Changes to this Privacy Policy

This Privacy Policy will be updated periodically to reflect any material changes in our programs and practices.  These changes will be evident by inserting a new “Effective Date” (see below) and are effective when they are posted to our website at:  Treatment of information we collect now is subject to the version of the Privacy Policy in effect at the time such information is used.

Contact Information

For questions regarding this privacy policy, contact the Stanford Center for Continuing Medical Education via e-mail at or via phone +1 650-497-8554.

Effective Date

This policy is effective as of July 29, 2016.

Contact Information

1520 Page Mill Road
Mail Code: 5190
Palo Alto, CA 94304

Phone: 650-497-8554
Fax: 650-497-8585 or