PatientCrossroads is committed to protecting the privacy of our participating members. To better protect your privacy, we provide this notice explaining our information practices. To make this notice easy to locate, we make it available as a link on our home page. We define personal information to include: name(s), email address, mailing address, survey responses, registry information and non-public information included in your correspondence with us.
The PatientCrossroads CONNECT Registry has established and maintains a mailing database. The mailing list includes families of affected individuals, friends, physicians, scientists, contributors and others. PatientCrossroads will never release our mailing list or the names of our member families to any outside organization or third party unless required to do so by law. However, if an outside organization sends us information for distribution to PatientCrossroads CONNECT Registry participants, we may mail it to you after proper approval.
Information determined to be confidential can only be released by written or verbal permission by the subject of the information or organization that owns the information. Verbal permission may be valid in limited circumstances. Any general release must be in writing. Information may be released if required by law, such as in response to an investigation or subpoena. The PatientCrossroads CONNECT Registry web site provides links to other sites that may be of interest. PatientCrossroads is not responsible for the privacy practices or content of other such web sites.
PatientCrossroads is firmly committed to maintaining the confidentiality of your personal information in all of our activities and programs. Every reasonable effort will be made to maintain the privacy and security of all personal information in our possession. Access to personal information will be limited to PatientCrossroads personnel and PatientCrossroads’ subcontractors who have a need to use such information in the course of their work on the PatientCrossroads CONNECT Registry. In all instances, this work will be directly overseen by PatientCrossroads. All individuals will be instructed of their obligations under PatientCrossroads confidentiality and security requirements.
2. Collection, Use and Disclosure of Information
a. Collection of Information. All of the information you provide to the PatientCrossroads CONNECT Registry will be maintained in a secure database, and any information that could identify you will not be shared without your express written consent, unless otherwise required by law.
b. Use and Disclosure of Information. The goal of this registry is to make the information you provided searchable, while protecting your identity. De-identified data (information where all personal identifiers such as name, address, social security number has been removed) gathered from this profile will be made available to registrants of the Website in the hope that analyses of a substantially larger database will support breakthroughs and clinical trials that could lead to better treatments and care management. De-identified information may be disclosed to third parties and otherwise used in accordance with legal requirements.
PatientCrossroads may employ independent contractors, vendors and suppliers (“Outside Contractors”) to provide specific services and products related to the Website or to the services provided on the Website, including but not limited to, performing general statistical analysis, maintaining an email suppression list as may be required by state and/or federal law, fraud screening, testing and implementation of special services to users, and developing applications for the Website and the services provided on the Website. These Outside Contractors may have limited access to information collected on the Website, including protected health information and personally identifiable information. In the course of providing such products or services, Outside Contractors will be contractually obligated to protect the privacy and security of all protected health information and personally identifiable information.
3. Withdrawal of Information
4. Protection of User Information
5. Ownership of Information
6. Third Party Notifications/Advertising
a. PatientCrossroads reserves the right, in its discretion, to allow third parties to provide advertising or notices when you visit the Website. The PatientCrossroads CONNECT Registry will require such companies to follow best practices with respect to the collection and use of non-personally identifiable information; however, PatientCrossroads CONNECT Registry assumes no responsibility for the activities of the third parties with respect to the collection and use of such information.
8. Log Files; Web Beacons
a. The PatientCrossroads CONNECT Registry may use log file information sent by your web browser (which may include information such as your web request, Internet Protocol (“IP”) address, browser type, browser language, referring/exit pages and URLs, platform type, and other information) to analyze trends, administer the Website, track the movement of users, and gather broad statistical information for aggregate use. IP addresses are not linked to personally identifiable information. The PatientCrossroads CONNECT Registry may also employ “web beacons” (also known as clear gifs) to track online usage patterns of users. This information is not linked to personally-identifiable information. Web beacons may also be employed for tracking and receipt purposes in connection with web-based emails we send to users.
9. Website Links
10. Communications From PatientCrossroads CONNECT Registry
a. From time to time, PatientCrossroads or other related entities will notify users of updates and other valuable information about the PatientCrossroads CONNECT Registry, the Website and related clinical and research information. By using the Website, or registering or subscribing for services provided on or through the Website, users consent to being contacted by PatientCrossroads and related entities, and to receiving such updates and information. PatientCrossroads encourages related entities, including its business partners, to follow best practices with respect to email communications, security and privacy. However, PatientCrossroads cannot control, and assumes no responsibility for, any contact of users by related entities, including its business partners. In the case of emails coming directly from PatientCrossroads, such emails will clearly be from the PatientCrossroads CONNECT Registry and will include instructions on how to unsubscribe from future emails.
11. Required Disclosures
a. You understand and agree that PatientCrossroads may disclose information provided by you if in its good faith belief such disclosure is required by applicable law.
12. Contact Us; Member Accounts
13. Children Under The Age Of Thirteen (13)
14. Change of Control
15. U.S.-EU Safe Harbor Framework
Patient CrossRoads complies with the U.S.-EU Safe Harbor Framework and the U.S.-Swiss Safe Harbor Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries and Switzerland. Patient CrossRoads has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Safe Harbor program, and to view Patient CrossRoads’s certification, please visit http://www.export.gov/safeharbor/
As part of our participation in the Safe Harbor program, we agree to resolve disputes you have with us in connection with our policies and practices through TRUSTe. If you would like to contact TRUSTe, visit https://feedback-form.truste.com/watchdog/request."
16. Notification of Changes