Last Modified: June 20, 2013 10:54 AM

Cerner Direct Referrals Privacy Policy

Overview

Cerner Corporation ("Cerner") is committed to protecting the privacy and security of the personal information that you entrust to us. This privacy policy (the "Privacy Policy") describes how Cerner protects the privacy and security of your personal information. Your use of Cerner Direct Referrals is governed by the terms of this Privacy Policy. If you do not agree to this Privacy Policy, you may not use Cerner Direct Referrals. Additional terms and conditions, if any, regarding the collection and use of your information may also be provided to you before you sign up for a particular program or service.

Cerner Direct Referrals Privacy Principles

  • The only personal information Cerner Direct Referrals obtains about you is that which you supply voluntarily. In cases when Cerner Direct Referrals may need personal information to provide you with customized content or to inform you about new features or services, you will be asked for that information.
  • Personal information provided by you (such as name or e-mail) will not be disclosed to anyone unless you indicate that Cerner may do so, or as described in this Privacy Policy.
  • Only statistical information about Cerner Direct Referrals users as a group (such as usage habits or demographics) may be shared with any affiliate, subsidiary, or partner of Cerner, unless an appropriate confidentiality agreement is in place.

How Information is Collected and Used

Cerner Direct Referrals collects certain information from you in a variety of ways: (i) from Cerner Direct Referrals web server logs, (ii) use of web analytics tools, (iii) HIPAA auditing, (iv) registration information and (v) services information.

  • (a) Server Log Information. Cerner Direct Referrals collects transactional information to conduct system support, maintenance, and any necessary troubleshooting to ensure general system availability and stability.
  • (b) Web Analytics Tools. Cerner Direct Referrals uses various analytic tools to understand system usage. This information is used to help design, develop, and enhance the overall user experience. All analytic data is de-identified to keep the identity of the users along with their corresponding actions anonymous.
  • (c) HIPAA Auditing. Cerner Direct Referrals captures all successful attempts to access or modify PHI (Personal Health Information). This audit information is stored in a highly secured environment and can only be accessed by a privacy officer.
  • (d) Registration (User-Supplied Information). Cerner Direct Referrals registration systems may require you to give Cerner contact information (such as name and e-mail address). Your contact information is used to contact you when necessary.
  • (e) Services (User-Supplied Information). Cerner may use your e-mail address to communicate with you about its services.

How Information is Shared and Disclosed

Cerner does not rent, sell or share personal information about you with other people or nonaffiliated companies, except when Cerner has your permission, or under the following circumstances:

  • (a) Disclosures to Third Parties Assisting In Our Operations. Cerner may provide your personal information to affiliates, subsidiaries and trusted partners who work on behalf of or with Cerner under confidentiality agreements. These companies may use your personal information to assist Cerner in its operations. However, these companies do not have any independent right to share this information.
  • (b) Aggregate Information. Cerner may provide information about you that does not allow you to be identified or contacted ("Aggregate Information") to third parties, such as usage information and trends. When Aggregate Information is provided, we pool it from many individual records and strip it of any data that could be used to identify you before it is used.
  • (c) Disclosures Under Special Circumstances. Cerner may provide information about you to respond to subpoenas, court orders or legal process, or to establish or exercise our legal rights or defend against legal claims. Cerner believes it is necessary to share information in order to investigate, prevent or take legal action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of Cerner's Terms of Use, or as otherwise required by law.
  • (d) Disclosures to Your System Administrator. Your system administrator is the individual or entity such as your employer, a health information exchange or an accountable care organization, who provided you with access to Cerner Direct Referrals. Cerner may provide your system administrator with information related to your use of Cerner Direct Referrals, such as usage reports and your compliance with the Terms of Use.

Information Security

Cerner understands that storing personally identifiable data in a secure manner is essential. Cerner Direct Referrals data is stored using industry-standard physical, technical and administrative safeguards to secure data against foreseeable risks, such as unauthorized use, access, disclosure, destruction or modification. Cerner's data security practices are consistent with the standards of the Health Insurance Portability and Accountability Act ("HIPAA") security regulations. We regularly review our physical and electronic security measures to manage and enhance our capabilities.

Your Ability to Edit and Delete Your Information

You can edit or delete your personal information that is maintained by Cerner at any time.

Questions

We regularly review our compliance with this Privacy Policy. If you have any questions or suggestions about how we treat personal information, please contact us at:

Cerner Corporation
2800 Rockcreek Parkway
Kansas City, Missouri 64117 U.S.A.
Attention: Chief Legal Officer

Notification of Changes to this Privacy Policy

This Privacy Policy may be revised from time to time as we add new features and services, as laws change, and as industry privacy and security practices evolve. However, Cerner will take reasonable steps to notify you of material changes it makes to the Privacy Policy. We display an effective date on the policy below so that it will be easier for you to know when there has been a change. You are responsible for regularly reviewing this Privacy Policy. Your continued use of Cerner Direct Referrals constitutes your acceptance of the revised terms. Small changes or changes that do not significantly affect individual privacy interests may be made at any time and without prior notice.