Skip Navigation LinksHome > Privacy Policy

Privacy Policy

Informed Decisions currently conforms to all system and healthcare data security requirements mandated by federal and state laws, as well as those specific to the Agency.

Informed Decisions is committed to ensuring the privacy and security of Protected Health Information (PHI) and agrees to maintain internal protocols and procedures that ensure patient security and confidentiality. Informed Decisions has enacted stringent internal HIPAA-compliant policies and procedures and employs an internal Security Official who assumes the responsibility of monitoring and enforcing these policies and procedures at all levels.

Informed Decisions’ HIPAA-compliant policies and procedures include device and media controls, inventorying of hardware and software, facility access controls with person or entity authentication, audit and access controls, transmission security, protection from malicious software, data authentication, documentation, and retention, continuous security measures evaluation, contingency plans, risk analysis, and risk management.

All Informed Decisions personnel receive security awareness training, workforce security training, and workstation use security training as a condition of employment. Access to PHI is granted on a strict need-to-know basis after proper training and approval and sanctioning procedures are in place for any and all breeches of protocol.

Except as set forth in this paragraph, Informed Decisions will not disclose to unaffiliated companies any PHI. Any PHI provided to entities affiliated with Informed Decisions will be treated in accordance with the terms of this Privacy Policy, unless otherwise posted. In the following limited circumstances Informed Decisions will consider, and may release, PHI to third parties: (1) to comply with valid legal requirements such as a law, regulation, search warrant, subpoena or court order; or (2) in special cases, such as a physical threat to you or others, as determined by Informed Decisions.

We also provide PHI to our vendors and suppliers (“Vendors”) where it is necessary for them to provide us with products and services related to better operation and maintenance of our Sites. We will attempt to require that each of these Vendors not further use or disclose PHI for any purpose other than providing us or you with products and services. Informed Decisions cannot guarantee their compliance with these restrictions and will not be responsible for any noncompliance by a Vendor.

Informed Decisions does research on our users’ demographics, interests, and behavior based on the information provided to us upon registration, during a promotion, from our server log files, or from surveys. We do this to better understand and serve our users. This research is compiled and analyzed on an aggregated basis. Informed Decisions may provide information about you which does not allow you to be identified or contacted to third parties. For example, we might inform third parties regarding the number of users of our Sites and the activities they conduct while on a Site. We might also provide customers or business partners with general information regarding our Site users (e.g., that "40% of our users are medical students" or that "15% of our users have searched for heart drugs"). Depending on the circumstances, we may or may not charge for this information.

Informed Decisions may sometimes permit third parties to offer subscription and/or registration-based services through the Sites. In these instances, Informed Decisions is not responsible for any actions or policies of such third parties. You should check the applicable privacy policy of such party before providing personally identifiable information.

To ensure all PHI remains as secure as reasonably possible, Informed Decisions has employed as two-tier system that combines leading technical safeguards and a code of conduct for those employees who are permitted to access our customers’ PHI. Informed Decisions contracts with VeriSign to help ensure the integrity and privacy of all PHI. As an additional security measure, PHI is stored on a separate server where all passwords are encrypted.

Only authorized employees of Informed Decisions are permitted to access Personal Information. All employees must abide by our Privacy Policy. Those who violate our Privacy Policy are subject to disciplinary action, up to and including termination. The Sites are not intended for persons under 13 years of age. Informed Decisions does not knowingly solicit or collect Personal Information from or about children and we do not knowingly market our products or services to children.

You may contact us at any time if you wish to (i) delete your Personal Information from our systems, (ii) update the Personal Information that you have provided to us, and (iii) change your preferences with respect to marketing contacts, by emailing us at support@goldstandard.com.

GOLD STANDARD may change this Privacy Policy at any time by posting revisions to our Sites. Your use of the Sites constitutes acceptance of the provisions of this Privacy Policy and your continued usage after such changes are posted constitutes acceptance of each revised Privacy Policy. If you do not agree to the terms of this Privacy Policy or any revised policy, please exit the applicable Site immediately.

Revised March 23, 2007.