This Privacy Policy describes how the University of South Florida (USF) Health Informatics Institute (HII) located at 3650 Spectrum Blvd., Tampa, FL 33612, United States collects and processes personal information through our websites, mobile applications (“apps”), and databases. Personal information is data associated with a person's name or personal identity. This Privacy Policy explains the terms and conditions associated with the provision of any personal information to the HII and how we seek to comply with applicable data privacy laws and regulations.
The HII is committed to protecting your privacy. Periodically, our Privacy Policy may be modified to account for continuous advancements with internet technologies. These modifications will not affect our general commitment to the protection of your privacy. Any changes to our Privacy Policy will be reflected on this page.
We may ask you to provide personal information. Depending upon the activity you are participating in, this may include any of the following:
For Research Participants
As a data management and coordinating center for human subjects research, the HII collects and processes personal information relating to research participants. If you are participating in a research study, the informed consent form for the study includes specific information about what information will be collected for the study, the purpose of the study, how the information will be used, how long the information will be stored, and who to contact should you have questions about the research. All identifiable information collected for a research study is collected in accordance with Institutional Review Board (IRB) or Ethics Committee approval, the research protocol, and informed consent or permission from the individual study participants, as applicable.
For Health Professionals
The HII collects and processes personal information relating to the involvement and performance of research study team members. In some cases, this includes financial information to support payment for services.
For Website Users
The HII may collect and process personal information about individuals who visit or use our web services, including our websites, apps, and databases. This information may be collected using cookies or other website metric tools.
We use personal information only as necessary for the purposes for which it was obtained for the duration of the project. These purposes include:
If you choose to share personal information with us either by sending us a message or filling out an electronic form with personal information, we will use the information only for the purposes you authorized.
In terms established by the General Data Protection Regulation (GDPR), the HII is a Controller when it determines the purposes and means of the processing of personal data alone or jointly with others. Consent or another legal basis for processing personal information under GDPR will be established as applicable per GDPR. In cases where the HII does not determine the purposes and means of the processing of personal data, the HII would be a Processor and would process personal data on behalf of the entity that determines the purposes and means of the processing (i.e. Controller, such as the Sponsor).
Personal information is collected from our online services, including our websites, apps, and databases. Personal information may be collected indirectly such as via cookies, or it may be collected directly from research participants or from research study team members.
What are cookies?
Cookies are small files that are stored on your computer unless you block them. We use cookies to understand and save your preferences for future website visits and compile aggregate data about site traffic and site interaction so that we can offer better site experiences and tools in the future.
Cookies may also be set by an organization other than the HII. These “third-party cookies” may, for example, originate from websites such as YouTube, Twitter, Facebook, Google Plus or other social media services for which the HII has implemented “plug-ins.” Since the cookie policies of these sites change over time, you should determine their policies by visiting the privacy policy pages of these sites directly.
You may disable cookies through your individual browser options. If you would like to learn more about cookies, you may wish to visit: www.allaboutcookies.org
Note that your browser settings may allow you to automatically transmit a “Do Not Track” signal to websites and online services you visit. There is no consensus among industry participants as to what “Do Not Track” means in this context. Like many websites and online services, the HII currently does not alter its practices when it receives a “Do Not Track” signal from a visitor’s browser. To find out more about “Do Not Track”, you may wish to visit: www.allaboutdnt.com
People in jurisdictions with data privacy laws may have certain rights with respect to their personal information, such as: Right of Access, Right to Correction, Right to Erasure, Right to Restrict Processing, Right to Object to Processing, Right to Data Portability, Right to Withdraw Consent.
The HII will comply with requests to exercise applicable rights in accordance with applicable laws. To make a request, please write to us at gdpr@epi.usf.edu. If you are a research study participant, please review the study informed consent form you agreed to when you joined the study for additional information about exercising your rights.
The HII maintains a comprehensive information security policy that seeks to apply technical and organizational security measures that protect personal information, particularly sensitive clinical data, against unauthorized access or loss. Consistent with regulatory requirements, particularly under U.S. law and GDPR, the HII adheres to the USF institutional procedures for dealing with any breach of personal information, including making any necessary notifications to individuals or governmental authorities.
Security Precautions
The HII has security measures in place to protect the loss, misuse and alteration of information. Unfortunately, due to the nature of Internet communications, no data transmission over the Internet can be guaranteed to be completely secure. While the HII remains committed to protecting the privacy of users, we cannot ensure or warrant the security of any information you transmit to us, and you do so at your own risk. Once we receive your transmission, we make our best effort to ensure its security on our systems. We do so by using secure technology, privacy protection controls, and restrictions on employee access; however, we make no representations regarding the veracity of such measures.
The HII web pages may contain links to websites outside of and that are not under the control of the HII. This policy does not apply to linked websites outside the HII. It is recommended that visitors review the privacy policy of each individually linked website.
You can contact the HII at gdpr@epi.usf.edu with questions, concerns, or requests to exercise your rights. Within the European Economic Area, you may contact the data supervisory authority in your country if you have a complaint about the processing of your personal information.