Healthcare Information and Management Systems Society, Inc. (HIMSS) is a global leader supporting the health ecosystem by building the bridge between information and technology.
Please read this privacy notice carefully as it will help you understand what we do with the information that we collect.
Data We Collect
In order to offer you HIMSS’ Mobile, Newsletter, Webinar, and Career Services, we have to collect certain information about you. That information includes:
In order to create an account with HIMSS, you will need to provide us with certain personal information. That information includes your name, city and country, email address, and site password. We may also require verification of your identity through a HIMSS-associated identification number or through the provision of a personal link sent to your email address. When registering for premium Services (e.g., membership), we may also ask for payment information. This information is strictly subject to our privacy and security protocol under this Policy, and we will never charge you for Services that you do not request.
In addition to this required information, upon registration, we may ask for additional optional information. Such optional information may include your profession, photo, headline, professional goals, topics of interest, and more. Whether you provide this information or not is entirely up to you, but by providing this information you allow us to provide you with a better and more tailored experience.
When you download and use the HIMSS Mobile Application and interact with event-specific capabilities, we may collect information about your behavior (e.g., view an event guide, check out an event schedule, view attendee profile, send a message, add event session to your schedule) for the purposes of gamification. For each event-related activity that you perform within the Mobile Application, HIMSS will score your activity, compare and rank your activity with the activity information of other users.
When Members download a White Paper, we may collect personal information including a user’s name and contact information (such as an email address), order and payment information, online account username, and information about your browsing habits. We collect this information to ensure that our White Papers are better tailored to our Members’ interests.
When Members register for HIMSS Webinar Services, we may ask for the information outlined here, as well as collect additional information such as attendance records, completion of a course and other similar information, such as metrics related to your access. We do this to ensure that our offerings are engaging and helpful to our Members, that partners are aware of opportunities to host additional webinars, and more.
When Members choose to engage with HIMSS’s Career Services, HIMSS will ask for the information acknowledged here, as well as additional information necessary or helpful to a job search. That information might include, for job seekers, for example: particular skills and qualifications; areas of expertise; target cities and locations; salary requirements, and more. HIMSS will share only the information you provide to us, and we reserve the right to share public information available on your feed, which is available for any HIMSS member to view. HIMSS will never share your non-public sensitive information, unless specifically requested by you — such as information you choose to include within your resume.
If you decide to use other services or features that contains our plugins, for example a platform that allows you to log in using the same login process you use with us, or if you choose to log into HIMSS through your existing email account or through another service, we may receive information about your visits and interactions with those other services. We use that information to verify your identity on our platform, identify your interests, and for select other purposes such as monitoring your account for security or fraud.
HIMSS hosts several online events, separate from the Global Conference. When a user signs up for our online events, we may collect information including but not limited to username and password, first name, middle initial, last name, user’s company/organization, title/professional degree or designation, photo, physical address, phone number, email, age bracket, gender, and disability status.
We may also collect demographic information including but not limited to professional title, worksite, length of time in the field, purchasing authority, previous conference attendance, name of the hotel (if attending an in-person/live event), and discount code.
When users contact HIMSS via phone number or email portal, we may collect personal information included but not limited to first and last name, phone number, time, date, and email address. We will also record the reason for the call or email.
By using HIMSS’s Services, you have the opportunity to connect with colleagues, share information about professional development opportunities, maintain professional credentials, enroll in course certifications, register for events and conferences, and more. One of these Services that HIMSS provides our Members is the ability to create and develop an online profile.
As a Member, you can choose to share information such as your photo, headline, current role and workplace, experience level, personal websites, certifications, professional goals and affiliations, and more. Whether or not to fill out sections of your profile is up to you, however the more details you provide the more likely it is that opportunities for collaboration, professional development, and relevant information will find their way to you.
The data you choose to make public, including your posts, likes, follows, comments, and more can be seen by anyone logged into the platform. While those that are not logged on cannot see the information you share, HIMSS cannot fully mitigate the risk that Members will violate HIMSS’s Terms of Service to move the information you’ve shared on HIMSS off our platform.
You can choose to engage with the HIMSS Mobile Application to register and support your participation in virtual and in-person events. When you choose to engage with the Mobile Application, you will automatically be provided with our in-application game experience, where you can earn points for exploring the application and earning achievements and compete on the leaderboard against other event attendees.
HIMSS will never ask you to share sensitive personal information, such as your trade union membership, sexual orientation, or racial identity, on your public profile or in another public manner. Please do not post or add personal data to your profile that you would not want to be publicly available and be aware that sharing the non-public sensitive data of others without their permission is a violation of our Terms of Service (e.g., sharing a photo of a patient’s medical record).
Ratings, Interest Information, and Chapter-Related Offering
HIMSS offers the ability for Members to discuss, rate, and review specific course offerings, conferences, and more.
Absent a request from you asking for this data to be deleted, corrected or limited in use, HIMSS reserves the right to preserve such public comments and ratings information in order to better our Services, provide relevant information to partners, and provide up-to-date information for our Members.
Information Gathered from Cookies and Other Similar Technologies
When leaving or coming to our sites, HIMSS may also collect information concerning both the site you came from and the one you go to, as well as the time of your visit. We collect this information in alignment with the security and privacy protocol outlined in this Policy, and endeavor to utilize privacy-preserving technologies such as Internet Protocol (“IP”) masking, which allows us to only collect the information we need, in anonymous or aggregate form, about your site visit.
When using our Services from a mobile device, your device will send us data about your location based on your mobile device’s settings. To the extent we may use Global Positioning System (“GPS”) or other tools to identify your precise location, we will always ask for your opt-in consent.
We endeavor to cooperate with “Do Not Track” (“DNT”) signals. When you choose to turn on the DNT setting in your browser, your browser sends a signal to websites, analytics companies, ad networks, plug in providers, and other web services you encounter while browsing to stop tracking your activity. DNT signals are not universal, and in special circumstances, HIMSS reserves the right to refrain from complying with signals, such as when the signal is indecipherable or incompatible with our processes. Similar to our note about cookies, if you choose to turn on your DNT setting within your browser, some of our Services may not function as a result; furthermore, we may not be able to send you some of the advertisements or sponsored opportunities you may value.
Unless relevant law provides otherwise, we also collect (or rely on others who collect) information about your device when you have not engaged with our Services (e.g., ad ID, IP address, operating system and browser information) so we can provide you with relevant ads and better understand their effectiveness. You can always opt-out from our use of data from cookies and similar technologies that track your behavior on the sites of others for ad targeting and other ad-related purposes, and you can do so by visiting your Settings.
Partners and Related Offering Information
HIMSS shares personal data with partner organizations, vendors, third-party service providers and agents who work on our behalf or closely with us to offer content such as courses, training opportunities, webinars, advertisements, conferences, and career-specific newsletters, to our Members. We may tailor these opportunities to the specific information you have provided to us, as well as information HIMSS has gathered based on your previous interactions with our Services.
In certain instances, your employer or another organization may provide you with access to HIMSS Services. In those cases, those entities will only receive aggregate information, and not personal information about your engagement with our Services. For example, we may share that a majority of employees registered with HIMSS have fulfilled a certain certification course; however, we will not provide employers with information about which of their employees fulfilled a particular course or which employees are open to recruitment opportunities. HIMSS reserves the right to alert your employer or other organization to your having been banned from HIMSS Services. These instances will occur only following a breach of our Terms of Service or community standards (i.e., egregious harassment of another member, repeated instances of fraud, etc.)
If you choose to use the HIMSS Mobile Application for event-related information and services, you will automatically be provided with the in-app game experience. You may opt-out of the gamification at any time.
How we use your data
HIMSS only uses your personal information to provide our services, personalize your experience, comply with security measures as well as the law, or to fulfill business obligations. We may also need to use your personal data to address your own requests for that data, or to comply with your rights.
Providing our Services
By choosing to provide HIMSS with your personal data, we are able to connect you with colleagues and employers, find opportunities and share resources, and share news about conferences and trainings and more. Without data such as your name, email address, and password, HIMSS would be unable to provide our Services, including the ability to register you for events, verify your credentials, and more.
How we use your data depends on the HIMSS Services you use, how you choose to use or engage with those Services, and the choices you make upon registering and within your user-specific settings.
HIMSS may also use your data to prevent fraud. For example, we may use your personal data to ensure the security of our services (i.e., by monitoring accounts for instances of fraud); ensuring benchmarking (i.e., by cross-comparing certain profiles in order to ensure that organizations are maintaining their professional quality); as well as for product improvement to ensure that we are offering you the best product we can across our Services. HIMSS may also be required to share your data with trusted third-parties in order to respond to your service requests, answer your support-related questions, and otherwise maintain responsiveness.
Personalizing your Experience
In addition to providing necessary services, HIMSS may use your data in order to personalize your experience, including offering you specific opportunities and bettering HIMSS’s automated systems and inferences, so that our Services (including advertisements) can be more relevant and useful to you.
HIMSS offers personalized experiences through tailored career guidance, specific course offerings, and by suggesting individuals who you may know. HIMSS and its vendors, partners or publishers may also tailor advertisements to Members, non-members, and others by using: Member-provided information; data collected regarding your use of HIMSS Services (including, search history, public feed data, videos watched, conferences attended, and more); as well as any information inferred from this data (including using profile information to infer a Member’s age, title, interests, professional seniority, and more).
HIMSS uses Members’ data and content for invitations and communications promoting membership and network growth, engagement and our Services, such as by showing your connections that you have used a feature on our Services.
HIMSS offers Members specific opportunities to serve as speakers or participants for events, and we reserve the right to communicate those offers directly to you. The choice over whether to register for, or serve as a speaker is entirely up to you. If you do decide to speak at an HIMSS-related event, including events such as the HIMSS Global Health Conference, we may request additional data from you, such as a new headshot, preferred title, and more. The collection and use of this information will be within the context of the particular opportunity for which you have registered, and we reserve the right to make that information public for marketing and similar purposes.
HIMSS reserves the right to show you sponsored content, which may or may not look similar to non-sponsored content, although we will alert you to the nature of the content by adding a tag (such as “sponsored content” or “advertisement”). If you choose to comment, share or similarly engage with sponsored content, your action may be viewable by your connections on your feed as well as by the sponsor. The choice over whether to engage with sponsored content is yours.
HIMSS offers Members the ability to engage with sales persons on the basis of your expressed interests. Members always have the right to ignore these offers, or report such offers if they violate our Terms of Service.
HIMSS’s advertising practices align with industry best practices for internet-based advertising. We provide Members with the ability to opt-out from tailored or targeted advertising; however, by opting out of such advertising on your settings, you are not opting out of advertising altogether. You will continue to receive advertisements; however, those advertisements may not be tailored to your specific interests. If you would like, you can choose to opt-out of specific uses of certain categories of personal data while allowing advertising uses of other categories.
HIMSS provides gaming capabilities that you can trigger, which may contain information about you, and grant permission to others to see, share, edit, copy, and download that content based on your select settings. Some of the gamification features of the HIMSS services display some or all your profile information to other HIMSS users when you share or interact with specific content. For example, when you add a session to your schedule, we display your profile picture and name next to the session so that other users with access to the session can see who the other attendees are. Similarly, when you perform an activity being rewarded, your name, profile picture, and contact information will be displayed in an activity feed for other HIMSS members so they can find and interact with you.
HIMSS does not share your personal data with any third-party advertisers or ad networks except for in the instance of: (1) hashed IDs, device identifiers, or pseudonymous data (to the extent that they are personal data in some countries); (2) with your separate permission (e.g., in a lead generation form) or (3) data already visible to any users of our Services (e.g., profile or public feed data).
Pursuant to this Policy, HIMSS Services may contract with Google Analytics (or other such services), which only utilizes anonymous data (such as: ad serving domains, browser type, demographics, language settings, page views, time/date a site has been visited), and pseudonymous data (IP address). See our agreement with Google Analytics here: Google Analytics Terms of Service.
Other Instances (Monitoring for Fraud, Complying with Lawful Requests for Data, and More)
In certain circumstances, we may be required by law to provide information about you and your engagement with HIMSS Services. We will never turn over your data to the government or to law enforcement unless we are required by subpoena, warrant or other legal process or legal order.
In those cases, we will turn over your personal data only when we have a good faith belief that we are required by law to do so and that the disclosure is narrowly tailored and reasonably necessary to (1) investigate or prevent suspected or actual illegal activity; (2) enforce our agreements with you; (3) defend ourselves against legal claims or allegations; (4) protect the security of our Services (such as preventing a similar fraud across different departments) and (5) to exercise or protect the rights and safety of HIMSS, our Members, personnel or others. We attempt to notify Members about legal requests for their personal data when appropriate and permitted, unless prohibited by law or court order or when the request is an emergency. We may dispute such requests when we believe, in our discretion, are overbroad, vague or lack proper authority, but we do not promise to challenge every demand.
Finally, we may be required to share personal data for archival purposes in order to maintain HIMSS, or third-parties’ records (for example, maintaining a list of individuals registered for an event, or those who have achieved an expert-level certification for verification purposes).
Our obligations and your choices
For example, in some regions, such as the European Economic Area, you have rights under the EU General Data Protection Regulation (the “GDPR”) which allow you greater access to and control over your personal information. These rights include the right to access and port your data, delete your data, change or correct your data, as well as the right to object to or limit the ways in which your data is used.
Depending on your state of residence within the United States, your privacy rights and our obligations may differ. For example, residents of California, under the California Consumer Privacy Act (the “CCPA”) have the right to know which categories of data HIMSS holds about them, as well as the categories of third-parties to which that date is sold or shared. Furthermore, California residents are able to opt-out of the disclosure of their sensitive personal information upon registration and can exercise that right anytime throughout their engagement with HIMSS Services by accessing their settings. Californians may also designate a representative to act on their consumer rights, although HIMSS retains the right to verify that the representative is acting under your direction. Residents of Nevada too, have heightened privacy rights over their personal information when used in combination with another identifier (like a financial account number). Rest assured that, regardless of your state of residence, HIMSS upholds our obligation to protect your personal data to the fullest extent of applicable law.
We aim to fulfill every request from you, unless those requests are frivolous or would be impractical to address, jeopardize the rights of others, or if we are not required to by law. However, in such circumstances, we will still respond to notify you of such a decision. In some cases, we may also need you to provide us with additional information, which may include personal data, in order to verify your identity. HIMSS will never deny you the use of our Services or provide you with a different level or quality of Services for exercising any of your rights.
If you want to submit a complaint about how we have resolved your request, or if you feel that we have not fully addressed your concerns, you may contact the Dutch Data Protection Authority (“Dutch DPA”) here: https://autoriteitpersoonsgegevens.nl/en/contact-dutch-dpa/contact-us. …;
Access or Port Your Data
You have the right to request more information about the personal data we hold about you anytime, as well as request a copy of that data. We will send a copy of your personal information in machine-readable format to the email address associated with your account, unless you direct us otherwise. You can also request that we transmit the data to another platform where technically feasible.
Delete your Data
You have the right to delete the data you have previously shared with us. Once a deletion request if fulfilled, neither you nor HIMSS Services or its partners will have access to your historical data, unless we are required to retain such information by law. Filing a deletion request means that your data will be permanently and irreversibly erased, which may limit our ability to communicate with you in meaningful ways. If you would prefer to change or correct your information instead or ask that we change the ways in which we use your data, such restrictions allow us to continue offering you the Services you value.
For Members subscribed to HIMSS’s Newsletters, each individual newsletter you receive contains a quick and easy unsubscribe link. When you opt-out from receiving those emails, HIMSS and Salesforce, which manages HIMSS’s Newsletter, may retain a record of your past receipt. If you would prefer HIMSS delete these historical records, contact us directly at email@example.com.
Change or Correct your Data
You have the right to correct, change, or modify the personal data we hold about you anytime if you believe that data to be incorrect or incomplete.
Object to, Limit, or Restrict the Use of your Data
You have the right to contact us anytime and object to the further use or disclosure of your personal data for certain purposes, such as for direct marketing. You can also ask us to restrict further processing of your personal data.
Rights to Access and Control Data
Delete Data: You can ask us to erase or delete all or some of your personal data (e.g., if it is no longer necessary to provide Services to you.)
Change or Correct Data: You can edit some of your personal data through your account. You can also ask us to change, update or fix your data in certain cases, particularly if it’s inaccurate. Object to, or Limit or Restrict, Use of Data: You can ask us to stop using all or some of your personal data (e.g., if we have no legal right to keep using it) or to limit our use of it (e.g., if your personal data is accurate or unlawfully held).
Right to Access and/or Take Your Data: You can ask for a copy of your personal data and can ask for a copy of personal data you provided in machine readable form.
Other things we think you should know
Lawful Bases for Processing
If we are relying on your consent to process your personal information, you have the right to withdraw that consent at any time. Please note however that this will not affect the lawfulness of the processing that occurred before your withdrawal, nor will it affect the processing of your personal information conducted in reliance on lawful processing grounds other than consent.
HIMSS implements appropriate technical and organizational security measures designed to protect the security and safety of your personal data.
Data Localization and Cross-border Data Transfers
As a multinational organization, HIMSS, as well as HIMSS, recognizes the need to meet GDPR requirements, and ensure that your personal data is protected when transferred across borders. The GDPR restricts the transfer of personal information outside of the European Economic Area, except in cases where adequate protections are in place to guarantee that your personal information is sufficiently protected.
HIMSS Services are not intended to be used by children. By registering for HIMSS, you affirm that you are an adult over eighteen years of age. If we learn that we have collected personal data from a child, we will delete that information as quickly as possible. If you believe that a child may have provided us with their personal data, please contact us at firstname.lastname@example.org.
HIMSS Health provides a collaborative and supportive community to help organizations and market suppliers unlock value and overcome systemic challenges around innovation. This platform engages users in year-round content, services, and events in efforts to connect thought leaders around the world.
Healthbox is a platform that engages in consulting services, strategic investing, and strong financial performance.
- How we use your data depends on the HIMSS Services you use, how you choose to use or engage with those Services, and the choices you make upon registering and within your user-specific settings.
- HIMSS will never ask you to share health information on your public profile or in another public manner.
HIMSS Learning Center is a platform that allows users to learn, discuss, and share information with other professionals around the globe. HIMSS Learning provides innovative solutions, discussions, and leading industry experts in the intersection of healthcare and information technology. Attendees who attend the live presentation will have the opportunity to engage with speakers during the session.
When Members choose to engage with HIMSS Learning, users are provided full, complimentary access to HIMSS20 Digital, discounts on HIMSS events, training, and certifications, and engagement with over 57 global chapters. When users sign up for HIMSS learning we collect information including but not limited to first and last name, company/organization, title or professional degree/destination, photo, physical address, phone number, email address, age bracket, time allocated at booths, expressed interests, actions taken by user.
We may also collect information related to demographic information, including professional title, worksite, length of time in the field, and purchasing authority. We will keep the HIMSS Learning certifications and credentials for 7 years.
HIMSS supports 58 chapters globally and works to bring health professionals together. As HIMSS members, users receive the benefit of being a member of one HIMSS chapter of your choice. Upon registration to a HIMSS Chapter, we may collect information included but not limited to profession, headline, professional objectives, and topics of interest. We collect this information to ensure our Platform includes applicable chapter activities. Users have discretion in providing all or some of this information, but providing this information is aimed at providing you with more tailored user experience. Chapter Leadership Information is made publicly available as we select recording of events.
Events and Public Forums
HIMSS hosts events with world-class speakers, allowing users to choose between in-person and digital registration options. During event and public-forum registrations, HIMSS collects information including but not limited to, username and password, first name, middle initial, last name, user’s company/organization, title/professional degree or designation, photo, physical address, phone number, email, age bracket, gender, and disability status.
We may also collect demographic information, including professional title, worksite, length of time in the field, and purchasing authority.
HIMSS student membership allows individuals engaged in full-time study an opportunity to engage with healthcare information and management systems. Student members have access to the same benefits as regular members, excluding the right to vote or hold elective office.
When becoming a Student Member, HIMSS requires evidence of student status, including but not limited to copy of Student ID Card, Educational Verification Form, or unofficial transcript. This documentation must include the expected graduation date. We require this documentation to ensure our Services reflect opportunities available to students including: Scholarships from the HIMSS Foundation, the HIMSS Student Case Competition, and HIMSS Emerging Healthcare Leaders Poster Sessions.
HIMSS Partner Innovation Exchange
The HIMSS Partner Innovation Exchange is an initiative to convene digital health influencers to further HIMSS’s mission of reforming the global health ecosystem through the power of information technology.
When Members register for the HIMSS Partner Innovation Exchange, we may ask for the information outlined here, as well as the additional information necessary or helpful to building a partnership. For our Partnership Innovation Exchange, this information sharing may include:
HIMSS JobMine connects employers with candidates in healthcare, IT and career opportunities. JobMine allows users to explore expert resources, resume databases, receive job alerts, and work with a career coach.
When Members register for HIMSS JobMine we may ask for information, including but not limited to company profile, access to innovative solutions, discussions, and leading experts in healthcare information technology.
HIMSS’s platform provides full-service media and events on the relationship between technology and innovation. HIMSS users will have access to account-based marketing, custom content. Additionally, this Service includes access to HIMSS TV and HIMSS Global Health Conference Solutions.
Account-Based Marketing: HIMSS Media and Account-Based Marketing Service provides clients with unparalleled insights into key account activities across media, mobile, video, and other high-impact channels.
Custom Content: The HIMSS Custom Content studies buyer personas and the buying process through an in-depth analysis of research.
MobiHealthNews provides users with news, commentary, and online research for the digital health community. This Platform provides daily news updates on digital health and health care innovation coverage on a breadth of issues.
HIMSS shares personal data with our service providers and agents who work on our behalf or closely with us to offer content such as courses, training opportunities, webinars, advertisements, conferences, and career-specific newsletters, to our Members. We may tailor these opportunities to the specific information you have provided to us, as well as information HIMSS has gathered based on your previous interactions with our Services.
We may be required to share personal data for archival purposes to maintain HIMSS, or third-parties’ records.
List of Data Processors
HIMSS uses the following data processors to design, create, and implement IT processes and symptoms that would enable the data controller to gather personal data about HIMSS users. While HIMSS uses many data processors, below is a list of the categories of processors we use to gather your data.
- User Experience: Data Processors will implement tools to analyze user engagement and interaction on the HIMSS’ platform. These tools will analyze our products and service utility, ease of use, and efficiency.
- Brand Management: Data Processors will implement techniques and tools to increase Accelerate’s brand value. These processors will work towards building out strong brand associations.
- Content Strategy: Data Processors will collect analytics and data around user’s interactions and engagement with HIMSS content.
Anonymous or Aggregate Information
Anonymized data is information that has been irreversibly altered in such a way that an individual can no longer be identified directly or indirectly by its use. Aggregate information, similarly, cannot identify an individual, and is the process of combining data sets in order to obscure the identity of anyone individual.
A cookie is a small file containing a string of characters that is sent to your computer when you visit a website. When you visit the site again, the cookie allows that site to recognize your browser. Cookies may store user preferences and other information. You can configure your browser to refuse all cookies or to indicate when a cookie is being sent. However, some website features or services may not function properly without cookies.
Gamification describes the incentivization of user's engagement in non-game contexts and HIMSS-related activities by using game-style mechanics. Gamification leverages a user's natural tendencies for competition and achievement by rewarding a user for performing and repeating a specific action (e.g., sign up for an event, view a conference agenda, tag a user in a photo).
Every device connected to the Internet is assigned a number known as an Internet protocol (IP) address. These numbers are usually assigned to geographic blocks. An IP address can often be used to identify the location from which a device is connected to the Internet.
A pixel tag is a type of technology placed on a website or within the body of an email for the purpose of tracking certain activity, such as views of a website or when an email is opened. Pixel tags are often used in combination with cookies.
Partner or Partner Organization
Personal Information means any information that can identify an individual, including, but not limited to, information that relates to a person’s name, email address, health, finances, education, business, mailing address, telephone numbers, license numbers, and any financial identifiers.
Sensitive Personal Information
This is a particular category of personal information relating to topics such as confidential medical information, racial identity, ethnic origins, political or religious beliefs, trade union membership, or sexual orientation.
About this Policy
The following webpages and notices provide additional information about HIMSS, HIMSS-related Services, and the Healthcare Information and Management Systems Society (HIMSS) Website (“HIMSS Site”): About HIMSS