Cerner Direct Privacy Policy

Overview

Cerner Corporation ("Cerner") is committed to protecting the privacy and security of the personal information that you entrust to us. This privacy policy (the "Privacy Policy") describes how Cerner protects the privacy and security of your personal information. Your use of Cerner Direct is governed by the terms of this Privacy Policy. If you do not agree to this Privacy Policy, you may not use Cerner Direct. Additional terms and conditions, if any, regarding the collection and use of your information may also be provided to you before you sign up for a particular program or service.

Cerner Direct's Privacy Principles

  • The only personal information Cerner Direct obtains about you is that which you supply voluntarily. In cases when Cerner Direct may need personal information to provide you with customized content or to inform you about new features or services, you will be asked for that information.
  • Personal information provided by you (such as name or e-mail) will not be disclosed to anyone unless you indicate that Cerner may do so, or as described in this Privacy Policy.
  • Only statistical information about Cerner Direct users as a group (such as usage habits or demographics) may be shared with any affiliate, subsidiary, or partner of Cerner, unless an appropriate confidentiality agreement is in place.

How Information is Collected and Used

Cerner Direct collects certain information from you in three ways: (i) from Cerner Direct web server logs, (ii) with cookies and web analytics tools, and (iii) directly from you.

(a) IP Addresses (Server Log Information). An IP address is a number automatically assigned to your computer whenever you access the Internet. All computer identification on the Internet is conducted with IP addresses, which allow computers and servers to recognize and communicate with each other. Cerner Direct collects IP addresses in order to conduct system administration, report Aggregate Information (as defined below) to affiliates, subsidiaries, sponsors, or partners, and to conduct site analysis. Cerner Direct will also use IP addresses to identify any users who refuse to comply with the Terms of Use agreement, and to identify users who threaten Cerner Direct's service, web site, users, clients or others.

(b) Cookies. Cerner Direct places a text file called a "cookie" in the browser files of your computer. Cookies are pieces of information that a web site transfers to an individual's hard disk for record keeping purposes. Cerner Direct uses cookies to identify your on-line session, secure your information, and improve the performance of Cerner Direct. These cookies do not contain personal information. You may disable cookies in your browser but doing so will restrict your access to only public pages and you will no longer be able to access Cerner Direct.

(c) Web Analytics. Cerner may use Google Analytics to understand CernerDirect.com's site usage. Site usage information is used to help design, develop, and support CernerDirect.com. To the extent Cerner uses Google Analytics, Google receives and stores CernerDirect.com's contributed site usage information (such as pages accessed) and your IP address, but it does not receive any sensitive information as a part of this process. If you do not want data collected by Google Analytics, you can use the Google Analytics Opt-out Browser Add-on available on Google's website.

(d) Registration (User-Supplied Information). Cerner Direct registration systems may require you to give Cerner contact information (such as their name and e-mail address) and demographic information (such as a ZIP code, organization and/or role). Your contact information is used to contact you when necessary.

(e) Services (User-Supplied Information). Cerner may use your account and e-mail address to communicate with you about its services. If you sign up for a new service, Cerner may collect personal information such as contact information (e.g. name, address, telephone number and alternate e-mail address), demographic information (e.g. zip code, organization and/or role), billing information (e.g. credit or debit card numbers), or sensitive information (e.g. healthcare information).

How Information is Shared and Disclosed

Cerner does not rent, sell or share personal information about you with other people or nonaffiliated companies, except when Cerner has your permission, or under the following circumstances:

(a) Disclosures to Third Parties Assisting In Our Operations. Cerner may provide your personal information to affiliates, subsidiaries and trusted partners who work on behalf of or with Cerner under confidentiality agreements. These companies may use your personal information to assist Cerner in its operations. However, these companies do not have any independent right to share this information.

(b) Aggregate Information. Cerner may provide information about you that does not allow you to be identified or contacted ("Aggregate Information") to third parties, such as usage information and trends. When Aggregate Information is provided, we pool it from many individual records and strip it of any data that could be used to identify you before it is used.

(c) Disclosures Under Special Circumstances. Cerner may provide information about you to respond to subpoenas, court orders or legal process, or to establish or exercise our legal rights or defend against legal claims. Cerner believes it is necessary to share information in order to investigate, prevent or take legal action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of Cerner's Terms of Use, or as otherwise required by law.

(d) Disclosures to Your System Administrator. Your system administrator is the individual or entity who assigned your Cerner Direct account to you, such as your employer, a health information exchange or an accountable care organization. Cerner may provide your system administrator with information related to your use of your Cerner Direct account, such as usage reports and your compliance with the Terms of Use. Your system administrator may also own your Cerner Direct account, in which case they may be able to access the emails within your account.

Do Not Track

Do Not Track mechanisms are signals to websites or mobile applications that the user does not want the website operator to track his or her visit across different websites. Tracking refers to collecting personally identifiable information about a user as he or she moves across websites; it does not refer to using or collecting information about a user within a single website. Cerner Direct does not track your actions across websites and therefore does not respond to Do Not Track signals that may be incorporated into certain web browsers. Cerner Direct does however use Google Analytics to track your use of the CernerDirect.com website; for more information on our use of Google Analytics and how you can opt-out see the section above entitled Web Analytics. Cerner Direct does not allow third parties to collect personally identifiable information about your online activities as you navigate across different websites over time.

Information Security

Cerner understands that storing personally identifiable data in a secure manner is essential. Cerner Direct data is stored using industry-standard physical, technical and administrative safeguards to secure data against foreseeable risks, such as unauthorized use, access, disclosure, destruction or modification. Cerner's data security practices are consistent with the standards of the Health Insurance Portability and Accountability Act ("HIPAA") security regulations. We regularly review our physical and electronic security measures to manage and enhance our capabilities.

Your Ability to Edit and Delete Your Information

You can edit or delete your personal information that is maintained by Cerner at any time by submitting a request to your Cerner Direct system administrator.

Questions

We regularly review our compliance with this Privacy Policy. If you have any questions or suggestions about how we treat personal information, please contact us at:

Cerner Corporation
2800 Rockcreek Parkway
Kansas City, Missouri 64117 U.S.A.
Attention: Chief Legal Officer

Notification of Changes to this Privacy Policy

This Privacy Policy may be revised from time to time as we add new features and services, as laws change, and as industry privacy and security practices evolve. However, Cerner will take reasonable steps to notify you of material changes it makes to the Privacy Policy. We display an effective date on the policy below so that it will be easier for you to know when there has been a change. You are responsible for regularly reviewing this Privacy Policy. Your continued use of Cerner Direct constitutes your acceptance of the revised terms. Small changes or changes that do not significantly affect individual privacy interests may be made at any time and without prior notice.

Last Modified: January 15, 2018