Privacy Policy
Privacy policy
By visiting or accessing American College of Chest Physician (CHEST) websites, becoming a member or customer, or otherwise voluntarily submitting information to CHEST, you agree that you have read and agree to this Privacy Policy.
CHEST reserves the right to make changes to this Policy at any time; in such case, CHEST will post a notice that this Policy has been modified by revising the “Last Reviewed” date at the bottom of this Policy.
Child privacy
CHEST does not knowingly collect or use any personal information from any person under the age of 18. If you are under the age of 18, please do not access or use CHEST websites. If CHEST becomes aware that our systems have collected any personal information from persons under the age of 18, CHEST will delete that data from our systems.
Overview
CHEST is committed to protecting the privacy of its members and customers. CHEST maintains safeguards to store and secure information about all company and individual records in its possession. The safeguards may be physical, electronic, or procedural. This Privacy Policy (“Policy”) describes: (i) how CHEST collects information from its websites and through other voluntary interactions with CHEST (eg, subscription to a CHEST publication, purchase of a CHEST product, application for or renewal of CHEST membership, registration to a CHEST course or event, participation in a member survey, etc); and (ii) how CHEST uses this information. With respect to websites, please note that this Policy applies only to CHEST websites and not to the websites of unrelated third-party companies or organizations to which CHEST provides links, or to any software that may be downloaded from CHEST websites.
What information does CHEST collect?
CHEST collects two types of information: (1) non-personally identifiable information for everyone who visits its websites; and (2) personally identifiable information for members, registered website users, and anyone who purchases products, events, and services, or requests information.
Non-personally identifiable information
CHEST collects non-personally identifiable information from users who are browsing the public areas of CHEST websites. Once a user submits personally identifiable information, subsequent visits to public areas of CHEST websites are no longer anonymous. When you visit any website, its server may generate a piece of text known as a “cookie” to place on your computer. The cookie allows the server to “remember” specific information about your visit while you are connected. The cookie makes it easier for you to use the dynamic features of web pages. CHEST employs cookies to collect information about all visitors to CHEST websites, including pages viewed and the order visited, terms used in searching CHEST websites, and products/events investigated or purchased. CHEST uses cookies to improve the website and to provide more personalized services both on this website and through other media, including helping determine which services are most important and to guide editorial and business decisions. Cookies from CHEST pages collect only information about your browser’s visit to the site. They do not collect personal information about you.
Users who do not desire the functionality offered by cookies may disable cookie functionality in their browsers or through settings on their devices; however, users who do so may not be able to use some features of CHEST websites. For example, a registered user must have cookies enabled in order to access the registered-user sections of CHEST websites.
For system administration and troubleshooting, CHEST also logs the originating internet protocol (IP) address, the browser and operating system used, and information about individual use, such as time and date of visits, duration of sessions, and other similar usage or system data.
Personally identifiable information
In addition to the non-personally identifiable information listed above, CHEST records the user’s name and member/customer ID number for all registered users (ie, users who have logged into a password-protected area of a CHEST website). In the course of using CHEST websites, a user may be asked to provide personally identifiable information (eg, name, address, zip code, email address, telephone number, fax number, credit card payment information, etc) in order to purchase a product or event, participate in a CHEST activity, subscribe to a publication, request information, or otherwise interact with CHEST. In addition, users may be asked to update their contact information.
CHEST also collects email addresses voluntarily provided via membership applications and renewals, course and event registrations, product purchases, member surveys, downloads of certain materials, email communication sign-ups, and comments made in discussion threads on CHEST websites.
Important note for CHEST members, customers, donors, and constituents: CHEST also maintains a CRM database. The information in this database (eg, National Provider Identifier [NPI] numbers; demographic information, such as education and specialty) is drawn from membership applications, dues payment forms, subscriptions, product orders, continuing medical education (CME) reporting, public databases, member surveys, and other correspondence between CHEST and its members or customers.
Credit card information: CHEST does not disclose the credit card account information or activity of its customers. When members and customers pay using credit cards, CHEST submits this information encrypted to obtain payment from the appropriate clearing house. Credit card numbers are never stored in CHEST databases.
How does CHEST use information collected?
CHEST uses the information it collects to better serve members, customers, and visitors to CHEST websites in the following ways:
CHEST services and products
CHEST uses information collected to improve its web content, to respond to visitor needs and preferences, and to develop new products and services. For example, CHEST will combine non-personally identifiable information (eg, data stored in cookies, user’s IP address) with personally identifiable information (eg, user’s name, member/customer ID, email address) to offer products and services that may be of specific interest to the user.
Disclosure to third parties
If CHEST discloses personally identifiable information to contracted third parties, CHEST requires that these providers agree to keep confidential all such information and to use it only for the purposes designated by CHEST. CHEST will only disclose personally identifiable information to contracted third parties that provide sufficient guarantees in respect of the technical and organizational security measures governing the processing to be carried out and that demonstrate a commitment to compliance with those measures. The information used by any contracted third party will be preapproved by CHEST.
CHEST does not make name or contact information obtained from learners engaged in an accredited education activity available to companies whose primary business is producing, marketing, selling, re-selling, or distributing healthcare products used by or on patients without their consent.
CHEST may make personally identifiable information available to other contracted third parties in connection with CHEST programs and events or for other purposes that might be of interest to you as a CHEST constituent.
CHEST may make personally identifiable information available to contracted third parties that offer their own products or services deemed of potential interest to members and constituents of CHEST. For example:
- Continuing medical education (CME) programs
- Employment opportunities for health professionals
- General practice-related commercial offers germane to the practice of medicine
CHEST may make personally identifiable information available to our partners and sponsors when you request access to their offerings, benefits, communications, or content.
CHEST may make personally identifiable information available to our third-party contractors and payment processors who perform services for us in connection with the websites, or to complete or confirm a transaction or series of transactions that you conduct with us.
CHEST may make personally identifiable information available to service providers or suppliers when the information enables that party to perform business, professional, or technical support for us.
CHEST may make personally identifiable information available about you to comply with the law, applicable regulations, governmental and quasi-governmental requests, court orders, or subpoenas. In addition, CHEST may disclose personally identifiable information about you in order to (a) enforce our Terms of Use or other agreements; or (b) protect our rights, property or safety or the rights, property, or safety of our users or others. CHEST reserves the right to release information to law enforcement or other government officials, as CHEST, in our sole and absolute discretion, deems necessary or appropriate.
Links to other websites and social media
CHEST websites may contain links to other websites. However, this Privacy Policy only addresses CHEST's use and disclosure of your information collected on our websites, if any. CHEST is not responsible for the privacy practices of any third parties or the content of linked websites. CHEST directs users to read the applicable privacy policies and terms and conditions of third parties and their websites. CHEST makes every effort to link only to websites that align with CHEST data standards and respect for privacy.
CHEST websites include the ability to link to social media channels and social channel websites. As a result, CHEST receives information about users when they choose to post or otherwise share information about CHEST on these social platforms. CHEST may leverage that information in various ways, including enhance user experience with CHEST websites or to communicate with users about CHEST offerings and activities.
CHEST may use outside marketing companies to place and monitor advertisements or links on CHEST websites and on other websites. These companies may use non-personally identifiable information (eg, links clicked during a visit, browser type, time and date, subject of advertisements clicked or scrolled over) and personally identifiable information (eg, NPI number) during user visits to CHEST websites and other websites in order to provide advertisements about products and services likely to be of interest to users.
Protection of your data
CHEST has significant protections in place to ensure the privacy of your personal information. The CHEST membership database is implemented and designed to protect personal information. Individuals are asked to provide only the minimum information necessary when becoming a member, purchasing a product, or registering for a course or event. Multiple layers of physical, administrative, and electronic protections are in place to protect all information from unauthorized use, access, or malicious activity. Personnel procedures and processes have been developed with an emphasis on privacy.
The CHEST system is audited by independent third parties. Effective customer privacy and security are top priorities as part of our overall mission to provide our services to constituents.
Email
Once someone voluntarily provides an email address, CHEST uses that information to email that person with questions, transaction follow-up, promotions, and communications. CHEST collects data to track the effectiveness of emails, which enables CHEST to better serve its audiences.
As noted earlier, there are instances in which CHEST will share email addresses of its members and customers with outside service providers who are under an obligation of confidentiality and restricted use. Release of email addresses is governed under strict contractual licensing guidelines and can only be used for specific purposes.
All CHEST marketing emails and those of third parties include a link for unsubscribing. CHEST will apply any unsubscribe request as quickly as possible. However, because there may be email campaigns already in progress, some messages may still be sent until the opt-out request can be fully processed. Once the opt-out is processed by CHEST and all of its partners, that email address will no longer receive marketing or promotional emails from CHEST. Email addresses are still used in support of specific transactions (eg, membership renewal notice, order confirmation).
Opt out
Members, customers, and registered website users may choose not to have information released from CHEST. This is done by requesting that CHEST designate a record as “no contact.” The “no contact” status of a record ensures that information will not be licensed for purposes of marketing via email, mail, or phone. To opt-out via “no contact” designation, contact the CHEST Help Team at +1 (800) 343-2227 or at HelpTeam@chestnet.org.
Market research opt-out
From time-to-time, CHEST users may be invited to participate in surveys, focus groups, and/or research panels. Participant contact information, including name, phone number, address, and email address, may be used by CHEST to carry out the survey or communicate about the survey, focus groups, and/or research panels and to provide incentives for participation. Participation in any type of research is completely voluntary. If you prefer not to be contacted to participate in future surveys, focus groups, panels, etc, call the CHEST Help Team at +1 (800) 343-2227 or email HelpTeam@chestnet.org.
External relationships
CHEST has agreements with other organizations that offer products and services through CHEST websites or third party agreements. When the user interacts with these organizations on their organizations’ websites, whether as a result of following links from a CHEST website, within a CHEST email, or otherwise, different rules and privacy policies may apply. Since CHEST does not control the collection of information or the use of information collected via these other organization websites, CHEST is not responsible for their privacy practices, security, or content.
Visiting or accessing CHEST websites from outside the United States
By visiting or accessing CHEST’s websites, becoming a member or customer, or otherwise voluntarily submitting information to CHEST from outside of the United States, information that CHEST collects will be transferred to servers inside the United States, which may involve the transfer of information out of countries located in the European Economic Area. By allowing CHEST to collect information about you, you consent to such transfer and processing of your data.
European resident privacy rights
In regards to the EU General Data Protection Regulation 2016/679 ("GDPR"), the "data controller" is the American College of Chest Physicians (CHEST), registered in Illinois, USA, with a registered address at 2595 Patriot Blvd, Glenview, IL 60026, USA.
For residents of the European Union and European Economic Area (the "EU"): You have the right to ask us not to process your personal information for marketing purposes. We will usually inform you (before collecting your personal information) if we intend to use your personal information for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your personal information. You can also exercise the right by contacting us by one of the methods in Contact Us section.
Under GDPR, in certain circumstances, you have the right to (a) request access to any personal information we hold about you and related information; (b) obtain without undue delay the rectification of any inaccurate personal information,; (c) request that your personal information is deleted provided the personal information is not required by CHEST for compliance with a legal obligation under European or Member State law or for the establishment, exercise, or defense of a legal claim; (d) prevent or restrict processing of your personal information, except to the extent processing is required for the establishment, exercise, or defense of legal claims; and (e) request transfer of your personal information directly to a third party where this is technically feasible.
In addition, where you believe that CHEST has not complied with its obligation under this Privacy Policy or GDPR, you have the right to make a complaint to an EU Data Protection Authority.
Governing law
By visiting or accessing CHEST’s websites, becoming a member or customer, or otherwise voluntarily submitting information to CHEST, you agree that any dispute over privacy or the terms contained in this Privacy Policy will be governed by the law of the state of Illinois. You also agree to abide by our Terms of Use, or other agreement that we have with you.
Contact us
For questions or comments about this Privacy Policy, please contact the CHEST Help Team at +1 (800) 343-2227 or via email at HelpTeam@chestnet.org.
Last reviewed
The CHEST Privacy Policy was last reviewed in August 2023.