We will use your information for research: We collect information about your identity, your health, and some of your behaviors that might help us predict your future health. This information will be used in research analyses and results of these analyses will be presented in scientific conferences and published. These presentations and publications will never show any information that identifies you or any other individual in the study.
We will not share your information: We will never sell, rent, or lease your information, and we will never voluntarily share identifying information about you without your permission.We may share health data (without your name) with other researchers for the purpose of research.
You will be able to see some of your study information: When you registered for the study, you provided us with a username and a password. You can use this to sign into the study and see your Dashboard and some of the health information you've provided to us (e.g., your Cardiovascular Health Profile). You should be very careful not to provide your login information to anyone else, or they could sign in as you and be able to see that same health information. If you are worried that someone else may be using your login information, please let us know immediately, or change your password yourself through the Participant Homepage.
Protection Against Involuntary Disclosure of Your Information: We will do everything we can to keep your study information private. To further help us protect your privacy, we have obtained a Certificate of Confidentiality from the United States Department of Health and Human Services (DHHS). Under the terms of the certificate, the Health eHeart Study staff cannot be compelled to disclose study information that identifies you, even if ordered by a court subpoena, in any federal, state, or local civil, criminal, administrative, legislative, or other proceedings. The researchers will use the Certificate to resist any demands for information that would identify you, except to prevent serious harm to yourself or others. You should understand that we will, in all cases, take the necessary action, including reporting to authorities, to prevent serious harm to yourself or others. Also, please note that a Certificate of Confidentiality does not represent an endorsement of the research study by DHHS or the National Institutes of Health.
Disclosure of Your Information by You: A Certificate of Confidentiality does not prevent you from voluntarily releasing information about yourself or your involvement in this study.
Electronic Security and Adherence to the HIPAA Privacy Rule: The Health eHeart Study follows the general security guidelines of the U.S. Health Insurance Portability and Accountability Act of 1996 (HIPAA). All study data is transmitted, stored, and processed in a secure environment.
While we cannot provide an absolute data security guarantee, your information will be transmitted and stored using state-of-the-art security systems similar to those that protect websites used by banks and electronic health systems. For any questions, please contact your study coordinator.

DATA SECURITY MEASURES

The following is a technical explanation of the measures we take to protect your data. If you have any questions about this information, please contact us by email at Coordinator@Health-eHeartStudy , or by using one of the other options described in the "Contact Us" section of the website.

All study information will be stored in linked data tables. Identifying information (name and email address) will be stored in separate (but linked) data tables so that health-related data can be viewed by study staff as needed without inadvertent association with identifiers when such linkage is not required.

The UCSF Health eHeart Study team will take the following data security measures:

Data Transmission: The Health eHeart Study currently utilizes 128-bit secure socket layer (SSL) protocol which protects all data transmission sent over the internet between the Coordinating Center's web server and every client machine (including our research participants' machines) that accesses our study web sites.
Secure Servers: All study data is housed on a secure server.
Antivirus Software: All servers are protected from viruses using anti-virus software. This software automatically checks for virus signature file updates once an hour, and if necessary, directly updates itself. All antivirus software is monitored and network personnel notified in the event that the software stops functioning on a server.
Firewall: The network, including all the servers that will store our research data, is behind a secure firewall that does not allow unauthorized access to any research data server.
Disaster Recovery: The study database is backed up regularly to ensure that no data is lost. Our disaster recovery system also follows Standard Operating Procedures to maintain full security of backup data.
Cloud Services: In addition to use of our secure servers, we may use your data in conjunction with cloud storage and computing services in order to assist with communication, data collection, storage, and processing. Third-party vendors will be vetted for their security practices and will meet or exceed privacy and security standards for UCSF electronic research health records management.