Part I. Information Collection

MERS-TM collects information through our website at several points. Our web server maintains a log of visitor IP addresses that have accessed pages on the MERS-TM site over the past month. This log is only used to detect hacker attempts and for routine system maintenance. It cannot be used to determine which database a user is accessing because this information is encrypted via SSL. Approximately every 30 days a new log is created and the old one is discarded.

We also collect limited hospital demographic information when a hospital/blood center registers to become a study participant. This demographic information is only linked to a center code-name, and it cannot be used to identify an institution. Event-related data is collected and protected as described below.

A cookie is a small text file that a Web server places on a user's computer hard drive to be a unique identifier. We employ cookies only to enable a user to maintain a session by way of one single log-on to access the MERS-TM database within a time period. The MERS-TM cookie contains a large random number that is used to identify a user session, and it expires after approximately 20 minutes of nonuse. While cookies are used by other web sites to track usage patterns and deliver customized content to users, the cookie created by MERS-TM cannot be used for these purposes since this information is not stored.

Part II. Information Usage.

The information collected by MERS-TM will be used for research purposes under grant R01 HL53772 from the National Heart, Lung, and Blood Institute of the National Institutes of Health. Registered participants will have the ability to view reports based on aggregate data for benchmarking purposes.

We may share data that contains no center-identifying information with the following third parties: FDA, AABB, registered program participants, and collaborating researchers. These third parties will use the information for research, benchmarking, and/or to identify national trends.

We offer links to other websites. Please note: When you click on links to other websites, we encourage you to read their privacy policies. Their standards may differ from ours.

Our website may offer the opportunity for an exchange of ideas, such as forums or message boards. Please be advised that the information posted in these venues becomes public knowledge.

We will not create visitor profiles based on browsing history.

Part Ill. Problem Resolution

If problems arise, users may contact us by clicking on the contact link on our home page, or the many contact links throughout the website.

Part lV. Data Security and Storage

While MERS-TM does not store any data that could be used to identify centers, we take extra precautions to ensure the security of the web system.

The number of people who have access to the server is limited.
The server exists on a stand-alone computer.
User name and password authentication are required for server and Website access.
A firewall is used to protect the web server from unauthorized access.
Information sent between server and participant computers is encrypted to avoid eavesdropping during logins and when the database is accessed.

Participants' accounts are managed locally (at the hospital/blood center level) rather than centrally. Besides maintaining anonymity (i.e.: MERS-TM staff do not know ownership of any individual database), this feature enhances security by ensuring that individual user access is activated and disabled by hospital/blood center staff.

Note: Participants must not use any identifiers in the free-text areas of the online forms.

Part V. Your Consent

By submitting data to the MERS-TM Website, you consent to the collection and use of this information as described in this Policy. If we change our privacy policy we will post any change on this page so that you are always aware of what information we collect, how we use it, and under what circumstances we disclose it.

Reference:
Marshall WW, Haley RW Use of a secure internet web site for collaborative medical research. JAMA. 2000;