Clicky

Privacy Policy

Last updated: May 16, 2026

This Privacy Policy explains how HealthDataConsortium.org (“the publication,” “this site,” “we”) collects, uses, and protects information from visitors. By using this site, visitors agree to the practices described below.

Information Collected Automatically

When a visitor accesses this site, certain information is collected automatically through standard web technologies. This includes the visitor's Internet Protocol (IP) address, browser type and version, operating system, referring website, pages viewed, date and time of access, and approximate geographic location derived from IP.

This information is used to operate and improve the site, diagnose technical issues, analyze traffic patterns, and detect abuse. It is not used to identify individual visitors except in connection with security investigations or legal compliance.

Information Visitors Provide Voluntarily

The contact form on this site collects the visitor's name, email address, the inquiry category selected, and the content of the message submitted. This information is used solely to respond to the inquiry. It is not added to a marketing list and is not shared with third parties except as required to deliver and route the message (see Third-Party Services below).

Cookies and Tracking Technologies

This site uses cookies and similar technologies to operate basic functionality, remember visitor preferences, and analyze traffic patterns. Cookies are small data files stored by the visitor's browser.

Categories of cookies in use:

Strictly necessary cookies enable core site functionality such as page navigation and form submission. These cannot be disabled without rendering parts of the site inoperable.

Analytics cookies collect aggregated information about site usage. These cookies do not directly identify visitors but help measure which content is being read and how visitors arrive at the site.

Functional cookies remember visitor preferences such as display settings.

Visitors can control cookie behavior through their browser settings. Most browsers allow visitors to view, manage, delete, and block cookies. Disabling cookies may affect site functionality.

Third-Party Services

This site uses the following third-party services that may collect, process, or store visitor information:

Hosting provider: The site is hosted on a commercial web hosting service that logs server access for security and operational purposes.

Google Analytics: Used to measure aggregated site traffic and content engagement. Google Analytics may set cookies and process IP addresses. Visitors can opt out using the Google Analytics Opt-out Browser Add-on or by disabling JavaScript.

Google Search Console: Used to monitor site performance in Google search results. Search Console processes aggregated query and click data.

WPForms: The contact form is powered by WPForms. Form submissions are processed and delivered via WPForms infrastructure before reaching the publication's administrative inbox.

Paid link partners: Some links on this site direct visitors to third-party retailer or service websites. When a visitor clicks a paid link, the destination site may set cookies to attribute purchases to this publication for commission purposes. The data collected by these partners is governed by their own privacy policies, not this one. Visitors are encouraged to review the privacy policy of any destination site before making a purchase.

Each third-party service operates under its own privacy policy. This publication does not control how third parties handle data once it leaves this site.

How Information Is Used

Information collected through this site is used to:

  • Operate, maintain, and improve the site
  • Respond to contact form inquiries
  • Analyze traffic patterns and content performance
  • Detect and prevent fraud, abuse, or security threats
  • Comply with legal obligations and respond to lawful requests

Information is not sold to third parties. Information is not used to make automated decisions with legal or similarly significant effects on visitors.

Data Retention

Server logs are retained for security and diagnostic purposes for a limited period (typically 30 to 90 days) before being deleted or anonymized. Contact form submissions are retained for as long as necessary to address the inquiry and any related follow-up, after which they are deleted.

Analytics data is retained according to the configuration of the analytics service in use, typically with personal identifiers anonymized or removed after a defined period.

GDPR Rights (European Economic Area, United Kingdom, Switzerland)

Visitors located in the European Economic Area, the United Kingdom, or Switzerland have the following rights under the General Data Protection Regulation and equivalent national laws:

  • Right of access — to request confirmation of whether personal data is being processed and to obtain a copy of that data
  • Right to rectification — to request correction of inaccurate or incomplete data
  • Right to erasure — to request deletion of personal data in specified circumstances
  • Right to restriction of processing — to request that processing be limited in specified circumstances
  • Right to data portability — to receive personal data in a structured, commonly used format
  • Right to object — to object to processing based on legitimate interests or for direct marketing
  • Right to withdraw consent — where processing is based on consent, to withdraw that consent at any time
  • Right to lodge a complaint — with a national data protection authority

Requests to exercise these rights may be submitted via the Contact page, selecting “Privacy / Data Request” as the inquiry type. Verification of identity may be required before requests are processed.

CCPA Rights (California Residents)

Residents of California have the following rights under the California Consumer Privacy Act and California Privacy Rights Act:

  • Right to know what categories of personal information are collected, the sources of that information, the purposes for collection, and the categories of third parties with whom it is shared
  • Right to delete personal information held by the publication, subject to specified exceptions
  • Right to correct inaccurate personal information
  • Right to opt out of the sale or sharing of personal information. This publication does not sell personal information as that term is defined under the CCPA.
  • Right to limit use of sensitive personal information
  • Right to non-discrimination for exercising any of these rights

Requests may be submitted via the Contact page. Verification of identity is required.

Children's Privacy

This site is not directed to children under the age of 13, and the publication does not knowingly collect personal information from children under 13. If a parent or guardian believes that a child has provided personal information through this site, the parent or guardian should contact the publication via the Contact page, and the information will be deleted.

For visitors in jurisdictions where the age of digital consent is higher than 13 (such as 16 in some European countries), the higher applicable age applies.

Security

The publication uses reasonable technical and administrative measures to protect information collected through this site. However, no method of transmission over the internet or method of electronic storage is fully secure. Visitors are encouraged not to transmit sensitive personal or medical information through this site.

Changes to This Policy

This Privacy Policy may be updated periodically to reflect changes in practice, technology, or law. The “Last updated” date at the top of this page indicates when the policy was most recently revised. Material changes will be noted prominently on this page for a reasonable period after publication.

Contact

Privacy questions, data requests, and concerns about how information is handled may be directed to the publication through the Contact page. Select “Privacy / Data Request” as the inquiry type.