The purpose of this ABIM Privacy Notice is to inform diplomates, candidates and other website visitors about the information that we collect on our website www.abim.org (the “website”) and any websites and communication channels, applications or in connection with our physician certification services, how we use that information, and the ways visitors, diplomates, or candidates can control how that information is used or shared. We have recently updated this notice to make it as easy as possible to understand our practices with respect to your information, and to let you know about the privacy choices you have. We encourage you to read the full text of the Privacy notice below, and the full text of ABIM's Confidentiality Policy.
How we collect Personal Information
Information you provide to us:
Through your use of our services, we collect personal information, which is information that identifies you as an individual or relates to you as an identifiable individual. Below are the types of personal information that we collect.
When you create an ABIM account: We collect:
- Your full name
- Your home address
- Your email address
- Your home and/or mobile numbers
This information is necessary for us to provide you our Services. If you do not provide this information we would not be able to provide our Services to you.
When you interact with our services: When you Sign in to the “Physician Sign In” section of our website, register for Certification examinations, enroll in the Maintenance of Certification program, complete a survey, or contact us to inquire about or register for any of our products or services, we collect:
- Your gender
- Your ABIM identification number
- Your date of birth
- Your training and medical knowledge, including examination performance, training program evaluations, outcomes-based milestones for resident performance, Self-Evaluation of Medical Knowledge and Practice Assessment
- Information relating to the nature and scope of your practice
The information required for a particular service is identified in detail at the time such information is collected.
When you communicate with us: If you send us an email we will keep your name, email address and any other information provided in the email. We will not use or disclose information received through email without your permission except as specifically necessary for ABIM to carry out its Certification and evaluation functions or to investigate possible violations of ABIM rules.
We collect certain personal information from third parties, such as:
- Information from actions you take (for example, your exam scores).
- Information from licensure and certification bodies (for example, your certification status or the locations in which you are licensed).
We automatically collect certain information as you use our services, including:
- Usage Information: which of the pages on our website you access, the frequency of access, how much time you spend on each page, what you click on while on our website, and when you accessed the website.
- Location Information: information about your estimate location which may be determined from your IP address.
- Device Information: information about the device you are using, such as hardware model, operating system, application version number, browser, and IP addresses.
Cookies and other technologies
Cookies are small pieces of text sent to your web browser by a website you visit. A cookie file is stored in your web browser. Cookies can be “persistent” or “session” cookies. Persistent cookies remain on your personal computer or mobile device when you go offline, while session cookies are deleted as soon as you close your web browser. We use first party cookies, which are cookies that we place on your device ourselves, and third party cookies, which are cookies that we allow third parties to place on your device.
When you use and access the Service, we may place a number of cookie files in your web browser.
We use both session and persistent cookies on the Service and we use the following types of cookies. Learn how you can control information collected about you using cookies and other technologies.
- Essential cookies: We use essential cookies to authenticate users and prevent fraudulent use of user accounts.
- Preferences cookies: We use preferences cookies to remember information that changes the way the Service behaves or looks. For example, such cookies may be used to simplify the sign-in process for registered users or to store answers you provide during the self-evaluation process during your active self-evaluation session.
- Analytics cookies: We allow Google Analytics to place cookies to track how the website is used so that we can make improvements. Google Analytics may also set cookies on your browser or mobile device, or read cookies that are already there. Google Analytics may also receive information about you from apps that partner with Google that you have downloaded. We do not combine the information collected through the use of Google Analytics with personally identifiable information. Learn about how to control information used by Google Analytics. We also use analytics cookies to test new advertisements, pages, features or new functionality of the Service to see how our users react to them.
How we Use Your Information
We use personal information collected from you and about you in order to provide our services. The legal basis for this is that it is necessary to perform the certification process for which you have engaged us, to maintain the website or to answer your queries. Specific purposes are:
- To deliver products and services: We use your personal information to provide you with the products and services that you have requested.
- To respond to your inquiries and provide customer support: We use personal information to communicate with you about the website or services, to manage your account, to provide you with customer support or other services you request, including for administrative or operational purposes relating to our products or services.
- To send you reminders: We use personal information to send you important reminders about requirements and deadlines for your certification.
- To verify your identity: We use personal information to verify your identity and prevent or detect fraud.
- To perform functions as otherwise described to you at the time of collection.
We process your information for the following purposes as part of our legitimate interest in the improvement and marketing of our services as well for the security of our services. We apply appropriate safeguards to protect your information as described in the “Security” and “Your choices with respect to your information” sections below:
- Communicate About New Features: We will send you communications regarding resources for maintaining your CME credits, promotions and news about ABIM products and services or those of other carefully selected medical societies which we think may be of interest to you.
- Maintenance and Improvement: We use personal information to maintain and administer our website. We also use information to conduct market research relating to the development of our products, services and/or website. The information you provide on our products and services (e.g., through surveys) help us improve our products and services.
- Other Research Purposes: We use information collected from and about you, in order to: (i) determine eligibility and qualification of candidates for inclusion in a study or analysis; (ii) evaluate resident development and performance; (iii) amend and improve the certification exams and programs to make them more effective at gauging professional competence and at equipping diplomates with knowledge that would render them more professionally competent; and (iv) collaborate with other research investigators. Any work product or publication derived from this information will be aggregated and will not identify individual physicians or training programs. You may opt out of sharing your information for research purposes by contacting us at firstname.lastname@example.org.
- Defend our rights and those of others, to efficiently maintain our business and to comply with the law as described in the “How we share your information” section below.
How we share Your Information
We share your information with third parties to enable us to provide our services, as necessary to comply with our legal obligations and in our legitimate business interests to operate as an efficient and effective business and to protect our rights and those of others. We apply appropriate safeguards for this sharing of your information as described below and in the "Security" section, "Your choices with respect to your information" section and "For EU Individuals: Your Rights under the General Data Protection Regulation" section.
- With the public: Certain information, like your name and certification status, is publicly accessible when you search the certification database on our website.
- Accreditation Organizations: We share your examination performance and milestones with the Accreditation Council for Graduate Medical Education. View Accreditation Council for Graduate Medical Education's privacy notice.
- Credential and Licensure Verification Organizations: We share the certification status of physicians, the Maintenance of Certification and personal identifying information, including mailing address, email address and last four digits of a physician's Social Security number to the Federation of State Medical Boards and the American Board of Medical Specialties, and to other credential and licensure verification organizations. View the Federation of State Medical Boards Privacy notice; and the American Board of Medical Specialties Privacy notice.
- Training Program Directors: We share information about a physician’s prior training and examination performance with training program directors. We share information about a trainee’s prior training and pass/fail status on certifying examinations with residency and fellowship training program directors. Subject to a trainee’s permission, we share with program directors the trainee’s score on a first attempt at the Certification examination for a particular training area.
- Professional Medical Societies and Other Organizations: If requested, ABIM also discloses a diplomate’s Board Certification and Maintenance of Certification status and address to professional medical societies and other organizations that provide ABIM-sanctioned educational resources and products used for Self-Evaluation of Medical Knowledge or Practice Assessment in the Maintenance of Certification program.
- Corporate Family: We share information within our corporate family, such as with subsidiaries, joint ventures, or affiliates, in order to efficiently carry out our business and to the extent permitted by law.
- Corporate Structure: In the event that we enter into, or intend to enter into, a transaction that alters the structure of our business, such as a reorganization, merger, acquisition, sale, joint venture, assignment, consolidation, transfer, change of control, or other disposition of all or any portion of our business, assets or stock, we would share personal information with third parties, including the buyer or target (and their agents and advisors) for the purpose of facilitating and completing the transaction. We would share personal information with third parties if we undergo bankruptcy or liquidation in the course of such proceedings.
- Third Party Providers: We share information with companies who work on our behalf to provide a product or service to you, however, we will only provide those companies the information they need to deliver the service, and they are not permitted to share or use such information for any other purposes.
- To Prevent Harm: We will share information if we believe it is necessary to detect, investigate, prevent, or take action against illegal activities, fraud, or situations involving potential threats to the rights, property, or personal safety of any person. We also share information about any individual we believe has violated ABIM rules, engaged in misrepresentation or unprofessional behavior, or shows signs of impairment.
- Legal Purposes: To send information to appropriate state authorities about any individual whom it judges has violated ABIM rules, engaged in misrepresentation or unprofessional behavior, or shows signs of impairment; To conform or comply with the law, or if we have a good-faith belief that such action is necessary to comply with a court order or subpoena, to cooperate with investigations by law enforcement or regulatory authorities or to participate or cooperate with a judicial proceeding, to enforce applicable terms and conditions of this website, or, in urgent circumstances, to protect the safety of persons or property, including this website; and/or
- Strategic Development Purposes: We also use and disclose information in aggregate (so that no individual customers are identified and no personal information is revealed) for marketing and strategic development purposes.
With Your Consent: Apart from the reasons identified above, we may request your permission to share your personal information for a specific purpose. We will notify you and request consent before you provide the personal information or before the personal information you have already provided is shared for such purpose. You may revoke your consent at any time.
The security of your information is very important to us. ABIM takes appropriate physical, electronic and managerial precautions to secure against unauthorized access and use of information you provide to ABIM. For example, when collaborating with external parties for research, any personal data that are shared are de-identified and transmitted through a secure server (ftp site). We also implement various policies including, encryption, access, and authentication to this end.
Please be aware that no method of transmission over the internet, or method of electronic storage is 100% secure and we are unable to guarantee the absolute security of the Personal Information we have collected from you.
Transfers of Information
We process and store information on servers or databases, and use third party providers that process information in the United States. Therefore, your information will be transferred to those locations. The laws in the United States may not be as protective of your privacy as those in your location. For example, United States law does not provide you with the right to access, modify and delete personal information in all cases. Further, government entities in the United States may have certain rights to access your personal information. When transferring personal information to and processing personal information in the United States we will implement appropriate safeguards and process the personal information in accordance with the terms of this Privacy Notice. By using our Websites or our Services, you agree to the transfer and processing of your personal information to the United States.
Your choices with respect to your information
Accessing and amending your information: You may review and update your information by clicking the "profile" section of the secure Physician Login section of our website.
Deactivate your account: You may request that we deactivate your account by contacting us at email@example.com. If you choose to deactivate your account, we remove your information from our production system, remove you from our mailing lists, and restrict access to your information. Any retained information will be kept confidential (in accordance with the ABIM Confidentiality Policy), encrypted and archived offline. We will retain this information as it is necessary for the fulfillment of our mission of preventing fraud in connection with physician accreditation.
Emails: You may choose to opt out of receiving certain communications or information, including surveys invitations, notifications regarding resources for CME credits, email promotions, and special offers, by emailing us at firstname.lastname@example.org by clicking the “unsubscribe” link provided in each email or by calling 1-800-441-2246. Please note that you cannot opt out of receiving the messages ABIM deems essential to your participation in our programs.
All cookies: You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. The Help feature on most browsers provide information on how to accept cookies, disable cookies or how to notify you when you receive a new cookie. If you do not accept cookies, you may not be able to use all of the features we offer, you may not be able to store your preferences, and some of our pages might not display properly. If you choose to opt out, we will place an “opt-out cookie” on your computer. The “opt-out cookie” is browser specific and device specific and only lasts until cookies are cleared from your browser or device. The opt-out cookie will not work for some cookies that are important to how our websites and mobile apps work (“essential cookies”). If the cookie is removed or deleted, if you upgrade your browser or if you visit us from a different computer, you will need to update your preferences.
- For the Chrome web browser, please visit this page from Google: https://support.google.com/accounts/answer/32050
- For the Internet Explorer web browser, please visit this page from Microsoft: http://support.microsoft.com/kb/278835
- For the Firefox web browser, please visit this page from Mozilla: https://support.mozilla.org/en-US/kb/delete-cookies-remove-info-websites-stored
- For the Safari web browser, please visit this page from Apple: https://support.apple.com/guide/safari/manage-cookies-and-website-data-sfri11471/mac
- For any other web browser, please visit your web browser's official web pages.
Google Analytics: See information about how Google uses the information provided to Google Analytics and how you can control the information provided to Google. To prevent your data from being used by Google Analytics, you can download the Google Analytics opt-out browser add-on for Google Analytics.
For EU Individuals: Your Rights under the General Data Protection Regulation
If EU data protection law applies to our use of your information, you have rights that are explained below. The rights available to you depend on the reason for our use of your information. These rights include:
- The right to access: You have the right to ask us for copies of your personal information. This right has some exemptions, which means you may not always receive all the information we process.
- The right to rectification: You have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
- The right to erasure: You have the right to ask us to erase your personal information in certain circumstances.
- The right to restrict processing: You have the right to ask us to restrict the processing of your information in certain circumstances.
- The right to object to processing: You have the right to object to processing if we are able to process your information because the process is in our legitimate interests.
- The right to data portability: This only applies to information you have given us. You have the right to ask that we transfer the information you gave us from one organization to another, or give it to you.
- The right to lodge a complaint with the supervisory authority. View a list of Supervisory Authorities.
If you need further assistance regarding your rights, please contact us using the contact information provided below and we will consider your request in accordance with applicable law. Please also see “your choices” section above. In some cases, our ability to uphold these rights for you may depend upon our obligations to process personal information for security, safety, fraud prevention reasons, compliance with regulatory or legal requirements, or because processing is necessary to deliver the services you have requested. Where this is the case, we will inform you of specific details in response to your request.
How Long We Keep Your Information
We retain certain elements of your personal information, such as your residency data, scoring, certification history and status and licensure information, and other information pertaining to your certification indefinitely in order to fulfill our mission, prevent fraud and protect our legal rights. Such information is kept confidential (in accordance with the ABIM Confidentiality Policy).
We retain other information for as long as necessary for the purpose for which it was provided, and for specific purposes to the extent that we are obliged to do so in accordance with applicable laws and regulations and/or as necessary to protect our legal rights, as required to enforce our terms of service or other contracts, or for certain business requirements. For example, when you make a payment to us we are often required to retain this information for a longer period of time for purposes of accounting, dispute resolution and compliance with tax, anti-money laundering, and other financial regulations.
Do Not Track Disclosure
We do not support Do Not Track (“DNT”). Do Not Track is a preference you can set in your web browser to inform websites that you do not want to be tracked.
You can enable or disable Do Not Track by visiting the Preferences or Settings page of your web browser. For further details, visit donottrack.us.
Links to Other Sites
We have no control over, and assume no responsibility for the content, privacy policies or practices of any third party sites or services.
Your California Privacy Rights
Pursuant to California Civil Code Section 1798.83, a California resident who has provided personal information to a business with whom they have established a business relationship has the right to request certain information regarding the disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please send an email to email@example.com or write to us at:
American Board of Internal Medicine
510 Walnut Street
Philadelphia, PA 19106-3699
Attention: Customer Experience
Changes to This Privacy Notice
As with its rules concerning Certification, ABIM reserves the right to modify this notice from time to time. We will post the changes to this page, and will indicate the date they go into effect. You should review this Policy regularly to ensure that you are aware of future amendments. If we make changes that materially affect your privacy rights we will notify you of the changes by posting a prominent notice on our website or using other methods that we select, such as sending you an email.
Last Updated: May 8, 2017.
Effective Date of Current Policy: March 28, 2019.
If you have any questions about this Privacy Notice, please contact us at firstname.lastname@example.org or write to us at:
American Board of Internal Medicine
510 Walnut Street
Philadelphia, PA 19106-3699
Attention: Customer Experience