Like most website operators, the Chesapeake Information System for our Patients (CRISP) collects non-personally-identifying information of Provider Search website (https://providersearch.crisphealth.org) visitors including the sort that web browsers and servers typically make available, such as the browser type, language preference, referring site, and the date and time of each visitor request. CRISP's purpose in collecting non-personally identifying information is to better understand how CRISP's visitors use its website. From time to time, CRISP may release non-personally-identifying information in the aggregate, e.g., by publishing a report on trends in the usage of its website.
CRISP also collects potentially personally-identifying information like Internet Protocol (IP) addresses. CRISP does not use such information to identify its visitors, however, and does not disclose such information, other than under the same circumstances that it uses and discloses personally-identifying information, as described below. Gathering of Personally-Identifying Information Certain visitors to CRISP Provider Search websites choose to interact with CRISP in ways that require CRISP to gather personally-identifying information. The amount and type of information that CRISP gathers depends on the nature of the interaction. For example, we ask providers submitting an Error Correction to submit personally-identifying information to verify their identity. In each case, CRISP collects such information only insofar as is necessary or appropriate to fulfill the purpose of the visitor's interaction with CRISP. CRISP does not store personally-identifying information. It is passed to a data partner to for identity verification but not stored. CRISP does not disclose personally-identifying information other than as described below. And visitors can always refuse to supply personally-identifying information, with the caveat that it may prevent them from engaging in certain website-related activities.
CRISP may collect statistics about the behavior of visitors to its websites. However, CRISP does not disclose personally-identifying information other than as described below.
Protection of Certain Personally-Identifying Information
CRISP discloses potentially personally-identifying and personally-identifying information only to those of its employees, contractors, and affiliated organizations that (i) need to know that information in order to process it on CRISP's behalf or to provide services available at CRISP's websites, and (ii) that have agreed not to disclose it to others. Some of those employees, contractors and affiliated organizations may be located outside of your home country; by using CRISP's websites, you consent to the transfer of such information to them. CRISP will not rent or sell potentially personally-identifying and personally-identifying information to anyone. Other than to its employees, contractors, and affiliated organizations, as described above, CRISP discloses potentially personally-identifying and personally-identifying information only when required to do so by law, or when CRISP believes in good faith that disclosure is reasonably necessary to protect the property or rights of CRISP, third parties, or the public at large. CRISP takes all measures reasonably necessary to protect against the unauthorized access, use, alteration, or destruction of potentially personally-identifying and personally-identifying information.