This Privacy and Security Statement outlines the policies and practices of the American Health Law Association (“AHLA”) regarding the collection and use of your Personal Data and Non-Personal Data (collectively “Data”) when you visit the AHLA website or use AHLA internet services. AHLA’s internet services include, but are not limited to, the AHLA community discussion forums, Weekly, Health and Life Sciences Law Daily, Journal of Health and Life Sciences Law, Connections magazine, Practice Group newsletters and electronic subscription publications, including third party publications like Lexology® Newsstand, as well as other internet-based features.
AHLA created this Privacy and Security Statement to demonstrate its commitment to maintaining the privacy of all users of our internet services. It applies to users who are AHLA members as well as non-members.
AHLA may offer you the ability to connect with AHLA websites or use our applications (including remotely hosted or cloud-based applications), services, and tools using a mobile device, either through a mobile application or via a mobile optimized website. The provisions of this Privacy and Security Statement apply to all access provided through the use of mobile devices. This Privacy and Security Statement will be referenced by all such mobile applications or mobile optimized websites.
By using the AHLA websites, internet services or mobile applications, you consent to the terms and conditions of this Privacy and Security Statement and to AHLA processing your Data for the purposes stated herein. If you do not agree to the terms and conditions of this Privacy and Security Statement, your use of AHLA’s websites, internet services or mobile applications may not be optimized, and, in some instances, you may be denied access to services that require AHLA to verify you as an authorized user.
1. Notice to Minors
AHLA does not knowingly offer or sell products or services to children. If you are under eighteen years of age, you may not purchase products or services from, and you should not provide information to, AHLA without the involvement and consent of a parent or guardian.
2. Changes to this Statement
AHLA reserves the right to amend this Privacy and Security Statement at any time without prior notice. This Privacy and Security Statement occasionally will be updated to reflect new features and services or new privacy practices. The latest version will be posted on the AHLA website. The Privacy and Security Statement was last updated on 10/15/2018.
3. Data We May Collect
As described below, AHLA collects personal information that you provide (“Personal Data”) as well as general information about the use of its website (“Non-Personal Data”).
“Personal Data” includes any information that identifies you directly, such as your name, mailing address, email address, telephone numbers, date and/or place of birth, payment and billing information, professional certifications or licenses, and government-issued identification numbers. Personal Data may also include sensitive information such as racial or ethnic origin, sexual orientation, disability status, or religious preferences. The Personal Data we collect depends on how you choose to use our website and our services. AHLA will not distribute Personal Data in a manner inconsistent with this Privacy and Security Statement unless required to do so by law, or in good faith belief that such action is permitted by law and is necessary to comply with a legal requirement or process such as civil and criminal subpoenas and court orders, to protect and defend the rights or property of AHLA, or to protect the personal safety of AHLA personnel or the general public.
“Non-Personal Data” includes any information that does not identify you directly, such as your geolocation, browsing history, type and industry of employment, internet protocol address, and information automatically collected through the use of internet cookies.
4. How We May Use or Share Your Personal Data
a. Information Collected to Process Payment Transactions
When users of our website or our internet services apply for or renew membership, order products, register for events or sign up for services, they will be required to create a user profile where we will acquire Personal Data necessary to process the transaction. This may include your name, address, telephone and fax numbers, email address, and credit card number or other payment information. Payment information, such as credit card details, is only collected to process a transaction, using a secure transmission method, and it is stored in an encrypted format. Reasonable measures are taken while processing transactions to ensure that payment information is not vulnerable to theft or interception. AHLA will not store or distribute your payment information in any manner that is not necessary to process a transaction. We employ third parties to assist us in fulfilling orders and other transactions involving payment. Those third parties will have access to certain Personal Data to the extent necessary to perform those services for us. We limit the use of all such Personal Data by these third parties to the performance of such services. We take reasonable steps to obligate these third parties to handle Personal Data appropriately and confidentially. However, AHLA cannot give absolute assurance that information intended to be maintained as private, whether transmitted via the internet or otherwise, cannot be accessed inappropriately or unlawfully by third parties.
Please see the section "Users' Information" below for details about how AHLA may use Personal Data collected during our membership application or renewal process, purchase of a product, or subscribing to an internet service.
b. Email Addresses
When contacting AHLA at any of the email addresses used for member and non-member customer assistance, we may ask for certain Personal Data, such as your member ID number, name, email address, telephone number, or fax number. When collected for this purpose, the information is used to verify identity and to provide the assistance you are requesting. AHLA does not distribute or sell the email addresses of member users or nonmember users to any unaffiliated third party but may use email addresses or disclose email addresses to AHLA contractors to carry out the operations of AHLA and to provide AHLA services.
c. User Information
AHLA offers member users certain features and services through restricted access to members-only content on our website. All users can access and update their User Profile, which consists of Personal Data we have collected from each user as part of their membership application, membership renewal, purchase of a product, or subscription to an internet service. Users can update their Personal Data, change their passwords, and customize email delivery preferences. User Profiles are maintained for every user in our association management database. This information includes contact information such as member/non-member ID number, name, firm/organization, address, telephone, fax and email address, as well as limited demographic information, such as practice area, gender, race/ethnicity, and work setting.
Limited Personal Data in User Profiles will be available to all AHLA member users. Personal Data may be used by AHLA to distribute marketing materials to users by mail, fax or email. Users can elect to keep their profile information private from other users; and non-member users cannot view or access any User Profiles. Users can elect not to receive certain printed mailings, faxes or email notices from AHLA. In particular, members may request that their Personal Data not be included in the AHLA Membership Directory. However, electing not to receive any of these communications may mean that you will not receive important notices about your membership, products, events, or services that may be useful to you.
In addition, AHLA occasionally rents the names and mailing addresses (excluding email addresses) of its members to third parties for approved uses such as promotional mailings, but restricts such third parties from otherwise using or retaining such information. Members can elect to not be included in these list rentals.
Additionally, AHLA may utilize member data to match against existing advertising network profiles enabling the ability to target AHLA members as a group, with programmatic banner advertising. No Personal Data is shared with advertisers and all matched member profiles are anonymous. This service is only utilized for AHLA members geolocated within the United States of America.
AHLA collects and stores aggregate demographic information to track the organization’s diversity. Such de-identified demographic information may be shared with AHLA leadership groups. Users can opt to not share this information with AHLA leadership groups.
If you are a member and wish to elect to not be included in any of these communications, please contact us using the methods listed at the end of this document.
e. Information Collected to Secure Access to Members Only Content
AHLA requires a login and password for each member who wishes to access the members-only content online. The login and password are used to verify members’ identities and prevent unauthorized access to members’ Personal Data. Only a small number of AHLA employees and employees at our third-party membership database software vendor (BrightKey) have access to this information. This information is accessed only when necessary to provide members with online account-related information, provide technical support to members, or diagnose or repair problems with members-only content, and is not otherwise disclosed to anyone, other than the member or his or her designee, unless compelled by law.
AHLA also allows users to elect to have the website remember their login information between visits so they do not have to log in each time. This is done by checking a box labeled “Remember me” on the login page. This feature requires the placement of a small text file called a cookie (see Section 5) on the member’s hard drive. The cookie tells the site that the member has logged in before. It does not actually contain the member’s password or other login information.
f. Community Discussion Forums and Electronic Publications
5. How We May Use or Share Your Non-Personal Data
a. Cookies and Other Tracking Technologies
Additionally, AHLA uses anonymous list matching and website tracking pixels to better align marketing and advertising of AHLA/Partner products and services with your interests via Facebook, LinkedIn, Twitter, Google, HubSpot, and other ad networks/exchanges. When retargeting pixels are used for advertising, the pixel will provide an anonymous retargeting cookie to website visitors that AHLA/Partners may then target to website visitors when those website visitors visit websites that participate in online ad exchanges.
Most Web browsers have a setting to turn off the automatic acceptance of cookies. If you do not want to accept cookies from our website, use the internet Options or Preferences menu items in your browser to turn cookies off or receive warnings when cookies are sent to your computer. However, you should be aware that significant portions of our website will not function properly if you do not accept cookies.
You are accepting cookies for this site.
b. General Website Usage Information
To monitor site usage and improve the quality of our website, AHLA gathers general information about the use of our website. We use web server logs and industry-standard website statistics software to count the number of visitors to our website, the number of views of particular pages, and to track other general statistics.
From time to time, AHLA may share with third parties the aggregate, anonymous information about overall usage of our website and other internet services that we collect in order to sell advertising, solicit sponsorships or to pursue other legitimate business purposes.
6. Business Transfers
In the unlikely event that AHLA, or substantially all of its assets, are acquired by a third party either in a bankruptcy court proceeding or otherwise, it is possible that Personal Data of members and non-member customers would be one of the assets transferred. In such an event, AHLA would take reasonable steps to require the third party to abide by our privacy policies and practices.
7. Your Rights Regarding Personal Data
a. Personal Data Retention
We keep your Personal Data for as long as you are an AHLA member or as long as your relationship with AHLA continues and as required by law. We retain your Personal Data while your membership is active or as necessary to continue to provide internet or mobile-based services. This includes Personal Data you provided to us and Personal Data obtained from your use of our services. There may be some instances where we retain Non-Personal Data in a depersonalized or aggregate form.
b. Right to Access and Control Your Personal Data
You can access, update or delete your Personal Data if you have a user account through the AHLA website by logging into your account. You can also email us at [email protected].
For Personal Data that we have about you:
- Delete: You may ask us to erase or delete all or some of your Personal Data, and we will work hard to honor all requests in a timely manner. In some instances, we may not be able to delete your Personal Data in order to comply with applicable financial transaction laws or other laws.
- Change or Correct: You may edit some of your Personal Data through your AHLA account. You may also ask us to change, update or fix your data in certain cases, particularly if it’s inaccurate.
- Object to, Limit or Restrict: You may ask us to stop using all or some of your Personal Data.
- Right to Access: You have the right to see your Personal Data and take it with you. We will work with you to be sure we can provide the most complete set of your Personal Data and a secure way to transfer your Personal Data.
- Account Closure: We will keep some of your Personal Data, even after you end your membership with AHLA or close your AHLA account, in order to fulfill any final service requests. Please note that we will retain your Personal Data even after you have cancelled your membership or closed your AHLA account if reasonably necessary to comply with our legal obligations (including law enforcement requests), meet regulatory requirements, resolve disputes, maintain security, prevent fraud and abuse, enforce a user agreement, or fulfill your request to “unsubscribe” from further messages from us. We will retain de-personalized Data after your account has been closed.
8. Links to Other Websites
The AHLA website and many of our print and electronic publications contain many links to other websites. The AHLA website also provides opportunities for user interaction with social media sites such as Facebook®, Twitter®, LinkedIn®, YouTube®, and various blogging sites. Content and links to other internet sites should not be construed as an endorsement of the organizations, entities, views, or content contained therein. AHLA is not responsible for the content or links posted by others on these social media sites.
These other websites may send their own cookies to users, collect data or solicit personal information. AHLA is not responsible for the privacy practices or the content of these other websites. Please check the other sites to access their privacy policies and determine how they may collect or use information.
9. For our Members/Customers in the EU
This Privacy and Security Statement includes information applicable to residents of the European Economic Area ("EEA") and users accessing AHLA’s website or internet services from within the EEA. If you are an EEA resident, this Privacy and Security Statement provides you with information regarding your rights under the EU General Data Protection Regulation (EU) 2016/679 ("GDPR").
a. Data Controller
AHLA is the data controller for the Personal Data collected from its members and customers. AHLA can be contacted at:
American Health Law Association
Attn: Website Privacy
1620 Eye St. NW 6th Fl
Washington, DC 20006-4010
By email at [email protected]
By phone at 202-833-1100
b. Transfer of Personal Data to Other Countries
AHLA and our internet services are based in the United States and, regardless of where you access the website, the information collected as part of that use will be transferred to and maintained on systems located in the United States. By submitting your Personal Data to us, you agree to the transfer, storage and processing of your Personal Data in the United States.
c. Your Rights
The GDPR provides you with certain privacy rights, including the right to access, correct or update your personal information. You may also request to have your information deleted, although we may retain information for backups, prevention of fraud and abuse, satisfaction of legal obligations or other ongoing legitimate interests. You have the right to receive a copy of your information in a structured, machine-readable format for portability. You may decline to share certain personal data, in which case we may not be able to provide you with some features and benefits. You also have the right to object to the way we process Personal Data if the objection is based on legitimate interests or concerns. Finally, you have the right to be free from decisions we make based on automated processing of your Personal Data unless we are contractually obligated to process Personal Data in an automated manner.
If you wish to exercise any of the rights granted to you by the GDPR, or wish to lodge a complaint about how we have handled your Personal Data, contact us via email to [email protected]americanhealthlaw.org or calling 202-833-1100 or via mail to the address set forth above.
AHLA staff are educated on this policy and obligated to follow it. Access to Personal Data is limited to select employees and the information is stored in an encrypted format. We also take steps to obligate third parties to handle information appropriately and confidentially.
11. Contacting AHLA About Privacy Issues
We welcome your comments, suggestions, or questions about our Privacy and Security Statement and AHLA’s privacy practices. We also welcome member requests to elect not to receive certain forms of communication from AHLA and third parties.
Please contact us:
12. Site Security Information
The AHLA website features a number of security features designed to make your use of the site worry-free.
We strive to make our online ordering, registration, and services useful and safe. Since use of these services often requires personal or financial information, we make every effort to ensure that the information is transferred and stored securely.
For all online transactions, all information sent using our shopping cart is transmitted to our server using the Secure Sockets Layer ("SSL") protocol and not OpenSSL. SSL is an extension of the Hypertext Transfer Protocol ("HTTP") that creates a secure connection using “HTTPS”.
When you are entering your credit card information to order publications, register for programs or renew your membership, you will know you are on a secured page when you see this image:
The Secured Area image indicates that the page you are viewing is using SSL. It also indicates that an order or registration form supports encryption.
If you have questions regarding our security features or would like more information, please contact our website support team at [email protected]