COPD Patient-Powered Research Network (COPD PPRN)
Privacy Policy and Data Security Measures

We at www.copdpprn.org, led by the COPD Foundation, a patient run organization, have taken many steps to protect your privacy. Health information is private under federal law. However, by joining www.copdpprn.org and agreeing to our informed consent form, you are giving permission for the following people and groups to see, use, and share your identifiable health information:

  • Approved groups that helped create the COPD PPRN
  • Researchers approved by the COPD PPRN Governing Board

To learn more about how the COPD PPRN will be sharing information, with whom and under what circumstances, please review the COPD PPRN Governance Policy for Data Sharing and Use.

USE OF INFORMATION FOR RESEARCH:

The COPD PPRN will help research in the following ways:

  1. Provide de-identified data to researchers for data analysis.
    In this circumstance, participants’ identifying information (contact information) is not provided to the researcher and the de-identified data cannot be linked to any individual.
  2. Contact individuals in the COPD PPRN to see if they are interested in a study.
    In this circumstance, the COPD Foundation (see key players section for description of COPD Foundation) will send an email or letter to a participant in the COPD PPRN who qualifies for a research study. The communication will include the researcher’s contact information so the individual can decide whether they want to contact the researcher directly for more information about the study or to participate in the study. The researcher will not have contact information of individuals in the COPD PPRN until the patient contacts the researcher and voluntarily provides that information himself/herself.
  • We will not share your identifying health information:
    Although we will be looking at your personal health information, we will not share it with others outside the COPD PPRN or PCORnet (see key players section for definition of PCORnet). The study results may be published for others to learn from, but when used this way, individual patients will not be identified. We will only summarize what we learn.
  • We will not share your identifying information:
    We will never sell, rent, or lease your identifying information, and we will never voluntarily share identifying information about you without your permission. We may share your de-identified health data with other researchers for the purpose of research. No identifying information will be used when aggregate information collected by the COPD PPRN is shared for research purposes. In no circumstance does the COPD Foundation provide the contact information of an individual in the COPD PPRN to a researcher.
  • Limits to Confidentiality:
    We may learn that keeping your health information private would immediately put your health, or you or someone else, in danger. (For example, a medical emergency, child abuse, elder abuse, or information about harm to you or to others). In these situations, we are required by law to tell someone who can help keep you or others safe.
  • Electronic Security and Adherence to the HIPAA Privacy Rule:
    The COPD PPRN Study follows the general security guidelines of the U.S. Health Insurance Portability and Accountability Act of 1996 (HIPAA). All study data is transmitted, stored, and processed in a secure environment.

While we cannot provide an absolute data security guarantee or completely protect against all computer or human errors, we will do all that we can to reduce the chance of a mistake or breach of confidentiality. Your information will be transmitted and stored using security systems similar to those that protect websites used by banks and electronic health systems. For any questions, please contact copdpprn@copdfoundation.org or the C.O.P.D. Information Line at 1-866-316-COPD (2673).

KEY PLAYERS:

COPD Foundation: The COPD Foundation's mission is to prevent and cure Chronic Obstructive Pulmonary Disease and to improve the lives of all people affected by COPD. The COPD PPRN is governed by a Board of COPD patients and researchers, who work directly with the COPD Foundation. You can get more information about the COPD Foundation at www.copdfoundation.org or by calling 1-866-316-COPD (2673).

PCORI: The COPD Patient-Powered Research Network is funded in part by the Patient-Centered Outcomes Research Institute (PCORI). PCORI is an independent, non-profit organization created by Congress in 2010 to develop a new, larger research network. PCORI’s mission is to pay for research that will give patients, their caregivers, and doctors’ information to help them make well-informed health care decisions.

PCORnet: A new large research network of Patient-Powered Research Networks (including the COPD PPRN) and clinical data research networks, which are hospital and health-center based, created by PCORI.

DATA SECURITY MEASURES

The following is a technical explanation of the measures we take to protect your data. If you have any questions about this information, please contact us by email at copdpprn@copdfoundation.org.

The COPD PPRN Study team will take the following data security measures:

  • Username and Password:
    In order to access the COPD PPRN and complete surveys securely we will require the creation of usernames and passwords before registration.
  • Data Transmission:
    All communication between the client browser and the web site is protected using SSL (Secure Sockets Layer) encryption. The minimum allowed encryption strength required for each project can be set to a minimum of 128-bit with 256-bit preferred if supported by the client browser. Any attempt to access a project without using the minimum level of encryption results in a redirect to a secure channel. Incoming web server requests are scanned to detect and block malicious content.
  • Authorization:
    All data access requires an active user account within the administrative side of the system. All users of the system are required to have unique usernames and complex passwords that are required to be changed on a regular basis.
  • Secure Servers:
    All study data is housed on a secure server.
  • Datacenter Security:
    All servers are located in a locked server rack, this rack is located in a climate controlled fully monitored data center. This datacenter is monitored 24/7/365 by experienced and background screened personnel. This personnel has no access to your data, or to servers housed in the facility.
  • Firewall:
    The COPD PPRN, including all the servers that will store our research data, is behind a secure firewall that does not allow unauthorized access to any research data server. There is a small risk of a firewall being breached but all measures will be taken to prevent this from happening.

*Policy effective as of April 3, 2015

*Policy updated on April 20, 2023