Skip navigation
Privacy statement


Last Updated March 16, 2015 

Immune Deficiency Foundation (“we”, “us”, “our”, or “IDF”) is committed to protecting your privacy. This ePHR End User Privacy Policy describes IDF’s privacy practices in relation to your use of IDF’s electronic personal health record (ePHR) services (“the Service”), including any data that may be collected by IDF through your ePHR account. “You” and “your” refers to you as a user of the ePHR. We do not use or disclose your information except as described in this privacy policy.

Table of Contents
  1. Introduction
  2. Collection of Personal and Usage Information
  3. How your Personal Information and Usage Information are Used and Shared
  4. Third Party Links
  5. How we Use Cookies
  7. Complaint Process
  8. Changes to our ePHR End User Privacy Policy

1. Introduction

The Service is a health education and research software tool from IDF which is powered by Microsoft® HealthVault™. We are not medical providers. IDF does not provide medical advice, diagnosis or treatment. The information accessible on this Site, and the information and data produced by the Service are not a substitute for professional advice, diagnosis or treatment.

2. Collection of Personal and Usage Information

It is important for you to understand how the information that you submit, review and edit in your ePHR is used by IDF. Any data that you enter into ePHR is stored in a secure hosted environment and may also be stored in Microsoft® HealthVault™. The secure hosted environment is within the United States, is HIPAA and HITECH compliant and is audited annually by a certified third party assessor to meet the requirements for HITRUST CSF certification. You can review and edit certain information in your HealthVault™ account using the ePHR patient portal, and any changes will be saved to your personal health record. When your health information is transmitted to ePHR, it is referred to as “Personal Health Record Information” (“PHRI”).

The Service uses personal information collected from you, your provider (if authorized by you) and HealthVault™, including PHRI, to provide the Service. The PHRI that is stored in HealthVault™ and the secure hosted environment is not accessible by IDF. IDF cannot access or view any of your PHRI through the Service without your secret login information. IDF may collect information about your interaction with ePHR. For example, we may use web site analytics tools on ePHR to retrieve information from your browser, including the site you came from, the search engine(s) and the keywords you used to find the Service, the pages you view within the Service and your browser’s width and height. We may also use technologies, such as cookies (described below), to collect information about the pages you view, the links you click and other actions you take on ePHR. Additionally, we may collect certain standard information that your browser sends to every web site you visit, such as your IP address, browser type and language, access times and referring web site addresses. This information is referred to as “Usage Information.”

3. How your Personal Information and Usage Information are Used and Shared

Your personal information and Usage Information are used to provide the Service to you and to personalize your user experience. We and our suppliers may also use this information to improve our respective products and services, including ePHR. IDF may use aggregated information to improve the quality of the Service and for marketing the Service (for example, to tell potential users how many Service users live in the United States). This aggregated information is not associated with any individual account. Except as set forth in this Privacy Policy, we will not share your Personal Information and Usage Information in personally identifiable form with any other party without your consent, unless we are required to do so (1) to comply with the law; (2) to prevent, report or investigate illegal activity; or (3) to protect the rights or property of IDF and its vendors (including the enforcement of our agreements).

IDF may “de-identify” the medical information that you post to your account (“De-identified Information”) and use the De-identified Information as it determines, including for primary immune deficiency diseases research, advocacy or commercial purposes. De-identification involves a process of eliminating or masking information that directly or indirectly identifies you personally, such as your name, address, elements of your date of birth and similar information. You understand and agree that IDF owns and will own all De-identified Information and derivations of such information in all forms and media.

It is important that you understand, however, that the choices you select in Microsoft® HealthVault™ may allow other people, companies and applications to access your personal information that is stored in your HealthVault™ account.

4. Third Party Links

ePHR may contain links to web sites operated by third parties. We have no control over the privacy policies or practices of such third party sites, or the information accessible at such third party sites. You should review the privacy policies and terms of use of those sites for more information about the policies and practices applicable to those sites.

5. How we Use Cookies

We may use “cookies” with this Service to enable you to sign in and to help personalize the Service. A cookie is a small text file that a web page or server places on your hard disk. It is not possible to use cookies to run programs or deliver viruses to your computer. A web server assigns cookies uniquely to you and only a web server in the domain that issued the cookie to you can read the cookie. Like many other web services, ePHR may use cookies to provide information relating to the sources of site traffic and to help you personalize your experience. Our collection of this information, however, does not allow us to personally identify you.

You have the ability to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline some or all cookies if you prefer. If you choose to decline all cookies, you may not be able to use interactive features of the Service that depend on cookies.

We may collect information about your use of the Service, including the pages you view, the links you click, and other action takes in connection with the Service. We may also collect certain standard, non-personally identifiable information that your browser sends to every web site you visit, such as your IP address, browser type and language, access times and referring web site addresses.


An option for users of IDF ePHR is to consent into PI CONNECT, the IDF Patient-Powered Research Network. What is PI CONNECT?PI CONNECT is a tool designed to directly connect patients to research being conducted in the field of primary immunodeficiency diseases (PI). By Joining PI CONNECT you allow us to:
  • Store the data from your ePHR in the USIDNET Registry.
  • Combine the information you enter with medical information provided by your physician.
  • Share your de-identified data with researchers in PI and other related fields to advance the knowledge and treatment of PI.
We promise to safeguard your privacy:
  • Only administrators will have access to identifying information such as your name and address.
  • We will only share de-identified data with researchers.
  • We will never give your contact information to an outside entity without your consent.
  • We will notify you immediately if there is ever a breach in your privacy.
  • You will always have the opportunity to remove yourself from PI CONNECT and revoke your consent at any time.
To request more information about how you can join PI CONNECT, e-mail or call 800-296-4433.

7. Complaint Process

If you have a complaint or problem related to the Service, you may e-mail or call IDF using the following information:

  • IDF ePHR
  • (800) 296-4433

If you do not receive adequate resolution of a privacy-related problem, you may write to IDF’s Security and Privacy Officer at:

  • IDF Security Officer
  • Immune Deficiency Foundation
  • 110 West Road
  • Suite 300
  • Towson, Maryland 21204

8. Changes to our Privacy Policy

We may update this Privacy Policy from time to time. When we do, we will revise the “last updated” date at the top of this Privacy Policy. You may be required to verify that you have reviewed the changes before signing into ePHR the next time you log in, if material changes are made to this Privacy Policy. We encourage you to review this Privacy Policy periodically to stay informed about how we are helping to protect the personal information we collect. Your continued use of the Service constitutes your agreement to this ePHR End User Privacy Policy and any updates.