Skip directly to search Skip directly to A to Z list Skip directly to navigation Skip directly to page options Skip directly to site content

CDC Web Privacy Policy Notice

Thank you for visiting the Centers for Disease Control and Prevention (CDC) website and for reviewing our Privacy Policy. CDC is committed to maintaining the privacy of your personal information. With respect to the collection, use and disclosure of personally identifiable information (PII) CDC complies with applicable federal law.
Our privacy policy is clear:

  • CDC does not collect any personally identifiable information (PII) when you visit our Websites unless you choose to provide that information to us.
  • Any PII that you choose to provide is fully protected.
  • Non-PII information related to your visit to our websites may be automatically collected and temporarily stored.

Here is how we handle information about your visit to our website:

Information Collected and Stored Automatically

When you browse through any Website, certain information about your visit can be collected. If you do nothing during a visit to the CDC Website other than browse through the website, read pages or download information, certain data will be gathered and stored automatically about the visit. This information does not identify you personally. We automatically collect and temporarily store only the following information about your visit:

  • the Internet domain (for example, "xcompany.com" if a private Internet access account is used, or "yourschool.edu" if connecting from a university's domain) and IP address (an IP address is a number that is automatically assigned to your computer when surfing the Web);
  • Operating System and information about the Web browser (used when accessing the site;
  • the visit date and time;
  • the specific pages visited;
  • if www.cdc.gov is designated as a home page; and
  • the amount of data (measured in number of bytes) transmitted from CDC.gov to your computer.

We use this information in the aggregate to measure the number of visitors to our site and its various sections, to enhance site performance, and to improve the overall customer service experience for our visitors by making it more useful.

 Top of Page

Web Measurement and Customization Technologies

All uses of Web measurement and customization technologies will comply with existing policies with respect to privacy and data safeguarding standards. Information Systems owned and operated by CDC are assessed using Privacy Impact Assessments (PIAs) posted for public view on the Department of Health and Human Services (HHS) Website (http://www.hhs.gov/pia/). Groups of records that contain information about an individual and are designed to be retrieved by the name or other personal identifier linked to the individual are covered by the Privacy Act of 1974, as amended (5 U.S.C. Section 552a). For these records, CDC Systems of Record Notices are published in the Federal Register and posted on the CDC Web site at: http://www.cdc.gov/SORNnotice/.

CDC Websites use a variety of different Web measurement and customization technologies to collect and analyze the information with regard to users’ visits. Some pages on CDC.gov may include web content or functionality from third parties. For example, content or functionality from the following third parties may be present on some CDC.gov pages, including but not limited to:

  • 3ci
  • MotionPoint
  • Omniture
  • Socrata
  • Twibbon
  • UserZoom

CDC uses online surveys to collect opinions and feedback from a random sample of visitors. CDC.gov uses the ForeSee Results’ American Customer Satisfaction Index (ACSI) online survey to obtain feedback and data on visitors’ satisfaction with the CDC.gov Website. This survey does not collect personally identifiable information. Although the survey invitation pops up for a random sample of visitors, it is optional. If you decline the survey, you will still have access to the identical information and resources at the CDC.gov site as those who do not take the survey. The survey reports are available only to CDC.gov staff, such as subject matter experts, health communication staff and other designated staff who necessarily require this information to perform their duties. CDC retains the data from ACSI survey results as long as needed to support the mission of the CDC.gov Web site, but for no longer than one (1) year. ForeSee’s privacy policy is available at: http://www.foreseeresults.com/privacy-policy.shtml

CDC uses GovDelivery to send e-newsletters, alerts and other messages to visitors who subscribe to them. To subscribe to a CDC product, you must provide an email address and indicate your subscription preferences, including the items you want to receive. The email subscriber lists are password protected by GovDelivery. Only the CDC managers who send newsletters, alerts or memos via GovDelivery and staff members who monitor the results of GovDelivery email initiatives have access to the subscriber lists. GovDelivery never allows access to the subscriber lists to anyone outside of CDC for any purpose. GovDelivery collects and provides non-identifying information about the number of messages sent, clicks and open rates. This information is password protected and only available to CDC.gov managers, members of the CDC.gov Communications and Web Teams, and other designated staff who require this information to perform their duties. The GovDelivery privacy policy is available at: http://www.govdelivery.com/legal-privacy

 Top of Page

Use of Cookies

The Office of Management and Budget (OMB) Memorandum M-10-22, Guidance for Online Use of Web Measurement and Customization Technologies (June 25, 2010), (available at http://www.whitehouse.gov/sites/default/files/omb/assets/memoranda_2010/m10-22.pdf) allows federal agencies to use session and persistent cookies. When you visit any Web site, a small text file called a "cookie" may be placed on your computer. The “cookie” allows the server to “remember” specific information about your visit while you are connected to that Website. The cookie makes it easier for you to use the dynamic features of Web pages. Cookies from CDC Web pages only collect information about your browser’s visit to our site; they do not collect personal information about you.

CDC uses two types of cookies on its Websites: single session (temporary) and multi-session (persistent):

  • Session Cookies: We use session cookies for technical purposes to improve the user experience while visiting our Website. Session cookies are temporary text files that expire when you leave our Websites. Once you close your browser, the cookie is destroyed and automatically deleted from your computer. Under OMB M-10-22, our use of session cookies is defined as Usage Tier 1 single session. The policy states that this tier encompasses any use of single session Web measurement and customization technologies.
  • Persistent cookies are stored on your computer for a longer period. These multi-session cookies are stored on your computer and expire 1 year after your last visit to a Website. After 1 year, they are automatically deleted from your computer; however, you may also choose to delete persistent cookies from your computer at any time. We use persistent cookies to collect non-PII data about users who frequently visit our Websites, and to test variations of our site design and content to optimize our Web pages. In the Office of Management and Budget (OMB) Memo 10-22 Guidance, our use of persistent cookies is defined as "Usage Tier 2 Multi-session without Personally Identifiable Information (PII)," which "encompasses any use of multi-session Web measurement and customization technologies when no PII is collected."
 Top of Page

You Can Opt Out or Disable Cookies

If you do not wish to have session or persistent cookies placed on your computer at all, you can choose not to accept cookies from the CDC Website by changing your browser settings. By not accepting cookies you will still have access to all information, and resources on our Websites, identical to that received by individuals choosing to accept the cookies. Instructions to opt out or disable cookies using some of the most popular browsers are available at http://www.usa.gov/optout_instructions.shtml.

 Top of Page

If You Send Us Personal Information

You do not have to give us personal information to visit the CDC Websites. If you choose to provide us with additional information about yourself, as in an e-mail message, questionnaire, form, online survey, or other tool, submitted through our website, we only use that information to respond to your message.

We will maintain any information you provide in accordance with applicable federal law. CDC will not disclose, give, sell, or transfer any personal information about visitors to our websites, unless required for law enforcement or by statute. Moreover, we do not create individual profiles with the information you provide or give it to any private organizations. CDC does not collect information for commercial marketing.
Remember, however, that e-mail is not necessarily secure against interception. Therefore, if your communication is sensitive or includes personal information, you may prefer to send it to CDC via postal mail instead.

If you choose to provide us with personally identifiable information (PII) - that is to say, information that is personal in nature and may be used to identify you - as in an e-mail message, questionnaire, form, online survey, or other tool, submitted through our website, we will maintain the information that you provide only as long as needed to respond to your question or to fulfill the stated purpose of the communication. If we store your personal information in a records system designed to retrieve contact information about individuals by personal identifier (e.g., name, personal e-mail address, home (mailing) address, personal or mobile phone number, etc.), we will safeguard your information in accordance with the Privacy Act of 1974, as amended (5 U.S.C. 552a).

If, in order to accomplish its mission, CDC operates a system of records from which it retrieves information that you submit, there will be a Privacy Act Notice prominently displayed on the public-facing website or form that requests your PII. If applicable, such Notice must state the following five criteria:

  • The purpose for which CDC is collecting your information
  • CDC’s legal authorization to collect your information
  • The Routine Uses for which your information will be disclosed outside of CDC
  • Whether providing your information is voluntary or legally mandatory
  • The effects, if any, of nondisclosure of your information should you choose not to provide it.

For further information about CDC privacy policy, please contact the CDC Senior Official for Privacy at mailto:privacy@cdc.gov, or call 770-488-8660.

 Top of Page

Intrusion Detection and Security

This site is maintained by the U.S. Government and is protected by various provisions of Title 18 of the U.S. Code. Violations of Title 18 are subject to criminal prosecution in Federal court.

For site security purposes and to ensure that this service remains available to all users, CDC employs software programs to identify unauthorized attempts to upload or change information, or otherwise cause damage. Unauthorized attempts to upload or change information on this Website are strictly prohibited and may be punishable by law, including the Computer Fraud and Abuse Act of 1986 and the National Information Infrastructure Protection Act of 1996.

 Top of Page

Third-Party Websites and Applications

In addition to CDC’s official website on www.cdc.gov, CDC uses social media and third-party (non-CDC) websites to share information and to engage the public. For example, there may be third-party applications and/or services linked to or embedded on www.cdc.gov to improve its functionality. Likewise, applications created by CDC may be embedded on third-party websites as a way to increase public awareness of CDC activities. Our integration of these products is intended to provide a seamless user experience and to enhance users’ ability to access information and communicate with CDC.

Your activity on these third-party sites is governed by the security and privacy policies of the third party sites. Consequently, you should review the privacy policies of third-party sites before using them and ensure that you understand how your information may be used. You should also adjust privacy settings on your account on any third-party site to match your preferences.

Some third-party websites and applications may make personally identifiable information (PII) available to the public and/or CDC based on your user controlled settings or the privacy policies of the third-party. CDC will not collect, maintain, use, or share any PII that becomes available through CDC’s use of third-party websites or applications.

Please be aware that the privacy policy provided on social media and third-party websites that are not a part of the cdc.gov domain may not be the same as the privacy policy described here. PII or other information that you share through social media, or a third-party website or application may be accessible by non-government third parties. As described in these website policies, you can communicate with CDC without involving a third-party.

 Top of Page
  • Page last reviewed: March 19, 2014
  • Page last updated: March 19, 2014
  • Content source:
TOP