Skip directly to search Skip directly to A to Z list Skip directly to navigation Skip directly to page options Skip directly to site content

CDC Web Privacy Policy Notice

Thank you for visiting the Centers for Disease Control and Prevention (CDC) website and for reviewing our Privacy Policy. CDC is committed to maintaining the privacy of your personal information. With respect to the collection, use and disclosure of personally identifiable information (PII) CDC complies with applicable federal law.
Our privacy policy is clear:

  • CDC does not collect any personally identifiable information (PII) when you visit our Websites unless you choose to provide that information to us.
  • Any PII that you choose to provide is fully protected.
  • Non-PII information related to your visit to our websites may be automatically collected and temporarily stored.

Here is how we handle information about your visit to our website:


Information Collected and Stored Automatically

When you browse through any Website, certain information about your visit can be collected. If you do nothing during a visit to the CDC Website other than browse through the website, read pages or download information, certain data will be gathered and stored automatically about the visit. This information does not identify you personally. We automatically collect and temporarily store only the following information about your visit:

  • the Internet domain (for example, "" if a private Internet access account is used, or "" if connecting from a university's domain) and IP address (an IP address is a number that is automatically assigned to your computer when surfing the Web);
  • Operating System and information about the Web browser (used when accessing the site;
  • the visit date and time;
  • the specific pages visited;
  • if is designated as a home page; and
  • the amount of data (measured in number of bytes) transmitted from to your computer.

We use this information in the aggregate to measure the number of visitors to our site and its various sections, to enhance site performance, and to improve the overall customer service experience for our visitors by making it more useful. The CDC uses a third-party analytics provider (currently Google Analytics) to collect and summarize this information in conjunction with cookies. The third-party analytics provider does not receive personally identifiable information. Please review Google Analytics’ privacy policy for additional information ( The Google Analytics Terms of Use are available online at You can prevent Google Analytics from recognizing you on return visits to this site by disabling cookies on your browser.

Within the CDC, we restrict access to personally identifiable information to employees, contractors, and vendors subject to non-disclosure requirements who require access to this information in order to perform their official duties and exercise controls to limit what data they can view based on the specific needs of their position. If you choose to share information with us, we may in some cases, share that information or automatically generated information with other government agencies in response to lawful law enforcement requests or to protect from security threats. 

We do not use or share your information for commercial purposes and, except as described above, we do not exchange or otherwise disclose this information.

 Top of Page  

Web Measurement and Customization Technologies

All uses of Web measurement and customization technologies will comply with existing policies with respect to privacy and data safeguarding standards. Information Systems owned and operated by CDC are assessed using Privacy Impact Assessments (PIAs) posted for public view on the Department of Health and Human Services (HHS) Website ( Groups of records that contain information about an individual and are designed to be retrieved by the name or other personal identifier linked to the individual are covered by the Privacy Act of 1974, as amended (5 U.S.C. Section 552a). For these records, CDC Systems of Record Notices are published in the Federal Register and posted on the CDC Web site at:

CDC Websites use a variety of different Web measurement and customization technologies to collect and analyze the information with regard to users’ visits. Some pages on may include web content or functionality from third parties. For example, content or functionality from the following third parties may be present on some pages, including but not limited to:

  • 3ci
  • MotionPoint
  • Omniture
  • Socrata
  • Twibbon
  • UserZoom

CDC uses online surveys to collect opinions and feedback from a random sample of visitors. uses the ForeSee Results’ American Customer Satisfaction Index (ACSI) online survey to obtain feedback and data on visitors’ satisfaction with the Website. This survey does not collect personally identifiable information. Although the survey invitation pops up for a random sample of visitors, it is optional. If you decline the survey, you will still have access to the identical information and resources at the site as those who do not take the survey. The survey reports are available only to staff, such as subject matter experts, health communication staff and other designated staff who necessarily require this information to perform their duties. CDC retains the data from ACSI survey results as long as needed to support the mission of the Web site, but for no longer than one (1) year. ForeSee’s privacy policy is available at:

CDC uses GovDelivery to send e-newsletters, alerts and other messages to visitors who subscribe to them. To subscribe to a CDC product, you must provide an email address and indicate your subscription preferences, including the items you want to receive. The email subscriber lists are password protected by GovDelivery. Only the CDC managers who send newsletters, alerts or memos via GovDelivery and staff members who monitor the results of GovDelivery email initiatives have access to the subscriber lists. GovDelivery never allows access to the subscriber lists to anyone outside of CDC for any purpose. GovDelivery collects and provides non-identifying information about the number of messages sent, clicks and open rates. This information is password protected and only available to managers, members of the Communications and Web Teams, and other designated staff who require this information to perform their duties. The GovDelivery privacy policy is available at:

 Top of Page  

Use of Cookies

The Office of Management and Budget (OMB) Memorandum M-10-22, Guidance for Online Use of Web Measurement and Customization Technologies (June 25, 2010), (available at allows federal agencies to use session and persistent cookies. When you visit any Web site, a small text file called a "cookie" may be placed on your computer. The “cookie” allows the server to “remember” specific information about your visit while you are connected to that Website. The cookie makes it easier for you to use the dynamic features of Web pages. Cookies from CDC Web pages only collect information about your browser’s visit to our site; they do not collect personal information about you.

CDC uses two types of cookies on its Websites: single session (temporary) and multi-session (persistent):

  • Session Cookies: We use session cookies for technical purposes to improve the user experience while visiting our Website. Session cookies are temporary text files that expire when you leave our Websites. Once you close your browser, the cookie is destroyed and automatically deleted from your computer. Under OMB M-10-22, our use of session cookies is defined as Usage Tier 1 single session. The policy states that this tier encompasses any use of single session Web measurement and customization technologies.
  • Persistent cookies are stored on your computer for a longer period. These multi-session cookies are stored on your computer and expire 1 year after your last visit to a Website. After 1 year, they are automatically deleted from your computer; however, you may also choose to delete persistent cookies from your computer at any time. We use persistent cookies to collect non-PII data about users who frequently visit our Websites, and to test variations of our site design and content to optimize our Web pages. In the Office of Management and Budget (OMB) Memo 10-22 Guidance, our use of persistent cookies is defined as "Usage Tier 2 Multi-session without Personally Identifiable Information (PII)," which "encompasses any use of multi-session Web measurement and customization technologies when no PII is collected."
 Top of Page

You Can Opt Out or Disable Cookies

If you do not wish to have session or persistent cookies placed on your computer at all, you can choose not to accept cookies from the CDC Website by changing your browser settings. By not accepting cookies you will still have access to all information, and resources on our Websites, identical to that received by individuals choosing to accept the cookies. Instructions to opt out or disable cookies using some of the most popular browsers are available at

 Top of Page  

If You Send Us Personal Information

You do not have to give us personal information to visit the CDC Websites. If you choose to provide us with additional information about yourself, as in an e-mail message, questionnaire, form, online survey, or other tool, submitted through our website, we only use that information to respond to your message.

We will maintain any information you provide in accordance with applicable federal law. CDC will not disclose, give, sell, or transfer any personal information about visitors to our websites, unless required for law enforcement or by statute. Moreover, we do not create individual profiles with the information you provide or give it to any private organizations. CDC does not collect information for commercial marketing.
Remember, however, that e-mail is not necessarily secure against interception. Therefore, if your communication is sensitive or includes personal information, you may prefer to send it to CDC via postal mail instead.

If you choose to provide us with personally identifiable information (PII) - that is to say, information that is personal in nature and may be used to identify you - as in an e-mail message, questionnaire, form, online survey, or other tool, submitted through our website, we will maintain the information that you provide only as long as needed to respond to your question or to fulfill the stated purpose of the communication. If we store your personal information in a records system designed to retrieve contact information about individuals by personal identifier (e.g., name, personal e-mail address, home (mailing) address, personal or mobile phone number, etc.), we will safeguard your information in accordance with the Privacy Act of 1974, as amended (5 U.S.C. 552a).

If, in order to accomplish its mission, CDC operates a system of records from which it retrieves information that you submit, there will be a Privacy Act Notice prominently displayed on the public-facing website or form that requests your PII. If applicable, such Notice must state the following five criteria:

  • The purpose for which CDC is collecting your information
  • CDC’s legal authorization to collect your information
  • The Routine Uses for which your information will be disclosed outside of CDC
  • Whether providing your information is voluntary or legally mandatory
  • The effects, if any, of nondisclosure of your information should you choose not to provide it.

For further information about CDC privacy policy, please contact the CDC Senior Official for Privacy at, or call 770-488-8660.

 Top of Page  

Intrusion Detection and Security

This site is maintained by the U.S. Government and is protected by various provisions of Title 18 of the U.S. Code. Violations of Title 18 are subject to criminal prosecution in Federal court.

For site security purposes and to ensure that this service remains available to all users, CDC employs software programs to identify unauthorized attempts to upload or change information, or otherwise cause damage. Unauthorized attempts to upload or change information on this Website are strictly prohibited and may be punishable by law, including the Computer Fraud and Abuse Act of 1986 and the National Information Infrastructure Protection Act of 1996.

 Top of Page  

Third-Party Websites and Applications

In addition to CDC’s official website on, CDC uses social media and third-party (non-CDC) websites to share information and to engage the public. For example, there may be third-party applications and/or services linked to or embedded on to improve its functionality. Likewise, applications created by CDC may be embedded on third-party websites as a way to increase public awareness of CDC activities. Our integration of these products is intended to provide a seamless user experience and to enhance users’ ability to access information and communicate with CDC.

Your activity on these third-party sites is governed by the security and privacy policies of the third party sites. Consequently, you should review the privacy policies of third-party sites before using them and ensure that you understand how your information may be used. You should also adjust privacy settings on your account on any third-party site to match your preferences.

Some third-party websites and applications may make personally identifiable information (PII) available to the public and/or CDC based on your user controlled settings or the privacy policies of the third-party. CDC will not collect, maintain, use, or share any PII that becomes available through CDC’s use of third-party websites or applications.

Please be aware that the privacy policy provided on social media and third-party websites that are not a part of the domain may not be the same as the privacy policy described here. PII or other information that you share through social media, or a third-party website or application may be accessible by non-government third parties. As described in these website policies, you can communicate with CDC without involving a third-party.

 Top of Page

  • Page last reviewed: March 11, 2015
  • Page last updated: March 11, 2015
  • Content source: