Interpreting Privacy Policies
Look for the following sections in other organizations privacy policies:
Information Collected Automatically
Most companies will gather technical data relating to the way you interact with their web services. This data typically includes your internet IP address (where you are), your computing device identity (what type of device you are using), and your “clickstream” (what pages you visited).
This information is fairly benign in the context of provider data collection, and is typically used by service providers to improve their products and services.
Information Collected Explicitly
Companies should describe the extent of the data they will collect from you including all personally identifiable information. In the context of provider directory management this information will include your name, date of birth, email, telephone, fax and mailing address, education and other professional identifiers.
As the purpose of the service will be to collect an extensive amount of data about you and your professional practice, this disclosure should not be surprising to you.
Use/Disclosure of Information
Organizations that are collecting your information for resale often attempt to downplay this fact as much as possible. Look out for companies that use wording similar this these examples:
Companies that feel the need to obfuscate the sale of your data know it’s objectionable or they would just come out and say it. As we tell our children, it’s not the crime, it’s the cover up.
At Sanator we will never directly, or indirectly exploit your personal data for commercial reward other than the specific services you have contracted from us.
Companies collecting your data are required to offer a facility to “opt-out” of unsolicited communications. Unfortunately, you won’t know what to opt-out of until you are contacted by a third-party, and then the responsibility is on you to contact that vendor and request to be unsubscribed from future communications.
The Sanator policy has a default setting of opt-out of all unsolicited communications. You can be sure that companies that offer you an opt-out-after-the-fact policy are selling your data to third party marketers.