If you are a participant in PatientsLikeMe’s DigitalMeTM initiative, then you are participating in a much broader sharing of information that includes biological samples, genetic and data from a wide variety of sources. Additional information about how data is shared under that initiative is available in the DigitalMe Ignite Informed Consent Document.
Why Do We Share Data
PatientsLikeMe (www.patientslikeme.com) (“Platform”) is a sharing web site. Our goal is to provide a platform for patients who want to share their health information to create collective knowledge about disease, health, and treatments. We know our success in achieving this goal depends on a shared belief in our Openness philosophy. Being open about one’s health is not for everyone, and we strive, with full transparency, to outline the benefits and risks of being part of this sharing site, including those related to privacy.
Who Uses The Data We Collect
There are four broad groups of people with whom we share data.
The Community – This group is you and your fellow patients on the site. You share data through your profile and the various social components on the site. By sharing your data others can learn from it.
PatientsLikeMe – We use the data you provide internally, both to improve our services and to conduct our own research.
Our Partners – PatientsLikeMe frequently partners with other institutions to conduct research. These partners include, but are not limited to, universities, pharmaceutical companies, and the US Food and Drug Administration (FDA). One key group of partners are the other members of the Digital Life Alliance – like minded companies who work closely with PatientsLikeMe to change healthcare around the globe.
Vendors – We also contract with various service providers for business and technical operations like e-mail delivery, site hosting, marketing, help desk support and others.
Details of how these different groups use our data is provided below.
There are two privacy levels a Member may choose for participation at PatientsLikeMe:
Members only: Only PatientsLikeMe Members can see your data connected with your username; or
Public: Non-members and Members can see your data connected with your username.
Public profiles may be indexed or stored by Internet search engines (e.g. Google) or other independent sites, which means a Member’s Shared Data, including any Personal Information shared, may come up in the search results by anyone on the Internet, even after switching privacy levels.
Members may change their privacy level at any time. Neither option will allow anybody outside of the community to contact you.
What Kind of Information We Collect
“Shared Data” is all information, except Restricted Data, that Members provide about themselves when using the Platform or in other communications with PatientsLikeMe, may be shared by PatientsLikeMe with any of the four groups (The Community, PatientsLikeMe, Our Partners, and Vendors). Examples of Shared Data that Members may submit include:
- Biographic and demographic information, e.g. photograph, biography, gender, age, location (city, state/province and country);
- Condition/disease information, e.g. diagnosis date, first symptom, family history;
- Treatment information, e.g. treatment start dates, stop dates, stop reasons, dosages, side effects, treatment evaluations and information on treatment switching;
- Symptom information, e.g. severity, duration;
- Outcome scores over time, e.g. ALSFRS-R, MSRS, PDRS, FVC, PFRS, Mood Map, Quality of life, weight, InstantMe;
- Sensor information, e.g. personal activity trackers;
- Voice recordings captured for specific research which members have opted to participate in;
- Laboratory results and biomarkers, e.g. CD-4 count, viral load, creatinine, voice features, images;
- Status of individual genes or variants (mutations)
- Individual and aggregated survey responses;
- Information shared via free text fields, e.g. the forum, treatment evaluations, surveys, annotations, journals, feeds, adverse event reports; and
- Connections to other people on the Platform, e.g. invited care team member, mentors, feeds, subscriptions.
In the course of using the Platform, Members may share information that could reasonably be used to identify them (“Personal Information”) but in a way that would be difficult for us to filter out. When a Member chooses to share Personal Information via a free text field (e.g. forum, treatment evaluations, annotations, journals, feeds and adverse event reports) and photos or images, the information shall be treated as Shared Data.
PatientsLikeMe may aggregate or statistically analyze Shared Data, including from more than one member, in which case such resulting aggregated or statistically analyzed data shall also be treated as Shared Data by PatientsLikeMe.
When a Member enters Personal Information, including name and email address, as part of registering to use PatientsLikeMe, that Personal Information is treated as “Restricted Data”. The type of Restricted Data that Members may submit at the Platform include:
- Name, as collected as part of registration or in a Member’s Account Information;
- Email address, as collected and verified as part of registration or in a Member’s Account Information;
- Password, as collected as part of registration or in a Member’s Account Information;
- Mailing address, as collected via email, forms, or private message as part of Member programs such as t-shirt giveaways and PatientsLikeMe InMotion™;
- Date of birth, as collected in your profile;
- Genome wide single nucleotide polymorphism analyses, whole exome sequencing analyses, or whole genome sequencing analysis; and
- Private messages.
PatientsLikeMe may de-identify Restricted Data, such that it no longer constitutes Personal Information, in which case such data shall be treated by PatientsLikeMe as Shared Data. Examples of such de-identification include, but are not limited to, using age instead of birthdate, or using a zip code instead of a full address.
Platform Use Data
We, and our Vendors, may use web tracking technologies such as cookies and pixel tags to understand how members use our platform. Such collected data (“Platform Use Data”) may include the URL of the websites you visited before and after you visited our Platform, the type of browser you are using, your Internet Protocol (IP) address, your Internet Service Provider, what pages in our Platform you visit and what links you click on, date and time of your visit and duration, and whether you open email communications we send to you. You may be able to modify your browser settings to alter which web tracking technologies are permitted when you use the Platform, but this may limit your use of the Platform.
Platform Use Data is typically only used by PatientsLikeMe and our vendors, but it may be shared with our research partners, as we do with Shared Data, to help them understand how members use and benefit from the site.
How Your Data is Used and Shared
Members should expect that every piece of information they submit (even if it is not currently displayed), except for Restricted Data, may be shared with the Community and Partners. Members are encouraged to share health information but should consider that the more information that is entered, the more likely it is that a Member could be located or identified.
How Shared Data is Used
Shared Data is shared with the Community via Member profile pages and through aggregated reports that are made available to other PatientsLikeMe Members. In some instances, this Shared Data is also viewable to those not registered to join PatientsLikeMe (“Non-members”). We report publicly Shared Data in aggregate, such as the number of patients on a particular treatment or the number of patients experiencing a particular symptom (see public Treatment and Symptom Reports). If a Member chooses to designate their profile as “Public” (see Privacy Settings below), their Shared Data can also be viewed by Non-members and linked with aggregated reports. These public profiles may be used by anyone accessing the website in reports, conference presentations, media mentions, etc.
In addition to serving the individual needs of our Members, PatientsLikeMe and its Partners are interested in better understanding the patient experience and improving treatment options and health outcomes for everyone. For example, we may look at questions such as, “Do certain treatments work better for some types of people versus others?” PatientsLikeMe provides Shared Data, in individual and aggregate format, to Partners for use in scientific research and market research. When selling this information, PatientsLikeMe removes Members’ Restricted Data (de-identification) to reduce the possibility of re-identification and, where possible, contractually forbids partners from trying to re-identify Members.
PatientsLikeMe may also periodically ask Members to complete surveys about their experiences (including questions about products and services). Survey responses are analyzed, combined with Members’ Shared Data and shared with and/or sold to Partners. Member participation in these surveys is not required, and refusal to do so will not impact a Member’s experience with PatientsLikeMe.
PatientsLikeMe may also report individual adverse event and drug safety information to regulatory Partners like the FDA, CDC, and/or other bodies (U.S. and international) as well as directly to pharmaceutical and biotechnology companies. PatientsLikeMe does not provide Restricted Data to such regulatory bodies, although we reserve the right to contact Members for follow-up at the request of agencies or Partners. The Shared Data that PatientsLikeMe reports may include free text or images on the forums or evaluations. In addition, certain areas within our Platform are provided with the support of Partners. These Partners may have adverse event reporting requirements that relate to regulated products that are used by Members of our community, and PatientsLikeMe assists such Partners with reporting adverse events to regulatory agencies.
Finally, PatientsLikeMe may use Shared Data internally or send Shared Data to Vendors who assist with operating our services or performing research. This data is used to provide or improve the services offered and to conduct newer multi-omics research. For example, we may send treatment or condition information to an e-mail provider so that information can be included in message we send to you.
PatientsLikeMe, like most Internet communities, is a public forum, and Members acknowledge and accept that any information shared through free text or images might be connected to Members’ Shared Data (which may be shared with, sold to, or displayed for others). For example, if a Member puts his or her name (or other Personal Information) into a free text field like the biography, forum, journals or annotations, the Member should know this information may be included in what is shared with, displayed for, or sold to Partners.
How Restricted Data is Used
A Member’s Restricted Data is never shared with the Community unless the Member is acting in a role other than patient. For example:
- If a Member registers with, or is switched to, an official doctor and research account, the Member’s full name and affiliation will be viewable to the community via your profile;
- If a Member is acting as a PatientsLikeMe employee the Member will be identified as such.
We will never sell, provide, or use your restricted information for non-PatientsLikeMe advertising purposes.
PatientsLikeMe uses Restricted Data internally, as needed, for research, for maintenance and operation of the Platform, and to create the best possible tools and experience for patients. We take steps to protect this data and limit access to only those who need it for their job.
If we have a member's permission, their e-mail address will be used to send them a variety of notifications, including study invitations, newsletters and private message notifications. A member may change this setting at signup, on their account page or by clicking the unsubscribe link at the bottom of any email they receive from PatientsLikeMe. However, all members receive administrative emails, and you cannot opt out of administrative emails while you remain registered with the Platform.
Additionally, Restricted Data is not shared with or sold to Partners unless explicit consent is given. Specific instances where consent may be requested include:
- Special research projects and studies
- Co-registration with a non-profit
- Media interviews of a Member
- Public registries, like the ALS Registry
If you are a participant in PatientsLikeMe’s DigitalMe initiative then you have consented to having your Restricted Data shared more broadly than described here. Please see the informed consent document for more information.
PatientsLikeMe will share Restricted Data, in some instances, with Vendors for the purpose of operating or improving our services. Before sharing Restricted Data with a Vendor PatientsLikeMe will investigate potential Vendors to ensure that their security and privacy practices are up to PatientsLikeMe standards. Specific examples where Restricted Data may be shared with Vendors include:
- If a Member makes a request, PatientsLikeMe may use Restricted Data, including sharing the Member’s Restricted Data with software/service vendors, for the purpose of fulfilling the request. Examples include requesting to receive the company newsletter via email, requesting an email response from the PatientsLikeMe support team, and requesting a t-shirt be mailed to the Member’s residence.
- We may use your restricted information to exclude you from certain PatientsLikeMe advertisements or to present certain participation opportunities to you via social media advertising.
How Platform Use Data is Used
We use Platform Use Data for several purposes:
Authentication: We use Platform Use Data stored in cookies on your computer to indicate that you have logged into your PatientsLikeMe account and to enable you to use certain portions of our Platform.
Administer Platform: We use Platform Use Data to help administer the Platform and members’ use of the Platform. We may, in some circumstances, need to review this Platform Use Data in combination with specific Restricted Data to identify and resolve issues for individual users.
Closing Your Account
Members are free to stop using this service at any time. If a Member chooses to deactivate his/her account, PatientsLikeMe will not display or sell the data in that account as of the date of deactivation. However, the Member’s data will remain in the system for auditing purposes, and research conducted, or in progress, prior to the deactivation of a Member’s account will still include the Member’s data.
Other Special Cases
There are instances, not covered above, where Shared Data, Restricted Data, and Platform Use Data may be used and disclosed including, but not limited to, the following:
- PatientsLikeMe may use a Member’s data in the case of an emergency or other circumstance that we determine requires a member of the management team to directly contact the Member. For example a concern of a suicide attempt or a data breach that put the Member at risk.
Other Security Issues
PatientsLikeMe cannot guarantee the identity of any Members with whom a Member may interact in the course of using the Platform or who may have access to a Member’s Shared Data. Additionally, we cannot guarantee the authenticity of any data that Members may provide about themselves.
Finally, Members should know that PatientsLikeMe takes commercially reasonable technical precautions to help keep Member data secure consistent with applicable U.S. state and federal laws. We take these precautions in an effort to protect your information against security breaches. However, this is not a guarantee that such information may not be accessed, disclosed, altered, or destroyed by breach of such firewalls and secure server software. By using our Platform, you acknowledge that you understand an agree to assume these risks.
Risks and Benefits
While our goal is to help patients improve health outcomes, there are no certain benefits to using this website. However, keeping track of personal well-being, treatments, and symptoms has been shown to be helpful in improving overall health.
There are also no known risks to using this website, but there is a possibility that users may feel uncomfortable sharing information online. It is possible that a Member could be identified using information shared on PatientsLikeMe (and/or in conjunction with other data sources). A Member could be discriminated against or experience repercussions as a result of the information shared. For example, it is possible that employers, insurance companies, or others may discriminate based on health information.
In using the Platform, Members are free to skip any non-required questions or data fields that make them feel uncomfortable.
Governing Law and Platform Visitors from outside the United States
California Online Privacy Protection Act Notice
On September 27, 2013, California enacted A.B. 370, amending the California Online Privacy Protection Act to require website operators like us to disclose how we respond to "Do Not Track Signals"; and whether third parties collect personally identifiable information about users when they visit us.
- We do not track user activity that does not occur on our site and therefore do not use "do not track" signals.
- We do not authorize the collection of personally identifiable information from our users for non-PatientsLikeMe advertising purposes through advertising technologies without separate member consent.
- California Civil Code Section 1798.83 also permits our members who are California residents to request certain information regarding our disclosure of Personal Information to third parties for their direct marketing purposes. To make such a request, please send an email to [info@PatientsLikeMe.com]. Please note that we are only required to respond to one request per member each year.
History of Updates/Changes to Terms and Conditions of Use:
- On , clarified language differentiating vendors and partners, as well as cookie and Platform Use Data usage. Also, added new language for biology and multi-omics, updated advertising policies and other minor changes and reorganization.
- On , added statement to explain ways a member can unsubscribe from emails.
- On , additional examples of shared data were added.
- On , the heading to “How Your Data is Used” was changed and clarifying language was added to both the Cookies and How Your Data is Used sections.
- On , the Safe Harbor section was updated.
- On , the following section was added: “EU Save Harbor”.
- On , the following clauses were added: “We will provide our Partners with anonymized, aggregated community data with the goal of increasing involvement in disease research” and “except in incidents when you have given explicit permission, e.g. in the ALS Registry.”