Privacy and Security Policy

  • Resize font
  • Print
  • Email
  • Facebook
  • Twitter
  • Google+
  • Pinterest

NCI complies with requirements for privacy and security established by the Office of Management and Budget (OMB), Department of Health and Human Services (DHHS), and the National Institutes of Health (NIH). This page outlines our privacy and security policy as they apply to our site as well as third party sites and applications that NCI uses (for example, Facebook, YouTube).

Your Visit to the NCI Website

Your visit to the NCI website is private and secure. When you visit the NCI website, we do not collect any personally identifiable information (PII) about you, unless you choose to explicitly provide it to us. We do, however, collect some data about your visit to our website to help us better understand public use of the site and to make it more useful to visitors. This page describes the information that is automatically collected and stored.

How NCI Collects Information

When you browse through any website, certain information about your visit can be collected. NCI uses the Adobe Omniture Web Analytics and Google Analytics programs to collect information automatically and continuously. We use this information to measure the number of visitors to our site and its various sections and to distinguish between new and returning visitors to help make our site more useful to visitors. However, no personally identifiable information (PII) is collected.

The NCI staff conducts analyses and reports on the aggregated data from Adobe Omniture and Google Analytics. The reports are only available to NCI website managers, members of their Communications and Web Teams, and other designated staff who require this information to perform their duties.

NCI also uses online surveys to collect opinions and feedback from a random sample of visitors.

NCI retains the data from Adobe Omniture and Google Analytics only as long as required by law or needed to support the mission of the NCI website.

How NCI Uses Cookies

The Office of Management and Budget (OMB) Memo M-10-22, Guidance for Online Use of Web Measurement and Customization Technologies allows Federal agencies to use session and persistent cookies.

When you visit any website, its server may generate a piece of text known as a "cookie" to place on your computer. The cookie allows the server to "remember" specific information about your visit while you are connected. The cookie makes it easier for you to use the dynamic features of webpages. Requests to send cookies from NCI’s webpages are designed to collect information about your browser session only; they do not collect personal information about you.

There are two types of cookies, single session (temporary) and multi-session (persistent). Session cookies last only as long as your Web browser is open. Once you close your browser, the cookie disappears. Persistent cookies are stored on your computer for longer periods.

How Are Temporary "Session” Cookies Used?

We use session cookies for technical purposes such as improving navigation through our website. These cookies let our server know that you are continuing a visit to our website. The "session" cookie is not permanently stored on your computer. The cookie and the information about your visit are automatically destroyed shortly after you close your browser to end the session.

The OMB Memo 10-22 Guidance defines our use of session cookies as “Usage Tier 1—Single Session.” The policy says, “This tier encompasses any use of single session Web measurement and customization technologies.”

How Are "Persistent Cookies" Used?

The OMB Memo M-10-22, Guidance for Online Use of Web Measurement and Customization Technologies allows Federal agencies to use persistent cookies in addition to temporary session cookies.

We use persistent cookies to help us recognize new and returning visitors to the NCI website. Persistent cookies remain on your computer between visits to the NCI website until they expire. We do not use this technology to identify you or any other individual website visitor.

We also use persistent cookies to enable NCI’s Adobe Omniture Web Analytics and Google Analytics programs to measure how new and returning visitors use the NCI website over time.

The OMB Memo 10-22 Guidance defines our use of persistent cookies as “Usage Tier 2 – Multi-session without Personally Identifiable Information (PII).” The policy says, “This tier encompasses any use of multi-session Web measurement and customization technologies when no PII is collected.”

How to Opt Out or Disable Cookies

If you do not wish to have session or persistent cookies placed on your computer, you can disable them using your Web browser. If you opt out of cookies, you will still have access to all information and resources the NCI website provides.

Instructions for disabling or opting out of cookies in the most popular browsers are located at http://www.usa.gov/optout_instructions.shtml. Please note that by following the instructions to opt out of cookies, you will disable cookies from all sources, not just those from NCI’s website.

How Is Personal Information Protected?

You do not have to give us personal information to visit the NCI website.

If you choose to provide us with additional information about yourself through an e-mail message, form, survey, etc., we maintain the information only as long as needed to respond to your question or to fulfill the stated purpose of the communication.

For further information about NIH privacy policy, please contact the NIH Senior Official for Privacy at privacy@mail.nih.gov, call (301) 451-3426, or visit http://oma.od.nih.gov/ms/privacy/privacyact.html.

Disclosure

NCI does not disclose, give, sell, or transfer any personal information about our visitors, unless required for law enforcement or by statute.

Site Security

NCI's website is maintained by the U.S. Government. It is protected by various provisions of Title 18, U.S. Code. Violations of Title 18 are subject to criminal prosecution in federal court.

For site security purposes and to ensure that this service remains available to all users, we use software programs to monitor traffic to identify unauthorized attempts to upload or change information or otherwise cause damage. In the event of authorized law enforcement investigations, and pursuant to any required legal process, information from these sources may be used to help identify an individual.

Your Visit to NCI on Third-Party Websites

Third-party websites and applications are Web-based technologies that are not exclusively operated or controlled by NCI. These include applications hosted on other non-government websites and those embedded on an NCI webpage.

As part of the Open Government Directive, NCI uses a variety of new technologies and social media tools to communicate and interact with our audiences. Use of some of these applications could cause personally identifiable information (PII) to become available or accessible to NCI, regardless of whether NCI solicits or collects it. The table below lists the websites and applications we use. If any of these sites or applications collect PII, we describe what is collected and how NCI protects the information.

Types of Third-Party Websites and Applications
Third-Party Website and Application How It Works
AddThis

AddThis allows you to bookmark and share our content on a variety of social media sites. You do not need to register or provide any personal information. The AddThis service providers collect non-personal data, including aggregate and summary statistics on browsers and usage patterns.

AddThis also uses non-personal data to manage the service efficiently and diagnose server problems. Although AddThis offers some analytics and usage data to NCI, these reports do not include any personally identifiable information. The reports are password protected and only available to NCI managers, members of the NCI Communications and Web Teams, and other designated staff requiring this information to perform their duties. (See AddThis Privacy Policy.)

Bit.ly NCI uses Bit.ly to shorten long URLs for use in email messages, Twitter feeds and on Facebook pages. Bit.ly collects and provides data on how often you as an email recipient or Facebook/Twitter user, click on the shortened URLs distributed by NCI staff. Bit.ly analytics show how many people clicked on the URLs posted by NCI, compared to the total number of clicks on the shortened URLs. Bit.ly analytics do not provide any PII about the visitors who open the shortened links. (See Bit.ly Privacy Policy.)
Eventbrite NCI uses Eventbrite for online event registration. To register for an NCI event using Eventbrite, you may be required to provide PII so that the NCI event management staff may contact you with details pertaining to the event. PII could include your name, email address, telephone number, and job title. NCI staff does not disclose any information about people who register for NCI events. (See Eventbrite Privacy Policy.)
Google+ NCI has one main Google+ page—National Cancer Institute.NCI's Google+ pages are managed by NCI staff members who post news and other items of interest to be consumed by the public. If you have a Google+ account, you can log in to your account to post comments, and '+1' NCI's Google+ pages and individual entries. If once you click on the NCI Google+ site, you comment or click on the '+1' button, your PII will be visible to NCI staff and other Google+ site visitors. The amount of visible personal information displayed will depend on your own Google+ privacy settings. You can completely avoid displaying any PII by not creating a Google+ account, not posting comments, not clicking on the 'like' options, or interacting with NCI's Google+ site in any way (i.e., private messaging, sharing NCI posts, etc.). NCI staff do not collect, use or disclose any information about visitors who comment or 'like' the NCI Google+ site. However, as a practice, comment moderator policy requires the removal from NCI Google+ pages of any comments that contain spam or are improper, inflammatory, or offensive. (See Google+ Privacy Policy.)
GovDelivery Subscription Management NCI uses GovDelivery to send e-newsletters, alerts and other messages to visitors who subscribe to them. To subscribe to receive an NCI product, you must provide an email address and indicate your subscription preferences, including the items you want to receive. The email subscriber lists are password protected by GovDelivery. Only the NCI managers who send newsletters, alerts, or memos via GovDelivery and the staff members who monitor the results of email initiatives have access to the subscriber lists. GovDelivery never allows access to the subscriber lists to anyone outside of NCI for any purpose. GovDelivery collects and provides non-identifying information about the number of messages sent, clicks, and open rates. This information is password-protected and only available to NCI Managers, System Owners, Communications Staff, Web Teams, and other designated staff who require this information to perform their duties. (See GovDelivery Privacy Policy.)
Instagram NCI primarily uses Instagram to make images from our online image library more widely available to the general public and to educate the public about cancer research. While you may view the NCI Instagram feed without subscribing, if you want to subscribe to (or follow) NCI’s Instagram feed, you must create an Instagram account. To create an account, you must provide some personal information, such as your user name, password and email address. You have the option to provide additional personal information including your name, a biography or a picture. Most information you provide for an Instagram account is available to the public, but you can modify how much of your information is visible by setting your account to Private. NCI staff members monitor the number of subscribers and respond to comments and queries via Instagram, but the staff never takes possession of the personal information belonging to you as an Instagram follower. However, as a practice, comment moderator policy requires the removal from the NCI Instagram pages of any comments that contain spam or are improper, inflammatory, or offensive. The information is then saved on a password-protected shared drive accessible to NCI Managers, System Owners, Communications Staff, Web Teams, and other designated staff who require this information to perform their duties. (See Instagram Privacy Policy.)
LinkedIn NCI uses the “groups” feature on LinkedIn to engage with current and past employees and members of the public. In order to join an NCI group on LinkedIn, you must register for a LinkedIn account and provide your first and last name and e-mail address. Upon confirmation of your email address, you must provide LinkedIn with information regarding your employment, country, zip code, job title, etc. The amount of visible personal information will depend on your LinkedIn user privacy settings. You can completely avoid displaying any PII by not creating a LinkedIn account, not joining NCI LinkedIn groups, or not interacting with NCI LinkedIn groups in any way (i.e., private messaging, posting on group pages, etc.). Although NCI staff managing LinkedIn groups may view the information you provide when you submit a request to join NCI LinkedIn groups, NCI staff does not collect, use, or disclose any of this information. (See LinkedIn Privacy Policy.)
Submittable NCI uses Submittable for online event registration. To register for an NCI event using Submittable you may be required to provide PII so that the NCI event management staff may contact you with details pertaining to the event. PII could include your name, email address, telephone number, and job title. NCI staff do not disclose any information about people who register for NCI events. (See Submittable Privacy Policy.)
Twitter

NCI uses Twitter to send short messages (up to 140 characters) or “Tweets” to share information about NCI with our audiences and respond to comments and inquiries sent via Twitter to NCI. While users may read the NCI Twitter feeds without subscribing to them, users who want to subscribe to (or follow) NCI Twitter feeds must create a Twitter account at www.twitter.com.

To create an account, you must provide some personal information, such as name, user name, password, and email address. You have the option to provide additional personal information including a short biography, location, or a picture. Most information you provide for a Twitter account is available to the public, but you can modify how much of your information is visible by changing your privacy settings at the Twitter.com website.

NCI staff members monitor the number of subscribers and respond to comments and queries via Twitter, but the staff never uses the personal information of their Twitter followers. NCI does not collect, maintain, disclose, or share any information about people who follow NCI on Twitter. (See Twitter Privacy Policy.)

YouTube

NCI videos introduce you to many different aspects of the research that NCI supports and connect you to our research-based information resources. Some videos feature stories from researchers, cancer patients, and their caregivers. Others seek to explain NCI's major research programs. Most of these videos are available on NCI's websites as well. (See YouTube.com Privacy Policy.)

To be notified when NCI adds new videos, users with YouTube accounts can subscribe to the NCIgov channel. NCI staff members monitor the number of subscribers and may respond to comments and queries on YouTube, but NCI does not collect, maintain, disclose, or share any information about people who follow NCI on YouTube.

  • Updated: July 27, 2017