Privacy Policy
NVQAA# 05-22
Privacy, Confidentiality & Security
1. POLICY
This policy establishes the privacy, confidentiality, and security within the National
Virtual Quality Assurance Association (NVQAA).
2. JUSTIFICATION
a. This policy exists to describe the privacy, confidentiality, and security for
healthcare quality professionals interested in pursuing the certificate programs offered
by NVQAA and the program’s primary stakeholders.
b. NVQAA is dedicated to protecting and processing information with full caution
and confidentiality. All information whether electronically, paper, or any other storage
device will be treated securely and with privacy.
c. Website content is intellectual property protected by law. Information provided
may not be re-used without our explicit permission, except for private or other personal
use within the limitation of data protection laws.
d. We collect personally identifiable information only with the consent of the
person and ensure that the data collected is used only for the stated purpose.
e. Creating an account and becoming a member or client of NVQAA, you are
required to fill out an electronic form for which we are not held responsible. We ask for
your consent to send you information only regarding training courses, membership
news, webinars, and other content regarding our services.
3. RESPONSIBILITIES
a. NVQAA Personnel. Will have access to a variety of confidential, sensitive, and
propriety information. All staff must actively protect and safeguard confidential,
sensitive, and proprietary information.
b. Information received and obtained will be treated as confidential and will not be
disclosed without written authorization unless covered under existing agreements or
required by legal process.
c. Information security safeguards are provided to ensure protection of all
administrative, physical, and technical safeguards to include passwords, computer
storage devices, sensitive data, only accessing information by authorized staff with a
NVQAA# 05-22
need to know, only installing authorized applications, and reporting any security
vulnerabilities or breaches immediately to the information security support system.
d. Ensuring firewalls are always in place and active to prevent any security
breaches.
e. Reporting security breaches as soon as aware to the Compliance officer or
designee.
f. Checking and monitoring the general health of the networks utilized by NVQAA
staff.
g. Ensures that access to the personal data of certificate holders, will nit be shared
or provided to unauthorized parties.
h. Data will be stored electronically, and will be protected from unauthorized,
accidental deletion, and malicious hacking attempts by utilizing a password for
protection and uploaded to an approved cloud computing service.
i. Not storing data to laptops or personal devices
4. DEFINITIONS
a. Privacy. Ability of individuals to control access to themselves or information
about themselves or information about themselves and thereby reveal themselves
selectively.
5. REFERENCES
a. Standards Practice for Certificate Programs. ANSI E2659-18. Downloaded
12/12/2022.
6. RESCISSION
None
7. REVIEW
This policy will be reviewed at minimum annually by the Advisory board and at
recertification and including when there are changes to the governing document.
NVQAA# 05-22
8. RECERTIFICATION
This NVQAA policy is scheduled for recertification on or before the last working day of
December 2027–five (5) years from effective date. This NVQAA policy will continue to
serve as local policy.
9. SIGNATORY AUTHORITY
Saundra Glenn Elmore, DNP MSN RN CPHQ
CEO
Date Approved: December 2022
NOTE: The signature remains valid until rescinded by the CEO