ECFMG|FAIMER Privacy Notice

Last Updated: August 9, 2021

ECFMG®|FAIMER® is committed to protecting the privacy and security of your Data, including Personally Identifiable Information (“PII”) (collectively “Data”). For purposes of this Privacy Notice (“Privacy Notice”), ECFMG|FAIMER refers to: Educational Commission for Foreign Medical Graduates (“ECFMG”), Foundation for Advancement of International Medical Education and Research (“FAIMER”), and Clinical Skills Evaluation Collaboration (“CSEC”) (hereinafter referred to collectively as “ECFMG|FAIMER,” “we,” “us,” or “our”). This Privacy Notice explains how we collect, process, use, and disclose your Data (i) in connection with, and in support of, our programs and services; (ii) in connection with your participation in ECFMG|FAIMER-related educational and professional forums and collaborations; (iii) in support of our research endeavors; and/or (iv) in connection with an application for employment with ECFMG|FAIMER.

Acceptance of Privacy Notice

Your use of the ECFMG|FAIMER websites, programs and services, mobile applications, and related administrative processes signifies your understanding and acceptance of the terms of this Privacy Notice. If you do not agree to the terms of this Privacy Notice, please do not submit your PII or any PII you are responsible for to ECFMG|FAIMER or use its websites, programs and services, and mobile applications. Further, your continued use of ECFMG|FAIMER websites, programs and services, and mobile applications following our posting amendments to the Privacy Notice signifies your acceptance of the Privacy Notice as amended.

Nature of Services Provided

ECFMG|FAIMER provides programs and services to individuals and to organizations including certification, professional verification, credentialing, training, educational opportunities, and visa sponsorship. ECFMG|FAIMER also collaborates in research, publications, and educational opportunities and makes employment opportunities available to individuals seeking to join our teams.

PII and Other Data We Collect

We collect PII and other Data either directly from you, through automatic technologies, and from third parties or publicly available sources, as follows:

Data Collected from You

In most instances, collection of this PII is required for ECFMG|FAIMER to provide the requested opportunities and/or programs and services, or in other instances may be required by law. Non-provision of certain information may bar our ability to provide you with these opportunities and/or the requested programs and services.

Data Collected Automatically

ECFMG|FAIMER websites and mobile applications collect certain Data about you automatically, using certain passive technologies. Such Data includes technical information about browser type, areas of the site visited, date and time of access, and related data in order to improve the overall quality of your on-line experience. These passive technologies include:

Data Collected from Third Parties

We may also use or supplement the Data we have about you with information provided by other sources, such as the USMLE program, National Board of Medical Examiners® (NBME®), the National Resident Matching Program® (NRMP®), American Medical Association (AMA), Federation of State Medical Boards (FSMB), Association of American Medical Colleges (AAMC), Accreditation Council for Graduate Medical Education (ACGME), the Department of State (DOS), the Department of Homeland Security (DHS), medical schools, graduate medical education and training programs, current and former employers, licensing and regulatory authorities, professional organizations, and other organizations with which we collaborate in the provision of our programs and services. Where such information is received, ECFMG|FAIMER will only use that data for the limited purposes for which it was provided to us.

How We Use Personal Information

ECFMG|FAIMER may use your PII to:

ECFMG|FAIMER uses e-mail addresses collected for administrative and promotional purposes. Administrative e-mails are necessary to keep Users informed about critical aspects of programs and services. These must be received by Users in a timely manner. Therefore, the option to unsubscribe from administrative e-mails and alerts is not available to Users. However, if you wish to opt-out of promotional e-mails, please follow the unsubscribe instructions provided within individual newsletters and/or promotional e-mails.

ECFMG|FAIMER reserves the right to aggregate PII provided by Users for statistical analysis and on-going research in accordance with our mission. To this end, ECFMG|FAIMER compiles PII into aggregated data groups. ECFMG|FAIMER may de-identify or pseudonymize the PII for statistically accurate data analysis without risking exposure of PII. Such data groups may then be shared with business partners, service providers, and/or vendors of ECFMG|FAIMER or published on our website, in academic journals, or in presentations.

Basis for Processing PII

Applicable law in certain countries, including but not limited to countries in the European Economic Area, require that we collect and process PII only where we have an identified lawful basis to do so under applicable law. Depending on the program and service and/or opportunity provided and/or the processing activity involved, we collect and process your PII only where we have one of the following lawful bases to do so:

Where we process “special” or “sensitive” categories of PII, as defined by the General Data Protection Regulation, we do so only: (i) where you have given us your explicit consent to carry out such processing; or (ii) as otherwise permitted by law.

If you have questions or concerns about the lawful basis for which we collect and process your PII, please contact privacy@ECFMG.org or privacy@FAIMER.org.

Personal Information of Minors

Except as noted below, minors (i.e., persons under 18 years of age) are not eligible for participation in ECFMG|FAIMER programs or services, and/or employment opportunities. Therefore, ECFMG|FAIMER does not intentionally collect PII from minors. If ECFMG|FAIMER identifies that a minor has submitted PII, we will take all reasonable steps necessary to delete the PII from our databases and not use or retain it for any purpose. Further, if you believe a minor has submitted PII to ECFMG|FAIMER, please contact us at: privacy@ECFMG.org or privacy@FAIMER.org.

ECFMG|FAIMER provides visa sponsorship for authorized foreign national physicians and unmarried, minor dependents of such authorized foreign national physicians under the age of 21. Under such sponsorship and to meet J-1/J-2 visa requirements, ECFMG|FAIMER must collect PII of minor dependents for U.S. government agencies; however, such information is collected from the authorized foreign national physician, not the minor dependent.

Data Retention and Destruction

ECFMG|FAIMER retains your Data for as long as necessary to fulfill the purposes we collected it for, for the duration of our business relationship with you, and in accordance with our Data Retention and Destruction Policy. ECFMG|FAIMER may maintain a lawful basis for retaining certain PII indefinitely, for example, where ECFMG|FAIMER services are benefiting the public interest in the area of public health, such as through verification of professional credentials. PII deleted from our active database in accordance with our Policy may be retained in de-identified format for research, data aggregation, and statistical purposes.

How We Disclose and Share PII

We may disclose and share your PII with third parties, as follows:

To Parties Authorized by Users

Fulfillment of ECFMG|FAIMER’s programs and services or other opportunities often requires disclosure of PII to third parties. In such instances, Users provide explicit consent to such ECFMG|FAIMER-defined uses and disclosures, and ECFMG|FAIMER discloses limited and necessary PII about Users. Such disclosures may be made to the following, as applicable:

There may be circumstances where you would like information in your ECFMG|FAIMER records to be disclosed to a third party, such as a friend or family member. We will not disclose your information to such individuals unless you have authorized us to do so.

ECFMG|FAIMER may also disclose PII to third parties, such as hospitals or medical regulatory authorities, where you have given such third parties authorization to obtain such information from ECFMG|FAIMER.

To External Third Parties Under Contractual Relationships with ECFMG|FAIMER

ECFMG|FAIMER may disclose or provide access to your PII with vendors and service providers, including but not limited to the following:

Where such disclosures are made, they are governed by agreements (such as confidentiality agreements, data sharing agreements, and data processing agreements) that require protection of your PII and that only permit use of your PII in a manner consistent with this Privacy Notice.

To Protect Our Legal Rights and Interests or Where Required by Law

ECFMG|FAIMER may disclose PII to respond to valid subpoenas, court orders, legal processes, medical or other regulatory authority inquiries and investigations, or other governmental inquiries and investigations; to exercise our own legal rights to defend against legal claims/suits; to investigate, prevent, or take action against illegal activities, suspected fraud, or situations involving potential threats to the physical safety of any person or the general public; or as otherwise required by law.

In the Event of a Change in Corporate Status

In the event that ECFMG|FAIMER is involved in a merger, acquisition, sale of assets, bankruptcy, and/or reorganization, your Data may be sold or transferred as part of that transaction. Any Agreement with such new entity or receiver will include appropriate privacy protections.

No Disclosures for Direct Marketing and Advertising

At this time, ECFMG|FAIMER does not disclose, sell, rent, license, grant access to, or trade PII with third parties for direct marketing.

Cross-Border Transfers of PII

All PII collected and/or received by ECFMG|FAIMER is stored and maintained on servers in the United States, where national and state privacy laws may not afford the same level of protection as where you reside. Further, fulfillment of many of our programs and services require the cross-border transfer of PII from ECFMG|FAIMER to other countries, for example, to verify an individual’s credentials and/or to provide information to international medical regulatory authorities; similarly, the national and state privacy laws in those countries may not afford the same level of protection as where you reside. By using ECFMG|FAIMER’s programs and services, you consent to the transfer of information to countries outside your residence, including but not limited to the United States, and acknowledge that your personal information will be processed in the United States. ECFMG|FAIMER also employs cross-border transfer safeguards (including but not limited to standard contractual clauses) as applicable and appropriate to protect the privacy and security of your PII, and to use it in a manner strictly consistent with the purposes for which it is provided.

Data Privacy and Security

ECFMG|FAIMER has implemented reasonable administrative, technical, and organizational safeguards to protect against foreseeable risks of unauthorized access, use, disclosure, destruction, or modification of PII and its information systems.

Please note, however, that despite the best efforts of ECFMG|FAIMER, the confidentiality and security of information and Data transmitted to/from ECFMG|FAIMER cannot be guaranteed as completely safe from intrusion.

Please do your part to protect the personal information that you share with ECFMG|FAIMER. Keep your username, password, or other authentication information secure and limit the dissemination of your account information to third parties to those circumstances where dissemination is absolutely necessary. If you believe that your username, password, or other information associated with your ECFMG|FAIMER account has been compromised, please contact us at: privacy@ECFMG.org or privacy@FAIMER.org.

Data Protection Rights

Depending on where you reside, your local privacy laws, including but not limited to the European Union’s General Data Protection Regulation, may provide you with certain rights with respect to your PII, as follows:

Access, Review, and Rectification

Some Users may have the right to access and review their PII collected and maintained by ECFMG|FAIMER, with limited restrictions. Users can submit a formal request for access and review by contacting privacy@ECFMG.org or privacy@FAIMER.org. All such requests will be tracked and responded to in a timely manner, not to exceed 30 calendar days from the date of the request. Most ECFMG|FAIMER services include password-protected portals where Users can review, correct, and update their PII in lieu of submitting a formal request.

Erasure and Restricting Processing

Under certain circumstances, some Users may have the right to request that their PII be deleted or removed from ECFMG|FAIMER’s systems. This right is not absolute. Many of ECFMG|FAIMER’s services are intended to prevent fraud and to serve the public interest in the area of public health. As a provider of these services, ECFMG|FAIMER may have a lawful basis to refuse User requests for erasure of PII and/or to refuse User requests to restrict or object to processing PII.

Filing Complaints

Applicable Users have the right to make a complaint to ECFMG|FAIMER by contacting privacy@ECFMG.org or privacy@FAIMER.org, and/or to request that ECFMG|FAIMER direct the User to relevant supervisory authorities to file a formal complaint.

Privacy Notices of Unaffiliated Third-Party Websites

This Privacy Notice applies only to ECFMG|FAIMER and ECFMG|FAIMER’s privacy practices. The ECFMG|FAIMER website and mobile applications include links to unaffiliated third-party websites and applications whose privacy practices may be different than ours. Users clicking on these links should be aware that they are leaving the ECFMG|FAIMER website and/or application and are accessing the unaffiliated third-party website. Users should review the Privacy Notice of the unaffiliated third-party website before engaging their services or products.

Changes to This Privacy Notice

This Privacy Notice may be amended from time to time as new features, programs, and services are made available, as laws and regulations change, or as otherwise necessary and appropriate. Notice about amendments to the Privacy Notice will be communicated by administrative e-mails, posted on-line, or by other appropriate methods. User access and/or on-going use of ECFMG|FAIMER programs, services, websites, and/or mobile applications after such amendments signifies acceptance of the Privacy Notice, as amended. The most current version of the Privacy Notice is available at www.ECFMG.org and www.FAIMER.org and includes the date the Privacy Notice was last updated.

How to Contact Us

If you have questions about the terms of this Privacy Notice or if you need more information, please contact ECFMG|FAIMER at privacy@ECFMG.org or privacy@FAIMER.org.

ECFMG|FAIMER
Attn: Privacy Office
3624 Market Street
Philadelphia PA 19104 USA
+(215) 386-5900

Back to top