CDC Vessel Sanitation Program Privacy Policy



The Centers for Disease Control and Prevention (CDC) and Vessel Sanitation Program (VSP) are committed to maintaining your privacy and protecting your personal information when you visit VSP websites. With respect to the collection, use, and disclosure of personally identifiable information (PII), CDC complies with all applicable federal laws.

The VSP privacy policy is clear:

• VSP does not collect any personally identifiable information (PII) when you visit any VSP website.
• Non-PII information you provide during your visit to our websites is collected and stored for immediate use and long-term reference.

Here is how we handle information about your visit to our website:

Regarding information received and retained by VSP, and information you give us - None of the information collected on VSP websites is PII.

Visits to CDC.gov or CDC content:

VSP does not collect any information related to you browsing our websites. When browsing, reading pages, or downloading information from the CDC website we collect only the data your provide, which does not include PII.

• We do not collect your Internet domain (for example, “xcompany.com”).
• We do not collect your IP address
• We do not collect information about your computer or mobile device (e.g., type and version of web browser, operating system, screen resolution, and connection speed)
• If you submit a report, we collect the date and time you submit the data
• We do not collect information about the pages or screens accessed or visited
• We do not collect the number of times you access our websites
• We do not collect the amount of data (measured in number of bytes) transmitted from our website to your computer
• We do not determine whether or not you have set a VSP website as your home page
• We do not collect the internet address or URL of the website visited immediately prior to visiting a VSP website

Using CDC’s Application:

VSP does not have any way of identifying you personally when you access our websites.

How Information is used:

Any information we collect is used solely for the purpose of monitoring GI illnesses on cruise ships, and for examining trends of GI illnesses.

Sharing of this Information:

Information you choose to share with the VSP may be treated as public information. We may, for example, publish compilations of GI illness data and aggregate industry reports, and provide them to national leaders, members of the press, or other individuals outside of the Federal Government.

Data Retention:

VSP retains data you submit indefinitely for reporting and analysis purposes, and to be able to respond to Freedom of Information Act requests, court orders, or Congressional access requests, or if authorized by a Privacy Act System of Records Notice (SORN). It is subject to the Privacy Act if maintained in a Privacy Act system of record.

Cookies:

VSP websites may use cookies, but the information passed in the cookie is not PII, and cookie data is used only to facilitate movement between pages on the VSP site.

Security:

All CDC data, including VSP websites, are maintained by the U.S. Government and protected by various provisions of Title 18 of the U.S. Code. Violations of Title 18 are subject to criminal prosecution in Federal court. At CDC, reasonable precautions are taken to protect CDC’s digital platforms, including information automatically collected by or voluntarily submitted to CDC.gov or an official CDC page on a third-party site. For example, we restrict access to personally identifiable information to employees, contractors, and vendors who require access to this information in order to perform their official duties, and exercise controls to limit what data they can view based on the specific needs of their position. Access to official CDC accounts on third-party sites is limited to the individuals who administer those accounts, and all official CDC accounts are clearly labeled.

Also, commonly used practices and technical controls are utilized to protect the information in our possession or control. These practices and controls include, but are not limited to: encrypting the transfer of information over the internet via secure sockets protocols such as Transport Layer Security (TLS), Secure Sockets Layer (SSL) etc., using high-strength firewalls and intrusion detection systems (IDS) to safeguard information, and maintaining strict technical controls and procedures to ensure the integrity of all data. We periodically review our processes and systems to verify compliance with industry best practices and to ensure the highest level of security.

Contact Privacy Office:

If you have any questions regarding VSP’s privacy policy or need further information, please contact CDC Privacy Office at mailto:privacy@cdc.gov, or call 770-488-8660.

Updates to This Privacy Policy:

We will revise or update this policy from time to time. If we make significant changes to how we handle personal information, we will post changes to the policy on our site and change the date at the bottom.