Privacy Policy

The Illinois State Medical Society, its affiliates and subsidiaries ("ISMS"), is committed to protecting and respecting your privacy. This policy applies to personal information provided directly to ISMS or personal information collected on the ISMS website. The policy describes how ISMS handles the personal information obtained from our applications, websites, portals, and products and services that collect data. This policy establishes the type of personal information we collect, how we collect it, how we use it, why we use it, who we share it with, and the rights to which you are entitled. Please note that if state law is more protective of an individual's privacy than federal privacy law, we will protect personal information in accordance with state law while also meeting federal requirements.

General Statement

Protecting your privacy is a matter of great importance to ISMS. ISMS maintains processes and procedures, both physical and electronic, in order to safeguard your personal information and to comply with federal and state laws. Personal information we obtain from you, and personal information you voluntarily provide to us through ISMS websites, shall be treated in accordance with this policy and, may be used to provide you with personal information we believe may be of interest to you. We may also share the personal information with third parties who provide services to us. We retain your personal information securely in our database and will only keep your personal information for a reasonable period of time, or until you provide us notice of your desire for it to be removed or limited.

Sources of Personal Information

We obtain the categories of personal information listed above from the following categories of sources:

  • Directly from Consumer - For example, personal information provided in an application or in a request on any of our website(s) or through interactions with an employee or our customer service center.
  • Indirectly from Consumer - For example, personal information including, IP address, cookies and device ID when a consumer visits our website(s), uses our social media sites, interacts with our online advertisements or uses our mobile application(s).
  • Directly and indirectly from activity on our website - For example, personal information from the internet or other electronic network activity from submissions through our website portal or website usage details collected automatically and from a browser or device.
  • Provided by third-party service providers - For example, personal information provided by third-party service providers to service accounts or website functions.
  • Obtained from government entities and consumer reporting agencies - For example, personal information from public records, government entities, consumer reporting agencies, and insurance claims history.

We do not disclose personally identifiable information collected through our site unless we have your consent, or unless disclosure is otherwise permitted or required by law. Credit card transactions enabled by our website are processed through a PCI DSS certified credit card processing company. We do not collect or retain credit card information through our website. The privacy policy of the processing company controls the information they retain.

Categories of personal information we may collect about you:

  • Contact Information, such as first and last name, email address, telephone number, or mailing address.
  • Employment Information, such as employment history, qualifications, licensing, or disciplinary records.
  • Characteristics of protected classifications (e.g., gender, age)
  • Educational Information, such as education records or transcripts.
  • Financial Information, such as bank account number, or credit history.
  • Government Issued Identifiers, such as social security number, driver’s license number, state identification number, or medical license number.
  • Service Related Information, such as demographics, loss history, or loss exposure.
  • Criminal History, such as convictions or court judgements.
  • Internet Network Activity, such as IP address, internet service provider, operating system, site from which you arrived, date and time of your visit, browsing history, clickstream data, or search history.
  • Geolocation data (e.g., latitude or longitude)

Information Gathered Automatically (Cookies)

Our website uses "cookies" or other technologies to collect certain information about visitors and users to help us customize and enhance your online experience. By consenting to the use of cookies, you consent to our website using cookies in order to differentiate you from the other users of our website. Cookies are text files individually assigned to a user and can only be read by the web server in the domain that issued the cookie to you. Some information such as your Internet Protocol (IP) address, Internet service provider, operating system, the site from which you arrived, geolocation information, and the date and time of your visit may be collected automatically as part of the software operation of the website. In addition, we may collect information about your browsing behavior on our website, such as the amount of time you spent viewing a webpage or the number of times you returned to the website.

ISMS uses Google Analytics, a web analytics service for the purposes of evaluating your use of the website, compiling reports on website activity, and providing other services related to Internet usage. Google Analytics will not associate your IP address with any other information held by Google Analytics.

You may refuse the use of cookies by selecting the appropriate settings on your browser; however, doing so may prevent you from using the full functionality of the website. By using this website, you consent to the processing of data about you.

How We Use Your Information

All personally identifiable information will be managed in accordance with applicable law. We do not disclose personal information collected through our site unless we have your consent or unless disclosure is otherwise permitted or required by law. Credit card transactions enabled by our website are processed through a PCI DSS certified credit card processing company. We do not collect or retain credit card information through our website. The privacy policy of the processing company controls the information they retain.

We use the following categories of personal information collected for a variety of business reasons such as:

  • Performing services - such as to establish, maintain, or service accounts; tailor web content to match browser capability; personalize services and products; send marketing communications; respond to inquiries; and provide information about related products and services;
  • Auditing services related to a current interaction with you on our website - such as to count ad impressions to unique visitors, verify positioning/quality of ad impressions, and audit for compliance; and
  • Protection and compliance services - such as to detect security incidents; protect against malicious, deceptive, fraudulent, or illegal activity; protect against unauthorized use; prosecute those responsible for illegal activity; and to comply with applicable laws.

How We Share Your Information

The personal information collected about our customers, former customers, applicants, and employees, will only be disclosed as permitted or required by law. ISMS is the sole owner of all personal information obtained through our websites. ISMS shares and discloses personal information with its affiliates and subsidiaries to better serve you, including for the activities listed above. Any affiliates, subsidiaries, or third parties who perform services for us are required to safeguard any personal information that they process on our behalf.

The categories of third parties to whom we may have disclosed personal information for a business purpose include:

Authorized Third Party Service Providers

We may, in the ordinary course of business, disclose personal information to service providers who are contractually restricted from using or disclosing the provided personal information except as necessary to perform the services on our behalf or to comply with legal requirements.

Legal Requirements and Business Transfers

We may disclose personal information when required by law, statute, rule, regulation, or professional standard; such as to respond to a subpoena, search warrant, legal request; to law enforcement authority or other government official requests; to consumer reporting agencies as permitted by law; to prevent physical harm or financial loss; to investigate suspected or actual illegal activity; to medical professionals or institutions to verify coverage or conduct operations as part of a company audit, or to investigate a complaint or security threat.

At your direction or request

We may disclose personal information when you provide consent, such as sharing information with third parties (e.g., if a consumer provides explicit, opt-in consent to the sharing and use of data with a specifically identified third party partner, such data may be shared and used by ISMS and/or the third party partner as described at the time consent is obtained, including for targeted advertising or advertising measurement purposes).

Following are some examples of how we may disclose personal information:

  • We must exchange personal information about you with persons who are or will become involved in processing your application and servicing your membership.
  • We disclose your personal information to persons or organizations as necessary to perform transactions you request or authorize.
  • We may share personal information with persons or organizations that we have determined need the personal information to perform a business or professional function for us. These include businesses that help us with administrative and marketing functions. All of these entities are obligated to keep the personal information that we provide to them confidential and to use the personal information only for the purpose for which the personal information was provided.

Protection of Personal Information

All personal information collected by ISMS shall not be retained for longer than is reasonably necessary and proportionate to achieve the business purpose for which it was collected. ISMS manages personal information in compliance with legal retention requirements, such as those set out in applicable federal and state laws.

Access to your personal information is restricted only to those employees who need it to provide products or services to you. All employees are required to undergo regular training and education on how to safeguard personal information. All employees are required to sign confidentiality agreements to further protect your personal information. ISMS has implemented the appropriate physical, electronic, and administrative procedures to protect the personally identifiable information we collect. The forms used on our website to collect personally identifiable information are secure and encrypted.

However, when communicating via email, ISMS is not responsible for the privacy of the messages in either direction. ISMS cannot guarantee the security of any personal information you choose to disclose in an email. If you wish to communicate with ISMS via a secure email system, we can provide you with login information so that the communications can be secure.

Protected Health Information (PHI)

ISMS uses appropriate safeguards to prevent unauthorized use or disclosure of Protected Health Information (“PHI”) other than as permitted or as required by the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) or other applicable laws. ISMS utilizes administrative, physical, and technical safeguards that reasonably and appropriately protect the confidentiality, integrity, and availability of PHI that it receives.


ISMS will not deny services, charge different prices, or provide a different level or quality of services, as a result of any request regarding your personal information.

Changes to this Policy

ISMS reserves the right to change this Privacy Notice at any time. If any changes are made to this Notice, they will be posted online at with a link to the revised policy on the homepage of this site. When a policy is changed, the date at the end of the policy will be changed to reflect the new effective date. Any changes will become effective upon posting of the revised policy as described. Your continued use of this site shall be deemed your acceptance of the modified revised privacy policy.

Contact Us

If you have questions about this privacy statement or the practices of this website, please contact us at Illinois State Medical Society, 20 North Michigan Ave., Suite 700, Chicago, Illinois 60602; 1-800-782-4767 ext #2055; or

CME Privacy

We respect your privacy, and take great care to safeguard your Continuing Medical Education (“CME”) information in our possession. The protection and proper use of your personal information is of utmost importance.

Member information (including email addresses) is not shared outside of our direct CME affiliates and partners. Any third-party companies used to provide you with CME products or services are required to keep your information secure and confidential. If you have any other questions or concerns regarding access to or use of your CME information, please email us at

Last revised January 1, 2023

Cookie Consent

Cookies are required for some functionality on our site. View our privacy policy for more information.