The Patient Safety Group (PSG) is a division of QuestionPro, Inc. PSG helps healthcare organizations improve their safety culture by learning from their own staff. PSG provides patient safety and quality tools, including surveys taken by healthcare staff, because staff are often in the best position to notice safety and quality issues and suggest valuable steps for improvement.
PSG is committed to protecting the privacy of those who use our services.
Survey Responses from Healthcare Staff
PSG surveys are designed to protect the confidentiality of the healthcare staff who take them. The intent is to enable your healthcare system to learn from your input without knowing which responses came from you or from any other individual. While complete anonymity of survey responses cannot be guaranteed, our goal is to make the survey results anonymous before sharing them with the healthcare organization. Individuals’ responses to survey questions are aggregated (grouped) with the responses of others in the same organization to help prevent responses from being individually identified. Typically, responses for one department will be grouped together before they are shared with the healthcare organization management. However, in order to protect privacy, if a particular department is small, employees’ responses for that department may be grouped with data from other departments before the combined responses are shared with healthcare organization management.
In addition to multiple-choice questions, most surveys include the opportunity to provide free-text comments. (“Free-text comments” means a comment box where you can write in whatever you want, as opposed to just answering structured questions.) These comments can be very instructive to healthcare organizations. However, with free-text comments, there is an inherent risk that the details provided might end up identifying the person commenting. In order to reduce this risk, PSG will aggregate free-text responses as described above before providing them to management. Nonetheless, the details you provide in free-text comments may still allow others in your healthcare organization to guess your identity. Please take this into account when providing free-text comments.
Collection of your Personal Information
1. Information Collected from All Visitors to our Website
As background, cookies are small text files that websites can send to your browser, which your computer stores, that can automatically collect server domain names, IP addresses, type of computer, type of browser, and information about what pages are visited. You can set your browser to decline cookies or notify you before accepting cookies, although if you decline them, the website may not function properly. Web beacons are small bits of code embedded in web pages or emails that can be used to communicate with cookies, count visitors, and understand usage patterns.
2. Information Collected from Users Who Create an Account
While analyzing survey results, you may have the opportunity to add a comment or annotation, e.g., to document an idea you have about a potential improvement for your healthcare system. Colleagues in your healthcare organization who have the privilege to see any given data can usually also see annotations that have been made about that data, along with the name of the person who made the annotation. The purpose of these annotations is to facilitate collaborative analysis and problem solving within your organization. Please keep that in mind when adding comments or annotations.
Information Use and Sharing by PSG
Routine Uses and Disclosures
We will use the information you provide to communicate with you and provide services to you and your organization.
In the course of running our business, we share some personally identifiable information with third-party vendors, such as technology vendors. Such disclosures are subject to contractual controls over how they protect, use, and disclose the information.
With permission from the healthcare organization that sponsored the survey, we may publish or share de-identified copies of comments made by survey-takers. A federal medical privacy law named HIPAA (the “Health Insurance Portability and Accountability Act”) creates a standard for what it means to de-identify health data. Although we are not subject to that law, we meet or exceed the HIPAA de-identification standard when we de-identify comments prior to publishing or sharing them.
We will create statistical, de-identified information about how our users answer certain survey questions. We will allow healthcare organizations who use our services to compare their responses with benchmarks derived from this statistical, de-identified information. We may also publish such statistical, de-identified information, such as in a research article or an educational blog post.
Unusual Disclosures We Might Make Without Your Consent
We will disclose information based upon a reasonable belief that the disclosures are required by law, including information requested via subpoenas, discovery requests, and court orders.
We may disclose information to law enforcement authorities, the sponsoring healthcare organization, or others if we reasonably believe the disclosure is needed to respond to a threat of physical harm to patients or others, to defend or assert legal rights on the part of PSG or others, or in connection with an investigation of illegal, dangerous, or fraudulent activity.
We will only disclose personally identifiable information about you in the ways we explain here.
We are committed to maintaining the security of personal information. We use appropriate technical, administrative, and physical controls to protect personal information from loss, misuse, or alteration. If we share personal information with vendors, we subject them to strict contractual and legal controls regarding the protection, use, and disclosure of the information.
There is always some risk that unauthorized, wrongful, or illegal access to your information could occur or that data sent over the Internet could be intercepted. If you have a PSG account, we urge you to create a strong password and protect it carefully.
We do not knowingly collect personally identifiable information from children under 18 years old.
“Do Not Track” Disclosure
Some web browsers have a “Do Not Track” feature that lets a user have the browser notify websites that the user does not want to have his or her online activities tracked. PSG’s website currently does not respond to such browser-initiated signals.