• Infectious Diseases Education and Assessment (IDEA): A platform that all curricula utilize to provide services. 

  • IDEA Team: Based entirely out of the University of Washington. Individuals with direct access to data include a Software Engineer, a Data Manager, a Data Scientist, a Continuing Education Coordinator, and an Editor-in-Chief (listed in order of access to data for daily operations).

  • HIV Participant Form: Used on the National HIV Curriculum website to collect background information on an individual utilizing the curriculum.

  • HCV Participant Form: Used on the Hepatitis C Online website to collect background information on an individual utilizing the curriculum.

  • HBV Participant Form: Used on the Hepatitis B website to collect background information on an individual utilizing the curriculum.

  • Health Participant Application for Training (HPAT): Used on the National STD Curriculum to collect background information on an individual utilizing the curriculum.

  • Continuing Education (CE): either Continuing Nursing Education (CNE) credits or Continuing Medical Education (CME) contact hours for verification of continuing training by health professionals.

  • OMB and NIST guidance: The White House Office of Management and Budget (OMB) Circular A-130, Managing Information as a Strategic Resource; and National Institute of Standards and Technology (NIST) Special Publication (SP) 800-44 Version 2. Guidelines on Securing Public Web Servers.

What information is retained about you on an IDEA Curriculum, and how is it stored?

If you create an IDEA account and sign-in, we store:

  • your account information (e-mail, name, PF/HPAT), 

  • your scores and responses, and 

  • a log of your actions.

This information is kept indefinitely by the IDEA team. It is stored in an encrypted database. The sensitive data in the PFs/HPATs (the month and year of your birthday) is further encrypted within the database.

Our databases and your PF/HPAT records utilize industry standard AES-256 encryption and are fully compliant with OMB and NIST guidance for data-at-rest encryption. Our servers utilize industry standard encrypted SSL connections (SHA-256 with RSA Encryption) and fully comply with OMB and NIST guidance for data-in-use encryption.

Who has access to your account information?

Unless you join a Learning Group, your account information is only available to the IDEA team. 

We use a third-party analytics provider to help us provide timely support for you and better understand your usage of our curriculum. In particular, we provide a limited amount of your publicly available information to Intercom, Inc. (“Intercom”) and utilize Intercom to collect data for analytics purposes when you visit our curriculum. Specifically, Intercom receives:

  • your first and last names,

  • your e-mail address,

  • your job title, and

  • the highest degree you obtained.

Intercom DOES NOT receive any information from the PF/HPAT form. We also do not use, and have Opted-Out of, Intercom's social media functionality.

Intercom analyzes your use of our curriculum and tracks our relationship so that we can improve our service to you. We also use Intercom as a medium for communications, either through email, or through messages within our site. For more information on the privacy practices of Intercom, please visit Intercom’s services are governed by Intercom’s terms of use which can be found at

If you join a Learning Group:

Learner progress data is shared with Management Team members of the Learning Groups. Below are the four different Learning Group roles:


Management Team:

  • Owner: Creates the group; writes info describing the group to orient learners; invites and removes learners; accesses all available data (see Data Access below); and invites additional managers and evaluators to help manage group functions.

  • Manager: Invites and removes learners; and views and tracks individual learner progress (see Data Access below).

  • Evaluator: Accesses data about individual learners and aggregate group-level data for reporting purposes (see Data Access below).


  • View their own scores, progress, and completion data, and other group learners’ recent activities if that feature is enabled; may be part of multiple groups at the same time; can remove themselves from group(s) at any time, which deletes their progress within the group. A learner may also request to have their IDEA account be permanently deleted.

Data Access

Owner, Managers, and Evaluators have access to group members’ first and last name, job title, e-mail address, Account Icon (an optional avatar image uploaded by a learner), and progress data.

If the Recent Activity feature of a group is enabled, the learner can choose to share their first and/or last name, and/or Account Icon with other learners in the group. They can choose to remain anonymous within the group, but the Management Team always has access to the first and last names of group members.

Who has access to your PF/HPAT data?

The unique responses that you provide on the PF/HPAT form are only available to you, the IDEA Data Manager, and the IDEA Software Engineer.

The de-identified data from PF/HPATs is shared with our government funders  per grant reporting requirements. Each curriculum only shares data with its direct funder.

Who has access to your progress, scores, and responses?

Your progress, scores, and responses are only available to the IDEA team, EXCEPT WHEN: 

  • you print a Certificate of Completion and present it to a third-party. The third-party will be able to see the your progress on the certificate, AND be able to access a digital copy of the certificate to verify its authenticity.

  • you join a Learning Group. The Management Team of that group will be able to see your progress and scores. Responses to discrete questions are NOT shared with the group (e.g. the Management Team would see a score of 3/5 on a quiz, but not which questions were answered incorrectly).

  • you join a Learning Group with Recent Activity enabled, and choose to share your first or last name. Other members of the group would see partial progress from your account, and could theoretically reconstruct a larger picture of your progress by monitoring the Recent Activity feed (only the most recent 25 actions by all group members are displayed on the feed).

The aggregate, summary-level progress of all individuals on the curriculum may be made available to others outside of the IDEA Team for reporting and evaluation purposes, e.g. number of Continuing Education (CE) credits claimed across all parts of the curriculum.

The IDEA team does not share the discrete progress, scores, and responses of any particular individual with any third parties outside of the exceptions listed above.

How will the IDEA team use your name and e-mail address?

The IDEA team will not sell or share your name or e-mail address with any third party. 

You may receive e-mails from each Curriculum that are essential to the functionality of that Curriculum (group invitations, password resets, activation codes, etc.). You cannot unsubscribe from these e-mails. 

Constant Contact

Your name and e-mail address may be used for infrequent communications regarding updates on the Curricula. These updates are sent to your e-mail via the Constant Contact platform. You may unsubscribe from these e-mails.

Can I delete my IDEA account and data?

Yes, your IDEA account can be permanently deleted. You must contact us and request your account to be deleted.

If your account is deleted, the log of actions that you take on the Curricula will be anonymized and retained to help improve our Curricula. 

We will not be able to delete any data that has already been aggregated and reported to our funders, nor any data that has been obtained by the Group Management team for Learners in their groups. 

Did this answer your question?