This Site Improvement Monitoring System (“SIMS”, “we,” “us,” or “our”) mobile application and web site are provided as a public service by the Department of Defense HIV/AIDS Prevention Program and Walter Reed Army Institute of Research. Your privacy is important to us, and we are committed to protecting it. This Privacy Policy outlines how SIMS handles your information.

Information Collection, Retention, and Sharing

SIMS gathers performance data about sites that provide HIV/AIDS care and prevention for the purpose of improving the quality of HIV/AIDS care and prevention provided by the site.

Information SIMS Does Not Collect

The SIMS application does not collect, store, or share any private information, including but not limited to:

  • Personal Identifiable Information (PII): We do not collect names, email addresses, phone numbers, or any other personal identifiers.
  • Personal Health Information (HPI): We do not collect any information in a medical record that can identify an individual and is created, used, or disclosed during the provision of healthcare services. We do not collect any information about an individual’s past, present, or future health, the healthcare they receive, or how they pay for healthcare.
  • Sensitive Personal Information (SPI): We do not collect information regarding your race, religion, sexual orientation, or any other sensitive personal information.
  • Confidential Business Information (CBI): We do not collect any proprietary business information related to trade secrets, processes, operations, style of works or apparatus, production, sales, shipments, purchases, transfers, customer identification, inventories, income, profits, losses, or expenditures, and commercial value.
  • Unclassified Controlled Technical Information (UCTI): We do not collect technical information with military or space applications, critical infrastructure security information, critical energy infrastructure information, export control information or materials, research or engineering data, technical reports, specifications, or test reports.
  • Location Data: We do not track or collect location data, including GPS or Wi-Fi network-based location information.

Information SIMS Does Collect

SIMS does not support the use of personal mobile devices. The Department of Defense HIV/AIDS Prevention Program and Walter Reed Army Institute of Research procures and issues all mobile devices used by the SIMS mobile application. For security purposes, we obtain and verify the mobile device ID matches a device we’ve procured and issued to our users. Device information is retained in our system and never shared with anyone.

All site performance data collected by SIMS is aggregated before being shared with other HIV/AIDS prevention entities or government agencies. We do not share individual site data with anyone. SIMS does not collect information for commercial purposes.

Data Security Measures

We maintain a variety of physical, electronic and procedural safeguards to protect data. SIMS data is encrypted while in transit and at rest on our system. For security purposes and to ensure that this service remains available to all users, this government computer system employs software programs to monitor network traffic to identify unauthorized attempts to upload or change information, or otherwise cause damage.

Except for authorized law enforcement investigations, no other attempts are made to identify individual users or their usage habits. Raw data logs are used for no other purposes and are scheduled for regular destruction in accordance with National Archives and Records Administration guidelines.

Unauthorized attempts to upload information or change information on this service are strictly prohibited and may be punishable under the Computer Fraud and Abuse Act of 1986 and the National Information Infrastructure Protection Act.

Third Party Services

SIMS does not integrate with or use third-party services, SDKs, or APIs that could collect or share information.

Development Data

SIMS software developers use synthetic data for development. Our software is built and deployed through automation eliminating developer access to critical infrastructure. Role based access controls prevent developers from unauthorized access to SIMS production data or downloading SIMS production data to unauthorized devices. All production data is maintained on DHAPP infrastructure and managed through DHAPP retention policies.

Users requiring administrative privileges on system accounts receive additional scrutiny by organizational personnel responsible for approving such accounts and privileged access, including system owner, mission or business owner, senior agency information security officer, or senior agency official for privacy. Access to production data is limited through privileged user access controls. Sensitive data is further protected with field-level encryption.

Children’s Privacy

SIMS users are vetted through the Department of Defense HIV/AIDS Prevention Program and Walter Reed Army Institute of Research. SIMS is not available children under the age of 13. As SIMS is not available to children and does not collect any personal information, we comply with the Children’s Online Privacy Protection Act (COPPA) and other applicable laws regarding children’s privacy.

Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page. You are advised to review this Privacy.