Privacy Policy

Introduction

The American Academy of Expert Medical Evaluators ("AAEME," "we," "us," or "our") is committed to protecting the privacy of every individual who interacts with our website, courses, and certification programs. This Privacy Policy explains what information we collect, why we collect it, how we use it, and what rights you have over it.

AAEME is subject to the General Data Protection Regulation (GDPR) for users in the European Economic Area (EEA) and the United Kingdom, the California Consumer Privacy Act (CCPA) for California residents, and applicable United States federal and state privacy laws.

This policy covers two distinct categories of data: personal data (information that identifies you as an individual) and professional data (information related to your medical licensure, credentials, and professional practice). Both are treated with equal seriousness.

What Information We Collect

Personal Data

When you create an account, register for a course, or sit a certification exam through AAEME, we collect:

• Full legal name as it appears on your medical license
• Preferred name, if different from legal name
• Email address
• Personal cell phone number
• Mailing address (for physical certificate delivery if requested)
• Payment information (processed securely; we do not store full card numbers)
• IP address and device information at time of exam
• Exam session data including duration, question responses, and score
• Course session data including duration and percentage of completion

Professional Data

Because AAEME issues credentials recognized in legal and regulatory proceedings, we also collect professional data directly relevant to your licensure status and certification eligibility:

• Medical specialty (MD, DO, DC, PT, RN, NP, PA, or other)
• National Provider Identifier (NPI) number
• State medical license number(s)
• State(s) of licensure
• Certification status and history (courses completed, exams taken, scores, pass/fail status)
• Certificate serial numbers and issuance dates
• Renewal dates and renewal history

Professional data such as NPI numbers and state license numbers are matters of public record maintained by government agencies. We collect them in combination with your personal data to verify licensure eligibility, issue accurate credentials, support state reporting obligations, and maintain the integrity of the AAEME certification program.

Automatically Collected Data

When you visit aaeme.com, we automatically collect certain technical information through cookies and similar technologies, including browser type, operating system, pages visited, referring website, and general geographic location (country and state level, not precise location). This data is collected in aggregate and used solely to improve site performance. It is not used to build individual profiles.

Certificate Accuracy and Professional Data

Your CIRS™ and NIRSAT™ certificates are legal credentials that may be presented in workers' compensation proceedings, depositions, and regulatory filings. Certificate accuracy is a legal matter, not merely an administrative one.

Your certificate will be issued exactly as your name appears on your AAEME registration form. AAEME relies entirely on the information you provide and cannot independently verify name accuracy at the time of registration.

By registering with AAEME, you confirm that:

• Your full legal name as entered matches the name on your medical license
• Your NPI number and state license number(s) are accurate and current
• You will notify AAEME of any changes to your licensure status that affect your eligibility to hold a CIRS™ or NIRSAT™ credential

Name changes after certificate issuance (including corrections due to registration errors) are subject to a reprint fee. AAEME is not responsible for errors in certificates that result from inaccurate information provided at registration.

Where AAEME partners with accredited third-party continuing education or continuing medical education (CME/CEU) administrators, those partners may independently verify your credentials against their own records as part of the credit issuance process. Their verification practices are governed by their own privacy policies, which we will provide to you at the time of enrollment in any CME/CEU-eligible activity.

How We Use Your Information

To Deliver Our Services

• Creating and managing your AAEME account
• Granting access to purchased or enrolled courses
• Administering certification exams and recording results
• Issuing CIRS™ and NIRSAT™ certificates upon passing
• Processing payments for courses, exams, and study materials
• Sending transactional communications (receipts, exam access links, certificates)

To Meet Legal and Regulatory Obligations

AAEME is designated by the State of Nevada as a certification provider under NV Rev. Stat. 616C.110. This creates specific legal obligations:

• We report NIRSAT™ examination results and certification status to the State of Nevada for physicians seeking to perform impairment ratings under Nevada workers' compensation law
• We maintain permanent certification records for credential verification upon request from physicians, employers, insurers, or legal proceedings
• We may be required to disclose information in response to a valid court order, subpoena, or government request

We will notify you of any such disclosure to the extent permitted by law.

To Maintain Exam Integrity

Certification exams carry legal weight. To protect the integrity of the AAEME credentialing program, we collect and retain IP addresses, session duration, question-level response data, and device information. This data may be used to investigate credential disputes or fraud allegations and is retained for the life of the certification.

To Communicate With You

With your consent, we may send you:

• Renewal reminders as your certification expiration date approaches
• Announcements of new courses and continuing education opportunities
• Changes to state impairment rating certification requirements
• CME/CEU accreditation information when available
• Periodic updates relevant to impairment rating practice

You may opt out of non-transactional communications at any time using the unsubscribe link in any email or by contacting us directly. Opting out does not affect transactional messages related to your active enrollment or certification status.

Continuing Medical Education (CME/CEU) Data

Mandatory Data Sharing for Credit Issuance

When CME/CEU credits are offered through AAEME, we are required to share learner completion data with the applicable accrediting body or bodies in order to issue and track credits. This data sharing is a legal and contractual requirement of credit issuance and cannot be opted out of by learners seeking to receive CME/CEU credit.

The data shared for this purpose includes your name, NPI number, course or activity completion date, and the number of credits earned. This information is reported to applicable accrediting bodies and, where required, to relevant state medical boards through established reporting systems.

AAEME works with accredited third-party CME/CEU administrators rather than maintaining direct accreditation. Those administrators are responsible for reporting to their respective accrediting bodies. Their data handling practices are governed by their own privacy policies, which you will receive at the time of enrollment in any CME/CEU-eligible activity.

Record Retention for CME/CEU

In compliance with applicable CME/CEU accreditation requirements, learner records related to continuing education activities (including participation dates, course or activity titles, and credits awarded) will be maintained in our secure learner database for a minimum of six years from the date of course completion. These records are retained to facilitate credit verification and transcript requests and may be accessed by you at any time upon request.

Systems Used for CME/CEU Data Processing

Learner data related to CME/CEU activities is processed through the following types of secure systems to ensure educational integrity and accurate credit reporting:

• Course delivery platform: hosts CME/CEU-eligible course content and tracks completion
• Assessment and examination platform: administers any required post-course assessments
• Secure data transfer service: moves completion data between systems
• Learner record database: stores and maintains all participation and credit records

Fees for CME/CEU Certificate Processing

While certain educational content may be provided at no cost, a nominal administrative fee may be required for the processing and issuance of formal CME/CEU certificates. All financial transactions are processed via secure, PCI-compliant payment processing systems. No fee is charged for accessing course content itself. Fees apply only to the formal issuance of credit documentation where applicable.

Artificial Intelligence: How We Use It and How We Don't

No AI Decision-Making on Certifications

AAEME does not use artificial intelligence or automated decision-making systems to evaluate your performance, determine your certification eligibility, or make any decision that affects your credentials. Certification decisions are based entirely on your exam score as measured against a fixed passing threshold. Exam scoring is performed automatically using a fixed answer key. This is automated calculation, not AI judgment.

No algorithm, machine learning model, or AI system will determine whether you pass or fail a AAEME certification exam. A human being can review any exam result upon request.

No AI Generation of Course Content

AAEME course content is developed by practicing physicians with clinical expertise in impairment rating methodology. We do not use AI tools to generate, summarize, or modify course content. The curriculum you receive reflects human clinical knowledge.

Website and Administrative Use

We may use AI-assisted tools for internal administrative functions such as drafting communications or analyzing aggregate site performance data. These uses do not involve processing your personal or professional data in ways that affect your rights or certification status.

Third-Party AI Tools

Some third-party platforms we use may employ AI or automated analysis in their own operations:

• Our exam delivery platform may use automated monitoring to support exam security, including detection of unusual session patterns. We are not aware of AI-based proctoring being used at this time and will update this section if that changes.
• Our web analytics platform uses automated data processing to generate aggregate traffic reports. This does not involve individual profiling.
• Our learning management system may use automated tools to track course completion and trigger communications. No AI judgment is applied to your course progress data.

We do not use AI-powered advertising, behavioral targeting, or predictive profiling on aaeme.com or in our communications with you.

Your Rights Regarding Automated Processing

Under GDPR, you have the right not to be subject to decisions based solely on automated processing that produce legal or similarly significant effects. As stated above, no such automated decisions are made at AAEME. If this changes, we will update this policy and provide appropriate opt-out mechanisms before implementation.

Legal Basis for Processing (GDPR)

For users in the EEA and United Kingdom, we process your data under the following legal bases:

• Contract performance: processing necessary to deliver the courses and certifications you have registered for
• Legal obligation: processing required to fulfill our reporting obligations to applicable US state and federal law
• Legitimate interests: maintaining exam integrity, fraud prevention, and improving our educational programs
• Consent: for marketing communications and optional data collection beyond service delivery requirements

Where we rely on consent, you have the right to withdraw it at any time without affecting the lawfulness of processing that occurred before withdrawal.

How We Share Your Information

State Regulatory Authorities

We share NIRSAT™ certification data with the State of Nevada as required by NV Rev. Stat. 616C.110. This is a legal obligation and cannot be opted out of by Nevada physicians seeking certification. As other states adopt impairment rating certification requirements, we may be required to report to additional state agencies and will update this policy accordingly.

CME/CEU Accrediting Bodies

When CME/CEU credits are offered, we share the minimum necessary learner completion data with applicable accrediting bodies as described in the Continuing Medical Education section above. This sharing is a requirement of credit issuance.

Service Providers

We work with a limited number of third-party service providers who assist in delivering our courses, processing payments, administering exams, and managing our physician database. These providers are contractually prohibited from using your data for any purpose other than the services they provide to AAEME, are required to maintain appropriate security measures, and are not permitted to sell or monetize your data. We describe these providers by function:

• Learning management system: hosts course content and manages student enrollment
• Exam delivery platform: administers certification exams and issues certificates
• Payment processor: handles all financial transactions
• Software delivery platform: manages software license delivery for associated products
• Physician database system: stores and manages certification and learner records
• Email communication platform: delivers transactional and marketing emails
• Web analytics platform: provides aggregate site traffic data

No Sale of Data

AAEME does not sell, rent, or trade your personal or professional data to any third party for marketing or commercial purposes. This applies to both personal data and professional data. Ever.

Business Transfers

In the event of a merger, acquisition, or sale of all or substantially all of AAEME's assets, your data, including your certification and CME/CEU records, will transfer to the acquiring entity. You will be notified of any such transfer and your rights under this policy will be maintained by the successor entity.

Payment Card Information

All payment card data is processed directly by our payment processor and is subject to Payment Card Industry Data Security Standards (PCI-DSS). AAEME does not store, transmit, or have access to your full card number, CVV, or PIN. We retain only the last four digits of your card number and your billing address for record-keeping purposes.

Cookies and Tracking Technologies

We use cookies and similar technologies on aaeme.com for the following purposes:

• Essential cookies: required for the site to function (login sessions, course access, exam delivery). Cannot be disabled without breaking site functionality.
• Analytics cookies: aggregate data about how visitors use the site. No individual profiles are built. You may opt out via your browser settings or our cookie consent tool.
• No advertising or retargeting cookies are used on aaeme.com.

A full Cookie Policy is available at aaeme.com/cookie-policy. You may manage cookie preferences at any time through the cookie consent tool on this site.

Data Retention

Certification Records

Retained permanently. These records exist to support credential verification that may occur at any point in a physician's career, including in legal proceedings that arise years or decades after certification.

CME/CEU Records

Retained for a minimum of six years from the date of course completion, in compliance with applicable accreditation requirements, to facilitate credit verification and transcript requests.

Account and Course Data

Retained for the life of your account plus seven years after your last interaction with AAEME.

Payment Records

Retained for seven years in accordance with IRS requirements.

Marketing Data

Retained until you unsubscribe or request deletion.

Exam Integrity Data

IP addresses, device data, and session logs captured during exam administration are retained for the life of the associated certification and seven years thereafter.

Data Security

We implement industry-standard technical and organizational security measures including encrypted data transmission (HTTPS/TLS), access controls limiting data access to authorized personnel only, regular security reviews of our systems and service providers, and data minimization practices that limit collection to what is necessary for the stated purposes.

In the event of a data breach that affects your rights and freedoms, we will notify you and the applicable regulatory authorities as required by law.

International Data Transfers

AAEME is based in the United States. If you access our services from outside the United States, your data will be transferred to and processed in the United States. For EEA and UK users, we rely on Standard Contractual Clauses (SCCs) as the legal mechanism for international data transfers where required.

Your Legal Rights

Rights Under GDPR (EEA and UK Users)

If you are located in the European Economic Area or United Kingdom, you have the following rights:

• Right of access: request a copy of all personal and professional data we hold about you
• Right to rectification: request correction of inaccurate data, subject to the certificate accuracy limitations described above
• Right to erasure: request deletion of your data, subject to our legal obligations to retain certification and CME/CEU records
• Right to restriction of processing: request that we limit how we use your data in certain circumstances
• Right to data portability: request your data in a machine-readable format
• Right to object: object to processing based on legitimate interests, including direct marketing
• Right not to be subject to automated decision-making: as stated above, no such decisions are made at AAEME
• Right to withdraw consent: where processing is based on consent, you may withdraw it at any time without affecting prior lawful processing

To exercise any of these rights, contact us at support@aaeme.com. We will respond within 30 days. If you are not satisfied with our response, you have the right to lodge a complaint with your local data protection supervisory authority.

Rights Under CCPA (California Residents)

California residents have the right to know what personal information we collect, request deletion (subject to certification and CME/CEU record retention exceptions), opt out of the sale of personal information (AAEME does not sell data, so this right is automatically satisfied), and the right to non-discrimination for exercising these rights. To exercise your CCPA rights, contact us at support@aaeme.com.

Rights for All Users

• Access and update your account information at any time
• Request a copy of your certification and CME/CEU records for your own professional use
• Opt out of marketing communications at any time
• Request correction of your professional data (NPI, license number(s), state of licensure)
• Be notified of any data breach that materially affects your personal or professional information

Age Restrictions

AAEME courses and certification programs are intended exclusively for licensed healthcare professionals. We do not knowingly collect data from individuals under the age of 18. If we become aware that a minor has registered, we will delete their account and data immediately. Contact support@aaeme.com if you believe a minor has created an account.

Third-Party Links

aaeme.com may contain affiliate links to third-party websites. AAEME is not responsible for the privacy practices of any third-party site. Affiliate links are clearly identified on the pages where they appear. No personal data about you is shared with affiliate partners as a result of clicking a link. We encourage you to review the privacy policy of any external site you visit.

Data Protection Contact

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or the services we offer. When we make material changes, we will post the updated policy with a new effective date, notify registered users by email if changes materially affect how we use their data, and provide a 30-day notice period before material changes take effect for existing users.

Your Acceptance of These Terms

By creating an account on aaeme.com, registering for a course or exam, or submitting information through any AAEME form, you acknowledge that you have read, understood, and agree to this Privacy Policy. You further confirm that the personal and professional information you provide is accurate.