All individuals that have access to obtain information from and report information to the NPDB system must comply with the following conditions:
This system is the property of the U.S. Department of Health and Human Services, Health Resources and Services Administration and is for authorized users only. The system is for official NPDB business only. Unauthorized access or use of this system may subject violators to criminal, civil and/or administrative penalties.
Individual users are provided with a unique user ID and initial password to access this system. The first time you log in to the system, you will be forced to establish your own password to continue to use the system. You are responsible for maintaining the integrity of, and are held accountable for, everything done using your user ID and password. No other person, including those at the NPDB Customer Service Center, has access to your password. Passwords shall not be shared with others. You agree to change the password immediately, and notify the NPDB Customer Service Center if password security is suspected to be compromised.
Information and activities associated with the NPDB system shall not be false, inaccurate or misleading; shall not violate any law, statute, ordinance or regulation; and shall not contain any viruses or any malicious code that may damage, detrimentally interfere with, surreptitiously intercept, or expropriate any system, data, or personal information. "Information" is defined as any information you provide to the NPDB System in the course of using this system. "Activities" is defined as any process of interacting with the NPDB system.
The system contains personal information protected under the provisions of the Privacy Act of 1974, 5 USC Section 552a. Violations of the provisions of the Privacy Act may subject the offender to criminal penalties.
Information reported to the NPDB is confidential and shall not be disclosed except as specified in the NPDB regulations. The HHS OIG has the authority to impose civil money penalties on those who violate the confidentiality provisions of NPDB information. Persons or entities that receive information either directly or indirectly are subject to the confidentiality provisions specified in the NPDB regulations at 45 CFR Part 60 and the imposition of a civil money penalty of up to $11,000 for each offense if they violate those provisions. When an authorized agent is designated to handle NPDB queries, both the entity and the agent are required to maintain confidentiality in accordance with the federal statutory requirements.
The NPDB system is maintained for the U.S. Government. It is protected by various provisions of Title 18, U.S. Code. Violations of Title 18 are subject to criminal prosecution in Federal court.
Individuals using the NPDB system are subject to monitoring of those activities. Anyone using this system expressly consents to such monitoring and is advised that if such monitoring reveals possible evidence of criminal activity, system personnel may provide the evidence obtained by such monitoring to law enforcement officials. Moreover, for system security purposes and to ensure that the NPDB system is used for legitimate purposes by authorized, registered users, we collect information concerning the use of this system e.g., data you view and alter. We employ software programs to monitor traffic, and to identify unauthorized attempts to view and/or change information, or otherwise cause damage to the system. Information from these sources may be used to help identify an individual(s) in the event of authorized law enforcement investigation, and pursuant to any required legal process.
In the event it is suspected that you have not complied with these Rules of Behavior your account will be frozen, resulting in denial of all access to the system; and criminal, civil and/or administrative action may be taken.
Use of the NPDB system signifies acknowledgement and understanding of user responsibilities and represents your agreement to comply with the Rules of Behavior for the NPDB system.