Privacy Policy

Your privacy is important to us. This policy explains how we collect, use, and protect your personal information.

Last Updated: November 23, 2025

Introduction

Global MedPath Institute (“GMI,” “we,” “us,” or “our”) is committed to protecting the privacy and security of your personal information. This Privacy Policy describes our practices concerning the collection, use, disclosure, and protection of information gathered through our website, student portal, and educational services.

Scope of This Policy

This Privacy Policy applies to:

  • Information collected through our website (globalmedpathinstitute.com)
  • Information collected through our Secure Portal student portal and learning management system
  • Information collected during the application and enrollment process
  • Information collected during your participation in our training programs
  • Information collected for educational records and compliance purposes

For Prospective Students: By submitting an inquiry or application, you consent to the collection and use of your information as described in this policy.

For Current Students: This policy supplements the privacy terms in your enrollment agreement and FERPA rights notification.

Information We Collect

1. Personal Identification Information

During Application & Enrollment:

  • Full legal name, date of birth, Social Security number
  • Contact information (address, phone, email)
  • Emergency contact information
  • Government-issued photo identification
  • Educational history and transcripts

Required for Enrollment Compliance:

  • Background check results (as required by clinical placement sites)
  • Drug screening results (when applicable)
  • Immigration status documentation (if applicable)

2. Health & Medical Information

Protected Health Information (PHI) We Collect:

  • Immunization records (Hepatitis B, TB test, etc.)
  • Physical examination results
  • Medical clearance documentation
  • Health insurance information (when applicable)
  • Disability accommodations requests

HIPAA Compliance: Health information is protected under HIPAA regulations and maintained separately from general educational records. Access is limited to authorized personnel with a legitimate educational need.

3. Educational Records

Protected Under FERPA (Family Educational Rights and Privacy Act):

  • Application materials and admission decisions
  • Course enrollment and attendance records
  • Grades, assessments, and competency evaluations
  • Clinical practice logs and patient interaction records
  • Skills assessments and certification exam results
  • Academic progress reports and disciplinary records
  • Financial records (tuition payments, payment plans)

4. Secure Portal Portal Information

Student Portal & Learning Management System:

  • Login credentials and authentication information
  • Portal usage data (login times, pages accessed, time spent)
  • Assignment submissions and quiz responses
  • Communication with instructors (messages, discussion posts)
  • Document uploads and downloads
  • Video viewing history and completion status

Third-Party Platform: Our student portal is powered by Secure Portal. Their privacy policy applies to their platform operations. We maintain a Data Processing Agreement with Secure Portal ensuring compliance with data protection standards.

5. Payment & Financial Information

Billing & Payment Processing:

  • Payment card information (processed via Stripe – we do not store full card numbers)
  • Bank account information for ACH payments
  • Billing address and payment history
  • Payment plan agreements and schedules
  • Refund requests and processing

PCI DSS Compliance: Payment processing is handled by Stripe, a PCI DSS Level 1 certified payment processor. GMI does not store complete credit card information on our servers.

6. Website & Technical Information

Automatically Collected:

  • IP address and geographic location
  • Browser type, device type, operating system
  • Pages visited, time spent, referring websites
  • Cookies and similar tracking technologies
  • Form submissions and inquiry data

How We Use Your Information

Educational Operations

  • Admissions Processing: Evaluate applications, verify eligibility, conduct background checks
  • Program Administration: Manage enrollment, track attendance, deliver curriculum
  • Academic Assessment: Grade assignments, track progress, evaluate competencies
  • Clinical Training: Coordinate clinical placements, monitor patient interactions
  • Certification Preparation: Track exam readiness, provide study materials
  • Career Services: Provide job placement assistance, connect with employers

Compliance & Regulatory Requirements

  • Accreditation: Maintain records for accreditation body reviews and audits
  • State Licensing: Report data to Texas Workforce Commission and regulatory agencies
  • Federal Compliance: Comply with FERPA, HIPAA, and other federal regulations
  • Clinical Site Requirements: Share required information with clinical training partners
  • Quality Assurance: Monitor program effectiveness and student outcomes

Communication & Support

  • Admissions Outreach: Respond to inquiries, provide program information
  • Student Communications: Send class schedules, announcements, policy updates
  • Academic Advising: Provide guidance and support throughout the program
  • Career Support: Share job opportunities, provide networking connections
  • Alumni Relations: Maintain connections with graduates

Business Operations

  • Financial Management: Process payments, manage payment plans, issue refunds
  • Website Improvement: Analyze usage to enhance user experience
  • Marketing: Promote programs to prospective students (with consent)
  • Legal Protection: Defend against claims, enforce agreements

Information Sharing & Disclosure

We Share Information With:

Clinical Training Partners

Purpose: Facilitate hands-on training at clinical sites
Information Shared: Name, photo ID, immunization records, background check results, skills assessments
Legal Basis: Required for clinical training participation

Certification Bodies

Purpose: Verify training completion and exam eligibility
Information Shared: Training hours, competency evaluations, program completion status
Organizations: National Healthcareer Association (NHA), other certification bodies

Accreditation & Regulatory Agencies

Purpose: Demonstrate compliance with educational standards
Information Shared: De-identified student data, program outcomes, completion rates
Agencies: Texas Workforce Commission, accreditation bodies, state licensing boards

Service Providers

Secure Portal (Student Portal): Learning management, communications, document storage
Stripe (Payment Processing): Tuition payments and financial transactions
Google Workspace: Email communications and document management
Analytics Providers: Website traffic analysis and user experience optimization

Background Check Providers

Purpose: Verify eligibility for clinical training
Information Shared: Name, SSN, address history
Legal Basis: Required by clinical partners and healthcare facilities

We Do NOT Sell Your Information

GMI does not sell, rent, or trade student information to third parties for marketing purposes. Your information is shared only for legitimate educational, operational, and compliance purposes as described above.

Legal Disclosures

We may disclose information when required by law, including:

  • In response to subpoenas, court orders, or legal processes
  • To comply with government audits or investigations
  • To protect the safety of students, staff, or the public
  • To enforce our policies or investigate violations
  • In connection with business transfers (mergers, acquisitions)

Your Rights & Choices

FERPA Rights (Current & Former Students)

Under the Family Educational Rights and Privacy Act, you have the right to:

  • Inspect and Review: Access your educational records within 45 days of request
  • Request Amendment: Ask for corrections to inaccurate or misleading records
  • Control Disclosure: Consent to most disclosures of your education records
  • File Complaints: Submit complaints about FERPA violations to the Department of Education

To Exercise FERPA Rights: Submit a written request to our Registrar at info@globalmedpath.edu or mail to Global MedPath Institute, ATTN: Registrar, Houston, TX.

Access & Correction Rights

  • Access Your Data: Request a copy of the personal information we hold about you
  • Correct Inaccuracies: Request corrections to outdated or incorrect information
  • Update Contact Info: Update your address, phone, or email through the student portal
  • Data Portability: Receive your transcripts and records in portable format

Communication Preferences

  • Marketing Emails: Opt out of promotional communications (does not apply to essential program communications)
  • Text Messages: Opt out of SMS notifications by replying STOP
  • Phone Calls: Request to be added to our do-not-call list

Note: Even if you opt out of marketing, you will still receive essential communications about your enrollment, classes, and account status.

Account Deletion & Data Retention

Prospective Students: You may request deletion of inquiry data. Contact us at info@globalmedpath.edu.

Current/Former Students: Educational records must be retained for a minimum of 5 years per regulatory requirements. After this period, you may request deletion of non-essential information. Transcripts and completion records are maintained permanently.

Data Security & Retention

Security Measures

We implement industry-standard security measures to protect your information:

  • Encryption: SSL/TLS encryption for data transmission; encrypted storage for sensitive records
  • Access Controls: Role-based access limits; multi-factor authentication for staff
  • Physical Security: Locked file cabinets; restricted access to facilities
  • Regular Audits: Periodic security assessments and vulnerability testing
  • Staff Training: Mandatory privacy and security training for all personnel
  • Incident Response: Procedures for breach detection and response

Data Retention Periods

Educational Records (FERPA Protected)

  • Student Transcripts: Permanent retention
  • Enrollment Records: Minimum 5 years after separation
  • Financial Records: 7 years after final payment
  • Attendance Records: 5 years after program completion
  • Disciplinary Records: 7 years after resolution

Health Information (HIPAA Protected)

  • Immunization Records: 6 years after last date of service
  • Medical Clearances: Duration of enrollment + 6 years
  • Disability Accommodations: 3 years after accommodation ends

Application Materials

  • Accepted Applications: Become part of student record
  • Rejected Applications: 1 year after decision
  • Inquiry Data: 2 years after last contact

Data Breach Notification

In the unlikely event of a data breach affecting your personal information, we will notify you within 72 hours via email and postal mail. Notification will include the nature of the breach, types of information involved, steps taken to address it, and resources available to you.

Special Considerations

Children’s Privacy

Our programs are designed for adults 18 years and older. We do not knowingly collect information from individuals under 18. All applicants must be 18+ to enroll.

International Students

For international students, we collect additional information including:

  • Visa status and work authorization documentation
  • Passport information and country of origin
  • SEVIS reporting data (if applicable)

This information is used solely for compliance with U.S. immigration laws and regulations.

Photography & Video

During your training, we may photograph or video record classroom and clinical activities for:

  • Educational documentation and quality assurance
  • Marketing and promotional materials
  • Social media and website content

You will be asked to sign a separate media release form. You may opt out of marketing uses while still participating in training.

Cookies & Tracking Technologies

Our website uses cookies and similar technologies to:

  • Remember your preferences and login information
  • Analyze website traffic and user behavior
  • Deliver targeted advertising (with consent)
  • Improve website functionality

You can control cookie settings through your browser. Disabling cookies may limit website functionality.

Policy Updates

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or other factors. Material changes will be communicated via:

  • Email notification to all students and applicants
  • Prominent notice on our website for 30 days
  • Updated “Last Modified” date at the top of this policy

Continued use of our services after changes constitutes acceptance of the updated policy.

Contact Information

Privacy Questions or Requests

Email: privacy@globalmedpath.edu
Phone: (123) 456-7890
Mail: Global MedPath Institute
ATTN: Privacy Officer
Houston, Texas

FERPA Rights & Educational Records

Email: registrar@globalmedpath.edu
Position: Registrar / FERPA Compliance Officer

File a Complaint

FERPA Complaints:
Family Policy Compliance Office
U.S. Department of Education
400 Maryland Avenue, SW
Washington, DC 20202-8520

HIPAA Complaints:
U.S. Department of Health and Human Services
Office for Civil Rights
www.hhs.gov/ocr/complaints

Your Privacy Matters

We are committed to protecting your personal information and maintaining the trust you place in us. If you have questions or concerns about this policy, please don’t hesitate to contact us.

Contact Privacy Officer ✉ General Questions →