ACCMEData Security and Privacy Standards

ACCME Data Security and Privacy Standards (June 2025)

The ACCME invites select Learning Management System (LMS) companies to join the Premier Technology Partner Program.  This Program recognizes LMS companies that demonstrate seamless, high-quality, integration with ACCME’s Program and Activity Reporting System (PARS) and/or Joint Accreditation Program and Activity System (JA-PARS).  As a part of the eligibility requirements to become a Premier Technology Partner, LMS companies agree to comply with the data security and privacy standards set for by ACCME, which may change from time to time. 

. These standards are designed to ensure the protection of personal and sensitive information and to comply with applicable international, federal, and state data protection laws, including but not limited to the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

  1. Data Protection: The Partner shall implement appropriate technical and organizational measures to protect personal data against unauthorized or unlawful processing and against accidental loss, destruction, or damage. This includes, but is not limited to, access controls, encryption of data in transit and at rest, and regular security assessments.
  2. Data Privacy: The Partner shall ensure that integrations with ACCME’s systems process data only in accordance with ACCME’s documented instructions and that personal data is processed lawfully, fairly, and transparently. The Partner shall not sell, disclose, or share personal data with third parties;
  3. Data Breach Notification: In the event of a data breach, the Partner shall notify the ACCME in the most expedient time possible and, where feasible, not later than 72 hours after becoming aware of the breach. The notification shall include a description of the nature of the breach, the categories and approximate number of data subjects concerned, the categories and approximate number of data records concerned, and the measures taken or proposed to be taken to address the breach and mitigate its possible adverse effects.
  4. Audit and Inspection: ACCME reserves the right to inspect the Partner’s data protection practices to ensure compliance with this agreement.