Last Updated 4/26/2023
We adhere to the Privacy, Security, and Breach Notification Rules established under HIPAA. These rules govern the use and disclosure of Protected Health Information (PHI) and establish safeguards to protect the confidentiality, integrity, and availability of Electronic Protected Health Information (ePHI).
We take the following measures to ensure HIPAA compliance:
a. We limit the use and disclosure of PHI to the minimum necessary to accomplish the intended purpose.
b. We provide individuals with access to their PHI and the right to request amendments, restrictions, or an accounting of disclosures.
c. We implement administrative, physical, and technical safeguards to protect the privacy and security of PHI.
d. We notify affected individuals, the Department of Health and Human Services and other agencies as required by law in the case of a breach involving unsecured PHI.
e. We require our business associates to comply with HIPAA requirements through written agreements.
Our laboratory is CLIA-certified, ensuring that we meet federal standards for clinical laboratory testing. Our certification demonstrates that we follow strict guidelines to provide accurate, reliable, and timely test results while safeguarding patient privacy.
Data Protection Measures
We recognize the importance of protecting patient data and have implemented robust measures to ensure the security and confidentiality of the information we collect, store, and process.
a. Data Collection: We collect only the necessary information required for the testing process, such as name, date of birth, contact information, and relevant health information.
b. Data Storage: We store patient data on secure, encrypted servers with restricted access, ensuring only authorized personnel have access to the information.
c. Data Retention: We retain patient data in accordance with applicable legal and regulatory requirements and securely dispose of the data once retention periods have expired.
d. Data Sharing: We share patient data only with authorized healthcare providers, government agencies, or other entities as required by law or as authorized by the patient.
We receive, collect and store any information you enter on our website or provide us in any other way. In addition, we collect login; e-mail address; password; computer and connection information and purchase history. We may use software tools to measure and collect session information, including page response times, length of visits to certain pages, page interaction information, and methods used to browse away from the page. We also collect personally identifiable information (including name, email, password, communications); payment details (including credit card information), comments, feedback, product reviews, recommendations, and personal profile.
We collect such Non-personal and Personal Information for the following purposes:
To provide and operate the Services;
To provide our Users with ongoing customer assistance and technical support;
To be able to contact our Visitors and Users with general or personalized service-related notices and promotional messages;
To create aggregated statistical data and other aggregated and/or inferred Non-personal Information, which we or our business partners may use to provide and improve our respective services;
To comply with any applicable laws and regulations.
When you conduct a transaction on our website, as part of the process, we collect personal information you give us such as your name, address and email address. Your personal information will be used for the specific reasons stated above only.
Our company is hosted on the Wix.com platform. Wix.com provides us with the online platform that allows us to sell our products and services to you. Your data may be stored through Wix.com’s data storage, databases and the general Wix.com applications. They store your data on secure servers behind a firewall.
All direct payment gateways offered by Wix.com and used by our company adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
We may contact you to notify you regarding your account, to troubleshoot problems with your account, to resolve a dispute, to collect fees or monies owed, to poll your opinions through surveys or questionnaires, to send updates about our company, or as otherwise necessary to contact you to enforce our User Agreement, applicable national laws, and any agreement we may have with you. For these purposes we may contact you via email, telephone, text messages, and postal mail.
If you don’t want us to process your data anymore, please contact us at email@example.com or send us mail to: 1128 NW 52nd St, Suite 401, Seattle WA 98107