Privacy Policy

1.1 Personal Information

We collect personal information that you voluntarily provide when using our services, including but not limited to:

• Full name, date of birth, and contact information (email, phone, address)
• Health insurance information and medical history
• Laboratory test results and medical records
• Payment and billing information
• Government-issued identification for verification purposes

1.2 Health Information

As a healthcare service provider, we collect and maintain Protected Health Information (PHI) as defined under HIPAA, including:

• Medical test results and diagnostic information
• Risk assessment data and health screening results
• Physician consultations and treatment recommendations
• Medical imaging and laboratory specimen information
• Genetic testing results (where applicable)

1.3 Technical Information

We automatically collect certain information when you visit our website:

• IP address, browser type, and device information
• Usage data, page views, and navigation patterns
• Cookies and similar tracking technologies
• Log files and analytics data

2.1 Primary Healthcare Services

We use your information to provide and improve our healthcare services:

• Processing laboratory tests and delivering results
• Facilitating physician consultations and medical advice
• Managing appointments and scheduling
• Coordinating care with healthcare providers
• Conducting risk assessments and health screenings

2.2 Communication and Support

We use your contact information to:

• Send test results and medical notifications
• Provide customer support and respond to inquiries
• Send appointment reminders and follow-up communications
• Share educational content about cancer screening and prevention
• Notify you of updates to our services or policies

2.3 Operational and Legal Purposes

We process your information for:

• Billing, payment processing, and insurance claims
• Quality assurance and accreditation compliance
• Legal and regulatory compliance (HIPAA, CLIA, CAP)
• Fraud prevention and security monitoring
• Research and statistical analysis (de-identified data only)

3.1 HIPAA Safeguards

As a HIPAA-covered entity, we implement comprehensive safeguards:

• Administrative safeguards: Security policies, workforce training, and access controls
• Physical safeguards: Secure facilities, workstation security, and device controls
• Technical safeguards: Encryption, access controls, audit logs, and transmission security
• Business Associate Agreements with all third-party service providers

3.2 Data Protection Measures

We employ industry-leading security measures:

• End-to-end encryption for data transmission and storage
• Multi-factor authentication for system access
• Regular security audits and vulnerability assessments
• Incident response plans and breach notification procedures
• Secure data backup and disaster recovery systems

4.1 Healthcare Operations

We may share your information with:

• Healthcare providers involved in your care
• Laboratories and diagnostic facilities
• Insurance companies for claims processing
• Business associates who support our operations

4.2 Legal Requirements

We may disclose information when required by law:

• Court orders, subpoenas, or legal processes
• Public health authorities for disease surveillance
• Law enforcement for legitimate investigations
• Regulatory agencies for compliance audits

4.3 With Your Consent

We will only share your information for purposes not covered above with your explicit written authorization.

5.1 HIPAA Rights

Under HIPAA, you have the right to:

• Access and obtain copies of your health records
• Request amendments to your health information
• Receive an accounting of disclosures
• Request restrictions on uses and disclosures
• Request confidential communications
• File a complaint about privacy violations

5.2 State Privacy Rights

Depending on your location, you may have additional rights:

• California (CCPA/CPRA): Right to know, delete, and opt-out of sale
• European users (GDPR): Rights to access, rectification, erasure, and data portability
• Other state-specific privacy law protections

6.1 Retention Periods

We retain your information according to legal and operational requirements:

• Medical records: Minimum 7 years from last service date (longer for minors)
• Laboratory results: Compliant with CLIA regulations
• Billing records: As required by applicable laws
• Marketing communications: Until you unsubscribe

6.2 Secure Disposal

When information is no longer needed, we securely dispose of it through:

• Encrypted data deletion for electronic records
• Secure shredding for physical documents
• Verification of complete removal from all systems

7.1 Types of Cookies

We use the following types of cookies:

• Essential cookies: Required for website functionality
• Analytics cookies: Help us understand usage patterns
• Functional cookies: Remember your preferences
• Marketing cookies: Deliver relevant advertisements

7.2 Cookie Management

You can control cookies through:

• Browser settings to block or delete cookies
• Our cookie preference center
• Third-party opt-out tools for advertising cookies

Our services are not directed to children under 13. We do not knowingly collect personal information from children without parental consent. For minors (13-17), we obtain parental or guardian consent before providing services. If you believe we have collected information from a child inappropriately, please contact us immediately.

If you are accessing our services from outside the United States, please note that your information may be transferred to, stored, and processed in the United States. We implement appropriate safeguards to protect your information in accordance with this Privacy Policy and applicable laws, including Standard Contractual Clauses where required.

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. We will notify you of material changes through:

• Email notification to your registered address
• Prominent notice on our website
• Updated "Last Modified" date at the top of this policy

Your continued use of our services after changes constitutes acceptance of the updated policy.