At Genoptix, Inc. (“Genoptix”), we recognize that privacy is important, and, therefore, Genoptix is committed to maintaining and protecting the privacy of our customers, patients, partners, employees, and all others who may visit a website belonging to Genoptix.
BY USING OUR SITE, YOU CONSENT TO THE COLLECTION, USE, AND DISCLOSURE OF INFORMATION AS DESCRIBED IN THIS POLICY.
COLLECTION AND USE OF PERSONALLY IDENTIFIABLE INFORMATION
Genoptix only collects personally identifiable information through its websites (such as an individual’s name, e-mail address, account password, etc.) when it is voluntarily submitted to Genoptix by you as permitted under applicable law. For example, when you choose to register for an account through our site (e.g., eCOMPASS®) or for a promotion or service that requires registration, we may ask you to provide some personal information such as your first and last name, medical practice name, job title, phone number, e-mail address, type of medical practice, and similar information required to issue you a username and password. We may also ask for similar information in order to fulfill additional requests you make through our website or a site maintained by a third party on our behalf, including, but not limited to, a request for investor information or in connection with your application for employment.
USE OF PERSONALLY IDENTIFIABLE INFORMATION
- Health Care Professionals–For health care professionals that take advantage of our clinical laboratory services in treating their patients or are considering using our clinical laboratory services, we may use your personal information to (i) inform or send you information on services we provide or services you may request; (ii) to assist you with questions that you may have about our services; (iii) contact you regarding payment matters; and (iv) in order to evaluate the services we offer or similar marketing purposes, such as conducting surveys.
- User Communications–When you send email or other communications to Genoptix, we may retain those communications in order to process your inquiries, respond to your requests, and improve our services.
- Affiliated Genoptix Services Through Other Sites–We may offer some of our services on or through other websites operated by third parties. Personal information that you provide to those sites may be sent to Genoptix in order to deliver the service such as if you apply for a job with Genoptix through another website or if you make a payment to Genoptix through another site. In this case, we will process information that we receive about you from these third parties under this Policy. The affiliated websites through which our services are offered may have different privacy practices, and we encourage you to read their privacy policies.
You can decline to submit certain personally identifiable information, but in such case, Genoptix may not be able to provide those services to you.
COLLECTION AND USE OF NON-PERSONALLY IDENTIFIABLE INFORMATION
We offer a number of services that may not require you to register for an account or provide any personal information to us. For example, we track the total number of visitors to our website, the number of visitors to each page of the website, and the domain names of our visitors’ Internet service providers. No personally identifiable information is gathered in this process. In order to provide our full range of services, we may collect any or all of the following types of information:
Most browsers are initially set up to accept cookies, but you can reset your browser to allow you to control whether you will accept cookies or refuse all cookies or to indicate when a cookie is being sent. However, some Genoptix features and services may not function properly if your cookies are disabled.
Genoptix may present links in a format that enables us to keep track of whether these links have been followed. We use this information to improve the quality of our website and its technology and content.
WEB BROWSER INFORMATION
When you access Genoptix services, our servers automatically record information that your browser sends whenever you visit a website. These server logs may include information such as your web request, Internet Protocol address, browser type, browser language, the date and time of your request, and one or more cookies that may uniquely identify your browser.
Genoptix does not sell, rent, or share your personal information with non-affiliated third parties. However, to provide our services we may provide your personal information gathered through this site with other companies or individuals outside of Genoptix in the following limited circumstances:
- We may provide such information to our subsidiaries, affiliated companies, or other trusted businesses or persons for the purpose of processing or using personal information on our behalf. We require that these parties agree to use or process such information based on our instructions and in compliance with this Policy and any other appropriate confidentiality and security measures.
- We have a good faith belief that access, use, preservation, or disclosure of such information is reasonably necessary to (a) satisfy any applicable law, regulation, legal process, or enforceable governmental request, (b) enforce applicable policies, including investigation of potential violations thereof, (c) detect, prevent, or otherwise address fraud, security, or technical issues, or (d) protect against harm to the rights, property, or safety of Genoptix, its users, or the public as required or permitted by law.
- After having received your consent for the sharing of any sensitive personal information
SECURITY AND CONFIDENTIALITY
To ensure the security and confidentiality of Personal Data that we collect online, we use data networks protected, inter alia, by industry standard firewall and password protection. In the course of handling your Personal Data, we take measures reasonably designed to protect that information from loss, misuse, unauthorized access, disclosure, alteration, or destruction.
Genoptix provides links to a number of third parties’ websites through Genoptix’s site, which may provide you with useful information or offer helpful services as a convenience. Links contained on our site that transfer you to a non-Genoptix site are not controlled by Genoptix and may contain different information and/or different privacy policies than Genoptix. Genoptix is not responsible for the privacy policies of or content on any such third party website. You should review the privacy policies of these third parties should you choose to access these sites. These other sites may place their own cookies or other files on your computer, collect data, or solicit personal information from you.
PERSONAL INFORMATION AND CHILDREN
Most of the services available on this site are intended for persons 18 years of age and older. Any individual who requests information about a medicine indicated for use in children must be 18 or over. We will not knowingly collect, use, or disclose Personal Data from a minor under the age of 18 without obtaining prior consent from a person with parental responsibility (e.g., a parent or guardian) through direct off-line contact. We will provide the parent with (i) notice of the specific types of personal data being collected from the minor, and (ii) the opportunity to object to any further collection, use, or storage of such information. We abide by laws designed to protect children.
If you have any feedback or questions regarding this Policy, please feel free to contact us at:
c/o Genoptix, Inc.
1811 Aston Ave.
Carlsbad, CA 92008
Please note that this Policy is subject to change from time to time. We will update this Policy on this page with any such changes. Therefore, please review this website periodically to ensure you are aware of our current policy on privacy matters in using this website or other websites offered by Genoptix.
NOTICE OF PRIVACY PRACTICES RELATED TO PHI
THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.
Genoptix, Inc. (“Genoptix”), is a provider of clinical reference laboratory testing services and information and is dedicated to the treatment and management of hematologic malignancies and other forms of cancer. Genoptix is committed to protecting the confidentiality of laboratory test results and other personal health information that we collect, create, or disclose as a result of our testing activities.
We are required by federal law to maintain the privacy of your individually identifiable health information (known as “Protected Health Information” or “PHI”) and to provide you with notice of our legal duties and privacy practices with respect to your PHI. This protection extends to any PHI whether in oral, written, or electronic format. Genoptix is required by law to abide by the terms of this Notice of Privacy Practices Related to PHI (this “Notice”) currently in effect. Your other health care provider(s) may have different policies regarding the use and disclosure of your PHI created by and maintained by them.
Genoptix is committed to obtaining, maintaining, using, and disclosing PHI in a manner that protects patient privacy in compliance with all applicable local, state, and federal laws and regulations. We strongly urge you to read this Notice carefully and thoroughly so that you will understand both our commitment to protecting the privacy of your PHI and how you can participate in the protection of this information.
YOUR PHI AT GENOPTIX
Genoptix collects your PHI to the extent necessary to provide services and to obtain payment for these services. This PHI may include your name, address, telephone number, social security number, date of birth, medical history, tests ordered, diagnosis, provider identification, financial responsibility, etc. We will let you know promptly if a breach occurs that may have compromised the privacy or security of your information.
How Genoptix May Use and Disclose Your Protected Health Information: The following categories detail the various ways in which we may use or disclose your PHI. While we cannot list every possible use or disclosure, all of the ways we use or disclose your PHI will fall into one of the following categories.
Treatment: We use your PHI to provide your medical care, and we disclose PHI to our employees and others who are involved in providing the medical care you need. As a health care provider that provides laboratory testing for patients as requested by physicians, we use your PHI as part of our testing processes, and we disclose your PHI to physicians or other authorized health care professionals (e.g., your nurses) who need access to your laboratory results to treat you. We may also disclose your PHI to another testing laboratory if we are unable to perform the testing ourselves and as such need to refer your specimen to that laboratory to perform the requested testing.
Note Regarding California State Law: In cases where state law is more restrictive than federal law, we may be required to follow the more restrictive state law. For example, federal regulations specify that clinical laboratories, such as Genoptix, are exempt from the requirements making PHI available to you directly, if providing such access to you is prohibited by law. Under the laws of the state of California, where we are located, we are not permitted to provide your laboratory results to you directly, even with your consent. Therefore, Genoptix only provides your laboratory results to your referring physician or to a physician involved in your treatment or in compliance with a valid subpoena or court order to disclose your PHI.
Payment: We use and disclose PHI to obtain payment for the services we provide. Our billing department may disclose your PHI to certain insurance companies, hospitals, physicians, and health plans to collect payment or to third parties to assist us in creating bills, claim forms, or to obtain payment for our services. For example, we may use a third party billing company or we may send your name, date of service, test performed, diagnosis code, and other information to your third party payor so such third party payor will provide us with payment for the services provided.
Health Care Operations: We will use and disclose your PHI as necessary, and as permitted by law, for health care operations. Genoptix may use or disclose your PHI in the course of activities required to support our health care operations, such as performing quality checks on our testing or for developing normal reference ranges for tests that we perform. This information will be used in an effort to continually improve the quality and effectiveness of the health care services that we provide. We may also disclose your PHI to other health care providers or payors for their health care operations, but only if they already have a relationship with you or us and the purpose is for quality assurance activities, peer review activities, detecting fraud, or for other legitimate purposes.
Disclosures to Business Associates: We may also disclose your PHI with our “business associates,” such as our billing service, that perform administrative services for us. We have a written contract with each of these business associates that contains terms requiring them to protect the confidentiality of your PHI. Federal law does not protect PHI which is disclosed to someone other than another healthcare provider.
Persons Involved in Your Care: We may disclose your PHI to individuals, such as family members, relatives, personal friends, or others who are involved with your care or who help pay for your care. If you are able and available to agree or object, we will give you the opportunity to object prior to making these disclosures, although we may disclose this PHI in a disaster even over your objection if we believe it is necessary to respond to the emergency circumstances. If you are unable or unavailable to agree or object, our health care professionals will use their best judgment in communication with your family and others. To the extent permitted under federal and state law, we may disclose PHI of minors to their parents or legal guardians.
Other Uses and Disclosures: We are permitted or required by law to make certain other uses and disclosures of your PHI without your consent or authorization. Subject to conditions specified by law, we may release your PHI:
- for any purpose required by law
- for public health activities, such as required reporting of disease, injury, and birth and death, and for required public health investigation
- to certain governmental agencies if we suspect child abuse or neglect; we may also release your PHI to certain governmental agencies if we believe you to be a victim of abuse, neglect, or domestic violence
- to entities regulated by the Food and Drug Administration if necessary to report adverse events, product defects, or to participate in product recalls
- to your employer when we have provided health care to you at the request of your employer for purposes related to occupational health and safety (in most cases you will receive notice that information is disclosed to your employer)
- if required by law to a government oversight agency conducting audits, investigations, inspections, and related oversight functions and in emergency circumstances, such as to prevent a serious and imminent threat to a person or the public
- if required to do so by a court or administrative order, subpoena, or discovery request (in most cases you will have notice of such release)
- to law enforcement officials to identify or locate suspects, fugitives or witnesses, or victims of crime, or for other allowable law enforcement purposes
- to coroners or medical examiners for the purpose of identifying a deceased person, determining cause of death, or another purpose authorized by law and to funeral directors as necessary to carry out their duties with respect to the deceased to the extent consistent with applicable law
- if necessary to arrange an organ or tissue donation from you or a transplant for you
- if you are a member of the military for activities set out by certain military command authorities required by armed forces services
- if necessary for national security, intelligence, or protective services activities
- for purposes related to your workers’ compensation benefits
- to researchers conducting research with respect to which your written authorization is not required as approved by an Institutional Review Board or privacy board, in compliance with governing law
- in the event Genoptix is sold or merged with another organization, your PHI will become the property of the new owner.
AUTHORIZATION REQUIRED FOR OTHER USES
Genoptix must receive your written authorization prior to disclosing your PHI in any manner that is not set forth and described above. We do not intend to sell PHI. If we choose to use and disclose PHI for marketing purposes, your authorization is specifically required. If you would like to authorize us to disclose your PHI in a manner that is not set forth above, please provide a written authorization to our HIPAA Privacy Officer at the contact information below. Such written authorization must include the following information: name, address, telephone number and patient identification number or Social Security number. You may revoke this written authorization at any time by notifying our HIPAA Privacy Officer in writing. Such revocation shall contain the same information as is required to be provided in the written authorization. In the alternative, you may contact our HIPAA Privacy Officer to request a written authorization form or revocation of written authorization form.
YOUR RIGHTS CONCERNING PHI
You have certain rights relating to your PHI that we maintain, and you can exercise these rights by making a written request to our HIPAA Privacy Officer at the contact information below. Subject to certain exceptions under applicable law, your rights to your PHI are as follows:
Access: You or your designated representative has the right to access, review, and/or obtain copies of your current PHI provided that either you or your designated representative has delivered a written request to Genoptix, unless access is otherwise prohibited including, but not limited to, instances in which state law is more restrictive than federal law. For example, as discussed earlier, under California law (where we are located), we are not permitted to provide your laboratory results to you directly, even with your consent, and, therefore, we can only release laboratory test results to the referring physician or a physician involved in your treatment. Furthermore, we may restrict your access to information we compile in reasonable anticipation of, or use in, civil, criminal, or administrative actions or proceedings. You may make requests to review or obtain copies of your PHI by contacting our HIPAA Privacy Officer in writing at the contact information below. Genoptix may charge a reasonable fee for copies of your PHI. Under certain circumstances, should we deny your request, you have the right to ask for the denial to be reviewed by a licensed health care professional designated by Genoptix.
Amendments: You have a right to request that PHI that we maintain about you be amended or corrected. All amendment requests, in order to be considered by us, must be submitted to our HIPAA Privacy Officer, in writing, signed by you or your designated representative, and must state the reasons for the amendment/correction request. If we find the information is incomplete or incorrect, we may amend your PHI in accordance with our policy, but original information will not be removed. We will also make reasonable efforts to inform and provide approved amendments to those who possess your PHI and need to be informed of the amendment, including our business associates. We are allowed to deny the request for various reasons, including if Genoptix did not create the information for which an amendment is required or if we believe the current information is accurate and complete. If we deny your amendment request, we will inform you in writing of this denial and explain the process involved to exercise your right to submit a written statement of disagreement.
Accounting: You have the right to receive an accounting of certain disclosures made by us or our business associates of your PHI. This accounting will include only those disclosures made in the six years prior to the date on which the accounting is requested. This accounting will not include any disclosures to you or your authorized representatives; disclosures related to treatment, payment, or health care operations; disclosures authorized by you; and certain other excluded disclosures. Requests must be made in writing and signed by you or your designated representative. The first accounting in any 12 month period shall be without charge, but we may assess a reasonable cost-based fee in connection with additional requests by you within the same 12-month period.
Restrictions: You have the right to request restrictions on certain of our uses and disclosures of your PHI for treatment, payment, or health care operations. For example, you may request that we do not share your PHI with a certain family member. We are not required to agree to your restriction request but will attempt to accommodate reasonable requests when appropriate. However, if you pay in full for a health care service out-of-pocket, you can ask us not to share that payment information with your health insurer. We will say “yes” unless a law requires us to share that information. We retain the right to terminate an agreed-to restriction if we believe such termination is appropriate. In the event we have terminated an agreed-to restriction, we will notify you of such termination.
Confidential Communications: You have the right to request that we send communications of your PHI by alternative means or at alternative locations than our usual procedure. For example, you may request that we direct all correspondence to your attention at a family member’s address, that we contact you at work rather than home, or that we contact you by mail instead of telephone. You must make your request in writing, and we will make an effort to accommodate reasonable requests.
Fundraising: Genoptix does not currently use protected health information (PHI) for fundraising purposes. If Genoptix performs fundraising activities at some future time, you may be contacted, but you would have the option to tell us not to contact you again.
Notice of PHI Privacy Practices: You have the right to request a paper and/or electronic copy of this Notice at any time by contacting our HIPAA Privacy Officer.
How to Exercise Your Rights or Ask Questions: To exercise your rights or for any questions regarding this Notice, please contact our HIPAA Privacy Officer at:
Attention: HIPAA Privacy Officer
1811 Aston Ave.
Carlsbad, CA 92008
Please include sufficient information for us to identify all of your records, such as your name, address, and a telephone number where we can contact you. Genoptix will consider your request and provide you a response within a reasonable timeframe.
Complaints: If you believe your privacy rights have been violated, please let us know immediately by contacting our HIPAA Privacy Officer at (760) 268-6200. Please make sure to include sufficient information for us to identify you and a brief description of the circumstances surrounding the violation. You may also file a complaint with the Secretary of the U.S. Department of Health and Human Services by contacting the following:
The U.S. Department of Health and Human Services
200 Independence Avenue, S.W.
Washington, D.C. 20201
Telephone: (202) 619-0257
Toll Free: 1-877-696-6775
This Notice is effective as of May 1, 2004 (as revised March 25, 2010, March, 2014 and March 2017).