AGGREGATE WEBSITE DATA COLLECTION AND USE
LifeOmic tracks visits to our Websites and uses visitor logs to compile anonymous aggregate statistics. This aggregate information is collected sitewide, and includes anonymous website statistics. In addition, when you browse our Websites, our system automatically collects information such as your web request, Internet Protocol (“IP”) address, browser type, browser language, domain names, referring and exit pages and URLs, platform type, pages viewed and the order of these page views, the amount of time spent on particular pages, the date and time of your request and one or more cookies that may uniquely identify your browser. This information is used to analyze trends, administer the Websites, improve the design of our Websites, and otherwise enhance the services we provide.
Certain pages of the Websites and/or html email correspondence may use session cookies, persistent cookies or web beacons to anonymously track unique visitors, save website preferences and to allow us to recognize visits from the same computer and browser. Some cookies are essential for the operation of our Site (“Essential Cookies”). These cookies enable services you have specifically asked for. These cookies remain on your device only until you close your browser after visiting our websites. Some cookies are used to collect anonymous information on the pages visited (“Performance Cookies”). For example, we might use Performance Cookies to keep track of which pages are most popular, which method of linking between pages is most effective, and to determine why some pages are receiving error messages. These cookies remain on your device only until you close your browser after visiting our website. Some cookies remember choices you make to improve your experience (Functionality Cookies”). These Functionality Cookies remain on your device for an extended period of time. When you revisit our Websites we recognize Functionality Cookies and remember your preferences or can automatically log you on to the website. Personal information on our system may be associated with Functionality Cookies but the cookies themselves do not contain any of your personal information. Finally we may use “Behaviorally Targeting Advertising Cookies” which collect information about your browsing habits to make advertising relevant to you and your interests. You have the option to reject the Websites’ cookies and still use the Websites. However, your access to the Website may be limited. Further general information about cookies and how they work is available at www.allaboutcookies.org.
We may from time to time allow selected third parties to place cookies through the Websites to provide us with better insights into the use of the Websites or user demographics or to provide relevant advertising to you. These third parties may collect information about a consumer’s online activities over time and across different websites when he or she uses our Websites. We may also permit third party service providers to place cookies through our Websites to perform analytic or marketing functions where you are notified of them and you have consented to the usage. We do not control the use of such third-party cookies or the resulting information and we are not responsible for any actions or policies of such third parties.
We do not use technology that recognizes a “do-not-track” signal from your web browser.
TYPES OF PERSONAL INFORMATION COLLECTED
LifeOmic may collect, store and use personally identifiable information that you provide or we receive from others, such as:
- Registration information when you create an account with us (such as name, email address, postal address, telephone number and email preferences). In the registration form, you may have an opportunity to elect to receive certain communications from us.
- Information you submit when contacting us (such as your name, contact information and any other information you choose to submit).
- Information from third parties (such as information submitted by a physician or job references or background checks if you apply for a job).
- Order information when you place an order with us (such as your name or contact information).
- Payment information if you make a payment through our Websites (such as payment card, billing and shipping information in addition to your contact information).
- Job application information if you choose to apply for a position with LifeOmic through our Jobs Page (such as your resume, contact information, employment and education history, and other related information; we may also receive information from references your identify and other third parties (for instance background checks)).
We may use third party services for processing payments or job applications through the Websites. Information you provide may be linked to other information that we have about you including data we automatically collect when you visit our Websites and information we have received from third parties.
USE OF PERSONAL INFORMATION
We may use your personal information for our general commercial purposes such as to improve our Websites and to offer you information which LifeOmic believes may be of interest to you. This may include the following purposes, for example:
- to contact you,
- to improve this site and expand our business,
- to provide you with information that you have requested,
- If you are a healthcare provider or patient ordering our Services, to contact you about research opportunities, clinical trials, or clinical treatments for you or your patients when appropriate,
- to provide information about our Websites and related clinical and research information,
- to respond to your inquiries,
- to provide you with technical support,
- to enforce our Terms and Conditions and other policies governing use of the Websites,
- to alert you to new features or enhancements to our services,
- to communicate with you about your transactions or potential transactions with us,
- to administer your account including processing of payments,
- to ensure that our Websites and our Services function in an effective manner for you,
- to keep our Websites safe and secure, and
- to measure or understand the effectiveness of advertising and outreach.
We may combine your information with other information about you that is available to us, including information from other sources. LifeOmic will keep resumes confidential and will use them only for employment purposes. Use for any other purpose will be with your explicit consent.
LifeOmic will not sell or rent your personally identifiable information to any other company or organization for direct marketing purposes. We may reveal information about you to unaffiliated third parties:
- if you request or authorize it;
- if the information is provided to help complete a transaction for you;
- if the disclosure is done as part of a purchase, transfer or sale of services or assets (e.g., in the event that substantially all of our assets are acquired by another party, customer information may be one of the transferred assets);
- if the information is provided to our agents, outside vendors or service providers to perform functions on our behalf (e.g., analyzing data, providing marketing assistance, providing customer service, processing orders, etc.); or
USE AND DISCLOSURE OF DE-IDENTIFIED INFORMATION
“De-identified” means that we have removed, or rendered unreadable through complex computational algorithms, your personally-identifiable information, such as your name, address, or birthdate. We may use de-identified information that we have obtained from our Services for various purposes, including for example:
- In accordance with regulatory requirements, we may de-identify, store and use patients’ samples and information for internal quality control, validation, and research and development. This is important for LifeOmic to maintain high quality genetic testing and to develop new genetic tests. We may use de-identified information as permitted by law.
- In accordance with regulatory requirements, we may also share de-identified patients’ samples and information with other laboratories for quality assurance and validation purposes. Such sharing is essential to having high quality genetic testing within the community of testing laboratories.
- We may contribute de-identified genetic variants that we have observed in the course of providing our Services to publicly available databases such as ClinVar. We do this to increase understanding and raise awareness of the significance of genetic variants within the medical and scientific communities.
- We may use or disclose de-identified patient information for general research purposes. This may include research collaborations with third parties, such as universities, hospitals or other laboratories, in which we utilize de-identified clinical cases, at the individual level or in the aggregate, in accordance with our study protocols, and we may present or publish such information. This may also include commercial collaborations with private companies for purposes such as to determine the prevalence of particular disorders or variants among the patients we have tested, or to determine whether any of the patients we have tested might be suitable for potential recruitment for research, clinical trials, or clinical care; however, we will not directly contact these patients about these opportunities without their prior written consent.
We use reasonable technical, administrative and physical measures to protect information contained in our system against misuse, loss or alteration. Information that you provide to LifeOmic through these Websites is encrypted using industry standard Secure Sockets Layer (SSL) technology, with the exception of information you send via email. Your information is processed and stored on controlled servers with restricted access. Unfortunately, no method of electronic transmission is 100% secure, so we cannot ensure or warrant the security of any information you transmit to our Websites, and you do so at your own risk. Please keep your user name, password, ID numbers, or other special access credentials secure; if we receive instructions using your log-in information we will consider that you have authorized the instructions.
INFORMATION ACCESS, UPDATES AND CHOICE
When LifeOmic has Healthcare Organization, Physician and/or Patient Portals activated at a future time, you can update, amend or delete your account information and preferences at any time by visiting the My Account page after logging in.
LifeOmic email correspondence will include instructions on how to update certain personal information and how to unsubscribe from our emails and postal mail correspondence. Please follow the instructions in the emails to notify LifeOmic of changes to your name, email address and preference information. LifeOmic will take reasonable steps, such as confirmation emails, to verify your identity before granting access to your personal information.
If you choose to unsubscribe from our email and/or postal mail services, you will no longer receive this type of promotional correspondence. We will still be able to communicate with you about your account and your transactions with us. LifeOmic may retain your information for a period of time to resolve disputes, troubleshoot problems or for other valid business or legal reasons.
You can choose to delete or block cookies by setting your browser to either reject all cookies or to allow cookies only from selected sites. If you block cookies performance of the Site may be impaired and certain features may not function at all.
THIRD PARTY INFORMATION
You agree that you have provided notice to, and obtained consent from, any third party individuals whose personal information you supply to us, including with regard to: (a) the purposes for which such third party’s personal information has been collected; (b) the intended recipients or categories of recipients of the third party’s personal information; (c) which of the third party’s information is obligatory and which information, if any, is voluntary; and (d) how the third party can access and, if necessary, rectify the information held about them.
The LifeOmic Websites are directed toward adults. If you are under the age of 13, you must obtain the authorization of a responsible adult (parent, legal custodian, or teacher) before using or accessing our Websites. We will not knowingly collect or use any personal information from any children under the age of 13. If we become aware that we have collected any personal information from children under 13, we will promptly remove such information from our databases.
The LifeOmic Websites may contain links to external websites. LifeOmic does not maintain these sites and is not responsible for the privacy practices of sites that it does not operate. Please refer to the specific privacy policies posted on these sites.
- Users – The Physician’s Portal is only for the use of physicians and their authorized representatives as stated in the Terms and Conditions of Use for the Physician Portal.
- Protected Health Information – The Physician’s Portal is used for the storage and transmission of Protected Health Information between LifeOmic and physicians and their authorized representatives. Protected Health Information is used in accordance with the Health Information Portability and Accountability Act (HIPAA) and applicable federal and state laws governing patient privacy. Protected Health Information available on the Physician’s Portal may only be used or disclosed for treatment and other authorized purposes as stated in the Notice of Privacy Practices.
- Security Measures – Information accessed through this Physician’s Portal, including Protected Health Information, is secured using administrative, physical and technical safeguards. For example, the transfer of information is encrypted using industry standard Secure Sockets Layer (SSL) technology and information is stored on controlled servers with restricted access. All access is password protected and each individual user has his/her own user name and password. All access is tracked at LifeOmic for security purposes.
These Websites are owned and operated by LifeOmic, Inc. You can contact us using the Contact Us page or by mail at 351 West 10th Street, Indianapolis, IN 46202.
Notice of Privacy Practices
THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.
EFFECTIVE DATE OF NOTICE: July 2017
LifeOmic, Inc. has the following legal duties and privacy practices for your medical information. This Notice describes the privacy practices of LifeOmic, its employees and other personnel (“LifeOmic,” “we” or “us”).
I. Our responsibility
LifeOmic and the members of its workforce are committed to protecting the privacy and confidentiality of your personal information, genetic information, and laboratory test results, together called Protected Health Information (PHI).
LifeOmic is also required by law, by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) to keep your PHI confidential. This Notice describes our legal duties and privacy practices, and explains your patient privacy rights. When we use or disclose your PHI we are required to abide by the terms of this Notice.
II. What is protected health information (PHI)
Protected Health Information (PHI) is your demographic information, medical history, laboratory results, insurance information and other health information that is collected, generated, used, and communicated by LifeOmic to produce genetic testing results and to bill for our testing services. Examples of PHI include your name, date of birth, medical record number, social security number, insurance beneficiary number, and genetic information.
III. How we use and disclose your health information
Your PHI may be used and disclosed for treatment, payment, healthcare operations and other purposes permitted or required by law. LifeOmic may use and disclose your PHI for the following purposes:
We may use or disclose your PHI for treatment purposes. For example, we may use your PHI to perform our testing services and disclose your genetic testing results to your physician and other healthcare providers involved in your care.
We may use or disclose your PHI to obtain payment for healthcare services we provide. For example, we may use and disclose your information to send a bill to your insurance company or health plan to receive payment for the services provided to you.
HEALTH CARE OPERATIONS
We may use and disclose your PHI for our healthcare operations. For example, we may use your PHI to monitor the quality of our testing services and review the competence and qualifications of our laboratory professionals.
PERSONS INVOLVED IN YOUR CARE OR PAYMENT FOR YOUR CARE
We may disclose your PHI to persons involved in your care or payment for your care, such as a parent or a family member, relative, or close friend that you have designated as a personal representative to have access to your information.
We may disclose PHI about you to your authorized personal representative, such as a lawyer, administrator, executor or other authorized person responsible for you or your estate.
MINORS’ PROTECTED HEALTH INFORMATION
We may disclose PHI about minors to their parents or legal guardians.
While LifeOmic does not anticipate having access to your psychotherapy notes, LifeOmic may use or disclose your psychotherapy notes as required by law; for treatment, payment, or health care operations; to defend itself in a legal action or other proceeding brought by you; or to avert a serious threat to health or safety. Any other use and disclosure of your psychotherapy notes requires your written authorization.
COMMUNICATIONS ABOUT PRODUCTS AND SERVICES
We may use and disclose your PHI to contact you about other LifeOmic products and services which we believe may be of interest to you. Otherwise, any use or disclosure of PHI for marketing purposes requires your written authorization.
SALE OF YOUR INFORMATION
LifeOmic will never sell your PHI to third parties unless you provide written authorization.
DISCLOSURES TO BUSINESS ASSOCIATES
We may disclose your PHI to other companies or individuals (i.e. “Business Associates”) who provide services to us. For example, we may use a company to perform billing services on our behalf. Our Business Associates are required to protect the privacy and security of your PHI and notify us of any improper disclosure of information.
AS REQUIRED BY LAW
We must disclose your PHI when required to do so by any applicable federal, state or local law.
PUBLIC HEALTH ACTIVITIES
We may disclose your PHI for public health-related activities. Examples include: reporting diseases to authorized public health authorities; public health investigations; or notifying a manufacturer of a product regulated by the U.S. Food and Drug Administration of a possible problem encountered when using the product in our testing process.
HEALTH OVERSIGHT ACTIVITIES
We may disclose your PHI to a healthcare oversight agency for activities that are authorized by law, such as audits, investigations, inspections and licensure activities. For example, we may disclose your PHI to agencies responsible for ensuring compliance with the rules of government health programs such as Medicare or Medicaid.
Under certain circumstances, we may use or disclose your PHI for research purposes. All research projects at LifeOmic are subject to review by a committee responsible for ensuring the protection of individual research subjects, appropriate patient authorization, and an adequate plan to safeguard Protect Health Information. In preparation for research, we may review limited PHI to draft research protocols, to identify prospective research participants, or for similar purposes provided the information remains secured and accessible only to LifeOmic authorized parties.
CORONERS, MEDICAL EXAMINERS, AND FUNERAL DIRECTORS
We may disclose PHI to coroners, medical examiners, or funeral directors to identify a deceased patient, to determine cause of death, or other duty authorized by law.
JUDICIAL AND ADMINISTRATIVE PROCEEDINGS
Under certain circumstances, we may disclose your PHI in the course of a judicial or administrative proceeding in response to a court order, subpoena or other lawful process.
We may disclose your PHI to the police or other law enforcement officials as required by law or in compliance with a court order, warrant, subpoena, summons, or other legal process for locating a suspect, fugitive, witness, missing person, or victim of a crime.
THREATS TO HEALTH OR SAFETY
We may disclose PHI to prevent or reduce the risk of a serious and imminent threat to the health or safety of an individual or the general public.
VICTIMS OF ABUSE, NEGLECT, OR VIOLENCE
If required or authorized by law, we may disclose PHI to a government agency, such as social services or a protective services agency, if we reasonably believe that an individual adult or child is the victim of abuse, neglect, or domestic violence.
SPECIALIZED GOVERNMENT FUNCTIONS
Under certain circumstances, we may disclose your PHI to units of the government with special functions, such as the U.S. Military or the U.S. Department of State.
WORKERS COMPENSATION PROGRAMS
We may disclose your PHI as necessary to comply with requirements of workers’ compensation or similar programs that provide benefits for work-related injuries or illness.
ALL OTHER USES AND DISCLOSURES OF PHI
We will ask for your written authorization before using or disclosing your PHI for any purpose not described above. You may revoke your authorization, in writing, at any time, except for disclosures that the company has already acted upon. A revocation of authorization must be submitted to the Privacy Officer at the address listed in Section VIII below.
ACCOUNTING OF DISCLOSURE
LifeOmic will keep a detailed record of all disclosure of you PHI.
IV. Your rights regarding your medical information
You have the following rights with respect to your PHI. To exercise any of these rights, please contact our Privacy Officer using the contact information provided at the end of this Notice.
ACCESS TO PROTECTED HEALTH INFORMATION
You, or your authorized or designated personal representative, have the right to inspect and receive a copy of the PHI maintained by us. We may deny access to certain information for specific reasons, for example, where Federal and state laws regulating laboratories prohibit us from disclosing testing results directly to a patient.
RESTRICTIONS ON USES AND DISCLOSURES
You have the right to request restrictions on our use and disclosure of your PHI. While we will consider all requests for additional restrictions carefully, we are not required to agree to a requested restriction except for Payment or Operations restrictions where payment has been made “out-of-pocket” and paid-in-full. If we do agree to a requested restriction, we will notify you in writing.
You have the right to request that we communicate with you about your PHI by alternative means or to an alternative address. Your request must be in writing and must specify the alternative means or location. We will accommodate reasonable requests for confidential communications.
CORRECT OR UPDATE INFORMATION
If you believe the PHI we maintain about you contains an error, you may request that we correct or update your information. Your request must be in writing and must explain why the information should be corrected or updated. We may deny your request under certain circumstances and provide a written explanation.
ACCOUNTING OF DISCLOSURES
You may request a list, or accounting, of certain disclosures of your PHI made by us or our business associates for purposes other than treatment, payment, healthcare operations and certain other activities. The request must be in writing and the list will include disclosures made within the prior six years.
V. Information breach notification
We are required to notify you following the discovery a breach of unsecured PHI, unless there is a demonstration, based on a risk assessment, that there is a “low probability” that the PHI has been compromised. You will be notified in a timely fashion no later than 60 days after discovery of the breach.
VI. Questions and complaints
If you have questions or concerns about our privacy practices or would like a more detailed explanation about your privacy rights, please contact our Privacy Office using the contact information below.
If you believe that we may have violated your privacy rights, you may submit a complaint to our Privacy Office.
You may also call, write or e-mail your complaint to any of the following:
- directly to the laboratory management,
- Centers for Medicare & Medicaid Services (CMS) Central Office, Division of Laboratory Services (CLIA),
- CMS Regional Office,
- the State Agency (SA) or State Department of Health where the laboratory is located,
- the laboratory’s accreditation organization, if applicable or known,
- the laboratory’s exempt State office or State licensure program, if applicable or known, or
- U.S. Department of Health and Human Services.
- LifeOmic will not take retaliatory action against you and you will not be penalized in any way if you choose to file a complaint with us or with an agency.
VII. Changes to our notice of privacy practices
We reserve the right to change our privacy practices and the terms of this Notice at any time, provided such changes are permitted by applicable law. We will promptly post any changes to this Notice on our website at www.LifeOmic.com. Please review this website periodically to ensure that you are aware of any updates.
VIII. Contact information
When communicating with us regarding this Notice, our privacy practices, or your privacy rights, please contact the Privacy Officer using the following contact information:
Attention: Privacy Officer
351 West 10th Street
Indianapolis, IN 46202
Agency contact information for filing a complaint:
Centers for Medicare & Medicaid Services (CMS) Central Office Division of Laboratory Services (CLIA), in Baltimore, Maryland
410-786-3531 locally or 1-877-267-2323 (toll free) extension 63531
U.S. Department of Health and Human Services Office of Civil Rights