Aperiomics recognizes the importance of protecting the privacy of our customers, users or registrants of our website, or recipients of our products or services. Aperiomics is committed to protecting the privacy of Protected Health Information (PHI) as required by statute and regulatory agencies. For example, the Health Insurance Portability and Accountability Act of 1996 (HIPAA), requires doctors, hospitals, and other health care providers to secure patient PHI. As under HIPAA, some uses and disclosures of PHI may be limited or restricted by state laws or other legal requirements. This policy highlights some of Aperiomics’ privacy policies and practices, and further information can be obtained from Aperiomics upon request.
Disease management: Aperiomics may use or disclose PHI to healthcare providers for treatment strategies, specifically for pathogen identification. Aperiomics may also disclose PHI to healthcare providers or government agencies to manage infectious diseases. Aperiomics will retain pathogen-specific data from genetic testing, but in doing so will discard all human identity specific genetic information. Aperiomics does not use or disclose either personal genetic identification or genetic predisposition to future diseases.
Quality assurance: Aperiomics may use or disclose PHI for healthcare operational purposes such as, for example, evaluating the quality of our laboratory testing, precision, and accuracy of results for accreditation purposes.
Payment for testing services: Aperiomics may use or disclose PHI to collect payment for laboratory genetic testing services ordered by healthcare providers. Aperiomics does not use or disclose personal genetic identification in order to invoice its customers.
Received information and utility: Aperiomics collects customer information for registration and ordering of our services. We use this information to enhance specific genetic testings service lines. We may collect demographic data about our customers to improve our services, for marketing purposes, or for business process development. Also, we may retain e-mails and other information sent to us for our internal administrative purposes, and to help us to address customer needs. We may send our customers updates that provide important information about our existing products and services, or provide information about new products and special offers. Our customers can choose not to receive these communications from us.
Patient Authorization: To the extent required by federal, state, or regulatory agencies, Aperiomics will ask for patient authorization before using or disclosing PHI to any third party.
Judicial or administrative proceedings: Aperiomics may be obligated, pursuant to subpoena, to disclose PHI for judicial or administrative proceedings. Aperiomics will make reasonable business efforts to obtain patient permission or a protective order if such disclosure is required.
Cyber Security: It is Aperiomics’ core policy to protect identity and personal information against any unauthorized access or release. Access to all customer information is restricted to authorized individuals. Access controls, such as passwords or PIN numbers, are required to access any patient or customer information. Payment information transmitted to Aperiomics online (such as credit card information) is encrypted and stored securely. Authorized employees can access this information for billing or payment purposes only. All servers on which we store personal information are controlled in a secure environment.
Notification: In the event of a data breach, Aperiomics will notify customers and the Secretary of Health and Human Services as required by HIPAA.