We Take Protecting Your Health Information Seriously.

To our ResearchDx, Inc (“ResearchDx”) Customer: This notice of Privacy Practices details how ResearchDx, its employees, and volunteers may use and disclose your protected health information (PHI) for purposes of testing or treatment, health care operations, payment, and for other reasons that are allowed or required by law. ResearchDx believes in protecting the security and confidentiality of the information that we collect from you and about you.

Protected health information is defined as individually identifiable health information that is maintained or transmitted in any form. These rights and responsibilities are established once a client engages in a contract with ResearchDx and entities affiliated with, controlled by, or under common control with it. The currently affiliated entities include ResearchDx, Inc,  ResearchDx, Inc. dba Custom Diagnostics, and ResearchDx, Inc. dba Pacific Diagnostics.


We are required by law to:

  • Ensure that medical information that identifies you is kept private
  • Provide this notice of privacy practices and legal obligations in regards to your medical information
  • Follow the terms of this notice

How we may disclose your protected health information (PHI) as required by law:

As required by law — we will disclose medical information about you when required to do so by state, federal or local laws.

Health Oversight — we will disclose medical information as required by law to a health oversight entity for activities authorized by law such as investigations, inspections, audits or licensure. The government uses such activities to monitor government programs, health care systems, and civil rights laws.

For Serious Health and Safety Reasons — we will disclose medical information about you when we believe it is necessary to prevent a serious threat to your health and safety or the health and safety of someone else or the public. The disclosure would be made only to someone to help prevent the threat.

Public Health — we will disclose medical information about you for public health reporting as required by state and federal law such as:

  1. To prevent or control disease, injury, or disability
  2. To report child abuse or neglect
  3. To report births and deaths
  4. To report reactions to medications or problems with products
  5. To notify people of recalls of products they may have used
  6. To notify a person who may have been exposed to a disease or may be at risk for contracting or spreading a disease
  7. To notify the correct governmental authority if we believe a patient has been the victim of abuse, neglect or domestic violence.

We will only make this disclosure if authorized by law or agreed to by you.

Law Enforcement — We will release medical information if asked to do so by a law enforcement official and if permitted by law in these instances:

  1. In response to a court order
  2. To identify or locate a suspect
  3. If required by state or federal law
  4. About the victim of a crime if under limited circumstances we are unable to obtain the person’s agreement
  5. About a death we believe may be the result of criminal conduct
  6. About criminal conduct on our business premises
  7. In emergency circumstances to report a crime, the location of the crime or victims or the identity, description, or location of the person who committed the crime

Lawsuits and Disputes — we will disclose medical information about you when properly ordered to do so by a court


How we may use and disclose medical information about you.

The following categories will describe how we will use and disclose medical information:

For Treatment — We may use medical information about you to provide you with medical treatment or services. We may disclose medical information about you to doctors, nurses, therapists, social workers, technicians, or other providers personnel who are involved in taking care of you. We may disclose medical information about you to people outside of our office, such as other health care providers and family members, clergy, or others who are involved in your medical care, for example, providing your doctor with your laboratory test results.

For Payment — We may use and disclose medical information about you in order that services you receive at ResearchDx or other health care providers from whom you receive treatment may be billed to and payment may be collected from you, an insurance company, or a third party. For example, ResearchDx may provide protected health information to your healthcare plan in order to receive payment for our services.

For Health Care Operations — We may use or disclose your protected health information for health care operations purposes, such as to assess the quality and accuracy of our results, performance of our personnel in caring for you, accreditation purposes, or for ResearchDx’s operation and management purposes. We may also disclose your medical information to other health care providers or health care plans that are involved in your care for their health care operations.

For Appointment Reminders and Health-Related Benefits and Services – We may use and disclose medical information to contact you as a reminder that you have an appointment for treatment or medical care.

  • Business Associates — We may disclose protected health information to business associates that provide business services to ResearchDx. Every Business Associate must maintain the confidentiality of your protected health information. ResearchDx may also disclose PHI to business associates of your healthcare provider or health care plan at their request in order to perform certain business functions or services.
  • Individuals Involved in Your Care or Payment for Your Care — We may release certain limited information about you to a friend or family member who is involved in your care or helps pay for your care. In addition, we may disclose medical information about you to an entity assisting in disaster relief so that your family can be notified about your condition, status, and location. As allowed by federal and state laws we may disclose PHI of minors to their parents or legal guardians.
  • Coroners, Medical Examiners, and Funeral Directors — We may disclose your private health information to a coroner, medical examiner, or funeral director in order to identify a deceased person, determine the cause of death, or for performing another duty authorized by law.
  • Personal Representative — We may disclose protected health information to your personal representative, as established by law, or to an administrator, executor or other authorized individual associated with your estate.
  • Research — Under certain circumstances, we may use and disclose medical information about you for research purposes. All research projects must meet a special approval process that evaluates research project needs in balance with patient privacy needs. We will ask for your specific permission if any research personnel have access to your name, address, or other protected health information.
  • Military and Veterans — If you are a member of the Armed Forces, we may release PHI about you as required by military command authorities. If you are foreign a military, we may release medical information to the appropriate foreign military authority.
  • Inmates — If you are an inmate of a correctional institution or in the custody of law enforcement, we may release medical information about you to the correctional facility or the law enforcement official. This release could occur for the correctional institution to provide you with health care, to protect your health and safety or that of others, and for the safety and security of the correctional institution.
  • National Security and Intelligence Activities — We may release PHI about you to authorized federal officials for intelligence, counterintelligence, or other national security activities authorized by law.

Your Rights Regarding Your Protected Health Information (PHI)

  • You have a right to inspect and receive a copy of medical information that may be used to make a decision about your care. Copies may be electronic or paper.
  • You have a right to amend PHI that we have about you that is incomplete or incorrect. To request an amendment, your request must be made in writing and submitted to our Privacy Officer at ResearchDx, 5 Mason, Irvine, CA 92618.
  • You must provide a reason that supports your request. We may deny the request if you ask us to amend information that was not created by us, is not part of the medical information kept by our office, is not part of the information that you are permitted to inspect and copy, or is not accurate and complete.
  • You have a right to an accounting of disclosures. There is a list of the disclosures of the medical information we made about you. Your accounting of disclosures will not list certain uses and disclosures that are exempt from the accounting requirement by federal or state law. To request this list, you must submit in writing your request for the time period which cannot be longer than six years. Your request must specify electronic or paper and the first list will be free. Subsequent lists will require a charge for costs incurred which we will notify you of. You may withdraw your request at that time. Requests should be sent to our Privacy Officer at ResearchDx, 5 Mason, Irvine CA 92618.
  • You have a right to receive a notice of a breach. We will give you written notice in the event we learn of an unauthorized use, acquisition, or disclosure of your medical information that has not been properly secured by HIPAA. We will notify you no later than 60 days after the breach is discovered.
  • You have a right to request restrictions or limitations on how we use or disclose your PHI. For instance, you can request a limit on the medical information disclosed about you to someone who is involved in your care or the payment of your care such as a family member or friend. We are not required to agree with certain requests. If we agree, we will comply with your request unless the information is needed for your emergency treatment. To request restrictions, in writing tell us what information to limit, whether you want to limit our use, disclosure, or both, and to whom you want the limits to apply. Send the request to Privacy Officer, ResearchDx, 5 Mason, Irvine, CA 92618.
  • You have a right to request confidential communications. You may request that we communicate with you about medical matters in a particular way or at a certain location. Your written request must be submitted to the Privacy Officer, ResearchDx, 5 Mason, Irvine CA 92618.
  • You have a right to a paper copy of this notice. You may ask us to give you a copy of this notice at any time, either electronically or a paper copy.

To receive a paper copy of this notice, write the Privacy Officer, ResearchDx, 5 Mason, Irvine CA 92618.


Changes to This Notice

We reserve the right to change this notice at any time. We reserve the right to make the changed or revised notice effective for PHI we already have about you as well as any information that we may receive in the future. We will have on hand a current copy of the notice in our facility. The notice will contain on the first page in the lower right-hand corner the effective date.


Complaints

If you believe your privacy rights have been violated, you may file a complaint in writing with HIPAA Privacy Officer or with the Secretary of the Department of Health and Human Services. Please call our Privacy Officer at 1-949-812-6902 prior to filing a complaint. You will not be penalized for filing a complaint.


Other Uses of Medical Information

Other uses and disclosures of medical information not covered by this notice or applicable laws will be made only with your written permission. If you provide your permission to use or disclose medical information about you, you may revoke that permission in writing at any time.


Questions & Comments

If you have any questions or comments about this notice of Privacy Practices, you may contact us at privacy@researchdx.com.