Thursday, March 21, 2019, 08:26 AM
(888) HEMATO-1

HEMATOGENIX LABORATORY SERVICES LIMITED (“Hematogenix”)
NOTICE OF PRIVACY PRACTICES

EFFECTIVE 25 MAY 2018

Privacy Policy Notice

  1. Personal data collection
  2. Your personal data processing
  3. Your personal data shared with Third-Party
  4. Your individual rights
  5. Internet cookies
  6. Data security and protection
  7. Transparent Privacy Explanations
  8. Retention of your personal data
  9. Changes to the terms of this Privacy Policy
  10. How to contact Hematogenix

Policy

This privacy policy notice is for this website www.hematogenix.com and served by Hematogenix Laboratory Services limited, 19g26, Mereside, Alderley Park, Macclesfield, Cheshire, SK10 4TG and governs the privacy of those who use it. The purpose of this policy is to explain to you how we control, process, handle and protect your personal information while browsing or using this website, including your rights under current laws and regulations. If you do not agree to the following policy, you may wish to cease using this website.

Policy key definitions:

  • "I", "our", "us", or "we" refer to the business, Hematogenix Laboratory Services limited.
  • "you", "the user" refer to the person(s) using this website.
  • GDPR means General Data Protection Act.
  • PECR means Privacy & Electronic Communications Regulation.
  • ICO means Information Commissioner's Office.
  • Cookies mean small files stored on a user’s computer or device.
  1. Personal data collection

We only collect personal data that you want to provide to us or that is needed to provide our service to you. Your personal data such as name and e-mail address we collect directly as well as connection and system information.

Your consent is the legal basis for the processing of your personal data and/or any other applicable legal basis, such as our legitimate interest in engaging in commerce and offering services of value to you.

Any consent you provide may be withdrawn at any time.

So that we can provide you with information on our services or to respond to your questions or comments you may want to give us your e-mail address, name, telephone number etc.

For users who do not provide their data, or who do not consent to the use of Cookies and similar technologies on this site, some website functionality may be unavailable.

If you choose not to provide your personal data, we will not be able to provide you with our services, support or responses.

If, as determined by Hematogenix Laboratory Services, the lawful basis changes upon which personal information is processed, we will notify data subject about the change and any new lawful basis to be used if required. We shall stop processing personal information if the lawful basis used is no longer relevant.

  1. Your personal processing

Your personal data will only be used for the purposes for which you provided it to Hematogenix Laboratory Services, as indicated to you at the time you provided your personal data. It may be used to administer, support our services, to prevent breaches of security, our contract terms or the law. It may also be disclosed, including a disclosure to entities based outside the European Economic Area (“EEA”), to third parties in the event of a reorganisation of the business, or as otherwise required or permitted by law or applicable regulator.

  1. Your personal shared with Third-Party

Unless required by law Hematogenix will never share your personal data with any Third-Party business organisation that intends to use it for their own purposes. We may transfer or disclose your personal data to data controller to be used for similar purposes, at its discretion, and you consent to such transfer or disclosure.

Data controller to whom your personal data is transferred or disclosed to shall have the same rights and obligations with regard to your personal data as Hematogenix.

We may share your personal data with Third-Parties with your consent, such as those who assist us to perform technical operations, in the strictly limited circumstances.

Third-Party Data Processors who help us administer this website, or process the data submitted to it, may have access to your data:

  • service providers,
  • digital agencies,
  • hosting providers,
  • data storage providers,

and other technical partners.

Some of these business partners may be located outside the country where you accessed this website.

  1. Your individual rights

Under the GDPR your rights are as follows. You can read more about https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/;

  • the right to be informed;
  • the right of access;
  • the right to rectification;
  • the right to erasure;
  • the right to restrict processing;
  • the right to data portability;
  • the right to object; and
  • the right not to be subject to automated decision-making including profiling.

You also have the right to complain to the ICO www.ico.org.uk if you feel there is a problem with the way we are handling your data.

We handle subject access requests in accordance with the GDPR.

  1. Internet cookies

We may use cookies on this website to provide you with a better user experience, by placing a small text file on your device / computer hard drive to track how you use the website, to record or log whether you have seen particular messages that we display, to keep you logged into the website where applicable, to display relevant adverts or content, referred you to a third party website.

Some cookies may be required to enjoy and use the full functionality of this website.

If you do not agree to the usage of cookies, do not use this website. Your continued usage of this website is an act granting permission for the use of cookies. Some cookies will be saved for specific time periods, where others may last indefinitely, minimized to comply with applicable law. Your web browser should provide you with the controls to manage and delete cookies from your device, please see your web browser options.

  1. Data security and protection

The Company implements appropriate technical and organisational measures to ensure and demonstrate compliance with GDPR.

We ensure the security of any personal information we hold by using secure data storage technologies and precise procedures in how we store, access and manage that information.

Regardless of whether personal data is processed electronically or in paper form it’s always safeguarded from unauthorized access and unlawful processing or disclosure, as well as accidental loss, modification or destruction.

New IT systems, technical and organizational measures to protect personal data is defined and implemented before the introduction of new methods of data processing.

These measures are based on the risks of processing, and the need to protect the data determined by the process for information classification.

Our methods meet the GDPR compliance requirement.

  1. Transparent Privacy Explanations

We have provided some further explanations about user privacy and the way we use this website to help promote a transparent and honest user privacy methodology.

  1. Retention of your personal data

We will retain your information only for as long as is necessary for the purposes set out in this policy. Your information will be retained and used only to the extent necessary to comply with our legal obligations (if we are required to retain your information to comply with applicable laws), resolve disputes, and enforce our agreements. We may also retain log files for internal analysis purposes where they are used for website security, to improve website functionality, or we are legally obligated to retain them.

  1. Changes to the terms of this Privacy Policy

We will occasionally make changes and corrections to this Privacy Policy. We’ll let you know if we believe that the changes are material, by following:

  • posting the changes on this site, or
  • sending you an email or message about the changes.

We will also give you the opportunity to consent to these material changes.

Upon the posting of the changes and your acceptance of the changes, they will be effective, which may be through your continued use of the site after the changes take effect.

  1. How to contact Hematogenix

In the event of a disaster of any kind, immediately contact the Hematogenix controller/processor informing them of the disaster via phone or email, and Hematogenix will refer to and implement the respective disaster recovery and business continuity plans and procedures.

The data controller / processor responsible for your personal information for the purposes of the applicable European Union data protection law is:

Mahdy Amine, SVP, General Counsel

Hematogenix Laboratory Service Limited,

19g26, Mereside,

Alderley Park,

Macclesfield,

Cheshire,

SK10 4TG

Telephone:  (708) 444-0444

Email: This email address is being protected from spambots. You need JavaScript enabled to view it.

If you have any questions about this Privacy Notice or our data collection practices, please contact us at the address, telephone number or email listed above and specify your country of residence and the nature of your question.

HEMATOGENIX LABORATORY SERVICES, LLC (“Hematogenix”)
NOTICE OF PRIVACY PRACTICES

THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED, AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE READ THIS NOTICE CAREFULLY.

EFFECTIVE February 1, 2008

Our Commitment to Your Privacy

Hematogenix is dedicated to maintaining the privacy of your PHI. In conducting our business, we will create records regarding you and the treatment and services we provide you. We are required by law to maintain the confidentiality of health information that identifies you. We also are required by law to provide you with this notice of our legal duties and privacy practices concerning your “protected health information” or “PHI.” PHI is information about you, including basic demographic information, that may identify you and that relates to your past, present or future physical or mental health or condition and related health care services. By law, we must follow the terms of the notice of privacy practices that we have in effect at the time.

To summarize, this notice provides you with the following information:

  • How we may use and disclose your PHI,
  • Your privacy rights in your PHI, and
  • Our obligations concerning the use and disclosure of your PHI.

The terms of this notice apply to all records containing your PHI that are created or retained by our organization. We reserve the right to revise or amend our notice of privacy practice. To the extent permitted by law, any revision or amendment to this notice will be effective for all of your records our organization has created or maintained in the past, and for any of your records we may create in the future, and such revisions shall be available at www.Hematogenix.com. If you have any questions about this notice, please contact Hematogenix.

Subject to applicable law, the following categories describe different ways that we may use and disclose your PHI:

  1. Treatment. We may use your PHI to provide and coordinate the treatment and services you receive. Many of the people who work for us may use or disclose your PHI in order to provide supplies and services to you or to assist others in your treatment, such as to perform diagnostic tests, or provide your test results to your physician.
  2. Payment. We may use and disclose your PHI in order to bill and collect payment for the services and supplies you may receive from us. For example, we may contact your health insurer to certify that you are eligible for benefits (and for what range of benefits), and we may provide your insurer with details regarding you and your treatment to determine if your insurer will cover, or pay for your supplies and/or services. We may also use and disclose your PHI to obtain payment from third parties that may be responsible for such costs, such as family members. Also, we may use your PHI to bill you directly for services and supplies.
  3. Health Care Operations. We may use and disclose your PHI to support the operation of our laboratory and monitory the quality of services we provide. For example, we may conduct cost-management and business planning activities for our business.

The following categories describe scenarios beyond treatment, payment and operations in which we may use or disclose your PHI, as permitted or required by law:

  1. Public Health Risk. We may disclose your PHI to public health authorities that are authorized by law to collect information for the purpose of preventing or controlling disease, injury or disability, such as:
    • Maintaining vital records, such as births and deaths
    • Reporting child abuse or neglect
    • Preventing or controlling disease, injury or disability
    • Notifying a person regarding a potential exposure to a communicable disease
    • Notifying a person regarding a potential risk for spreading or contracting a disease or condition
    • Reporting reactions to drugs or problems with products or devices
    • Notifying individuals if a product or device they may be using has been recalled
    • The potential abuse or neglect of an adult patient (including domestic violence); however, we will only disclose this information if the patient agrees or we are required or authorized by law to disclose this information.
  1. Health Oversight Activities. We may disclose your health information to a health oversight agency for activities authorized by law. Oversight activities can include, for example, investigations, inspections, audits, surveys, licensure and disciplinary actions; civil, administrative, and criminal procedures or actions; or other activities necessary for the government to monitor government programs, compliance with civil rights laws and the health care system in general.
  2. Lawsuits and Similar Proceedings. We may use and disclose your PHI in response to a court or administrative order, if you are involved in a lawsuit or similar proceeding. We also may disclose your identifiable health in response to a discovery request, subpoena, or other lawful process by another party involved in a dispute, but only if we have made an effort to inform you of the request or to obtain an order protecting the information the party has requested.
  3. Law Enforcement. We may release PHI if asked to do so by a law enforcement official in response to a valid subpoena or court order, which may be related to one of the following:
    • Regarding a crime victim in certain situations, if we are unable to obtain the person’s agreement
    • Concerning a death we believe might have resulted from criminal conduct
    • Regarding criminal conduct in our offices
    • In response to a warrant, summons, court order, subpoena, or similar legal process
    • To identify/locate a suspect, material witness, fugitive or missing person
    • In an emergency, to report a crime (including the location or victim(s) of the crime, or the description, identity or location of the perpetrator)
  1. Serious Threats to Health or Safety. We may use and disclose your PHI when necessary to reduce or prevent a serious threat to your health and safety or the health and safety of another individual or the public. Under these circumstances, we will only make disclosures to a person or organization able to help prevent the threat.
  2. Military. We may disclose your PHI if you are a member of U.S. or foreign military forces (including veterans) and if required by the appropriate military command facilities.
  3. National Security. As authorized by law, we may disclose your PHI to federal officials for intelligence, counterintelligence, to protect the President, and other national security activities authorized by law.
  4. Inmates. As authorized by law, we may disclose your PHI to correctional institutions or law enforcement officials if you are an inmate or under the custody of a law enforcement official. Disclosure for these purposes would be necessary: (a) for the institution to provide health care services to you, (b) for the safety and security of the institution, and/or (c) to protect your health and safety or the health and safety of other individuals.
  5. Workers’ Compensation. We may disclose your PHI to the extent authorized by and to the extent necessary to comply with laws relating to workers’ compensation or other similar programs established by law.
  6. Coroners, Medical Examiners and Funeral Directors. We may disclose health information to a coroner or medical examiner. This may be necessary, for example, to identify a deceased person or determine the cause of death. We may also disclose medical information to funeral directors consistent with applicable law to carry out their duties.
  7. Organ Procurement Organizations. Consistent with applicable law, we may disclose health information to organ procurement organizations or entities engaged in the procurement, banking, or the transportation of organs for the purpose of tissue donation and transplant.
  8. Research. We may disclose information to researchers when their research has been approved by an Institutional Review Board or Privacy Board that has reviewed the research proposal and established protocols to ensure the privacy of your healthcare information.
  9. Business Associates. There are some services provided by Hematogenix through contracts with business associates (e.g., billing services), and we may disclose your PHI to our business associate so that they can perform their agreed upon duties. To protect your information, however, we require the business associate to appropriately safeguard your information.
  10. Food and Drug Administration (FDA): We may disclose to the FDA, or persons under the jurisdiction of the FDA, PHI relative to adverse events with respect to drugs, foods, supplements, products and product defects, or post marketing surveillance information to enable product recalls, repairs, or replacement.
  11. Notification. We may use or disclose your PHI to notify or assist in notifying you, a family member, personal representative, or another person responsible for your care, regarding your location and general condition.
  12. Health-Related Benefits and Services. We may use your PHI to inform you of health-related benefits or services that may be of interest to you.
  13. Release of Information to Family / Friends. We may release your PHI to a friend or family member that is helping you pay for your health care, or who assists in taking care of you.
  14. Disclosures Required By Law. We will use and disclose your PHI when we are required to do so by federal, state or local law.

Your Rights Regarding Your PHI:

  1. Confidential Communications. You have the right to request that we communicate with you about your health and related issues in a particular manner or at a certain location. For instance, you may ask that we contact you at home, rather than work. In order to request a type of confidential communication, you must make a written request to us, specifying the requested method of contact or location where you wish to be contacted. We will accommodate reasonable requests. You do not need to give a reason for your request.
  2. Requesting Restrictions. You have the right to request a restriction in our use or disclosure of your PHI for treatment, payment or health care operations. Additionally, you have the right to request we limit our disclosure of your identifiable health care information to individuals involved in your care or the payment for your care, such as family members and friends. We are not required to agree to your request; however, if we do agree, we are bound by our agreement except when otherwise required by law, in emergencies, or when the information is necessary to treat you. In order to request a restriction in our use or disclosure of your PHI, you must make your request in writing to us. Your request must describe in clear and concise fashion: (a) the information you wish restricted; (b) whether you are requesting to limit our use, disclosure or both; and (c) to whom you want the limits to apply.
  3. Inspection and Copies. Generally, patients are entitled to inspect and obtain a copy of his/her PHI, including patient medical records and billing record. However, because Hematogenix is subject to CLIA, the Clinical Laboratory Improvement Amendments of 1988, the PHI that we maintain may be specifically exempted, to the extent the provision of access to the patient would be prohibited by law. If permissible, you must submit your request in writing to us in order to inspect and/or obtain a copy of your PHI. We may charge a fee for the costs of copying, mailing, labor and supplies associated with your request. We may deny your request to inspect and/or copy in certain limited circumstances; however, you may request a review of our denial. Reviews will be conducted by another licensed health care professional chosen by us.
  4. Amendment. You may ask us to amend your health information if you believe it to be incorrect or incomplete, and you may request an amendment for as long as the information is kept by or for us. To request an amendment, your request must be made in and submitted to us in writing. You must provide us with a reason that supports your request for amendment. We will deny your request if you fail to submit your request (and the reason supporting your request) in writing. Also, we may deny your request if you ask us to amend information that is: (a) accurate and correct; (b) not part of the PHI kept by or for us; (c) not part of the PHI which you would be permitted to inspect and copy; (d) not created by us, unless the individual or entity that created the information is not available to amend the information.
  5. Accounting of Disclosures. To the extent permitted by law, all of our patients have the right to request an “accounting of disclosures.” An “accounting of disclosures” is a list of certain disclosures we have made of your PHI. In order to obtain an accounting of disclosures, you must submit your request in writing to our office. All requests for an “accounting of disclosures” must state a time period which may not be longer than six years and may not include dates before April 14, 2003.
  6. Right to a Paper Copy of This Notice. You are entitled to receive a paper copy of our Notice of Privacy Practices. You may ask us to give you a copy of this notice at any time. To obtain a paper copy of this notice, contact our office.
  7. Right to File a Complaint. If you believe your privacy rights have been violated, you may file a complaint with us or with the Office of Civil Rights, the United States Secretary of Health and Human Services, or any other regulatory board. All complaints must be in writing. You will not be penalized for filing a complaint.
  8. Right to Provide an Authorization for Other Uses and Disclosures. We will obtain your written authorization for uses and disclosures that are not identified by this notice or permitted by applicable law. Any authorization you provide to us regarding the use and disclosure of your PHI may be revoked at any time in writing. After you revoke your authorization, we will no longer use or disclose your PHI for the reasons described in the authorization.