HIPAA Compliance

 Diagnomics Lab
Last Updated: February 23, 2025

At Diagnomics Lab, we are committed to protecting the privacy and security of your health information. As a biotechnology company specializing in genomics analysis for research and clinical sample DNA testing, we adhere to the standards set forth by the Health Insurance Portability and Accountability Act (HIPAA) when handling protected health information (PHI). This statement outlines our dedication to safeguarding your data and ensuring compliance with federal regulations.

We understand the sensitivity of genetic and health-related information. Whether we are conducting DNA testing for clinical purposes or analyzing genomic data for research, we prioritize the confidentiality, integrity, and security of all PHI entrusted to us. Our policies and procedures are designed to meet or exceed HIPAA requirements, ensuring that your information is handled responsibly and ethically.

HIPAA is a federal law that establishes standards for protecting the privacy and security of individuals’ health information. It applies to covered entities, such as healthcare providers, and their business associates, like Diagnomics Lab, when we process PHI on behalf of those entities. Under HIPAA, PHI includes any individually identifiable health information, such as genetic test results, that we create, receive, maintain, or transmit.

To safeguard your information, we have implemented the following measures:

1. Secure Data Handling
   We use advanced encryption and secure storage systems to protect your PHI, including genomic data and clinical test results, whether it’s stored electronically or in physical form.
2. Access Controls
   Only authorized personnel with a legitimate need to access PHI for treatment, payment, or healthcare operations (TPO) purposes are permitted to do so. We maintain strict access controls and regularly audit our systems to prevent unauthorized use or disclosure.
3. Employee Training
   Our staff undergoes comprehensive training on HIPAA regulations and our internal privacy policies to ensure they understand their responsibilities in protecting your information.
4. Business Associate Agreements (BAAs)
   When working with healthcare providers, research partners, or other entities, we enter into BAAs to ensure that all parties involved in handling PHI comply with HIPAA standards.
5. Individual Rights
   Under HIPAA, you have the right to access your PHI, request corrections, and receive an accounting of disclosures. If we process your data as a covered entity, we honor these rights and provide clear processes for you to exercise them.
6. Breach Notification
   In the unlikely event of a data breach, we have protocols in place to promptly investigate, mitigate harm, and notify affected individuals and regulatory authorities as required by law.
7. Research Protections
   For genomics research, we de-identify data whenever possible to protect your privacy. When PHI is used, it is only with proper authorization or as permitted by HIPAA for research purposes.

Genetic information, including DNA test results, is explicitly protected under HIPAA as PHI. We ensure that any clinical or research use of your genetic data complies with federal regulations, including the Genetic Information Nondiscrimination Act (GINA), where applicable. Your genetic information will never be shared without your explicit consent, except as required by law or for TPO purposes.

If you have questions about our HIPAA compliance practices, wish to exercise your rights under HIPAA, or need assistance regarding your PHI, please reach out to our Privacy Officer:

• Email: info@diagnomicslab.com
• Phone: (800) 605-8422
• Mail: Diagnomics Lab, Attn: Privacy Officer, 5050 Murphy Canyon Rd. #150, San Diego, CA 92123

We may update this HIPAA Compliance Statement from time to time to reflect changes in our practices or legal requirements. The most current version will always be available on this webpage, with the “Last Updated” date noted above.