Effective Date: 08/21/2024
1. Introduction
Promus Diagnostics, LLC ("we," "us," or "our") is committed to protecting your privacy and ensuring the security of your personal data. This Privacy Policy outlines how we collect, use, share, and protect your personal information when you use our services, including high-complexity laboratory testing for clinics, hospitals, and direct-to-consumer clients. Promus Diagnostics, LLC is CAP (College of American Pathologists) and CLIA (Clinical Laboratory Improvement Amendments) certified, ensuring the highest standards in medical testing and data protection.
2. Scope of This Policy
This Privacy Policy applies to all personal data collected and processed by Promus Diagnostics, LLC in connection with the services we provide. This includes data collected through our website, direct interactions, or through our partners (clinics, hospitals, and other healthcare providers).
3. Data We Collect
We collect and process the following categories of personal data:
a. Personal Identification Information:
-
Full name
-
Date of birth
-
Contact information (e.g., phone number, email address, mailing address)
b. Medical and Health Information:
-
Test results
-
Medical history (if relevant to testing)
-
Physician notes and referrals
c. Financial and Billing Information:
-
Payment details
-
Insurance information
d. Technical Data (for website visitors):
-
IP address
-
Browser type and version
-
Operating system
4. How We Collect Personal Data
We collect personal data in the following ways:
-
Directly from You: When you provide information during registration, payment, or when interacting with our customer service.
-
From Healthcare Providers: When clinics, hospitals, or healthcare professionals submit samples and related medical information for testing.
-
Automatically: When you visit our website, certain technical data is automatically collected.
5. Purpose of Data Collection and Processing
We process personal data for the following purposes:
-
Medical Testing: To perform high-complexity laboratory tests and deliver accurate results.
-
Reporting and Communication: To report results to healthcare providers, patients, and other authorized parties.
-
Billing and Payments: To process payments and manage insurance claims.
-
Regulatory Compliance: To comply with legal obligations, including CAP, CLIA, and GDPR requirements.
-
Customer Support: To address inquiries, resolve issues, and improve our services.
-
Marketing (with consent): To send updates, promotions, and news related to our services.
6. Legal Basis for Processing
We process personal data based on the following legal grounds:
-
Contractual Obligation: To fulfill the contractual agreements with clinics, hospitals, and consumers.
-
Legal Compliance: To meet regulatory and legal obligations under applicable laws.
-
Legitimate Interest: To improve our services and maintain operational efficiency.
-
Consent: For direct-to-consumer marketing and non-essential communications (where applicable).
7. Data Sharing and Disclosure
We may share personal data with:
-
Healthcare Providers: For reporting test results and coordinating care.
-
Regulatory Bodies: To comply with CAP, CLIA, and GDPR regulations.
-
Service Providers: Third parties who assist in payment processing, IT support, and laboratory operations.
-
Legal Authorities: When required by law or in response to valid legal processes.
8. Data Retention
Personal data is retained for as long as necessary to fulfill the purposes for which it was collected and processed, including for legal, accounting, or reporting requirements. Specifically:
-
Medical Test Data: Retained for a minimum of [insert years, e.g., 7 years] in compliance with CAP and CLIA guidelines.
-
Billing Information: Retained for [insert years] for tax and financial compliance.
-
Website Data: Retained for a shorter period unless used for security or legal investigations.
9. Data Security
We implement appropriate technical and organizational measures to ensure the security of your personal data, including encryption, secure access controls, and regular audits. All data is stored in compliance with CAP and CLIA regulations and industry best practices.
10. Your Data Protection Rights
Under the GDPR, you have the following rights:
-
Right to Access: You can request copies of your personal data.
-
Right to Rectification: You can ask us to correct any inaccurate or incomplete data.
-
Right to Erasure: You can request that we delete your personal data, subject to legal and contractual limitations.
-
Right to Restrict Processing: You can request that we limit the processing of your data.
-
Right to Data Portability: You can request that your data be transferred to another organization.
-
Right to Object: You can object to the processing of your data for certain purposes, such as marketing.
To exercise these rights, please contact us.
11. International Data Transfers
We may transfer personal data to countries outside of the European Economic Area (EEA). When we do so, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses or equivalent mechanisms.
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. Any changes will be posted on our website, and we will notify you of significant updates via email or other communication methods.
13. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us:
Promus Diagnostics, LLC
525 S. Kimball Avenue
Southlake, TX 76092
(817) 778-9210

PRIVACY STATEMENT
