WEB SITE PRIVACY STATEMENT
Effective as of February 1, 2013. Revised August 5, 2016

Welcome to our Web site (“Web site” or “Site”) operated by or on behalf of EpicGenetics, Inc. (“EpicGenetics,” “we” or “us”). Your privacy is important to us. EpicGenetics has established this Privacy Policy Statement (“Privacy Statement”) to inform you of what data we collect from you when you visit our Site; how we use such data; and whether and to whom we share such data. It is our policy to protect your personal information and to use it only in accordance with this Privacy Statement. This Privacy Statement only governs our use and disclosure of information collected through this Site. Please read this Privacy Statement carefully. Using our Site is voluntary, and by using or accessing this Web site in any way, or by transmitting information to us by e-mail or other electronic means, you: acknowledge that you have read and understood this Privacy Statement; agree that your access and use of the Site are subject to the Privacy Statement. If you do not agree with the terms of this Privacy Statement, please do not access or use this Web site.

Updates

EpicGenetics may revise this Privacy Statement from time to time. All updates to this Privacy Statement will be posted on this Web site page. Please check this Web site for the most current version of our Privacy Statement. Your continued use of this Web site after we have posted a change to the Privacy Statement on the Web site constitutes your acceptance of such changes.

Linked Web Sites

This Web site may contain links to external web sites. EpicGenetics does not maintain these sites and is not responsible for the privacy practices of sites that it does not operate. Please refer to the specific privacy statements posted on these sites.

Types of Information Collected

a. Non-Personal Information.
 EpicGenetics may track visits to our Web site and use visitor logs and other information to compile anonymous aggregate statistics. In addition, when you browse our Web site, our system automatically collects information such as your web request, Internet Protocol (“IP”) address, browser type, browser language, domain names, referring and exit pages and URLs, platform type, pages viewed and the order of these page views, the amount of time spent on particular pages, the date and time of your request and one or more cookies that may uniquely identify your browser. This information (“Non-Personal Information”) does not identify you personally. We may use this Non-Personal Information to analyze trends, administer the Web site, monitor the effectiveness of the Site and to consider potential improvements to the Site. Non-personal information gathered may also be used in aggregate form for internal business purposes, such as generating statistics and developing marketing plans. We may share or transfer such aggregate, Non-Personal Information with or to our affiliates, licensees and partners. This data may be collected through cookies. For more detailed information on cookies, please refer to the “Use of Cookies” section below.

b. Personally Identifiable Information.
 We only collect certain personally identifiable information about you via this Site when you provide it in connection with a request for information, when you send us feedback or an e-mail, when you register for certain services, or directly in response to inquiries on the Site. (“Personal Information”). In all such cases you choose whether to provide us with the personally identifiable information.

Types of Personal Information Collected

EpicGenetics may collect, store and use personally identifiable information (such as name, e-mail address, postal code and e-mail preferences) about you via this Site (“Personal Information”) when it is voluntarily submitted to us, such as when you register for updates or certain services, or contact us, or when you send us feedback or an e-mail. In all such cases you choose whether to provide us with the Personal Information. EpicGenetics does not, however, seek to collect, store or use via this Web site any protected health information (PHI), as that term is defined in the HIPAA Privacy Rule (see 45 CFR Part 160 and Subparts A and E of Part 164), and we ask that you not send us any such PHI electronically. We are not liable for any consequences relating to disclosures of such information.

Use of Cookies

Certain pages of our Web site and/or html e-mail correspondence may use session cookies, which are small files that our Web site places on the  hard or flash drive of your computer/tablet/smartphone to anonymously track visitors, save Web site preferences and to allow us to recognize visits from the same computer and browser. Certain pages of our Web site and/or html e-mail correspondence may use persistent cookies to anonymously track visitors. These cookies are part of Google Analytics. Google Analytics uses persistent cookies to determine visitor sessions, track traffic sources & navigation, and identify unique visitors and enable us to distinguish between first-time and return visitors to our site. You have the option to reject the Web site’s cookies and still use the Web site. However, your access to the Web site may be limited to certain parts of the site, and/or certain pages, posts, and features.

Children

Our Web site is directed toward adults, so if you are under the age of 13 (thirteen) you must obtain the authorization of a responsible adult (parent or legal custodian) before using or accessing our Web site. We will not knowingly collect or use any personal information from any children under the age of 13. If we become aware that we have collected any personal information from children under 13, we will promptly remove such information from our databases.

Use of Personal Information

We may use your Personal Information to contact you, improve this Site, provide you with information that you have requested or provide you with additional information, which EpicGenetics believes may be of interest to you. We may also use this information to respond to your inquiries, provide you with technical support and enforce our Terms and Conditions and other policies governing use of the Web site. We may combine your information with other information about you that is available to us, including information from other sources. EpicGenetics will keep resumes confidential and will use them only for employment purposes. Use of resumes for any other purpose will be with your explicit consent.

EpicGenetics will not sell or rent your Personal Information to any other company or organization. EpicGenetics may access and/or disclose your personal information to law enforcement officials, regulatory agencies or other third parties as we, in our sole discretion, believe necessary or appropriate in connection with an investigation of illegal activity that may expose us to legal liability or costs, to enforce our policies governing the Web site and for regulatory compliance. EpicGenetics may also disclose your information in connection with corporate restructuring, merger or consolidation with, or sale of substantially all of our assets to a third party. We do not guarantee that any entity receiving such information in connection with one of these transactions will abide by this Privacy Statement.

Security Measures

Information that you provide to EpicGenetics through our Web site is processed and stored on controlled servers with restricted access. UNFORTUNATELY, WE CANNOT ENSURE OR WARRANT THE SECURITY OF ANY INFORMATION YOU TRANSMIT TO OUR WEB SITE, AND YOU DO SO AT YOUR OWN RISK. AS A CONSEQUENCE, EPICGENETICS DISCLAIMS ANY WARRANTIES OR REPRESENTATIONS RELATING TO MAINTENANCE OR NONDISCLOSURE OF PRIVATE INFORMATION.

Information Access, Updates and Choice

You may choose to provide information to EpicGenetics by sending us an e-mail or otherwise contacting us.

Third-Party Information

You agree that you have provided notice to, and obtained consent from, any third-party individuals whose personal information you supply to us, including with regard to: (a) the purposes for which such third party’s personal information has been collected; (b) the intended recipients or categories of recipients of the third party’s personal information; (c) which of the third party’s information is obligatory and which information, if any, is voluntary; and (d) how the third party can access and, if necessary, rectify the information held about them.

Governing Law

Our Web site is controlled and operated by EpicGenetics, Inc. By choosing to visit our Web site or otherwise provide information to EpicGenetics, you agree that any dispute over privacy or the terms contained in this Privacy Statement will be governed by the laws of the State of California. If you are accessing our Web site from any location with regulations or laws governing personal data collection, use or disclosure that differ from United States laws or regulations, please note that through your continued use of our Web site, which is governed by the laws of the State of California and the United States of America and this Privacy Statement, you are transferring personal information to the United States of America and you consent to that transfer and to the collection and processing of such information in the United States. You also consent to the adjudication of any disputes arising in connection with our Web site in state courts located in Los Angeles County, California and the federal courts for the Southern District of California, or via mediation if it is offered by EpicGenetics, Inc.

Questions

If you have questions about this Web Site Privacy Statement, please contact us at privacy@epicgtx.com

Other Terms and Conditions

The information and content, including the FM/a® and EpicGenetics logos, contained on this Web site are the property and copyright of Epicgenetics, Inc.

Epicgenetics disclaims any responsibility, and will not be held liable for, updating the site, or for computer viruses which may arise from this site’s use.

The scientific and medical nature of this site may from time to time include mention of other scientific, medical, and clinical research, study, and results.  Epicgenetics disclaims any liability for the mention of patents and trademarks associated with the research, study, and results of others.

 

NOTICE OF HEALTH INFORMATION PRIVACY PRACTICES
EpicGenetics, Inc.
 Notice effective as of February 1, 2013. Revised March 1, 2013.

THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED OR DISCLOSED BY EPICGENETICS, INC., ITS EMPLOYEES, AND OTHER AGENT (“EPICGENETICS”, “WE” OR “US”), AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE READ IT CAREFULLY.

We are required by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) to maintain the privacy of health information about you (“Protected Health Information”) and to provide you with this Notice of our legal duties and privacy practices with respect to your Protected Health Information.

We understand the importance of privacy and are committed to maintaining the confidentiality of your Protected Health Information. We make a record of your Protected Health Information, such as the clinical laboratory test results we produce, and we may obtain records related to your medical care from others. We use these records to provide or enable other health care providers to provide quality medical care, to obtain payment for services provided, and for administrative and operational purposes. When we use or disclose your Protected Health Information, we are required to abide by the terms of this Notice (or other notice in effect at the time of the use or disclosure) and to comply with HIPAA.

If you have any questions about this Notice, please contact our Privacy Officer at EpicGenetics Corporate Offices at 310.586.2929.

How We May Use Or Disclose Your Protected Health Information

For Treatment. We may use or disclose your Protected Health Information for treatment purposes. For example, we may use your Protected Health Information to perform our testing services and to produce clinical laboratory results that assist other health care providers in providing quality medical care. We may also share your Protected Health Information with other health care providers who are directly involved in your medical care.

For Payment. We may use or disclose your Protected Health Information to obtain payment for the services you receive. For example, we may send a bill to your health plan, such as an insurance company or health plan, to receive payment for the services provided to you.

For Health Care Operations. We may use and disclose your Protected Health Information for our health care operations. For example, we may use or disclose your Protected Health Information to review and improve the quality of service we provide, or the competence and qualifications of our professional staff. We may use or disclose your Protected Health Information to get authorization for services or referrals from your health plan

Business Associates. We may share your Protected Health Information with other companies or individuals, known as “business associates,” who need your information to provide services to us. For example, we may use another company to perform billing services on our behalf. Each business associate is required accordingly to protect the privacy of your Protected Health Information.

Required by Law. We must disclose your Protected Health Information as required by Federal, state or local law.

Persons Involved in Your Care or Payment for Your Care. We may disclose your Protected Health Information only to “authorized persons” as defined under applicable state law.

Victims of Abuse, Neglect, or Domestic Violence. If required or authorized by law, we may disclose Protected Health Information to a government agency, such as social services or a protective services agency, if we reasonably believe that an individual is the victim of abuse, neglect, or domestic violence.

Law Enforcement. We may disclose your Protected Health Information to the police or other law enforcement officials as required by law or in compliance with a court order, warrant, subpoena, summons, or similar process authorized by law. Under certain circumstances, we also may disclose Protected Health Information to law enforcement officials when the information is needed to: identify or locate a missing person or a suspect, fugitive, or material witness; determine whether an individual has been a victim of a crime; determine if a death resulted from criminal conduct; or investigate suspected criminal activity on our premises.

Judicial and Administrative Proceedings. Under certain circumstances, we may disclose your Protected Health Information in the course of a judicial or administrative proceeding, in response to a court order, subpoena, or other lawful process.

Lawsuits and Disputes. If you are involved in a lawsuit or a dispute, we may disclose your Protected Health Information in response to a court or administrative order. If the lawsuit is a medical negligence action, your Protected Health Information may be disclosed without a court order or subpoena. We may also disclose your Protected Health Information in response to a subpoena, discovery request, or other lawsuit process by someone else involved in the dispute, but only if efforts have been made to tell you about the request or to obtain an order protecting the information requested.

Public Health and Safety. Your Protected Health Information may be used or disclosed for public health activities, such as assisting public health authorities or other legal authorities to prevent or control disease, injury, or disability, or for other health oversight activities. Your Protected Health Information may be disclosed to appropriate persons in order to prevent or lessen a serious and imminent threat to the health and safety of a particular person or the general public.

Specialized Government Functions. We may disclose your Protected Health Information for military or national security purposes or to correctional institutions or law enforcement officers that have you in their lawful custody.

Workers’ Compensation. Your Protected Health Information may be used or disclosed as necessary in order to comply with laws and regulations related to workers’ compensation.

Change of Ownership. In the event that our clinical laboratory is sold or merged with another organization, your Protected Health Information will become the property of the new owner, although you will maintain the right to request that copies of your Protected Health Information be sent directly to you or physician of your designation.

Marketing. We will not disclose your Protected Health Information for marketing purposes without your written authorization.

Research. We may choose to use or disclose your health information for research purposes when an institutional review board or privacy board has reviewed the research proposal and established protocols to ensure the privacy of your Protected Health Information.  If we choose to do so without your written, explicit consent, Epicgenetics protocol will be to de-identify such information.

When We May Not Use Or Disclose Your Protected Health Information

Except as described in this Notice of Privacy Practices, we will not use or disclose your Protected Health Information without your written authorization. If you do authorize us to use or disclose your Protected Health Information for another purpose, you may revoke your authorization in writing at any time as provided under HIPAA.

Your Rights to Your Protected Health Information

You have the right:

  • To obtain a paper copy of this Notice of Privacy Practices.
  • To request restrictions on certain uses and disclosures of your Protected Health Information by providing a written request that specifies what information you wish to limit and what limitations on our use or disclosure of your Protected Health Information you wish to have imposed. We reserve the right to accept or reject your request and will notify you of our decision.
  • The right to access to inspect and obtain a copy of your Protected Health Information, with limited exceptions. If we deny your request for access or copies, you will be informed of your rights to appeal our decision. Note: Clinical Laboratory Improvement Amendments (“CLIA”)  regulations and state law will determine whether a laboratory can provide test results directly to a patient. (California State Law requires all Laboratory results be delivered to the ordering physician)
  • To request that we amend your Protected Health Information. Your request must be in writing and must include the reason(s) for your request. We are not required to make your requested amendment(s) or modification(s), and should we deny your request, we will provide you with information about our denial and how you can disagree with the denial and ask us to review our decision.
  • To receive an accounting of disclosures of your Protected Health Information made by us as required under HIPAA.
  • To receive confidential communications of your Protected Health Information.

IF YOU WOULD LIKE TO HAVE A MORE DETAILED EXPLANATION OF THESE RIGHTS, OR IF YOU WOULD LIKE TO EXERCISE ONE OR MORE OF THESE RIGHTS, CONTACT OUR PRIVACY OFFICER at 310.586.2929.

Obligations of this Clinical Laboratory

We are required by law to (i) maintain the privacy of your Protected Health Information, (ii) provide you with this notice of our legal duties and privacy practices with respect to your Protected Health Information, (iii) abide by the terms of this notice, (iv) notify you if we change any of the privacy practices described in this Notice. We reserve the right to change the terms of this Notice and/or to adopt amendments or revise any of our privacy practices. In the event that amendments or revisions are made to this Notice of Privacy Practices, we will promptly provide you with a revised notice.

Complaints

If you believe your privacy rights have been violated, you may file a complaint with our Privacy Officer to the address set forth below or to the Secretary of Health and Human Services, and you will not be retaliated against for filing such a complaint. Complaints should be directed to:

EpicGenetics, Inc.
Attn: Privacy Officer
1940 Century Park East, Suite 400
Los Angeles, CA  90067

 

For more information Health Information Privacy and HIPAA, click here.