Protected Health Information (PHI) and Sensitive Data
PHI is information about you, including demographic information and genetic information, that may identify you and that relates to your past, present or future physical or mental health or condition and related health care services. Some of this information is also deemed to sensitive information or sensitive personal data (“Sensitive Data”).
Good Start Genetics, Inc. is required by state law and by the Health Insurance Portability and Accountability Act (HIPAA) to protect the privacy of your health information. Staff members, employees, and any volunteers of Good Start Genetics, Inc. must follow legal regulations with respect to:
You can view our HIPAA Notice of Privacy Practices, which describes how we may use and disclose your PHI to carry out treatment, payment or health care operations and for other purposes that are permitted or required by law.
What Personal Information Do We Collect?
If you email us with a question or a request for information, we collect your first name and email address in order to respond to you. We may also use your email address to send you promotional newsletters and emails regarding meeting, events, and new products or services. You can unsubscribe from promotional emails at any time by clicking “unsubscribe” at the bottom of our emails.
When you use the Cost Estimator to calculate an estimate of your out of pocket expenses, we collect your first and last name, date of birth and policy information such as group number and participant ID.
When you register on the Site and sign up for a Patient Portal, we collect your first and last name, date of birth and email address. This information is combined with other Personal Information and PHI that you provide to the Site in order to give you access to your test results, permit you to sign any outstanding consent forms, check the status of your orders, pay your bills, and schedule appointments with a Genetic Counselor through your Patient Portal.
ScreenSelect Service: Collection of PHI and/or Sensitive Data
When you research your suggested carrier screening considerations through our ScreenSelect Service, we collect the following information, which may be deemed to be PHI and/or Sensitive Data for you and your partner: name, gender, ethnic background, family medical history of unexplained intellectual disability, unexplained autism, premature ovarian failure, and primary ovarian insufficiency. We collect this information to generate your carrier screening suggestions (the “Test Considerations”).
You are not required to provide this information, and, if you do not want to do so, you may simply not use this Service. By providing us with Sensitive Data, however, you consent to us collecting, processing, using, retaining, and transferring your Sensitive Data for the purposes of providing your Test Considerations.
Scheduling Appointments with Genetic Counselors
If you schedule an appointment with a genetic counselor we collect your name, date of birth, email address and phone number to enable us to contact you and schedule the appointment. We also ask for your referring doctor’s name and ask if you or your partner have had genetic carrier screening to assist the genetic counselor in preparing for your appointment.
We may ask you to complete voluntary surveys for research purposes. Each survey may be different and the personal information or PHI we collect will depend on the nature of the survey. Information collected from surveys will be transferred to third parties and will be processed anonymously.
If you apply for a job at Good Start Genetics through the Site, we collect a copy of your resume, a cover letter, and your first name, last name, email address and phone number (optional) to contact you about a potential job opening at Good Start Genetics. We will retain this information until the job is filled.
When you request a Service that requires a fee, we collect payment information including your name and credit card number and other information necessary to process your transaction. We use this information to process your transaction, to contact you about your transaction, and to resolve billing or other issues relating to your purchases with us.
In all instances, we will keep your data only for as long as is reasonably necessary for the purposes described in this Policy and in accordance with any applicable legal or ethical reporting or documentation retention requirements.
When you visit the Site or use the Services, we use session “cookies” — a piece of information stored on your computer — to allow us to uniquely identify your browser while you are browsing or interacting with the Site. Session cookies also help us confirm your identity and are required in order to log into your account. Good Start Genetics uses persistent cookies to identify you as a Good Start Genetics customer and make it easier for you to log into your account. Users who disable their web browsers’ ability to accept cookies will be able to browse our Site, but will not be able to access or take advantage of the Services.
How Do We Protect Your Information?
We will take reasonable precautions to protect Personal Information and PHI from loss, misuse, unauthorized access, disclosure, alteration and destruction. We follow generally accepted standards to protect the personal information submitted to us, both during transmission and once we receive it.
a. Services are encrypted using SSL.
b. Information collection, storage, and processing practices are periodically reviewed, including physical security measures, to guard against unauthorized access to personal information and PHI.
c. Access to personal information and PHI is restricted to employees, contractors, and agents who are subject to confidentiality under business associate agreements and legal obligations. Failure to meet obligations may result in termination.
No method of transmission over the Internet, or method of electronic storage, is 100% secure, however. Therefore, we cannot guarantee its absolute security.
We will retain Personal Information we process for as long as needed to provide the Services. We will retain and use this Personal Information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
Choice and Consent
If you wish to withdraw your consent for any uses that are incompatible with the uses you have consented to, you may do so at any time by sending an email to firstname.lastname@example.org. If you withdraw your consent you will no longer be able to use or access our Services and we will not have any means by which to respond to your questions or comments that you email to the Site.
Do We Disclose Personal Information, PHI or Sensitive Data to Third Parties?
We may use and disclose Personal Information for research purposes, if the research has been approved by an institutional review board, in accordance with established protocols to ensure the privacy of your health information.
We disclose Personal Information, PHI and Sensitive Data to third parties acting as agents in providing products and services.
We disclose your PHI to third parties at your request. We may disclose PHI to persons who are legally permitted to receive PHI to enable us to provide the Services such as other labs, your physician, and your insurance provider.
Non-personally identifiable information may be provided to Google Analytics or other third parties for statistical analysis.
We may release your information when we believe release is appropriate to comply with the law, enforce our Site policies, or protect our or other’s rights, property, or safety. Because our servers, which store your information, are located in the U.S.A., your information may be available to U.S. government entities or agencies under a lawful court order or other law in the U.S.
Third Party Sites and Links
Social Media Features
International or Cross-Border Transfer of Your Information and Your Express Consent
Given that the Internet operates in a global environment and that, if you operate outside of the United States, transfer of your data is necessary for you to use our Services or email us for information. Accordingly, using the Internet to provide Personal Information and Sensitive Data necessarily involves the transmission of data on an international, or cross-border, basis. By using or accessing the Services and/or by emailing us, you acknowledge and expressly consent to our processing and disclosure of your Personal Information, Sensitive Data or other information in this way.
Your California Privacy Rights; California Do Not Track Disclosures
If you are a California resident, California Civil Code Section 1798.83 permits you to request information regarding the disclosure of your Personal Information by us or our subsidiaries to a third party for the third party’s direct marketing purposes. Since we do not make such disclosures, we are exempt from these reporting requirements. In addition, we currently do not honor Do Not Track signals.
Our site is directed to individuals who are the age of majority or older in their jurisdiction. We do not knowingly collect information from children. If you believe your child has provided information to the Site please contact our Privacy Officer.
Notice of Privacy Practices for Protected Health Information
This following is an abridged Notice of Privacy Practices for PHI. For the full HIPAA Notice of Privacy Practices, please see: www.goodstartgenetics.com/notice-of-privacy-practices/.
You have the following rights regarding your privacy and medical information:
a. Right to inspect and obtain a copy.
You have the right to request, in writing, a copy of your medical information that may be used to make decisions about your care. You may request medical and billing records, but the request does not include psychotherapy notes.
b. Right to amend your medical information.
If you believe that the medical information Good Start Genetics, Inc. has is incorrect or incomplete, you may ask to amend the information. You have the right to request an amendment as long as we maintain the information. In the future, your request will become a legal part of your medical record and will be sent out in addition to your medical record whenever a request for a copy is received. No original documentation may be destroyed or changed.
c. Right to request an accounting of disclosures.
You have the right to request an “accounting of disclosures.” An accounting of disclosures is a list of disclosures Good Start Genetics, Inc. made of your medical information without getting authorization, or which were not made for purposes of treatment, payment, or health care operations. This request must be submitted in writing.
d. Right to request restrictions
You have the right to request restrictions or limitations on medical information we use or disclose about you for treatment, payment, or health care operations purposes. We are not required to agree to these restrictions, but if we do, we will abide by our agreement (except in an emergency). Any agreement we may make to a request for additional restrictions must be in writing signed by a person authorized to make such an agreement on our behalf.
e. Right to request confidential communication.
You have the right to request that Good Start Genetics, Inc. communicate with you about medical matters using a certain method of communication or at a certain location. For instance, you may ask Good Start Genetics, Inc. to contact you only at work or by mail. You must make your request in writing to the Privacy Officer. We will not ask the reason for your request.
f. Right to be notified of a security breach that compromised your PHI.
Good Start Genetics, Inc. is required to notify you in the event that there is a breach of your PHI by unauthorized persons or entities unless there is a demonstration, based on internal risk assessment, that there is a low probability that your PHI has been compromised. We must notify you without unreasonable delay when a breach has occurred and no later than 60 days after discovery of the breach. Notification will include information about what happened and what has been and will be done to mitigate risk.
Access to Your Information
You may access, review, change, update or delete your Personal Information, Sensitive Data or PHI by emailing us at email@example.com. You may also withdraw your consent by calling Client Solutions to do so, to the extent permitted by applicable law. If you wish to unsubscribe from any of our emails, please click on the “unsubscribe” feature on the email you receive from us.
Good Start Genetics commits to resolving complaints about your privacy and our collection or use of your Personal Information or PHI. If you believe your privacy rights have been violated or you disagree with any action Good Start Genetics, Inc. has taken with regard to your personal or protected health information, you may file a complaint with Good Start Genetics, Inc. or with the Secretary of the Department of Health and Human Services, J.F.K. Federal Building, Room 1875, Boston, MA 02203 or email OCRComplaint@hhs.gov.
To file a complaint with Good Start Genetics, Inc.:
Attn: Privacy Officer
237 Putnam Avenue
Cambridge, MA, 02139
By email: firstname.lastname@example.org
By Phone: Privacy Officer at (857) 829-3668
Terms of Service
Please also visit our Terms of Service section establishing the use, disclaimers, and limitations of liability governing the use of our website https://www.goodstartgenetics.com/terms-conditions/