Pathwork Diagnostics

Pathwork Diagnostics ("Pathwork," "we" or "us"), is committed to protecting the privacy of all visitors to the Pathwork website ("Site"). Pathwork has established this Privacy Policy to tell you about our practices regarding collection, use, and disclosure of information that you may provide via this Site. Please be sure to read this entire Privacy Policy before using or submitting information to this Site. This Site is only intended for use by residents of the United States of America.

Although this Site provides links to third-party websites, they are not covered by this Privacy Policy. Pathwork assumes no responsibility for the privacy or security of information you provide to any third party through linked websites or any other means. "Third Parties" means any person or entity other than Pathwork, its majority owned subsidiaries, and you.

By using this Site, you agree to the terms of this Privacy Policy. Whenever you submit information via this Site, you consent to the collection, use, and disclosure of that information in accordance with this Privacy Policy.

1. What information we collect
We collect two types of information: Personal Information and Passive Information.

Personal Information
We will only collect information that personally identifies you, such as your name, address, telephone number, organization, title, or e-mail address ("Personal Information"), when you voluntarily submit such information to us at the Site or through e-mail or online forms. We may use your Personal Information for such purposes as complying with your request for information, customizing the advertising and content you see, developing and improving our products to meet your needs, and communicating with you about new products and information. We will not sell or rent your Personal Information to any third party without your consent.
This Site is not intended or designed to attract children under the age of 13. We do not collect Personal Information from any person we know to be under the age of 13.

Passive Information
As you navigate through this Site, certain anonymous information can be passively collected (that is, gathered without your actively providing the information) using various technologies, such as cookies, Internet tags or Web beacons, and navigational data collection (log files, server logs, clickstream) ("Passive Information"). Your Internet browser automatically transmits to this Site some of this anonymous information, such as the URL of the website you just came from and the Internet Protocol (IP) address and the browser version your computer is currently using. This Site may also collect anonymous information from your computer through cookies and Internet tags or Web beacons. You may set your browser to notify you when a cookie is sent or to refuse cookies altogether, but certain features of this Site might not work without cookies. This Site may use and combine such passively collected anonymous information to provide better service to Site visitors, customize the Site based on your preferences, compile and analyze statistics and trends, and otherwise administer and improve the Site for your use. Such information is used in the aggregate and is not combined with personally identifiable information collected elsewhere on the Site unless you have consented. Many companies offer programs to help you visit websites anonymously. While Pathwork may not be able to provide you with a personalized experience if we cannot recognize you, we want you to be aware that these programs are available.

2. How we use your Personal Information
Pathwork uses your Personal Information to process your requests and transactions, offer or furnish additional products and services, personalize the types of information you receive from Pathwork, assess trends in the use of our Site or purchases of products or services, and develop content and functionality that helps us serve our customers' needs, and improve the service and products we provide.

We may share your personally identifiable information with Third Parties that assist us in providing our services or carrying out your account needs. We also may sell or license aggregated information (that is, without personally identifying details) to Third Parties. As we continue to develop our business, we might sell or buy businesses or assets, or Pathwork might be acquired by another company. In any of those circumstances, Personal Information in our databases may be included among the transferred assets.

Pathwork may also use your Personal Information to prevent harm or injury, to prevent fraud, to protect our legal interests, to comply with or respond to legal process, and to comply with applicable laws.

Pathwork may also collect and use your Personal Information for internal purposes. For example, resumes submitted by job applicants may be viewed by our human resources department personnel, hiring managers, employees who will be interviewing the candidate, and the administrative assistants to these individuals for applicant screening and hiring purposes, and for general human resources purposes.

Except as set forth above, you will be notified when your Personal Information will be shared with Third Parties.

3. Access, correction and deletion
To keep personally identifiable information that you provide via this Site accurate, current, and complete, please contact us as specified below and we will take appropriate steps to update or correct such information in our possession, or to delete your information from our contact list. Please note that some information may remain in our records after such deletion.

4. Security
We will take reasonable steps to protect personally identifiable information as you transmit it to our Site and to protect such information from loss, misuse, and unauthorized access, disclosure, alteration, or destruction. You should keep in mind that no Internet transmission is ever completely secure or error-free. In particular, e-mail sent to or from this site may not be secure.

5. Transfer to unrelated Third Parties
If we transfer personally identifiable information to a third party that is acting as our agent, unless you are otherwise notified, such party will only have the right to use such information to carry out services on our behalf.

6. Changes to this Policy
We reserve the right to make changes to this Privacy Policy at any time. Please check the Privacy Policy when you use our Site to ensure that you are aware of any changes in our privacy practices. Use of information we collect now is subject to the Privacy Policy in effect at the time such information is used. Our Privacy Policy will indicate the date it was last updated.

7. Contact points
Please contact us to learn more about our privacy practices or to change your privacy choices.
Your privacy is important to us and we will make every effort to resolve your concerns.

8. Privacy Policy effective date
This Privacy Policy is effective on November 1, 2006.

HIPAA Notice of Privacy Practices
Effective Date: April 14, 2008, Revised October 31, 2011

THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.

Respect for our patients' privacy is highly valued at Pathwork® Diagnostics Inc (Pathwork). It is what our patients expect, and it's also the right way to conduct health care business. As required by law, we will protect the privacy of health information that may reveal your identity. This document describes the personal health information privacy practices of our staff, and business associates. Additional or updated copies of this notice will be provided to you upon request. If you have any questions about this notice or would like further information, please contact the Pathwork Privacy Officer- by calling toll-free 1-877-808-0006, or 1-650-366-1003.

WHO WILL FOLLOW THE PRACTICES IN THIS NOTICE?
Pathwork provides laboratory testing ordered by your physician. The information provided to Pathwork will be used by our staff according to the policies and procedures described in this notice.
The privacy practices described in this notice do not apply to your physician or the hospital where you received treatment. Each organization will have a privacy notice that will describe their own privacy practices.

IMPORTANT SUMMARY INFORMATION
Pathworks receives information from your physician or from the hospital where you received treatment. We will use that information to assist your physician in providing treatment, to obtain payment for our services, and in routine operation of the company. For more information or questions about these activities you may contact our Privacy Officer at 1-877-808-0006 or 1-650-366-1003.

Information Access. The Clinical Laboratory Information Act prohibits Pathwork from sharing laboratory data directly with patients. Any request to review your laboratory information should be sent to your physician or to the hospital where you received services. We can share with you the information we have about the status of your claim. We may contact you to assist with payment for testing services.

Corrections to your Health Information. We will work with you to correct any misinformation we have related to payment activities. We cannot, however, assist you in correcting any data provided to us by your physician or by the hospital where you received services. You should contact your physician or the hospital where you received services if you wish to make a correction to any medical information.

How to Identify Others Who Have Received Your Health Information. You have the right to receive an "accounting of disclosures," which identifies certain persons or organizations to which we have disclosed your health information in accordance with the protections described in this Notice of Privacy Practices. Many routine disclosures we make will not be included in this accounting, but the accounting will identify certain non-routine disclosures of your information. You may request an accounting of disclosures by contacting the Pathwork Privacy Officer, at 1-877-808-0006, or 1-650-366-1003.

How to Request Additional Privacy Protections. You have the right to request further restrictions on the way we use your health information or share it with others. We are not required to agree to the restriction you request, but if we do, we will be bound by our agreement.

How to Request More Confidential Communications. You have the right to request that we contact you in a way that is more confidential for you, such as at home instead of at work. We will try to accommodate all reasonable requests made in writing to our Privacy Officer.

How Someone May Act On Your Behalf. You have the right to name a personal representative who may act on your behalf to control the privacy of your health information. Parents and guardians will generally have the right to control the privacy of health information about minors unless the minors are permitted by law to act on their own behalf.

How to Obtain a Paper Copy of This Notice. You have the right to a paper copy of this notice. You may request a paper copy at any time, even if you have previously agreed to receive this notice electronically. To do so, please call the Pathwork Privacy Officer, at 1-877-808-0006, or 1-650-366-1003.

How to Obtain a Copy of Revised Notice. We may change our privacy practices from time to time. If we do, we will revise this notice so you will have an accurate summary of our practices, and the revised notice will apply to all of your health information. We will post any revised notice on our website at http://www.pathworkdx.com. We are required to abide by the terms of the notice that is currently in effect.

How to File a Complaint. If you believe your privacy rights have been violated, you may file a complaint with us or with the Secretary of the Department of Health and Human Services. To file a complaint with us, please contact the Pathwork Privacy Officer, at 1-877-808-0006, or 1-650-366-1003 or send a letter to the attention of the Privacy Officer. No one will retaliate or take action against you for filing a complaint.

WHAT HEALTH INFORMATION IS PROTECTED
We are committed to protecting the privacy of information we gather about you while providing health-related services. Some examples of protected health information include:

• Information indicating that you are receiving other health-related services from our laboratory;
• Information about your health condition (such as a disease you may have);
• Information about health care services you have received or may receive in the future; or
• Information about your health care benefits under an insurance plan

When this information is combined with:

• Demographic information (such as your name, address, or insurance status);
• Unique numbers that may identify you (such as your social security number, your phone number, or your driver's license number); or
• Other types of information that may identify who you are.

HOW WE MAY USE AND DISCLOSE YOUR HEALTH INFORMATION

1. Treatment, Payment, and Business Operations
We may use your health information or share it with others in order to help your physician treat your condition, to obtain payment for that treatment, and to run our business operations. In some cases, we may also disclose your health information for payment activities and certain business operations of another health care provider or payor.

Treatment. We may share your health information with doctors, nurses and other health care providers who are involved in taking care of you, and they may in turn use that information to diagnose or treat you.

Payment. We may use your health information or share it with others so that we may obtain payment for your health care services. For example, we may share information about you with your health insurance company in order to obtain reimbursement, or to determine whether your laboratory results are covered by insurance. We might also need to inform your health insurance company about your health condition in order to obtain pre-approval for your treatment. Finally, we may share your information with other health care providers and payors for their payment activities.

Business Operations. We may use your health information or share it with others in order to conduct our business operations. For example, we may use your health information to evaluate the performance of our staff in providing laboratory services for you or to educate our staff on how to improve the care they provide. Finally, we may share your health information with other health care providers and payors for certain of their business operations if the information is related to a relationship the provider or payor currently has or previously had with you, and if the provider or payor is required by federal law to protect the privacy of your health information.

Business Associates. We may disclose your health information to contractors, agents and other business associates who need the information in order to assist us with obtaining payment or carrying out our business operations. For example, we may share your health information with a billing company that helps us to obtain payment from your insurance company. Another example is that we may share your health information with an accounting firm or law firm that provides professional advice to us about how to improve our health care services and comply with the law. If we do disclose your health information to a business associate, we will have a written contract that requires our business associate to protect the privacy of your health information.

We can do all of these things if you have received services from Pathwork. Once we perform testing services we will assume your consent is given to use your health information for treatment, payment and business operations, in effect indefinitely unless you revoke your consent. You may revoke your consent at any time, except to the extent that we have already relied upon it. For example, if we provide you with treatment before you revoke your consent, we may still share your health information with your insurance company in order to obtain payment for that treatment. To revoke your consent, please write to contact our Privacy Officer.

2. Emergencies or Public Need
We may use your health information, and share it with others in order to meet important public needs. We will not be required to obtain your general written consent before using or disclosing your information for these reasons. We will, however, obtain your written authorization for, or provide you with an opportunity to object to, the use and disclosure of your health information in these situations when state law specifically requires that we do so.

As Required By Law. We may use or disclose your health information if we are required by law to do so. We will notify you of these uses and disclosures if notice is required by law.

Public Health Activities. We may disclose your health information to authorized public health officials (or a foreign government agency collaborating with such officials) so they may carry out their public health activities. For example, we may share your health information with government officials that are responsible for controlling disease, injury, or disability.

Victims of Abuse, Neglect, or Domestic Violence. We may release your health information to a public health authority that is authorized to receive reports of abuse, neglect, or domestic violence. For example, we may report your information to government officials if we reasonably believe that you have been a victim of such abuse, neglect, or domestic violence. We will make efforts to obtain your permission before releasing this information, but in some cases we may be required or authorized to act without your permission.

Health Oversight Activities. We may release your health information to government agencies authorized to conduct audits, investigations, and inspections of our facility. These government agencies monitor the operation of the health care system, government benefit programs such as Medicare and Medicaid, and compliance with government regulatory programs and civil rights laws.

Product Monitoring, Repair, and Recall. We may disclose your health information to a person or company that is regulated by the Food and Drug Administration for the purpose of:

• Reporting or tracking product defects or problems;
• Repairing, replacing, or recalling defective or dangerous products; or
• Monitoring the performance of a product after it has been approved for use by the general public.

Lawsuits and Disputes. We may disclose your health information if we are ordered to do so by a court or administrative tribunal that is handling a lawsuit or other dispute.

Law Enforcement. We may disclose your health information to law enforcement officials to comply with court orders or laws that we are required to follow or if necessary to report a crime that occurred on our property.

To Avert a Serious and Imminent Threat to Health or Safety. We may use your health information or share it with others when necessary to prevent a serious and imminent threat to your health or safety or the health or safety of another person or the public. In such cases, we will only share your information with someone able to help prevent the threat. We may also disclose your health information to law enforcement officers if you tell us that you participated in a violent crime that may have caused serious physical harm to another person (unless you admitted that fact while in counseling), or if we determine that you escaped from lawful custody (such as a prison or mental health institution).

National Security and Intelligence Activities or Protective Services. We may disclose your health information to authorized federal officials who are conducting national security and intelligence activities or are providing protective services to the President or other important officials.

Military and Veterans. If you are in the Armed Forces, we may disclose health information about you to appropriate military command authorities for activities they deem necessary to carry out their military mission. We may also release health information about foreign military personnel to the appropriate foreign military authority.

Inmates and Correctional Institutions. If you are an inmate or you are detained by law enforcement officers, we may disclose your health information to prison officers or law enforcement officers if necessary to provide you with health care, or to maintain safety, security, and good order at the place where you are confined. This includes sharing information that is necessary to protect the health and safety of other inmates or persons involved in supervising or transporting inmates.

Workers' Compensation. We may disclose your health information for workers' compensation or similar programs that provide benefits for work-related injuries.

Coroners, Medical Examiners, and Funeral Directors. In the unfortunate event of your death, we may disclose your health information to a coroner or medical examiner. This may be necessary, for example, to determine the cause of death. We may also release this information to funeral directors as necessary to carry out their duties.

Research. In most cases, we will ask for your written authorization before using your health information or sharing it with others in order to conduct research. However, under some circumstances, we may use and disclose your health information without your written authorization if we obtain approval through a special process to ensure that research without your written authorization poses minimal risk to your privacy. Under no circumstances, however, would we allow researchers to use your name or identity publicly. We may also release your health information without your written authorization to people who are preparing a future research project, so long as any information identifying you does not leave our facility. In the unfortunate event of your death, we may share your health information with people who are conducting research using the information of deceased persons, as long as they agree not to remove from our facility any information that identifies you.

3. Completely De-identified or Partially De-identified Information.
We may use and disclose your health information if we have removed any information that has the potential to identify you so that the health information is "completely de-identified." We may also use and disclose "partially de-identified" health information about you if the person who will receive the information signs an agreement to protect the privacy of the information as required by federal and state law. Partially de-identified health information will not contain any information that would directly identify you (such as your name, street address, social security number, phone number, fax number, electronic mail address, website address, or license number).

4. Incidental Disclosures
While we will take reasonable steps to safeguard the privacy of your health information, certain disclosures of your health information may occur during or as an unavoidable result of our otherwise permissible uses or disclosures of your health information.

YOUR RIGHTS TO ACCESS AND CONTROL YOUR HEALTH INFORMATION
We want you to know that you have the following rights to access and control your health information. These rights are important because they will help you make sure that the health information we have about you is accurate. They may also help you control the way we use your information and share it with others, or the way we communicate with you about your medical matters.

1. Right to Inspect and Copy Records
The Clinical Laboratory Improvement Act of 1986 prohibits laboratories from providing the results of laboratory tests to a patient. You may inspect and copy records based on your physician or hospital's policies.

2. Right to an Accounting of Disclosures
You have the right to request an "accounting of disclosures" which identifies certain other persons or organizations to whom we have disclosed your health information in accordance with applicable law and the protections afforded in this Notice of Privacy Practices. An accounting of disclosures does not describe the ways that your health information has been shared as long as all other protections described in this Notice of Privacy Practices have been followed (such as obtaining the required approvals before sharing your health information for research purposes).

An accounting of disclosures also does not include information about the following disclosures:

• Disclosures we made to you or your personal representative;
• Disclosures we made pursuant to your written authorization;
• Disclosures we made for treatment, payment or business operations;
• Disclosures we made to your friends and family who are or were involved in your care or payment for your care;
• Disclosures that were incidental to permissible uses and disclosures of your health information (for example, when information is overheard by another patient passing by);
• Disclosures for purposes of research, public health or our business operations of limited portions of your health information that do not directly identify you;
• Disclosures made to federal officials for national security and intelligence activities;
• Disclosures about inmates to correctional institutions or law enforcement officers; and
• Disclosures made before April 14, 2003.

To request an accounting of disclosures, please write to our Privacy Officer. Your request must state a time period within the past six years (but not before April 14, 2003) for the disclosures you want us to include. For example, you may request a list of the disclosures that we made between January 1, 2004, and January 1, 2005. You have a right to receive one accounting within every 12-month period for free. However, we may charge you for the cost of providing any additional accounting in that same 12-month period. We will always notify you of any cost involved so that you may choose to withdraw or modify your request before any costs are incurred.

Ordinarily we will respond to your request for an accounting within 60 days. If we need additional time to prepare the accounting you have requested, we will notify you in writing about the reason for the delay and the date when you can expect to receive the accounting. In rare cases, we may have to delay providing you with the accounting without notifying you because a law enforcement official or government agency has asked us to do so.

4. Right to Request Additional Privacy Protections
You have the right to request that we further restrict the way we use and disclose your health information to perform laboratory testing, collect payment for that service, or run our business operations. You may also request that we limit how we disclose information about you to family or friends involved in your care. For example, you could request that we not disclose information about testing you had. To request restrictions, please write to our Privacy Officer. Your request should include:

• What information you want to limit;
• Whether you want to limit how we use the information, how we share it with others, or both; and
• To whom you want the limits to apply.

We are not required to agree to your request for a restriction, and in some cases the restriction you request may not be permitted under law. However, if we do agree, we will be bound by our agreement unless the information is needed to provide you with emergency treatment or comply with the law. Once we have agreed to a restriction, you have the right to revoke the restriction at any time. Under some circumstances, we will also have the right to revoke the restriction as long as we notify you before doing so; in other cases, we will need your permission before we can revoke the restriction.

5. Right to Request Confidential Communications
You have the right to request that we communicate with you about your medical matters in a more confidential way by requesting that we communicate with you by alternative means or at alternative locations. For example, you may ask that we contact you at home instead of at work. To request more confidential communications, please write to the Pathwork Privacy Officer, 595 Penobscot Drive, Redwood City, CA 94063. We will not ask you the reason for your request, and we will try to accommodate all reasonable requests. Please specify in your request how or where you wish to be contacted, and how payment for your health care will be handled if we communicate with you through this alternative method or location.

Acknowledgement of Receipt of Notice of Privacy Practices
If you have any questions about this notice or would like further information, please contact the Pathwork Privacy Officer, at 1-877-808-0006, or 1-650-366-1003.

Performance of laboratory testing at your physician's request is considered consent for services as described in this notice.

You can download and print the Pathwork Notice of Privacy Practices by clicking here.

You will need Adobe Reader to view this document.