By choosing and completing testing with MDLab, you ACKNOWLEDGE THAT YOU HAVE READ AND UNDERSTAND THE TERMS; REPRESENT THAT YOU ARE 18 YEARS OR OLDER; OR ARE THE PARENT OR CUSTODIAN THAT HAS CONSENTED TO TESTING AND SERVICES FOR A DEPENDENT MINOR UNDER THE AGE OF 18, AND ACCEPT AND AGREE YOU ARE LEGALLY BOUND BY THE TERMS.
If you do not agree to be bound by the Terms, do not use MDLab testing services.
By choosing to be tested by MDLab, you are authorizing your Protected Health Information (PHI) be saved for the purpose of sharing your testing results with you individually, and to analysis of anonymous and aggregated testing results to promote high quality healthcare in the region and to protect the public’s health and well being.
Your testing results are your health information and protected by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and related the HIPAA Privacy Rule, the HITECH Act, and the Texas Medical Records Privacy Act. MDLab will manage and protect your health information in accordance with those standards, the Terms of this Policy, and your request to receive your own testing results.
The right to inspect, review, and receive a copy of your health information and billing records that are held by MDLab are covered by the Privacy Rule.
MDLab retains the right to discuss and share aggregated, non-identifiable testing results to promote high quality health care and to protect the public’s health and well being.
IMPORTANTLY, by choosing to be tested by MDLab, you are requesting your results be shared with you (or, the parent or custodian for individuals under the age of 18) by standard telephone conversation or short message service (SMS) text message at the telephone phone number you provide during registration. It is important for you to understand that receipt of your results through SMS text messaging contains certain risks as outlined below.
HIPAA regulations for SMS do not specifically prohibit the use of a “Short Message Service” to communicate PHI) but they do stipulate that certain conditions have to be in place before using SMS to communicate PHI to be HIPAA compliant. Most SMS messages are not HIPAA compliant. This is because, among other possible risks, SMS messages are not encrypted, cannot be recalled if sent to the wrong recipient, and can be intercepted on public Wi-Fi networks.
By requesting your results be shared by SMS text message, you are authorizing the disclosure of your PHI for the purpose of receiving results in a manner that is not considered HIPAA compliant and are, in fact, affirmatively requesting receipt of those results via SMS text messaging after having been notified of the possible risks associated with such communication.
The types of information we may collect or that you may provide when you agree to testing with MDLab.
Our practices for collecting, using, maintaining, protecting, and disclosing that information.
This Policy applies only to information we collect during your testing. This Policy does not apply to information collected through any third party for the purposes of payment.
PLEASE READ THIS POLICY CAREFULLY TO UNDERSTAND HOW WE TREAT YOUR PERSONAL INFORMATION. IF YOU DO NOT AGREE WITH THE TERMS AND CONDITIONS OF THIS POLICY, YOU SHOULD NOT ACCESS OR USE THE TESTING SERVICE. BY CHOOSING TO BE TESTED, YOU CONSENT TO THIS POLICY AND TO OUR COLLECTION AND SHARING OF YOUR INFORMATION IN ACCORDANCE WITH THE TERMS OF THIS POLICY.
What information do we collect?
We may collect and process the following personal information from you for the purposes set forth below:
When you register for testing, we may ask for your name, telephone number, email address, or other contact details in order to provide your results of testing.
How We Use Your Information
This information is necessary to enable us to provide testing results back to you. You understand and agree that MDLab is not responsible for consequences or losses related to disclosure of your testing results that arise from inaccurate, inauthentic, deficient or incomplete personal data that you provide to us.
FEEDBACK / SUPPORT / INQUIRIES
If you provide us with feedback or allow you to contact us to ask us questions, we may collect your name, telephone number, email address, and other information needed to respond to your feedback, or request for support, or to answer your question.
When you communicate with us, we may retain your communications in order to process and respond to them, as well as to improve our services. We may use your contact information to communicate with you about your testing results and our services.
DISCLOSURES WITH OR WITHOUT YOUR CONSENT
We may also disclose your personal information in response to subpoenas, warrants, court orders or other legal process, or to comply with relevant laws. We may also share your personal information in order to establish or exercise our legal rights, to defend against a legal claim, to investigate, prevent, or take action regarding possible illegal activities, suspected fraud, safety of person or property or a violation of our Terms of Service. How long do we store your personal information? We will retain your personal information as needed to fulfill the purposes for which it was collected. We will retain and use your personal information as long as necessary to comply with our business requirements and legal obligations, to resolve disputes, to protect our assets, to provide our services, and to enforce our agreements. When we, in our sole discretion, believe we no longer have a purpose to retain your personal information, we will securely destroy your personal information in accordance with applicable law. We take reasonable steps to delete the personal information we collect if you ask us to delete your information, unless we determine that doing so would violate our existing, legitimate legal, regulatory, dispute resolution, contractual, or similar obligations. To the extent permitted by law, we may retain and use anonymous and aggregated information for performance reporting, benchmarking, and analytic purposes and for product and service improvement. How do we protect your information? We have put in place reasonable and appropriate security measures to protect the personal information that you share with us from being accidentally lost, used, altered, or disclosed or accessed in an unauthorized manner. From time to time, we review our security procedures to consider appropriate new technology and methods. While our security measures seek to protect your personal information in our possession, no security system is perfect, and no data transmission over the Internet can be guaranteed to be 100% secure. As a result, while we strive to protect your personal information, we cannot guarantee or warrant the security of any information you provide, and you do so at your own risk. We cannot promise that your personal information will remain absolutely secure in all circumstances. Rights and Choices About How We Use and Disclose Your Information Please use the Contact Us details at the end of this Policy to exercise your rights and choices under this Policy. If you would like to manage, change, or delete your personal information, such requests may be submitted via the Contact Us details at the end of this Policy.
UPDATING YOUR PERSONAL INFORMATION
If any of the personal information you have provided to us changes, please let us know. We are not responsible for any losses arising from any inaccurate, inauthentic, deficient or incomplete personal data that you provide to us.
RIGHT OF ACCESS
If required by law, upon request, we will grant reasonable access to the personal information that we hold about you.
RIGHT TO OBJECT
In certain circumstances, if permitted under applicable law, you have the right to object to processing of your personal information and to ask us to erase or restrict our use of your personal information. If you would like us to stop using your personal information, please contact us, and we will let you know if are able to agree to your request.
RIGHT TO ERASURE AND DELETION OF YOUR PERSONAL INFORMATION
You may have a legal right to request that we delete your personal information when it is no longer necessary for the purposes for which it was collected, or when, among other things, your personal information has been unlawfully processed. All deletion requests should be sent to the Contact Us section of this Policy. If you would like us to delete your personal information, please contact us, and we will let you know if are able to agree to your request.
We may decide to delete your personal information if we believe it is incomplete, inaccurate, or that our continued storage of your personal information is contrary to our legal obligations or business objectives. When we delete personal information, it will be removed from our active databases; but, it may remain in archives when it is not practical or possible to delete it. We may also retain your personal information as needed to comply with our legal obligations, resolve disputes, or enforce any agreements.
Updates and Changes to This Policy
I understand the test being used has received FDA emergency use authorization and results from antibody testing should not be used as the sole basis to diagnose or exclude SARS-CoV-2 infection or to inform infectious status.
The rapid antibody test is provided pursuant to the Policy for Diagnostic Tests for Coronavirus Disease-2019 during the Public Health Emergency issued on the web on March 16, 2020 by U.S. Food and Drug Administration (FDA”) which may be found here https://www.fda.gov/media/135659/download (collectively the “Policy”)
THE TESTS ARE INTENDED FOR PRELIMINARY SCREENING PURPOSES AND ARE USED TO DETERMINE IF ADDITIONAL TESTING IS REQUIRED.