- Notice of Health Information Privacy Practices
- California Residents (CCPA) Privacy Notice
- Exercising Individual Rights
- Patient Authorization for Access to Medical Information - English Form | Spanish Form
- Request for Confidential Communications
- Request for Access to Personal Information (Individuals residing outside USA)
- Request for Amendments/Corrections to Personal Information
- Request for Restrictions Regarding the Use/Disclosure of Personal Information
- Right to Erasure Request Form
NOTICE OF HEALTH INFORMATION PRIVACY PRACTICES
THIS NOTICE DESCRIBES HOW HEALTH INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.
NeoGenomics Laboratories, Inc. and its subsidiaries and affiliates, is required by the Health Insurance Portability and Accountability Act of 1996, as amended (“HIPAA”), to maintain the privacy and security of your protected health information (PHI) and to provide you with a notice of NeoGenomics’ legal duties and privacy practices with respect to protected health information (PHI) that NeoGenomics may collect and maintain about you. This protection extends to any PHI whether in oral, written, or electronic format. This Notice of Health Information Privacy Practices (“Notice”) describes how we may use and disclose your protected health information (PHI) to carry out treatment, payment or health care operations and for other specified purposes that are permitted or required by law. The Notice also describes your rights with respect to your protected health information (“PHI”) when in the hands of NeoGenomics and its business associates, which are vendors that may assist us in providing services to you. PHI is any information that identifies you or may be used to identify you (e.g., basic demographic information); that is created or received by a health care provider, health plan, employer or health care clearinghouse; and that relates to your past, present or future physical or mental health or condition and related health care services, or provision of or payment for health care.
We are required by law to abide by the terms of this Notice. We will not use or disclose your PHI without your prior written authorization, except as permitted or required by law and described in this Notice. Please note that if other federal, state, or local laws, rules or regulations restrict or limit the use and disclosure of your PHI in ways that are permitted under this Notice, NeoGenomics will only use or disclose your PHI in compliance with the stricter law, rule or regulation. We strongly urge you to read this Notice carefully and thoroughly so that you will understand both our commitment to protecting the privacy of you PHI and how you can participate in the protection of this information.
What PHI We Collect
We attempt to collect the minimal amount of information necessary for NeoGenomics to provide our services to you and to obtain payment for those services. This may include your name, address, telephone number, social security number, date of birth, medical history, diagnosis, treatment, provider identification, financial responsibility, health insurance coverage (including group numbers and member identification numbers), and payment information.
How We May Use and Disclose Protected Health Information About You WITHOUT YOUR CONSENT
With the exception of information that may qualify for special protection under state and/or federal law, the following categories describe different ways that we use and disclose your PHI. Not every possible use or disclosure in a category is listed below. However, all of the ways in which we are permitted to use and disclose PHI will fall within one of the categories below. Also, NeoGenomics must limit its uses, disclosures, or requests for your PHI to the “minimum necessary” to accomplish the intended purpose of such use, disclosure, or request, except as permitted by law. Please note that, for purposes of this Notice, any references to “we” or “NeoGenomics” include all business associates we may engage.
Treatment: We may use or disclose your PHI to provide and coordinate the treatment and services you receive. For example, we may use your PHI to perform diagnostic tests, or provide your test results to your physician or other authorized health care provider. We may also disclose your PHI to another testing laboratory if we are unable to perform the testing ourselves and as such need to refer your specimen to that laboratory to perform the requested testing.
Payment: We may use and disclose your PHI to others for purposes of receiving payment for treatment and services that you receive. For example, we will submit a claim to you, your health care provider, or your health plan/insurer that includes information that identifies you and the type of services we performed for you.
Health Care Operations: NeoGenomics may use or disclose your PHI in order to support the health care operations of its business and monitor the quality of the care we provide. For example, we may use information in your health record to evaluate the services we provide or to train NeoGenomics’ staff. In addition, “health care operations” include conducting quality assessment and improvement activities, including outcomes evaluation and development of clinical guidelines; patient safety activities; population-based activities relating to protocol development, case management and care coordination, contacting of health care providers and patients with information about treatment alternatives, and related functions that do not include treatment; submitting claims for stop-loss coverage; conducting or arranging for medical review, legal services, and audit services; wellness and disease management programs; and business planning, development, management and general administration of the clinical lab.
To Communicate with Individuals Involved in Your Care or Payment for Your Care: We may disclose to a family member, other relative, close personal friend or any other person you identify, PHI that is directly relevant to that person's involvement in your care or payment related to your care. We may disclose the relevant PHI to these persons if you do not object or we can reasonably infer from the circumstances that you do not object to the disclosure. If you are incapacitated, we can make the disclosure if, in the exercise of professional judgment, we believe the disclosure is in your best interests. To the extent permitted under federal and state law, we may disclose PHI of minors to their parents or legal guardians.
Business Associates: There are some services provided by NeoGenomics through contracts with business associates (e.g., billing services), and we may disclose your PHI to NeoGenomics’ business associate so that they can perform the job we have asked them to do. To protect your information, however, we require the business associate to enter into a Business Associate Agreement, which specifies the ways in which the business associate may use and disclose your PHI and must appropriately safeguard your information.
Government Agencies: We may disclose to certain government agencies (e.g., FDA, CMS, OIG, CLIA accreditation organizations, etc.), or persons under the jurisdiction of the of such agencies, PHI relative to adverse events with respect to products and/or services we provide, or information to enable product recalls, repairs, or replacements.
Worker's Compensation: We may disclose your PHI to the extent authorized by and to the extent necessary to comply with laws relating to worker's compensation or other similar programs established by law. These programs provide benefits for work-related injuries or illness without regard to fault.
Public Health: As permitted by law, we may disclose your PHI to public health or legal authorities charged with preventing or controlling disease, injury, or disability; to report the abuse or neglect of children, elders, dependent adults, or others; or to a person who may have been exposed to a communicable disease or otherwise be at risk of contracting of spreading the disease or condition.
Law Enforcement or As Otherwise Required by Law: We may disclose your PHI when required to do so by federal, state, or local law or for law enforcement purposes as permitted by law, such as in response to a valid subpoena or court order and to assist in locating suspects, fugitives or witnesses, or victims of crime.
Health Oversight Activities: We may disclose your PHI to an oversight agency for activities authorized by law. These oversight activities may include audits, investigations, and inspections necessary for licensure and for the government to monitor the health care system, government programs, and compliance with laws.
Judicial and Administrative Proceedings: We may disclose your PHI in response to a court or administrative order. We may also disclose PHI in response to a subpoena, discovery request, or other lawful process, but only if efforts have been made, either by the requesting party, or us to tell you about the request or to obtain an order protecting the information requested.
Research: Under certain circumstances, we may use and disclose your PHI for research purposes. In many cases, we will ask for your written authorization before using or sharing your PHI with others in order to conduct research. However, under some circumstances, we may use and disclose your PHI without your written authorization if an institutional review board or privacy board, applying specific criteria, determines that the particular research poses no more than minimal risk to your privacy. We may also use or disclose your PHI without your written authorization to determine whether you might qualify to participate in a research project or to prepare a future research project as long as your PHI is not removed from NeoGenomics premises. We may also use or disclose a copy of your PHI that has had your name and other information that can readily identify you removed, if the recipient of the information enters into a legal contract agreeing to protect the information from unauthorized access. Under certain circumstances, we may use and disclose your PHI for research purposes, as well as PHI of deceased persons if the research satisfies certain criteria.
Coroners and Medical Examiners: We may disclose your PHI to a coroner or medical examiner. This may be necessary, for example, to identify a deceased person or determine the cause of death. We may also disclose your PHI to funeral directors consistent with applicable law to enable them to carry out their duties.
Correctional Institution: If you are or become an inmate of a correctional institution, we may disclose to the institution or its agents PHI necessary for your health and the health and safety of other individuals.
To Avert a Serious Threat to Health or Safety: We may use and disclose your PHI, if in good faith, we believe the use or disclosure: (i) is necessary to prevent or lessen a serious and imminent threat to your health and safety or the health and safety of the public or another person, and is to a person or persons reasonably able to prevent or lessen the threat, including the target of the threat; or (ii) is necessary for law enforcement authorities to identify or apprehend an individual based on statements made by the individual admitting to participation in a violent crime, or where the individual has escaped from a correctional institution or from lawful custody, or (iii)is necessary for national security, intelligence, or protective services activities.
Military and Veterans: If you are a member of the armed forces, we may use and disclose PHI about you for activities deemed necessary by appropriate military command authorities to assure the proper execution of a military mission. For the same reason, we may also release PHI about foreign military personnel to the appropriate foreign military authority.
Disaster Relief: In the event of a disaster, we may provide your PHI to disaster relief organizations.
National Security, Intelligence Activities, and Protective Services for the President and Others: We may disclose PHI about you to authorized federal officials for the conduct of lawful intelligence, counterintelligence, protective services to the President, and other national security activities authorized by law.
Treatment Alternatives and Health-Related Benefits and Services: We may use and disclose your PHI to tell you about possible treatment options or alternatives and health-related benefits and services that may be of interest to you.
Sale or Merger: In the event of a sale or merger with another organization, your PHI will become the property of the new owner.
Use and Disclosure of PHI (WITH YOUR CONSENT)
NeoGenomics will obtain your written authorization before using or disclosing your PHI for purposes other than those provided for in this Notice (or as otherwise permitted or required by law). Examples include any uses and disclosures of your PHI for marketing purposes, and disclosures that constitute a sale of PHI require your written authorization. You may revoke this authorization in writing at any time. Upon receipt of the written revocation, we will stop using or disclosing your PHI, except to the extent that we have already taken action in reliance on the authorization.
Fundraising: NeoGenomics does not currently use protected health information (PHI) for fundraising purposes. If NeoGenomics performs fundraising activities at some future time, you may be contacted, but you would have the option to tell us not to contact you again.
Your Rights Regarding Your Health Information/PHI
Obtain a Paper Copy of the Notice upon request. You may request a paper copy of NeoGenomics’ current Notice at any time from the NeoGenomics’ Privacy Office. Even if you have agreed to receive the Notice electronically, you are still entitled to a paper copy. All requests for a paper copy of the Notice must be submitted in writing or electronically to NeoGenomics at the contact information listed below.
Right To Access And Obtain A Copy Of PHI. You (or your designated representative) have the right to access and receive a copy of your PHI that may be used to make decisions about your care or payment for your care. If we maintain the information you have requested in an electronic format you may ask for it to be provided to you electronically, and also ask us to electronically send copies to another person. To exercise this right, you must send a written request to NeoGenomics. You may use NeoGenomics “Patient Authorization for Access to Medical Information” form located here.
We may deny your request to inspect and copy in certain limited circumstances. If you are denied access to your PHI, you will receive a written denial and information regarding how your denial may be reviewed.
Request A Restriction On Certain Uses And Disclosures Of PHI. You have the right to request additional restrictions on how we use or disclose your PHI for treatment, payment, health care operations, and communications to those involved in your care by sending a written request to NeoGenomics’ Privacy Office. We will consider your request, but are not required to agree to it unless the requested restriction involves a disclosure that is not required by law to a health plan for payment or health care operations purposes and not for treatment, and you, or someone on your behalf, have paid for the service in full out of pocket. If we agree to a restriction on other types of disclosures, we will abide by them, except in emergency situations when the disclosure is for purposed of treatment. All requests for restrictions on the use or disclosure of your PHI must be submitted in writing to NeoGenomics at the contact information listed below. We retain the right to terminate an agreed-to restriction if we believe such termination is appropriate. In the event we have terminated an agreed-to restriction, we will notify you of such termination.
Request An Amendment Of PHI. You have a right to request that PHI that we maintain about you be amended or corrected. To request an amendment, you must send a written request to NeoGenomics at the contact information listed below. You must include a reason that supports your request. We may process your request in accordance with our policy, but original information will not be removed. In certain cases, we may deny your request for an amendment for various reasons, including if we did not create the information or if we believe the current information is accurate and complete. You will be notified in writing if your request is denied. If you request is denied, you have the right to submit a written statement disagreeing with the denial, which, at your request, may be appended or linked to the PHI in question. All requests for an amendment of your PHI must be submitted in writing to NeoGenomics.
Receive An Accounting Of Disclosures Of PHI. You have the right to receive an accounting of the disclosures NeoGenomics or its business associates have made of your PHI for most purposes other than treatment, payment, health care operations, and certain other limited purposes. The right to receive an accounting of disclosures is subject to certain exceptions, restrictions, and limitations. To request an accounting, you must submit your request in writing to NeoGenomics’ Privacy Office. Your request must specify the time period for which you would like an accounting, but this time period may not be longer than six years prior to your request. All requests for an accounting of the disclosures of your PHI must be submitted in writing to NeoGenomics at the contact information listed below.
Request Confidential Communications Of PHI By Alternative Means Or At Alternative Locations. You have a right to request to receive communications of PHI by alternate means or at alternate locations. For instance, you may request that we contact you about medical matters only in writing or at a different residence or post office box. To request confidential communication of your PHI, you must submit a request in writing to NeoGenomics’ Privacy Office. Your request must state how or where you would like to be contacted. All requests for communication of PHI by alternative means or at alternative locations must be submitted in writing to NeoGenomics.
Right to Receive Notification in the Event of a Breach. You have a right to receive notification if there is a breach of your unsecured PHI, except in those instances where we determine that there is a low probability that the PHI has been compromised. After learning of such a breach, we must provide notice to you without unreasonable delay and in no event later than sixty (60) calendar days after NeoGenomics’ discovery of the breach, unless a law enforcement official requires us to delay the breach notification.
Security of your PHI
Access to PHI is restricted to only those employees, agents or contractors of NeoGenomics who require it to provide services to you or your healthcare provider(s) or obtain payment from those financially responsible for payment. NeoGenomics maintains physical, technical, and procedural safeguards protecting PHI against unauthorized use and disclosure. NeoGenomics’ Privacy Office is responsible for overseeing the proper and effective implementation of all required rules and regulations, as well as policies and procedures concerning the use and disclosure or PHI, including ensuring proper educating/training, investigating all issues, complaints and concerns, audit and monitoring compliance by NeoGenomics and its employees, agents and contractors. Please note that any e-mail communication you initiate with NeoGenomics regarding your PHI is not secured in accordance with the HIPAA security standards. As a general rule, NeoGenomics will not communicate with you through e-mail unless the e-mail can be properly encrypted or with your permission/consent.
Data Protection and Privacy Statement (EU and SWISS)
NeoGenomics Laboratories, Inc., U.S.A., (“NeoGenomics-USA”) and its affiliated companies in Switzerland (“NeoGenomics-Swiss”) are committed to adhering to applicable data protection laws. This Data Protection and Privacy Statement discloses our practices with regard to the collection, processing and use of personal data of employees of NeoGenomics Switzerland, and other European/Swiss affiliates of NeoGenomics and patients undergoing clinical diagnostic testing (collectively “European Personal Data”).
Personal Data of Patients: NeoGenomics collects personal data of patients in the course of clinical diagnostic testing, such as, patient medical data and records, data of clinical diagnostic laboratory testing, name, address, and medical history potentially including diagnosed cancer. NeoGenomics may use this personal data for the following purposes: providing clinical laboratory services, including molecular diagnostic test services and providing customer service.
Personal Data of Employees: NeoGenomics Switzerland collects personal data of their employees, in the course of the employment with them, such as the employee’s name, date of birth, address, and salary information. NeoGenomics may use this personal data for general HR administrative functions, including hiring, performance assessment, and promotion, salary and benefits determinations.
Data Transfers outside the EEA and Switzerland:
European Personal Data may be transferred to NeoGenomics USA, NeoGenomics Switzerland, affiliates and subsidiaries of NeoGenomics, business partners, and service providers (“Data Recipients”) for the purposes listed above. Personal Data that is transferred, will be protected in accordance with this Privacy Notice and applicable law.
Data Recipients may be located in countries outside the European Economic Area and Switzerland (“Third-Countries”) in which an adequate level of data protection equivalent to the European Union, the European Economic Area or Switzerland may not be guaranteed. If Data Recipients are located in Third-Countries without an adequate level of data protection, such as the United States, NeoGenomics has implemented appropriate measures to guarantee that the European Personal Data transferred are adequately safeguarded, e.g. by concluding EU Standard Contractual Clauses for transfer of personal data to third-countries, respectively, with the Data Recipients.
Data Security, Integrity and Access: NeoGenomics takes reasonable precautions to protect European Personal Data from loss, misuse and unauthorized access, disclosure, alteration and destruction. NeoGenomics makes reasonable efforts to keep European Personal Data reliable for its intended use, accurate, current and complete. NeoGenomics provides European data subjects with access to their personal data with the opportunity to review and correct their personal data. European data subjects may request access to their personal data by submitting a written request to NeoGenomics’ Privacy Office. NeoGenomics reserves the right to take reasonable steps to authenticate the identity of any individual seeking access to their Personal Data.
Other Disclosures: In the case of a legally binding order for access to the European Personal Data by an authorized public authority, NeoGenomics may disclose European Personal Data to the extent necessary to comply with such binding order. In any such event, NeoGenomics will use its reasonable efforts to comply with the data disclosure rules under GDPR and FDAP and seek that any disclosures of the personal data by it to any public authority are not massive, disproportionate and indiscriminate in a manner that it would go beyond what is necessary.
To file a complaint with NeoGenomics, you must submit a written complaint to NeoGenomics’ Privacy Office at the address listed below. Any submission must be marked “Confidential,” and should include your name, address, and telephone number where we can contact you (unless you chose to remain anonymous) and a brief description of your concern, issue, or complaint. Filing a complaint will not affect your rights to your personal data or services provided by NeoGenomics.
How to Contact Us
If you would like to exercise your rights or would like additional information about NeoGenomics' privacy practices, you may contact:
|By Mail:||NeoGenomics Laboratories, Inc.|
Attn: Stephanie Bywater, Chief Compliance Officer
12701 Commonwealth Drive, Suite 5
Fort Myers, Florida 33913
|By Telephone:||1-(866) 776-5907 x2225|
If you believe your privacy rights have been violated, you may also file a complaint with NeoGenomics’ Privacy Office or with the applicable agency listed below:
|U.S. Based Individuals|
|By Mail:||Office for Civil Rights|
The U.S. Department of Health and Human Services
200 Independence Avenue, S.W.
Washington, D.C. 20201
|By Telephone:||1-202-619-0257 or toll free at: 1-877-696-6775|
E.U. Based Individuals
Report should be done to the Data Protection Authority (DPAs) in the EU Member State in which the individual resides.
(DPAs contact information: http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm)
|Swiss Based Individuals|
Report should be done to the applicable Cantonal or Municipal Data Protection Authority (DPAs).
(DPAs contact information: https://www.edoeb.admin.ch/edoeb/en/home/the-fdpic/links/data-protection---switzerland.html)
|Singapore Based Individuals|
|By Mail:||Personal Data Protection Commission|
10 Pasir Panjang Road
#03-01 Mapletree Business City
Attn: Officer-in-charge, Enforcement
Changes to this Notice
NeoGenomics reserves the right to change its practices and the terms of this Notice as, and to the extent permitted by law, to make the new Notice effective for all PHI and personal data we maintain without prior notice to you. The new Notice will be available upon request and on our web site.
Obtaining a Copy of this Notice
You are permitted to print or make a copy of this Notice for your records. If you do not have the ability to print or make a copy, you may request one by contacting the NeoGenomics’ Privacy Office at the address listed above.
This Notice was revised and became effective as of January 1, 2021.
Purpose of Policy
What information do we collect?
We collect information from you when you voluntarily submit information on this website, send an email from this website, place an order or submit an inquiry such as email, or participate in another website function or feature.
When you submit an inquiry or contact our Customer Service department, we may ask you for your name, email address, mailing address, phone number, or other information. You may, however, visit our website without providing such information.
Like many websites, we use "cookies" or other technology to enhance your experience and gather information about visitors and visits to our websites. Please refer to the "Do we use 'cookies'?" section below for information about cookies and related technology and how we use them.
By accessing our website, our internet servers automatically record information your internet browser sends when you visit a website (a “Log”). These Logs may contain information such as your internet protocol (IP) address, browser version, domain name, language, date and time, the referring web site and information in your cookie files. We do not currently, but may also in the future present internet hyperlinks to other websites in a format that enables us to track whether those links have been followed. We would only use this information to improve the quality of the services we offer.
We will only use your personal information in order to (i) provide our services or information about our services to you, (ii) analyze in order to improve our services and operations, (iii) engage in product development and (iv) fulfill the specific reasons outlined in our website when we collect your information.
If we use your information for a purpose different from those outlined above, we will ask for your consent prior to such use. You may choose to opt-out of such use at such time. You may also request we remove your personal information from our active systems at any time by contacting us at the email or street address noted above.
How do we use your information?
To personalize your website experience and to allow us to deliver the type of content and product offerings in which you may be most interested.
To allow us to better serve you in responding to your customer service requests.
To enhance the website based on your user experience.
To register you as a user of this website.
To quickly process your transactions and communicate with you regarding your order.
To confirm your orders.
To deliver services.
To prevent fraud and bill you for services provided.
How do we protect visitor and customer information?
Do we use "cookies"?
We may contract with third-party service providers to assist us in better understanding our website visitors. These service providers are not permitted to use the information collected on our behalf except to help us conduct and improve our business. You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser (like Mozilla Firefox or Internet Explorer) settings. Each browser is a little different, so look at your browser Help menu to learn the correct way to modify your cookies. If you turn cookies off, you may not have access to features that make your website experience more efficient and some of our services may not function properly. Our servers automatically recognize visitors' domain names and IP addresses (the number assigned to computers on the Internet). No personal information about you is typically revealed in this process. This website may also gather anonymous "traffic data" that does not personally identify you, but that may be helpful for marketing purposes or for improving the services we offer. This website may also use other technology to collect information from time to time.
NeoGenomics uses Google Analytics to collect and analyze statistical data about our website visitors. We may use Google advertising services, including a remarketing function, to arrange for you to see NeoGenomics ads when you visit certain third party websites. These analytic and advertising services do not collect personally identifiable information. If you wish to opt out of the use of non-personally identifiable data by Google Analytics, you may do so by adjusting your Google Ad Settings.
We do not provide any personally identifiable information that we collect to advertisers unless you have given us permission to do so.
Do we disclose the information we collect to outside parties?
How do we protect the privacy of children?
This website is not directed at nor targeted to children. Users of this website must be at least 18 years old. We do not use this website to knowingly solicit personal information from or market to anyone under the age of eighteen. Our goal is to comply with laws and regulations relating to the collection and use of information from children, including the Children's Online Privacy Protection Act (COPPA), if and to the extent that such laws may be applicable to the operation of this website. If you believe that we have received information from a child or other person protected under such laws, please notify us immediately through one of the contact methods listed below and we will take reasonable steps to remove such information from our databases.
Affiliate and third party links
Retention of Collected Information
We may retain the voluntary information you have provided to us, or that we have otherwise collected as described in this policy, in order to comply with law or contractual obligations. In some cases, the information may be retained indefinitely.
Changes to our policy
By visiting our website and providing us with data, you acknowledge and consent that we may use the data collected in the course of our relationship for the purposes identified in this policy or in our other communications with you, including the transmission of information outside your resident jurisdiction. In addition, such data may be stored on servers located in the United States or elsewhere. By providing us with your data, you consent to the transfer of such data and storage of such data within the United States.
Questions and feedback
We welcome your questions, comments, and concerns about privacy. Please send us any and all feedback pertaining to privacy, or any other issue through the contact information below.
Online policy only
Patient health information/protected health information
NeoGenomics maintains a separate Notice of Privacy Practices related to its use and disclosure of patient health information/protected health information. Please visit our Notice of Privacy Practices section for more information.
For more information
If you have questions or would like additional information about NeoGenomics’ privacy policies, you may contact:
|By Mail:||NeoGenomics Laboratories, Inc.|
Attn: Chief Compliance Officer
12701 Commonwealth Drive, Suite 9
Fort Myers, Florida 33913
California Residents (CCPA)
Effective Date: January 1, 2021
Purpose of Policy
The California Consumer Privacy Act of 2018 (“CCPA”) confers new privacy rights for California residents as well as requirements that businesses, such as NeoGenomics, must adhere to in order to remain compliant with the Act, which is effective as of January 1, 2020. The provisions of this policy only apply to natural persons who are classified as California residents as defined in Section 17014 of Title 18 of the California Code of Regulations: (1) every individual who is in California for other than a temporary or transitory purpose, and (2) every individual who is domiciled in California who is outside California for a temporary or transitory purpose.
The following Personal Information does not apply to the provisions in this policy: 1). Medical Information governed by the Confidentiality of Medical Information Act (“CMIA”), or by the Privacy and Security rules pursuant to the Health Insurance Portability and Accountability Act (“HIPAA”); 2). Patient Information maintained by NeoGenomics in the same manner as Medical or Protected Health Information (“PHI”); 3). Information collected as part of a clinical trial subject to the Federal Policy for the Protection of Human Subjects.
- CCPA: California Consumer Privacy Act of 2018, effective January 1, 2020
- Consumer: a natural person who is a California resident
- Personal Information: information, either directly or in combination with other information, that identifies, relates to, describes, is capable of being associated with or could be reasonably linked to a particular consumer or household.
- “Sell, “Selling”, “Sale”, or “Sold”: selling, renting, releasing, disclosing, disseminating, making available, transferring or otherwise communicating a consumer’s Personal Information to another business or third party for monetary or other valuable consideration.
Right to Know (Notice & Access)
You have the right to know the following as consumers:
- Personal Information that NeoGenomics has collected about you
- Categories of Personal Information that NeoGenomics has collected or sold about you
- The business purpose for which NeoGenomics has collected or sold the categories of your Personal Information
- Categories of third parties to whom NeoGenomics has sold your Personal Information.
What categories of Personal Information do we collect?
|Categories of Personal Information||Description/Examples||Purpose(s) of collection and/or disclosure by NeoGenomics|
|Identifiers||Name, postal address, IP address, email address||To address an inquiry or order that you submit through our website or through our Customer Service department; to protect against any deceptive, fraudulent, malicious or illegal activity|
|Personal Information (as defined in subdivision “e” of California Civil Code 1798.80)||Name, address, telephone number, social security number, insurance policy number, medical information and health information||To address an inquiry or order that you submit through our website or through our Customer Service department; to protect against any deceptive, fraudulent, malicious or illegal activity|
|Characteristics of protected classifications under California or Federal Law||Sex, age, medical conditions and information||To address an inquiry or order that you submit through our website or through our Customer Service department; to protect against any deceptive, fraudulent, malicious or illegal activity|
|Commercial Information||Transaction information, payment history, financial details|
|Biometric Information||Imagery of the iris, retina, fingerprint, face, hand, palm, vein patterns, and voice recordings, from which an identifier template, such as a faceprint, a minutiae template, or a voiceprint, can be extracted, and keystroke patterns or rhythms, gait patterns or rhythms, and sleep, health, or exercise data that contain identifying information.||NeoGenomics does not collect this type of Personal Information|
|Internet or other electronic network activity information||Information regarding a consumer’s interaction with an internet Web site, application or advertisement||To enhance your experience, gather information about visitors and visits to our websites and improve the quality of the services we offer.|
|Geolocation data||Data derived from a device and that is used or intended to be used to locate a consumer within a geographic area that is equal to or less than the area of a circle with a radius of 1,850 feet, except as prescribed by regulations.||NeoGenomics does not collect this type of Personal Information.|
|Audio, electronic, visual, thermal, olfactory, or similar information||Audio or call recordings||To address an inquiry or order that you submit through our website or through our Customer Service department; to protect against any deceptive, fraudulent, malicious or illegal activity; and improve the quality of the services we provide|
|Professional or employment-related information||Work history, previous employers||To support Human Resources, data necessary in order to provide administrative services related to employment and potential employment|
|Education information||As defined by Family Educational Rights and Privacy Act (20 U.S.C. Sec. 1232g; 34 C.F.R. Part 99)||To support Human Resources, data necessary in order to provide administrative services related to employment and potential employment|
Inferences drawn from any of the information used to create a profile about a consumer
|Consumer’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities and aptitudes.||NeoGenomics does not collect this type of Personal Information|
Sale of Personal Information
Medical professionals’ identifiable contact information is sold to third parties, including companies that sponsor clinical trials. These companies may contact the medical professional directly in connection with clinical trials that they sponsor. The medical professional has the right to opt-out of such sale at any time via the opt-out link, located on NeoGenomics’ website. You may also submit your request by mail, e-mail or phone (refer to the “How to Exercise Your Rights” section
In the preceding twelve (12) months, NeoGenomics has sold the following categories of Personal Information:
|Categories of Individuals||Categories of Personal Information||Description/Examples||Categories of Third Parties to Whom Personal Information was Sold|
|Medical Professionals||Identifiers||Name, address of medical practice, email address||Pharmaceutical Companies sponsoring Clinical Trial Studies|
|Medical Professionals||Personal Information (as defined in subdivision “e” of California Civil Code 1798.80)||Name, address of medical practice, telephone number||Pharmaceutical Companies sponsoring Clinical Trial Studies|
Right to Opt-Out
You have the right to direct NeoGenomics not to sell your Personal Information at any time. To exercise the right to opt-out, you (or your authorized representative) may submit a request to us by clicking here: Do Not Sell My Personal Information. However, you may change your mind and opt back in to Personal Information sales at any time by contacting us at email@example.com. You do not need to create an account with us to exercise your opt-out rights. We will only use Personal Information provided in an opt-out request to review and comply with the request.
Right to Delete
You have the right to request that NeoGenomics delete any Personal Information we have collected from you, with certain exceptions and limitations. NeoGenomics shall not be required to fulfill a consumer request to delete Personal Information we have collected if it is necessary for NeoGenomics to do any of the following:
Complete a transaction for which the Personal Information was collected, provide a good or service requested by the consumer, or otherwise perform a contract between NeoGenomics and the consumer.
Detect security incidents, protect against deceptive, fraudulent, malicious or illegal activity; or prosecute those responsible for such activity.
Debug to identify and repair errors that impair existing intended functionality.
Ensure another consumer’s right to exercise free speech or exercise another right provided for by law.
Comply with the California Electronic Communications Privacy Act pursuant to Chapter 3.6 (commencing with Section 1546) of Title 12 of Part 2 of the Penal Code.
Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the deletion of the information is likely to render impossible or seriously impair the achievement of such research, if the consumer has provided informed consent.
To enable solely internal uses that are reasonably aligned with the expectations of the consumer based on the consumer’s relationship with NeoGenomics.
Comply with a legal obligation.
Right to Non-Discrimination
NeoGenomics will not discriminate against any consumer who wishes to exercise any of the rights available to them under the CCPA. Discrimination includes but is not limited to the denial of goods or services, charging different rates for goods or services, or providing a different level or quality of goods or services.
How to exercise your rights
You may exercise your right to opt out here and completing the online form. You may also submit your request by mail, e-mail or phone (information below).
All other requests, complaints, or inquiries can be submitted by mail, e-mail or phone to:
|By Mail:||NeoGenomics Laboratories, Inc.|
Attn: Chief Compliance Officer
12701 Commonwealth Drive, Suite 9
Fort Myers, Florida 33913
|By Phone:||(866) 776-5907 x2225|
Upon receipt of a verifiable and reasonable consumer request to “know” or to “delete”, NeoGenomics will confirm receipt and process the request within 45 days of receiving the request. Only requests submitted by the consumer or someone legally authorized to act on the consumer’s behalf will be considered, and the request must provide sufficient information in order for NeoGenomics to properly authenticate and fulfill the request.
NeoGenomics will provide the consumer with a disclosure of information, free of charge and in writing, within 45 days of receiving a verifiable and reasonable consumer request to “know”. As a business, our obligations with the consumer’s right to “know” are limited to no more than two (2) requests within a twelve (12) month period, and the amount of personal information collected in the twelve (12) month period prior to NeoGenomics receipt of the consumer’s request. Additionally, if a consumer request is determined to be unfounded or excessive, NeoGenomics reserves the right to charge a reasonable fee or refuse to fulfill the request and notify the consumer of the reason for refusal.
Changes to our policy
NeoGenomics will review and, if necessary, update this policy at least once every twelve (12) months and more frequently as needed. If any changes are made to this policy, we will post those changes on this page. This policy was last modified on December 31, 2020.