PRIVACY POLICY

Effective Date: January 15, 2024

This Privacy Policy outlines the data handling practices of Command Health LLC ("we," "us," or "our") with respect to the personal and genetic health information of our users ("you" or "your"). Our commitment to your privacy is paramount, and we adhere strictly to the requirements of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and relevant regulations. 

1. Collection of Information

We gather information that you or your authorized healthcare provider shares with us, including your personal details, medical history, and genetic data, all of which are considered protected Personal Health Information (PHI). Additionally, as part of our commitment to providing quality genetic counseling services, we may record or transcribe our phone calls and/or meetings with you for quality assurance and accuracy in documentation. Secure access is restricted to authorized personnel only. 

2. Use of Information

Use of your information is required in order to offer you our personalized genetic counseling services. This includes but is not limited to: 

- Delivering accurate genetic counseling based on your genetic information and family history.

- Facilitating ongoing support and communication regarding your healthcare/genetic health.

- Ensuring the effectiveness and continuous improvement of our service. 

3. Disclosure of Information

Your PHI will never be disclosed except in the following circumstances: 

- To your referring authorized healthcare provider, as part of a coordinated care approach.

- Directly to you upon your verified request.

- To individuals you have expressly authorized in writing to receive your information. 

We will never disclose your PHI for any other purpose, including marketing or sales, without your explicit consent. These privacy requirements are a matter of law, regulation, and our HIPAA required Business Associate Agreements (BAA). 

4. Audit Trail

We maintain a comprehensive audit trail for all interactions with patient records and recorded conversations, ensuring full traceability and accountability as per HIPAA standards. 

5. Data Security

We maintain a HIPAA compliant, comprehensive audit trail for all interactions with PHI, assuring full traceability and accountability as per the HIPAA and HITECH acts. Command Health’s data security measures meet or exceed all HITECH and HIPAA requirements and legal obligations. 

6. Policy Updates

We may modify this Privacy Policy occasionally to reflect changes in regulatory or legal requirements. This policy is current as of the "Effective Date" shown above. 

7. Contact Information

For questions or concerns about this Privacy Policy, or to request us to share PHI on your behalf, please contact us at: privacyofficer@commandhealth.com 

Command Health LLC