Privacy Practices

Notice of Privacy Practices for health information under HIPAA.

verified_user HIPAA Compliant lock AES-256 Encrypted health_and_safety Patient Rights Protected
calendar_today Effective: March 1, 2025 health_and_safety HIPAA Compliant
info

THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.

What Data Does the App Collect?

The YourMainLab app and services collect the following categories of data:

  • Health & Medical Data: Test orders, results, diagnoses, and medical history you provide
  • Identifiers: Name, email, phone, date of birth, address
  • Financial Data: Payment methods and insurance information for billing
  • Location Data: For mobile phlebotomy scheduling (with permission only)
  • Usage Data: App interactions, pages visited, and feature usage for improvement
  • Device Data: Device type, OS version, and crash reports for technical support

How We Use Your Protected Health Information

We may use and disclose your health information for treatment (sharing results with your doctors), payment (processing insurance claims), and healthcare operations (quality improvement, training, legal compliance). These uses require no additional authorization.

chevron_right

Treatment

We share your health information with healthcare providers involved in your care to coordinate and deliver laboratory services and test results.

chevron_right

Payment

Your information may be used to obtain payment for services, including submitting claims to insurance companies and processing billing transactions.

chevron_right

Healthcare Operations

We may use your information for internal operations such as quality assessment, staff training, accreditation, and legal compliance activities.

Your Rights Under HIPAA

As a patient, you have the following rights regarding your Protected Health Information (PHI):

  • Right to access and receive a copy of your health records
  • Right to request corrections to inaccurate records
  • Right to an accounting of disclosures
  • Right to request restrictions on certain uses
  • Right to receive confidential communications
  • Right to file a complaint without retaliation

Data Retention

We retain your health records for a minimum of 7 years as required by state and federal regulations. App usage data is retained for 2 years. You may request deletion of non-health data at any time.

Data Sharing

We do not sell your personal data. We may share your information only in the following circumstances:

  • With your consent: When you explicitly authorize sharing with a third party
  • Service providers: Accredited lab partners and IT service vendors under strict agreements
  • Legal requirements: When required by law, court order, or regulatory authorities
  • Public health: Mandatory reporting to health authorities as required by law

Security Measures

YourMainLab employs comprehensive safeguards to protect your information:

  • Encryption: AES-256 encryption for data at rest and TLS 1.3 for data in transit
  • Access Controls: Role-based access with multi-factor authentication for all staff
  • Audits: Regular third-party security audits and HIPAA compliance assessments
  • Training: Mandatory annual privacy and security training for all employees

Complaints

To file a complaint, contact our team at contact@yourmainlab.com or submit directly to the U.S. Department of Health and Human Services. We will not retaliate against you for filing a complaint.