ProteusDx™
YOUR PRIVACY MATTERS

Privacy Policy

Last Updated: December 8, 2024

Introduction

FirstVitals dba ProteusDx™ ("ProteusDx™," "we," "us," or "our") is committed to protecting your privacy and ensuring the security of your personal health information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our services, including our website, mobile applications, and capsule endoscopy diagnostic services.

We are committed to compliance with the Health Insurance Portability and Accountability Act (HIPAA), the Health Information Technology for Economic and Clinical Health (HITECH) Act, and other applicable privacy laws and regulations.

Information We Collect

Personal Information

We collect personal information that you provide directly to us, including:

  • Name, date of birth, and contact information (email, phone, address)
  • Insurance information and payment details
  • Login credentials and account preferences
  • Communication preferences and correspondence with us

Protected Health Information (PHI)

As a healthcare service provider, we collect and maintain Protected Health Information, including:

  • Medical history, symptoms, and health assessment responses
  • Diagnostic images and videos from capsule endoscopy procedures
  • Laboratory results and clinical findings
  • Treatment plans, prescriptions, and clinical notes
  • Healthcare provider communications and referrals

Technical Information

We automatically collect certain technical information when you use our services:

  • Device information (type, operating system, browser)
  • IP address, location data, and time zone settings
  • Usage data (pages visited, features used, time spent)
  • Cookies and similar tracking technologies

How We Use Your Information

Treatment and Care Coordination

We use your health information to provide diagnostic services, coordinate care with your healthcare providers, and support clinical decision-making.

Payment and Operations

We process your information for billing, insurance claims, payment processing, and business operations including quality improvement and regulatory compliance.

Communication

We use your contact information to send appointment reminders, test results, service updates, and respond to your inquiries.

Research and Development

With your consent or as permitted by law, we may use de-identified data for research to improve diagnostic accuracy and develop new healthcare solutions.

Information Sharing and Disclosure

We do not sell your personal or health information. We may share your information only in the following circumstances:

Healthcare Providers

With your ordering physician and healthcare team for treatment and care coordination purposes.

Business Associates

With HIPAA-compliant service providers who assist with laboratory services, IT infrastructure, payment processing, and other business functions.

Legal Requirements

When required by law, court order, or to comply with legal processes, public health requirements, or law enforcement requests.

With Your Consent

For any other purpose with your explicit written authorization, which you may revoke at any time.

Data Security

We implement comprehensive security measures to protect your information from unauthorized access, use, or disclosure:

Encryption

All data is encrypted in transit (TLS 1.3) and at rest (AES-256) to prevent unauthorized access.

Access Controls

Role-based access controls ensure only authorized personnel can access your information.

Audit Logging

Comprehensive audit trails track all access to and modifications of protected health information.

Regular Testing

Security assessments, penetration testing, and vulnerability scans are conducted regularly.

Your Privacy Rights

Under HIPAA and applicable privacy laws, you have the following rights regarding your health information:

Right to Access

Request and receive a copy of your health records in electronic or paper format.

Right to Amend

Request corrections to inaccurate or incomplete health information.

Right to Accounting

Receive a list of certain disclosures of your health information.

Right to Restrict

Request restrictions on certain uses and disclosures of your information.

Right to Confidential Communications

Request communications by alternative means or at alternative locations.

Right to Notification

Be notified of any breach of your unsecured health information.

Data Retention

We retain your health information for as long as necessary to fulfill the purposes outlined in this Privacy Policy and as required by applicable laws and regulations:

  • Medical records are retained for a minimum of 7 years from the date of last service, or longer as required by state law
  • Diagnostic images and reports are maintained according to FDA and CLIA retention requirements
  • Billing and insurance records are kept for 7 years for tax and audit purposes
  • De-identified research data may be retained indefinitely for scientific purposes

Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience, analyze usage patterns, and improve our services. You can control cookie preferences through your browser settings, though some features may not function properly if cookies are disabled.

Essential Cookies

Required for authentication, security, and core functionality.

Analytics Cookies

Help us understand how users interact with our services to improve performance.

Preference Cookies

Remember your settings and preferences for a personalized experience.

Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from minors without parental or guardian consent. If we become aware that we have collected information from a minor without proper consent, we will take steps to delete such information promptly.

Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by:

  • Posting the updated policy on our website with a new "Last Updated" date
  • Sending email notifications for significant changes
  • Displaying prominent notices on our platform

Your continued use of our services after changes are posted constitutes acceptance of the updated Privacy Policy.

Contact Us

If you have questions about this Privacy Policy, wish to exercise your privacy rights, or need to report a privacy concern, please contact us:

Privacy Officer

FirstVitals dba ProteusDx™

2605 Camino Tassajara #2500

Danville, CA 94526