Legislation that protects your information
The Genetic Information Nondiscrimination Act (GINA) was legislation passed by the United States Congress in 2008 to protect people from discrimination in health insurance and in employment on the basis of genetic information.
GINA prohibits the use of genetic information in making employment decisions, restricts employers from requesting or requiring genetic information, and strictly limits the disclosure of genetic information. It also prohibits discrimination based on genetic information by group health plans and health insurance issuers. For more information on GINA, please visit http://www.dol.gov/ebsa/faqs/faq-GINA.html.
The Health Insurance Portability and Accountability Act (HIPAA) protects the privacy of individually identifiable health information, sets standards for the security of electronic protected health information. For more information on HIPAA, please visit http://www.hhs.gov/ocr/privacy/.
Revolution Medicine respects your privacy and protects your privacy by
- storing data on secure, HIPAA-compliant servers
- providing you access to your password-protected information through a website using secure protocols
- providing you the ability to decide with which healthcare providers you share your DNA information
Revolution Medicine does not sell, rent, lease, or share your personally identifiable information or your DNA information without your explicit consent.
Information That We Collect
Your Information consists of your Registration Information and your Individual DNA Information. Other information that we (Revolution Medicine) may collect includes self-reported information, web usage information (including the use of web browser cookies), and referral information.
Registration Information is your information such as name, date of birth, email, address, user ID, password, phone number, referring physician, payment information, etc. that is required to set up your account and to verify your identity to access results. You may update certain aspects of your Registration Information to keep your information up-to-date at My Account.
Individual DNA Information is your genotype information derived from laboratory testing of the blood, saliva, or cheek swab specimen that you provide to us for the purposes of testing and analysis. This information may also include genotype results and data files that you have received from other laboratories and decide to send to us for analysis.
Self-reported Information is information that you choose to share with us in answers to voluntary surveys and questionnaires, discussion forums, chat sessions, or social media such as Twitter, Facebook, etc.
Referral Information is information that you provide to us when recommending our services to another individual, physician, or other entity.
Aggregated Information is a collection of de-identified DNA Information and Self-Reported Information that cannot be connected to any specific individual or individuals.
How We Use Your Information
We will use your Registration Information for purposes that include setting up and managing your account, tracking your DNA sample, processing and collecting payment for our services, reporting your results, notifying you when results are ready allowing and authenticating access to the results to you and your authorized healthcare providers, providing customer service, and tracking site usage. From time to time, we may contact you via email with newsletters or promotional information. You may opt out of these emails at any time by clicking unsubscribe at the end of the message or by contacting firstname.lastname@example.org. If you opt out, you will still receive emails regarding your account and results.
We will use the information from your DNA sample (Individual DNA Information) and Self-reported Information to generate reports and personalized information for you and your authorized healthcare providers, to direct you to content on the website, and to other relevant information. We will never disclose your Individual DNA Information or Self-reported Information to third parties without your explicit consent unless required by law. We may combine DNA Information and Self-reported Information from many individuals (Aggregated Information) in a de-identifiable manner, i.e., so that the Aggregated Information cannot be linked back to a specific individual, for internal research and development and/or collaborations with other entities and for product improvement purposes.
Information Disclosure Required by Law
You acknowledge and agree that Revolution Medicine can preserve and disclose any and all Information pursuant to judicial and other government subpoenas, warrants, or orders, or in coordination with regulatory authorities. We may also preserve or disclose any and all Information that we believe in good faith is necessary to (a) comply with a legal or regulatory process, obligations to ethical or professional rules, laws, and regulations; (b) respond to claims that any content or actions violates the rights of third parties; or (c) protect the rights, property, or personal safety of Revolution Medicine, its employees, its users, its clients, or the public. In the event that we are required by law to make a disclosure, we will notify you through the contact information that you have provided to us as part of your Registration Information unless we are prohibited by law or court order.
The security of your Information is very important to us. We protect your information by utilizing the most up-to-date security protocols, including encryption by Secure Socket Layer (SSL) technology, and by storing data on HIPAA-compliant servers. All user accounts have a unique username and require a password to login. By using this website and having an account, you agree that you will keep your password secure and not disclose your password to third parties. If you would like for a third party, such as a healthcare provider that you authorize, to have access to your Information, then you can fill out the Healthcare Provider Authorization Form, which can be found at My Account. If your password becomes known to a third party, you should contact us immediately at email@example.com.
We provide links on our website to outside, third-party websites and organizations with which we are not affiliated. We do not disclose your Information to these organizations. We do not review, or endorse, or claim responsibility for the privacy policies of these outside websites and encourage you to review the individual privacy policies of all websites that you visit.
Updating Your Information
Closing Your Account
You may close your account by sending a request to firstname.lastname@example.org. We will contact you to verify that you have authorized the closing of your account. We will delete your account within thirty (30) days of receiving confirmation of your request for cancellation. We may retain de-identified Information or retain back-up copies of Information according to our data security protocols. The laboratory may retain your Individual DNA Information as required by law or regulatory agencies. We will retain Registration Information as needed to comply with accounting and regulatory purposes.