Duritect™ tests
Patients and Caregivers Duritect™ for patients and caregivers
Get tested for Alzheimer’s disease
Get tested for Parkinson’s disease
Provider Duritect™ for healthcare providers
Duritect-AD™ test for Alzheimer’s disease
Duritect-PD™ test for Parkinson’s disease
Science and Research
News and events
About us

HIPAA Policy

NOTICE OF PRIVACY PRACTICES

Effective: April 2025

THIS NOTICE OF PRIVACY PRACTICES (“NOTICE”) DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW THIS NOTICE CAREFULLY.

As a leader in biomarker testing, Durin Life Sciences (“Durin,” “we” or “us”) is bound by several laws, regulations and requirements, including the Health Insurance Portability and Accountability Act of 1996, commonly known as HIPAA. Under HIPAA, Durin is required to maintain the privacy of health information that identifies you, called Protected Health Information (PHI), and to provide you with notice of our legal duties and privacy practices regarding your PHI.

Protecting the privacy of PHI is paramount to Durin’s business, and we are committed to ensuring the confidentiality of your information. Some state laws may offer more protection of your information than federal law, while some federal law gives more protection than state law. In either case, we will apply the laws that protect your information the most.

Durin does not sell its patients’ PHI, nor do we sell any “Personal Information” we collect of our customers as defined under state privacy laws (i.e., personally identifiable Information) collected outside of Durin’s provision of healthcare services and not covered by HIPAA, such as an IP address collected when visiting our website, or information provided by a healthcare provider when they sign up for a Durin biomarker test. Likewise, Durin does not share your PHI for marketing purposes unless you have given us your permission to do so.

WHAT IS PROTECTED HEALTH INFORMATION?

“Protected Health Information,” or “PHI,” is any information about you that may identify you and relates to your physical or mental health or condition, the provision of healthcare services to you, and/or payment for those services. Examples of PHI include your name, home address, date of birth, email address, phone number, insurance identification number, medical history, and laboratory test results. We receive PHI about you from healthcare providers who order our laboratory tests for you, and we create PHI when we provide and bill for our laboratory testing and other services. We retain your PHI as part of your medical record to continue to provide our services and to comply with legal requirements.

OUR RESPONSIBILITIES

We are required by law to give you notice of our legal duties and privacy practices concerning your PHI. This Notice describes your rights, as well as our rights and obligations to include disclosure of your PHI.

We are required by law to maintain the privacy and security of your PHI and utilize technical, physical ,and administrative safeguards to fulfill those requirements.

In most cases, when we make a disclosure of your PHI, we are required to adhere to HIPAA’s “Minimum Necessary” standard, which means that we must make “reasonable efforts” to limit the disclosure of your PHI to the “minimum necessary” needed to accomplish the intended purpose of the use or disclosure.

We will notify you in accordance with all applicable laws and timelines if a breach occurs that may have compromised the privacy or security of your information.

We must follow the duties and privacy practices described in this Notice and give you a copy of it.

We will not use or share your health information other than as described here unless you tell us we can in writing. If you tell us we can, you may still change your mind at any time. Please let us know, in writing, if you change your mind.

USES OR DISCLOSURES OF YOUR PHI.

We may use or disclose your PHI for certain purposes without your authorization, as set out in more detail below. In reading the purposes set out below, however, please keep the following in mind:

Not every use or disclosure is listed in this Notice, but all of our uses or disclosures of your PHI will fall into one of the categories listed below.

Some of the uses and disclosures described below may be limited or restricted by state laws or other legal requirements, for example, the Clinical Laboratory Improvement Amendments of 1988 (CLIA). Please contact our Privacy Office, using the contact information provided at the end of this Notice, for specific information regarding your state.

Uses or Disclosures of Your PHI Without Your Authorization:

Treatment, Payment and Healthcare Operations: The primary purpose for which we use and disclose your PHI without authorization are for your treatment, for billing, for collecting payment for services rendered and for healthcare operations.

Treatment. We may use or disclose your PHI to physicians, clinics, nurses, labs, and other health care professionals who provide you with health care services and/or are involved in the coordination of your care, such as providing your physician with your laboratory test results.

Example: Your health information may be provided to a health care provider to whom you have been referred so as to ensure that the health care provider has appropriate information regarding your previous treatments and diagnoses.

Payment. We may use or disclose of your PHI to bill and collect payment for laboratory or genetic counseling services that we provide. For example, Durin may provide PHI to your health plan to receive payment for the health care services provided to you.

Healthcare operations. We may use or disclose your PHI when necessary to operate our organization and provide our services. Durin may also disclose PHI to other healthcare providers or health plans that are involved in your care for their health care operations.

For example, to evaluate the quality of our labs or testing, validating the accuracy of results, obtaining or maintaining our accreditation and for Durin’s operation and management purposes. 

Business Associates. We may provide your PHI to other companies or individuals that need the information to provide services to us. These other entities, known as “business associates,” are subject to specific written contracts, referred to as “business associate agreements”, which require them to maintain the privacy and security of health information. Example: we may provide information to companies that assist us with billing for our services. We may also use an outside collection agency to obtain payment when necessary.

Compliance with law. We may share your PHI if state or federal laws require it, including with the Department of Health and Human Services or your state health regulator, in order to validate that we’re complying with all applicable privacy laws. We will share your information with health oversight agencies for activities authorized by law and for special government functions such as military and national security purposes.

De-Identified Information. We may use your PHI to create “de-identified” information, which means removing certain identifiers (as specified in HIPAA) so that it is unlikely that you could be identified. There are specific rules under the law about how to de-identify data, and what types of information need to be removed before information is considered de-identified. Once de-identified as required by law, information is no longer considered to be PHI, and we may use it for any lawful purpose.

Organ and tissue donation. We may share PHI about you with organ procurement organizations.

Public health and Safety. We may share PHI about you in order to protect you or the public, such as (note: we generally have to meet a number of conditions under the law before we are permitted to share your information for these purposes):

  • Preventing disease;
  • Helping with product recalls;
  • Disaster relief;
  • Reporting adverse reactions to medications;
  • Reporting suspected abuse, neglect, or domestic violence; and
  • Preventing or reducing a serious threat to anyone’s health or safety.

Respond to lawsuits and legal actions. We can share health information about you in response to a court or administrative order, or in response to a subpoena.

Sale, Merger, etc. We may disclose your PHI if all or part of Durin is sold, merged, dissolved, acquired, or involved in a similar transaction.

Workers Compensation. We can use or share your PHI for workers’ compensation claims.

Work with a medical examiner or funeral director. We can share your PHI with a coroner, medical examiner, or funeral director, if you are deceased. Please note that HIPAA continues to provide your health information for up to 50 years after the date of your death.

Uses or Disclosures of Your PHI With Your Authorization:

Highly Sensitive Information. Some types of medical information are particularly sensitive. Federal or state law may require us to obtain your written permission or, in some cases, a court order, to disclose that information. Examples include information dealing with matters such as genetic testing, HIV/AIDS, mental health (including psychotherapy notes), alcohol and substance abuse, or sexual assault.

Research (as defined by law). We may use or disclose your PHI for research purposes, as authorized by HIPAA. Durin may further use your PHI in preparation for conducting research, such as to develop a research plan or by reviewing records internally to identify qualified participants. Research is carried out in such a way that protects the confidentiality of your PHI, and may be conducted internally at Durin, or in collaboration with external researchers who are obligated by contract and/or HIPAA to protect your PHI. Durin may use or disclose PHI of deceased individuals for research purposes.

As a general rule, your written authorization is required before your PHI is used and disclosed for research purposes. Under certain conditions, however, your authorization may not be needed. For example, where an Institutional Review Board or Privacy Board with oversight of the research determines that the research poses minimal risk to your privacy, and that there is an adequate plan in place to safeguard your PHI. Likewise, your authorization may not be needed when the disclosure is in the form of a “limited data set” (a set of PHI that excludes certain identifiers).

YOUR RIGHTS

When it comes to your health information, you have certain rights. This section explains your rights and some of our responsibilities to help you.

Right to Access Your PHI. You have the right to request an electronic or paper copy of your medical record and other health information we have about you. If you wish to exercise this right, please contact us using the contact information at the bottom of this Notice. We will provide a copy of your health information, usually within 30 days of your request. We may charge a reasonable, cost-based fee. You can also request that your records be sent to a third party, including requesting that we share your PHI with a Health Information Exchange (HIE). If you make such request, we may charge reasonable expenses incurred with copying and mailing the records.

Right to Amend (Correct) Your PHI/Medical Record. You can ask us to correct health information that we hold about you, if you think it is incorrect or incomplete. We may say “no” to your request, but we’ll tell you why in writing.

Right to Request How You are Contacted. You can ask us to contact you in a specific way (for example, home or office phone, physical mail to your address, electronic communication to your email account) or to contact you at an alternate address/location. We will say “yes” to all reasonable requests.

Right to Limit What or How We Use or Share Your Information. You can request restrictions on how we use or share PHI for treatment, payment, or health care operations, and for other reasons as permitted by law (as discussed further below). We are not required to agree to your request, and we may say “no” if it would affect your care. If you pay for a service or health care item out-of-pocket in full, you can ask us not to share that information for the purpose of payment or our operations with your health insurer. We will say “yes” unless a law requires us to share that information.

Right to an Accounting of Disclosures (i.e., a list of those with whom we’ve shared your PHI). You can ask for a list (accounting) of the times we’ve shared your health information for six years prior to the date you ask, who we shared it with, and why. We will include all the disclosures except for those about treatment, payment, and health care operations (i.e., routine disclosures not independently tracked since they are expressly intended by HIPAA), and certain other disclosures, such as any disclosures you directly asked us to make. We’ll provide one accounting a year for free but will charge a reasonable, cost-based fee if you ask for another one within 12 months.

Right to a Copy of this Privacy Practices Notice. You can ask for a paper copy of this notice at any time, even if you have agreed to receive the notice electronically. We will provide you with a paper copy promptly.

Right to Choose Someone to Act on Your Behalf. If you have given someone medical power of attorney or if someone has been appointed as your legal guardian, that person can access your PHI, exercise your rights, and make choices about the use and disclosure of your PHI.

We will make sure the person has this authority and can act for you before we take any action.

Your PHI continues to be protected by HIPAA for up to 50 years after death. As such, you have the right to designate a person (e.g., next of kin or a personal representative) to whom all communications, notifications and decisions regarding your PHI will be directed upon your death.

Right to File a Complaint if you Feel Your Rights Have Been Violated. You can complain to Durin directly by contacting us using the information below if you feel we have violated your rights. You can also file a complaint with the Secretary of the U.S. Department of Health and Human Services (HHS). For more information about filing a complaint with HHS, you can visit their website at https://www.hhs.gov/ocr/complaints/index.html. We will not retaliate against you for filing a complaint.

Right to Request the destruction of your leftover sample(s), opt-out of the use of your sample for research and development. Although HIPAA does not cover biologic material such as sample(s), Durin does permit you to request that your sample(s) be destroyed after testing has been completed. If you wish to exercise this right, please send an email to contactus@durinlifesciences.com. You also have the right to opt-out of the use of your sample for research and development. If you wish to exercise this right, please send an email to contactus@durinlifesciences.com. Please note that any opt-outs received will only be effective on a going-forward basis and will not be effective for any disclosures made prior to the date of Durin’s receipt of the opt-out.

YOUR CHOICES

For certain PHI, you can tell us your choices about what we share. If you have a clear preference for how we share your information in the situations described below, talk to us. Tell us what you want us to do, and we will follow your instructions for all reasonable requests, unless the law requires us to do otherwise.

For any uses or disclosures of your PHI not otherwise described in this Notice (below), we will only make those uses/disclosures after securing your written authorization (and you may revoke that authorization at any time).

In these cases, you have both the right and choice to tell us to:

Share information with your family, close friends, or others involved in your care. If you wish for us to share your health information with others you will need to complete a written and signed Patient Medical Records Release Form setting forth those choices.

Contacting You, Calling, Texting and Emailing. We may contact you via e-mail, cellular or home phone, by text message, automatic telephone dialing system, pre-recorded or synthetic voice messages, or computer assisted technology, about your testing, results, treatment options, billing/collection matters, health-related products, services, or studies, or other information relating to your healthcare. When we contact you in this manner, you will be given the opportunity to opt out of receiving similar communications going forward. Consent to receive text messages is not required as a condition of purchasing any goods or services. Durin does not impose a separate charge for our texting programs, but your mobile carrier’s message and data rates may apply. Our messages may include, but are not limited to, information about appointment reminders, billing, research opportunities, our products and services, treatment alternatives, your general health, and regulatory notices provided in lieu of first-class mail. To the extent that texts and emails may not be encrypted, there is a risk that someone else could read or access those messages. We therefore take steps to limit the amount of PHI that they contain.

CHANGES TO THE TERMS OF THIS NOTICE

We reserve the right to change the terms of this Notice, and those changes will apply to all health information we have about you. The new Notice will be available upon request, in our office, and on our web site.

OUR ADDRESS AND OTHER CONTACT INFORMATION

Privacy Officer
Durin Life Sciences
2 Medical Center Dr, 213A
Stratford, NJ 08084

Phone: 1-(877)-387-4657

Email: contactus@durinlifesciences.com

Contact Us

© Durin Life Sciences, 2 Medical Center Dr, 213A, Stratford, NJ 08084.
All rights reserved.