Privacy Policy

Effective Date: January 1, 2026

​

1. Introduction 

• GeneID Lab is committed to protecting the privacy and security of health and personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard data in connection with our electronic health record (EHR) system and related services, including any data transmitted or stored outside the United States. 

• We comply with the U.S. Health Insurance Portability and Accountability Act (HIPAA) and other applicable data protection laws

2. Information We Collect 

• We may collect the following categories of information: 

• Protected Health Information (PHI): such as patient names, medical history, diagnoses, prescriptions, and treatment notes, as provided by healthcare providers using our system. 

• User Account Information: names, email addresses, professional credentials, and login details for providers and authorized staff. 

• Technical and Usage Data: such as IP address, browser type, device information, logs, and performance data for security and troubleshooting. 

• Information from Third-Party Integrations: when you connect our EHR system to external APIs (e.g., labs, pharmacies), we receive and process data as authorized. 

3. How We Use Information 

• We use collected information to: 

• Provide, maintain, and improve the EHR platform 

• Support clinical workflows, data exchange, and patient care coordination 

• Ensure data security, detect and prevent fraud or unauthorized access 

• Comply with applicable laws, regulations, and contractual obligations 

4. Information Sharing and Disclosure 

• We may share information in the following limited ways: 

• With Authorized Healthcare Providers and Their Staff: to enable patient care and EHR functionality. 

• With Third-Party Service Providers: who perform services on our behalf (e.g., hosting, secure messaging, analytics) under binding confidentiality agreements and in compliance with HIPAA Business Associate Agreements. 

• For Legal or Regulatory Requirements: as required by law, such as reporting infectious diseases, complying with court orders, or responding to lawful requests. 

• For International Transfers: if data is transmitted or stored in countries outside the United States, we implement appropriate safeguards (such as Standard Contractual Clauses or other lawful mechanisms) to ensure the same level of protection required under U.S. law. 

• We do not sell or rent personal or health information. 

5. Data Security 

• We implement administrative, technical, and physical safeguards in accordance with HIPAA and industry best practices to protect information against loss, misuse, unauthorized access, disclosure, alteration, or destruction. 

6. Data Retention 

• We retain information as long as necessary to provide our services, comply with legal and contractual obligations, and as required by applicable medical record retention laws. 

7. Patients’ and Users’ Rights 

• Patients and authorized users may have the right to: 

• Access, amend, or request a copy of their health information 

• Request restrictions on certain uses or disclosures of their data 

• File a complaint if they believe their privacy rights have been violated 

• Requests can be submitted to Jessica.subirats@geneidlab.com 

8. International Data Transfers 

• Because our services may involve data processing in or transfer to other countries, we maintain technical and contractual safeguards to ensure that the information remains protected under standards equivalent to U.S. privacy laws, including HIPAA. 

9. Updates to This Policy 

• We may update this Privacy Policy as our practices, technologies, or legal requirements evolve. We will post the updated policy on our website with a revised “Effective Date.” 

10. Contact Us 

For questions about this Privacy Policy or our privacy practices, please contact: 

 

Cheryl Magna

GeneID Lab

​136 Summit Ave

Montvale, 

NJ 07645

​

​info@geneidlab.com

​

​201-825-0186