HIPAA Compliance

Test Catalog

Thyroid & Endocrine
Cardiovascular & Heart Health
Gastrointestinal & Gut Health
Hormonal Health Female
Hormonal Health Male
Metabolic & Diabetes

Order Lab Tests for Your Patients - Anywhere in the World!

Order Lab Tests for Your Patients - Anywhere in the World!

Register Free

Introduction

BiomarkersLabs.com Last Updated: March 31, 2026

Our Commitment to HIPAA

BiomarkersLabs.com is fully committed to protecting the privacy and security of all health information handled through our platform in accordance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and its implementing regulations, including the HIPAA Privacy Rule, the HIPAA Security Rule, and the HIPAA Breach Notification Rule.

As an online-based biomarker testing platform serving exclusively licensed healthcare practitioners, we understand the critical importance of safeguarding Protected Health Information (PHI) and maintaining the trust of the medical professionals and patients we serve.

What is HIPAA?

HIPAA is a United States federal law that establishes national standards for the protection of sensitive patient health information. It applies to:

  1. Covered Entities — Healthcare providers, health plans, and healthcare clearinghouses that transmit health information electronically
  2. Business Associates — Organizations that perform functions or services on behalf of covered entities that involve the use or disclosure of PHI

BiomarkersLabs.com may function as a Business Associate under HIPAA when providing laboratory testing facilitation services to covered entities and their authorized practitioners.

What is Protected Health Information (PHI)?

Protected Health Information (PHI) refers to any individually identifiable health information that is created, received, maintained, or transmitted by a covered entity or business associate. This includes, but is not limited to:

  • Patient names, addresses, and contact details
  • Dates of birth and other identifying dates
  • Laboratory test orders and results
  • Medical record numbers or account identifiers
  • Health insurance information
  • Any other information that could be used to identify an individual in connection with their health status or care
  • BiomarkersLabs.com treats all such information with the highest level of confidentiality and security.

How We Handle PHI

Collection & Use

BiomarkersLabs.com collects PHI only to the extent necessary to facilitate the ordering and delivery of laboratory tests on behalf of licensed practitioners. PHI is used solely for:

  • Processing and fulfilling laboratory test orders
  • Delivering test results securely to the ordering practitioner
  • Communicating with practitioners regarding their orders
  • Complying with applicable legal and regulatory obligations

We do not use PHI for marketing, advertising, or any purpose beyond the direct provision of our services.

Storage & Security

All PHI handled by BiomarkersLabs.com is stored and transmitted using industry-leading security measures, including:

  • AES-256 encryption for all data stored at rest
  • SSL/TLS encryption for all data transmitted in transit
  • HIPAA-compliant, access-controlled server infrastructure
  • Role-based access controls ensuring only authorized personnel can access PHI
  • Regular security audits, risk assessments, and vulnerability testing
  • Multi-factor authentication (MFA) for all platform accounts

Access Controls

Access to PHI within BiomarkersLabs.com is strictly limited on a need-to-know basis. Our internal access control policies ensure that:

  • Only authorized BiomarkersLabs personnel with a legitimate business purpose may access PHI
  • All personnel with PHI access receive regular HIPAA compliance training
  • Access logs are maintained and monitored for unauthorized activity

Disclosure of PHI

BiomarkersLabs.com will not disclose PHI to any third party without the express written authorization of the ordering practitioner, except as required or permitted by law, including:

  • Disclosures required by federal, state, or local law
  • Disclosures to public health authorities for legally mandated reporting
  • Disclosures in response to lawful court orders, subpoenas, or government requests
  • Disclosures necessary to avert a serious and imminent threat to health or safety

Business Associate Agreements (BAA)

Where BiomarkersLabs.com functions as a Business Associate under HIPAA, we are prepared to enter into a Business Associate Agreement (BAA) with covered entities as required by law.

A BAA formally establishes the permitted and required uses and disclosures of PHI by BiomarkersLabs.com on behalf of a covered entity and outlines the obligations of both parties in protecting that information.

To request a Business Associate Agreement, please contact us at: legal@biomarkerslabs.com

Practitioner Responsibilities Under HIPAA

As licensed healthcare practitioners using BiomarkersLabs.com, you may be a Covered Entity under HIPAA. By using our platform, you agree to:

  • Use the platform in a manner consistent with your own HIPAA obligations
  • Obtain all necessary patient authorizations before ordering tests on their behalf
  • Ensure that your use of BiomarkersLabs.com does not violate any applicable HIPAA regulation
  • Promptly notify BiomarkersLabs if you become aware of any actual or suspected breach involving PHI processed through our platform
  • Maintain the confidentiality of your account credentials to prevent unauthorized access to patient data
  • HIPAA Breach Notification

In the event of a security incident or data breach involving unsecured PHI, BiomarkersLabs.com will comply fully with the HIPAA Breach Notification Rule, which requires:

  • Notification to affected individuals — Without unreasonable delay and no later than 60 days following discovery of a breach
  • Notification to covered entities — We will notify affected practitioner accounts promptly upon discovery
  • Notification to the Secretary of HHS — As required by the Breach Notification Rule
  • Notification to media — Where a breach affects more than 500 residents of a state or jurisdiction, as required by law

We maintain a documented Incident Response Plan and conduct regular breach risk assessments to minimize the likelihood and impact of any security incident.

Your HIPAA Rights

As a covered entity or authorized representative working with BiomarkersLabs.com, you have the following rights under HIPAA:

  • Right to Access — Request access to PHI held by BiomarkersLabs in connection with your account
  • Right to Amendment — Request correction of inaccurate or incomplete PHI
  • Right to an Accounting of Disclosures — Request a record of disclosures of PHI made by BiomarkersLabs
  • Right to Request Restrictions — Request limitations on how PHI is used or disclosed
  • Right to Confidential Communications — Request that communications involving PHI be handled in a specific manner
  • Right to File a Complaint — File a complaint with BiomarkersLabs or directly with the U.S. Department of Health & Human Services Office for Civil Rights (OCR)

To exercise any of these rights, please submit a written request to: privacy@biomarkerslabs.com

HIPAA Notice of Privacy Practices

Effective Date: January 1, 2026

This notice describes how PHI about you or your patients may be used and disclosed by BiomarkersLabs.com and how you can access this information.

Please review carefully.

By law, BiomarkersLabs.com is required to:

  • Maintain the privacy of PHI in accordance with HIPAA
  • Provide this notice of our legal duties and privacy practices with respect to PHI
  • Abide by the terms of this notice

We reserve the right to change the terms of this notice at any time. Any changes will apply to PHI we already hold and any information we receive in the future. An updated notice will be posted on our website and provided to practitioners upon request.

Third-Party Laboratory Partners

All laboratory testing facilitated through BiomarkersLabs.com is performed by certified third-party laboratory partners. These partners are required to:

  • Maintain HIPAA compliance in the handling of all PHI
  • Enter into appropriate Business Associate Agreements with BiomarkersLabs.com
  • Implement security measures consistent with the HIPAA Security Rule
  • Report any security incidents or breaches involving PHI to BiomarkersLabs.com without unreasonable delay

BiomarkersLabs.com conducts due diligence in selecting and monitoring laboratory partners to ensure ongoing HIPAA compliance.

Training & Internal Compliance

BiomarkersLabs.com maintains a comprehensive internal HIPAA compliance program, including:

  • Regular HIPAA training for all employees and contractors who handle PHI
  • Documented policies and procedures governing the use, access, and disclosure of PHI
  • Periodic risk assessments to identify and mitigate potential vulnerabilities
  • A designated HIPAA Privacy and Security Officer responsible for overseeing compliance

Contact Our HIPAA Privacy Officer

For any HIPAA-related questions, concerns, or to exercise your rights under HIPAA, please contact our designated Privacy Officer:

Email: privacy@biomarkerslabs.com

Support: support@biomarkerslabs.com

Website: www.biomarkerslabs.com