Health Data Privacy Practices
Last Updated: May 19, 2025
INTRODUCTION
At Connected Health LLC (“Connected Health,” “we,” “us,” or “our”), we recognize the sensitive nature of health information and are committed to protecting your privacy. This Health Data Privacy notice explains how we collect, use, and safeguard health-related information through our website, membership services, and related offerings (collectively, our “Services”).
OUR RELATIONSHIP WITH HIPAA
Connected Health is not a “covered entity” or “business associate” as defined by the Health Insurance Portability and Accountability Act (HIPAA). However, we partner with organizations that are subject to HIPAA regulations:
- Quest Diagnostics: Provides laboratory testing services
- Fullscript: Coordinates lab testing and delivers results
While we are not legally required to comply with HIPAA, we voluntarily implement many similar protections for your health information as described in this notice.
HEALTH INFORMATION WE COLLECT
We collect the following types of health-related information:
- Self-reported health history and symptoms
- Biometric data (height, weight, etc.)
- Health goals and wellness priorities
- Responses to health assessments (gut health, stress, sleep quality)
- Lab test results (through our partnerships with Quest Diagnostics and Fullscript)
- Information you share with our AI coach about your health
HOW WE USE HEALTH INFORMATION
We use health information to:
- Coordinate lab testing through our partners
- Generate personalized health insights and recommendations
- Provide guidance through our AI coach
- Customize educational content relevant to your health needs
- Improve our Services by analyzing patterns in anonymized data
HOW WE PROTECT HEALTH INFORMATION
We are committed to protecting your health information through:
- Technical Safeguards:
- Encryption of health data in transit and at rest
- Secure access controls and authentication
- Regular security assessments and monitoring
- Administrative Safeguards:
- Staff training on privacy and security practices
- Policies restricting access to health information
- Regular review of our privacy practices
- Physical Safeguards:
- Secure data centers with controlled access
- Protection against unauthorized physical access to systems
SHARING HEALTH INFORMATION
We share health information only in the following circumstances:
- With Service Providers: We share information with Quest Diagnostics and Fullscript to coordinate lab testing and deliver results.
- With Your Consent: We may share your information with others when you explicitly authorize us to do so.
- For Legal Reasons: We may disclose information if required by law or in response to valid legal requests.
We do not sell or rent your health information to third parties for marketing purposes.
YOUR RIGHTS REGARDING HEALTH INFORMATION
While not subject to HIPAA, we provide you with the following rights regarding your health information:
- Right to Access: You can access your health information through your account dashboard.
- Right to Correct: You can update certain health information through your account settings.
- Right to Delete: You can request deletion of your health information, subject to our retention policies and legal obligations.
- Right to Data Portability: Upon request, we will provide your health information in a structured, commonly used format.
To exercise these rights, please contact us using the information provided at the end of this notice.
DATA RETENTION
We retain health information for as long as necessary to provide our Services and comply with legal obligations. When you cancel your membership, we will retain your health information for a period of seven years (consistent with medical records retention standards) to allow for potential reactivation of services and to comply with applicable laws. After this period, your information will be securely deleted or anonymized.
OUR PARTNERS AND HIPAA COMPLIANCE
Quest Diagnostics
Quest Diagnostics is a HIPAA-covered entity that provides laboratory testing services. When you use our Services to order lab tests:
- Quest Diagnostics collects biological samples at their facilities
- Quest processes these samples according to their HIPAA-compliant procedures
- Test results are shared with Fullscript, which then makes them available to you
Fullscript
Fullscript operates as a business associate under HIPAA in its relationship with Quest Diagnostics. Fullscript:
- Coordinates lab testing orders
- Receives lab results from Quest Diagnostics
- Makes results available to you through their secure portal
- Notifies you when results are available
Both Quest Diagnostics and Fullscript maintain their own privacy policies and practices in compliance with HIPAA regulations.
HIPAA AUTHORIZATION
By using our Services to order lab tests, you authorize Quest Diagnostics and Fullscript to disclose your protected health information to Connected Health for the purpose of providing our Services.
HEALTH INSURANCE AND COVERAGE
Connected Health does not bill health insurance for our Services. Our membership fees and lab testing costs are paid directly by you. This arrangement means:
- We do not submit claims to health insurance companies
- Lab tests ordered through our platform may not be covered by your insurance
- You may be able to use HSA/FSA funds for certain costs (consult your plan administrator)
CHANGES TO THIS NOTICE
We may update this Health Data Privacy notice from time to time. The date at the top indicates when it was last revised. If we make material changes, we will notify you through the Services or by sending you an email prior to the changes becoming effective.
CONTACT INFORMATION
If you have questions about this Health Data Privacy notice or our health information practices, please contact us at:
Connected Health LLC
1 Park West Circle, Suite 301B, Midlothian, VA 23114
[email protected]
By using our Services, you acknowledge that you have read, understood, and agree to this Health Data Privacy notice.