THIS NOTICE DESCRIBES HOW INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION.  PLEASE REVIEW IT CAREFULLY. NOTE: THIS WEB SITE IS NOT INTENDED FOR USE BY PERSONS UNDER THIRTEEN (13) YEARS OF AGE. REDICLINIC DOES NOT KNOWINGLY COLLECT PERSONAL INFORMATION FROM OR ABOUT CHILDREN UNDER THE AGE OF FIFTEEN(13).

SUMMARY

Internet Security Measures

RediClinic maintains the privacy of individual information during collection and transmission by employing Secure Socket Layer (SSL) technology to encrypt all credit card information and survey responses. The chance that someone would intercept survey responses or credit card data is very low; using SSL technology makes it almost impossible for prying eyes to see your information.

RediClinic will not disclose individual results of tests ordered, other health information, or other personally identifiable information (“Personal Information”) stored on our web site with anyone else unless the individual consumer authorizes RediClinic to do so. However, in the course of their duties, employees or contractors of RediClinic may view your Personal Information.  RediClinic utilizes several large national laboratory companies to process all lab tests, including LabOne.  Personal Information is exchanged with these firms to process the tests.  As a matter of sound business practices, these entities and RediClinic employees and contractors are obligated to RediClinic to keep any and all Personal Information about our customers confidential.

RediClinic may share with third parties non-personal information about you that does not allow you to be identified or contacted directly, such as aggregate data that could be used to identify population needs for preventive health programs.

FAQ’s About Our Privacy and Confidentiality Policies

Keeping your Personal Information confidential and secure is important to us.  As a result, we have developed certain information privacy practices. These practices are described in this statement.  The following questions and responses address the privacy of Personal Information provided by you to RediClinic and the use of our services and products:

Who is collecting my information, and how and when is it collected? What information does RediClinic collect from me and how is it used?

TestMyHealth, doing business as RediClinic Health, is a Delaware limited liability company located at 9 Greenway Plaza, Suite 2950, Houston, Texas, 77046.  TestMyHealth operates the Web sites known as "RediClinic.com" and "TestMyHealth.com." All personal information provided by you when you register as a member of RediClinic is collected and maintained by RediClinic. It is RediClinic's philosophy to ask you only for information that is necessary to provide you with the health screening services you have requested. Although RediClinic does require you to become a member to use most health screening services, many informational areas of this Web site can be accessed without providing any Personal Information. These areas include news, the glossary of lab testing terminology and the links to physician directories.

1.  Personally identifiable information
Your name, address, e-mail address, user name, password, and group participant identification number if you are part of corporate or affiliation group, are collected at the new member registration area of our Web site.  This information will be used to provide you with access to most health screening services, such as locating the patient collection sites nearest you and storing your personal data in the health record.

All information you provide during registration can be updated or corrected by accessing your user information, which is located in the My Profile area of our Web site. RediClinic asks that you create a password to be used with your user name when registering to become a member. This user name and password combination will be used to:

·  Access information previously provided to RediClinic

·  Enable you to access our health care services and products

When screening services or health risk appraisals are utilized, you will be asked to provide your birth date and gender to ensure that your results are reported against the appropriate result ranges.  Additionally your telephone number is requested to ensure RediClinic can contact you, if necessary. To provide accurate results on the health risk appraisal your life style data will be required.

Corporate or Group Users

If you participate as part of a group, your social security number may be necessary to verify your membership in that group, allowing you to access the specific services and pricing provided by the sponsoring group.  No individually identifiable user information will be provided to the group administrators other than a report of the participants who took part in the screening.  Aggregated data in which all individually identifiable data are removed will be provided to the sponsoring groups, such as the number of participants and the percentage of participants that received screening results out of the normal range.

2. Health information
Health information collected in your Health Record includes screening results and other personal health data entered by you.  You determine what information you want to include in your Health Record. In addition, certain personal health information may be required for a health risk appraisal to obtain accurate results. Health information collected by RediClinic will only be used to assist you in tracking your health indicators. We do not, without your consent, use your individual health information for other purposes.

As mentioned above, aggregate data in which all individually identifiable data is removed may be provided to third parties, such as the groups sponsoring the testing or health planners looking for data on populations who refer themselves for health screening.

3. Credit card information

If you purchase health screening or items on this Web site, you will be required to provide credit card information.  None of this information will be saved unless you specifically request that it be stored on the page in which the data are entered.  All credit card numbers will be stored in an encrypted fashion and nothing but the last four digits will be displayed on any screens other than the initial data entry screen.

4. Cookies and other information about your computer
When you visit or use health care services and products offered on this Web site , we collect certain information about your computer. This information is collected from your computer's Web browser and may include your IP address, operating system, Web browser software (e.g., Netscape Navigator or Internet Explorer), and the referring Web site.  When you create a user ID on this Web site the information collected from your computer’s Web browser is linked to your user ID. 

We place a text file called a "cookie" in the browser files of your computer when you visit this Web site . The cookie is also linked to your user ID, once one is established.  We use cookies to give you better, more personalized service as a member. Here is what cookies allow us to do:

·  Collect general information related to how many people are using RediClinic.

·  Make purchasing screenings easier by remembering your credit card information in encrypted form for you if you choose to have it saved.

We may use certain aggregate technical information for internal reports used to develop RediClinic's Website content. Examples of these reports include:  "How many individuals used the health risk appraisal tool," or "How many individuals used the Glossary to learn more about lab tests." There is no Personal Information or personal health information contained in these reports.

5. Your email and privacy

New Federal laws require RediClinic to provide you with a written copy of this Privacy Policy, either in hard copy or via email.  Your email address will be used to provide you with this information unless you specifically request that we mail the copy to you. 

RediClinic encourages feedback on our services and products. E-mail links located throughout the Web site allow you to contact us directly with any questions or comments. When you submit a question or suggestion to RediClinic, your e-mail address is collected automatically. RediClinic will use this address to respond to your suggestions or questions. Your comments will be reviewed and may be considered when improvements are made to the site and programs. Please do not send any confidential information to RediClinic via these submissions.  Other than Personal Information, any information submitted will be deemed non-confidential. Additionally, any ideas, concepts, know-how or techniques you submit may be used by RediClinic for any purpose without compensation to you.

 We may also use your e-mail address to send you a copy of your lost or forgotten password.  If you specifically provide RediClinic with permission, e-mails may also be sent to you containing:

·  Health information and news,

·  Requests for you to provide feedback on the features and services RediClinic provides,

·  Reminders for future screenings, and

·  Wellness and screening programs offered by groups with whom you are affiliated.

top

What control do I have over RediClinic sharing my information with third parties?

1 . Permitted sharing of confidential information without additional authorization by you
RediClinic provides Personal Information to non-affiliated third parties as necessary to perform the health screening or order fulfillment services or functions on behalf of RediClinic ("Service Providers"), such as the laboratory used to process your test. The laboratory drawing station you select will indicate its affiliation. If the drawing station is not affiliated with a laboratory, the Service Provider will be LabOne.

RediClinic has partnered with these national laboratory firms to process your laboratory test results. On the New User Registration form, you consent to our disclosure of Personal Information provided by you to these Service Providers when you purchase the lab screening and testing services. These Service Providers use your Personal Information to properly process your lab test and to match your identity with your laboratory test results retrieved online. At your request, RediClinic provides you with access to these laboratory test results after the tests have been completed.

Although RediClinic maintains controls and carries out procedures to determine the adequacy of information privacy and protection practices of third parties to which your Personal Information is transferred, we are not able to evaluate the extent of third parties' compliance with their information privacy and protection practices. Therefore, we recommend that you review third parties' information privacy and protection practices and make your own conclusions as to the effectiveness of these practices prior to using our health screening services.

In the course of their duties, various health information and responses may be viewed by employees or contractors of RediClinic. Currently, our employees are only given access to your Personal Information to perform a specific job (e.g., provide you with a lost or stolen password or to answer your direct questions about the screening process or your results). In addition, RediClinic requires all employees that access members’ Personal Information to sign confidentiality and information security agreements as a condition of employment. Furthermore, all employees are kept up-to-date on our security and privacy practices, and are notified about the importance we place on privacy and what they can do to ensure your information is protected.

In addition, RediClinic may disclose Personal Information collected about you as required by law, such as at the request of a law enforcement agency or when presented with a court order or subpoena.

2. Sharing of confidential information requiring additional authorization by you
RediClinic will not share your individual health information with any third parties other than those mentioned above without your electronic or written consent. RediClinic’s Web site contains features where you may request that a copy of your test results be mailed or faxed to your health care provider. Any other sharing will only be done at your specific written or email request.

3. Sharing of aggregate, de-identified data
RediClinic does share with third parties aggregate data in which no individually identifiable information is contained. Examples of these reports might include identification of the types of health risks faced by the overall employee population for a particular employer or reports showing the percentage of the population in a particular region that have elevated cholesterol levels.

top

What communications should I expect to receive from RediClinic?

RediClinic sends very few communications to its users unless the user has requested that communications about health information and service be sent to them.  When a test or services is requested the following communications will be sent:

·  A confirmation of the order, although no specific information about the tests ordered will be included,

·  A notice when the results are available for viewing on the Web site

·  A copy of RediClinic’s Privacy Policy, as required by law.

·  A response if you have requested information or requested to have us resolve a customer service or privacy related issue.

We want to provide our members and site visitors with information, services and products that are valuable to them. For that reason, we will obtain permission from you before we contact you.  If you so consent, we may periodically through e-mail, mail, fax or telephone send you:

·  E-mails containing health news,

·  Reminders for future health screenings,

·  Notice of special pricing or offers

·  Consumer Satisfaction Surveys

·  At specific request, a new password because the old one had been lost or forgotten

You will be asked for this permission during the registration process.  If, at any point, you do not want to receive these communications, please let us know by sending an e-mail message that includes your e-mail address to: info@RediClinic.com.

top

How do I correct, update or delete my information that is maintained by RediClinic?

Only registered users are able to correct, update or remove their personal or health information.

Members can correct or update their information in the following areas of this Web site:

·  My Profile

·  View History, using the Tracking View

1. Updating or deleting information

You can correct or update information you provided on the My Profile screen. On the My Profile screen, you may also choose to transfer all your health data to another account.  This may be desired when screening was initially performed under an employer-sponsored program and the user wishes to merge all information into another account.  You can also choose to close your account and prevent all future access to your health information. Please note that the Service Providers that are licensed clinical laboratories are required to keep copies of lab results.

You may correct or update information you place in your Health Record on the View History page by choosing the Tracking View. 

2. Default drawing station

If you wish to change the default drawing station, you may do this when purchasing another test or by using the My Drawing Station screen. 

3. Making changes to health assessment information

You may be able to change certain demographic data when taking various health assessments by entering new information. Results from previous health assessments will remain for comparative purposes so that you may check your progress and determine how close you are to meeting your health care goals.

4. Changing user name and password

RediClinic has asked that you create a password to be used with your user name when registering to become a member. This user name and password combination is required to access information previously provided to RediClinic to obtain our health screening services.  By verifying the identity of our members, RediClinic further protects against unauthorized access to your Personal Information stored in our systems.

In addition, you may also change your user name or password at any time by selecting the "Change User Name or Password" option and entering a new user name or new password.

RediClinic performs regular tape backups of our systems to recover such information in the event of a system failure. Therefore, information that you delete may be stored in a secured off-site facility up to three months after it has been deleted.

top

How does RediClinic protect my information from unauthorized access?

RediClinic is committed to keeping your Personal Information secure and confidential. Only Personal Information you provide when registering to become a member or to obtain certain health services—such as managing your health record or using the various health assessment tools to monitor a specific health condition—are maintained in our systems. Our systems are located in a physically secure data center that is monitored by security guards and surveillance cameras 24 hours a day, seven days a week.

RediClinic's Web servers have been configured with Secure Sockets Layer (SSL), a leading encryption technology. SSL protects your information when it is being transmitted to or from RediClinic. We also use an industry standard firewall to further protect information transmitted to or from RediClinic from being accessed by an unauthorized party. RediClinic has also obtained a digital certificate from RSA Data Security Inc. To view this site certificate on each secured page, click on the image of the closed lock or the solid key on the bottom bar of your browser window. A small frame displaying site security information will pop up. Netscape Communicator users should then click on "View certificate" to verify that they are at RediClinic and to verify the site certification authority.

Site content on this Web site may link you to third party Web sites that are not owned, operated or maintained by RediClinic. RediClinic's privacy statement does not apply to such third party Web sites.  Therefore, we recommend that you review each site's privacy practices because they may differ from RediClinic's.

Currently, our employees are only given access to your Personal Information to perform a specific job (e.g., provide you with a lost or stolen password or to answer your direct questions about the screening process or your results). In addition, RediClinic requires all employees that access member information to sign confidentiality and information security agreements as a condition of employment. Furthermore, all employees are kept up-to-date on our security and privacy practices, and are notified about the importance we place on privacy and what they can do to ensure your information is protected. 

If you are logged onto RediClinic, including the Lab Results Service, you will automatically be logged off of the site if you are inactive after 30 minutes. However, you can access your Health Record to subsequently view all laboratory test results retrieved through the Lab Results Service.

Where can I find out more information about privacy?

For more information about privacy, reference the following sources:

TRUSTe
BBBOnline
Health on the Net (HON) Foundation
Online Privacy Alliance
Health Privacy Project
Report on the Privacy Policies & Practices of Health Care Websites

top

How do I contact RediClinic to find out more about it's information privacy practices?

You may contact us with your questions or comments by using the e-mail links on most all screens throughout the site. We will do our best to respond within two business days at the e-mail address you provided when you contacted us. We welcome your comments and suggestions about how we can improve our privacy procedures.

We can be reached at:  info@RediClinic.com

Telephone:                  1-866-935-0333

                                  713-935-9353 fax

Mail:                           9 Greenway Plaza, Suite 2950

top

Where do I find notices about changes to the RediClinic's information privacy practices?

This Privacy Statement was produced and posted on RediClinic Web sites on March 19, 2008. Regardless of later updates, RediClinic will not use or disclose the information you submit under this current policy in a new way without first providing you with an opportunity to opt-out or otherwise prevent that use or disclosure.

RediClinic reserves the right to modify or amend the RediClinic Privacy Statement at any time and for any reason. If we make a significant change to our information privacy practices, RediClinic will post notice of the change on RediClinic sites for a period of not less than six months after the significant change is implemented.

top

Disclaimers

RediClinic cannot ensure that the information contained on its server will be available at all times, and because you are responsible for entering information onto the RediClinic server, RediClinic cannot ensure that the information provided by its service will be accurate. The RediClinic system is NOT designed to make diagnoses or to help you make diagnoses. Only your physician can properly diagnose and treat your illness.

If you have questions about keeping information on the RediClinic system, or if any of the health information changes significantly over time, you should immediately contact your physician. The RediClinic system is not a substitute for consultation with your physician. You should never change or stop any course of treatment prescribed by your physician without first consulting him or her.

RediClinic MAKES NO WARRANTY, EITHER EXPRESS OR IMPLIED AND RediClinic SPECIFICALLY DISCLAIMS ANY IMPLIED WARRANTY OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. RediClinic SHALL NOT BE LIABLE FOR ANY LOST BUSINESS, MEDICAL INJURY, IMPROPER DIAGNOSIS, INACCURATE INFORMATION, IMPROPER TREATMENT, PATIENT ACTION OR ANY OTHER LOSS INCURRED IN CONNECTION WITH THE USE OF ITS SOFTWARE INCLUDING ANY INDIRECT, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES OF ANY KIND, HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, EVEN IF RediClinic HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGE AND NOTWITHSTANDING ANY FAILURE OF ANY ESSENTIAL PURPOSE OF ANY LIMITED REMEDY.

SOME STATES LIMIT AND/OR DO NOT PERMIT LIMITATIONS OF WARRANTIES AND LIABILITY AND THEREFORE CERTAIN OF THE ABOVE LIMITATION MAY NOT APPLY TO YOU.

RediClinic does not represent or endorse the accuracy or reliability of any of the information, content or advertisements contained on, distributed through, or linked, downloaded or accessed from any of the third party services contained on this web site, nor the quality of any products, information or other materials displayed, purchased or obtained by you as a result of an third party advertisement or any other information or offer in or in connection therewith.