HIPAA Compliance

Notice of Privacy Practices for Protected Health Information

Effective Date: January 16, 2026

THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION.

PLEASE REVIEW IT CAREFULLY.

Your Right to Access

You can request copies of your health records

Right to Amend

You can request corrections to your records

Privacy Protection

Your information is protected by federal law

Who We Are

SCOPE Diagnostics is a clinical laboratory providing diagnostic pathology services. We are a "covered entity" under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and are required to maintain the privacy of your Protected Health Information (PHI) and to provide you with notice of our legal duties and privacy practices.

Our Commitment to Your Privacy

We understand that your medical information is personal and we are committed to protecting it. We create a record of the diagnostic services we provide to you. This record is necessary to provide you with quality care and to comply with legal requirements. This Notice of Privacy Practices describes how we may use and disclose your PHI and explains your rights regarding this information.

How We May Use and Disclose Your Protected Health Information

The following describes the ways we may use and disclose your PHI. Not every use or disclosure is listed, but all uses and disclosures will fall within one of these categories:

For Treatment

We may use and disclose your PHI to provide, coordinate, or manage your healthcare and related services. This includes sharing information with your physicians, other healthcare providers, and specialists involved in your care. For example, we will send your test results to the physician who ordered them so they can make treatment decisions.

For Payment

We may use and disclose your PHI to bill and collect payment for the services we provide. This may include:

  • Submitting claims to your health insurance company
  • Verifying your insurance coverage
  • Working with collection agencies if bills are not paid
  • Communicating with your insurance company about medical necessity

For Healthcare Operations

We may use and disclose your PHI for our healthcare operations, which include:

  • Quality assessment and improvement activities
  • Reviewing the competence and qualifications of healthcare professionals
  • Training programs and educational activities
  • Accreditation, certification, licensing, and credentialing activities
  • Business planning and development
  • Compliance and auditing activities

Other Permitted Uses and Disclosures

We may also use or disclose your PHI without your authorization for the following purposes:

  • As Required by Law: We will disclose your PHI when required by federal, state, or local law.
  • Public Health Activities: We may disclose your PHI to public health authorities for purposes such as preventing or controlling disease, reporting births and deaths, and reporting adverse events with medications or medical devices.
  • Health Oversight Activities: We may disclose your PHI to health oversight agencies for activities authorized by law, such as audits, investigations, and inspections.
  • Legal Proceedings: We may disclose your PHI in response to a court order, subpoena, or other lawful process.
  • Law Enforcement: We may disclose your PHI to law enforcement officials as required by law or in response to a valid legal request.
  • Coroners, Medical Examiners, and Funeral Directors: We may disclose your PHI to coroners, medical examiners, and funeral directors as necessary for them to perform their duties.
  • Research: We may use or disclose your PHI for research purposes under certain conditions, including approval by an institutional review board.
  • To Avert a Serious Threat to Health or Safety: We may disclose your PHI when necessary to prevent a serious threat to your health or safety or the health or safety of others.
  • Specialized Government Functions: We may disclose your PHI for specialized government functions, such as military and veterans' activities, national security, and intelligence activities.
  • Workers' Compensation: We may disclose your PHI as authorized by workers' compensation laws.

Uses and Disclosures Requiring Your Authorization

We will obtain your written authorization before using or disclosing your PHI for purposes other than those described above. These situations include:

  • Marketing purposes (with limited exceptions)
  • Sale of your PHI
  • Most uses and disclosures of psychotherapy notes
  • Other uses and disclosures not described in this Notice

You may revoke your authorization at any time by submitting a written request to our Privacy Officer. However, your revocation will not affect any uses or disclosures made in reliance on your authorization before it was revoked.

Your Rights Regarding Your Protected Health Information

Right to Access

You have the right to inspect and obtain a copy of your PHI maintained in our designated record set. To request access, submit a written request to our Privacy Officer. We may charge a reasonable fee for copying and mailing your records. We will respond to your request within 30 days (or 60 days if the information is stored off-site).

Right to Request Amendment

You have the right to request that we amend your PHI if you believe it is inaccurate or incomplete. Submit your request in writing to our Privacy Officer, including the reason for your request. We may deny your request in certain circumstances, and if we do, we will explain why in writing.

Right to an Accounting of Disclosures

You have the right to request a list of certain disclosures we have made of your PHI. This accounting will not include disclosures made for treatment, payment, or healthcare operations, or disclosures you authorized in writing. Submit your request in writing to our Privacy Officer.

Right to Request Restrictions

You have the right to request restrictions on certain uses and disclosures of your PHI. We are not required to agree to your request, except that we must comply with a request to restrict disclosures to your health plan for services you have paid for in full out-of-pocket.

Right to Request Confidential Communications

You have the right to request that we communicate with you about your PHI in a specific way or at a specific location. For example, you may ask that we contact you only at your work address or via a specific phone number. We will accommodate reasonable requests.

Right to a Paper Copy of This Notice

You have the right to receive a paper copy of this Notice upon request, even if you have agreed to receive it electronically.

Right to Be Notified of a Breach

You have the right to be notified if there is a breach of your unsecured PHI. We will notify you of any such breach as required by law.

Our Responsibilities

  • We are required by law to maintain the privacy and security of your PHI.
  • We will notify you promptly if a breach occurs that may have compromised the privacy or security of your PHI.
  • We must follow the duties and privacy practices described in this Notice.
  • We will not use or share your information other than as described in this Notice unless you give us written permission. You may revoke your permission at any time by contacting us in writing.

Changes to This Notice

We reserve the right to change this Notice and to make the revised Notice effective for PHI we already have about you as well as any information we receive in the future. We will post the current Notice on our website and in our facility. The effective date of the Notice will be displayed on the first page.

Complaints

If you believe your privacy rights have been violated, you may file a complaint with us or with the U.S. Department of Health and Human Services Office for Civil Rights. We will not retaliate against you for filing a complaint.

File a Complaint With Us

SCOPE Diagnostics

Privacy Officer

2620 Kessler Blvd E Dr, Ste 110

Indianapolis, IN 46220

Email: privacy@scopedx.org

File a Complaint With HHS

U.S. Department of Health and Human Services

Office for Civil Rights

200 Independence Avenue, S.W.

Washington, D.C. 20201

www.hhs.gov/ocr/privacy/hipaa/complaints

Security Measures

SCOPE Diagnostics implements comprehensive administrative, physical, and technical safeguards to protect your PHI, including:

  • Administrative Safeguards: Security management processes, workforce training, access management, and incident procedures
  • Physical Safeguards: Facility access controls, workstation security, and device and media controls
  • Technical Safeguards: Access controls, audit controls, integrity controls, and transmission security (encryption)

Contact Information

For questions about this Notice, to exercise any of your rights, or to request a paper copy of this Notice, please contact:

SCOPE Diagnostics - Privacy Officer

2620 Kessler Blvd E Dr, Ste 110

Indianapolis, IN 46220

Phone: (844) SCOPE-Dx

Email: privacy@scopedx.org

Available: Monday - Friday, 8:00 AM - 5:00 PM EST

Acknowledgment of Receipt

If you have received services from SCOPE Diagnostics, you may be asked to sign an acknowledgment that you have received a copy of this Notice of Privacy Practices. Your signature acknowledges receipt only and does not constitute authorization for any use or disclosure of your PHI.

If you have any questions about this Notice or would like additional information, please contact our Privacy Officer using the contact information above.