How It Works Take the Quiz FAQ Take the Quiz Join Waitlist

Featured Content:

HIPAA Compliance

Your health information is protected by federal law.

HIPAA Compliant Platform

Our Commitment to Protecting Your Health Information

At EllaDx, we understand that your health information is deeply personal. We are committed to protecting the privacy and security of your Protected Health Information (PHI) in accordance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and its implementing regulations.

What is HIPAA?

The Health Insurance Portability and Accountability Act (HIPAA) is a federal law that establishes national standards for protecting sensitive patient health information. HIPAA requires that covered entities and their business associates implement appropriate safeguards to protect the privacy and security of health information.

How We Protect Your Information

Administrative Safeguards

  • Designated privacy and security officers responsible for HIPAA compliance
  • Regular workforce training on privacy and security policies
  • Documented policies and procedures for handling PHI
  • Regular risk assessments and security audits
  • Incident response procedures for potential breaches

Physical Safeguards

  • Secure data centers with restricted access controls
  • Environmental controls to protect equipment
  • Proper disposal of physical media containing PHI
  • Workstation and device security policies

Technical Safeguards

  • End-to-end encryption for data in transit and at rest (AES-256)
  • Unique user identification and authentication
  • Automatic session timeouts
  • Audit controls and activity logging
  • Data integrity verification
  • Secure transmission protocols (TLS 1.3)

Your Rights Under HIPAA

As a user of EllaDx services, you have specific rights regarding your health information:

  • Right to Access: You can request and obtain a copy of your health information
  • Right to Amend: You can request corrections to your health information if you believe it is inaccurate
  • Right to an Accounting of Disclosures: You can request a list of certain disclosures we have made of your health information
  • Right to Request Restrictions: You can request restrictions on how we use or disclose your health information
  • Right to Confidential Communications: You can request that we communicate with you in a specific way or at a specific location
  • Right to a Paper Copy: You can request a paper copy of our Notice of Privacy Practices

Our Business Associates

EllaDx works with trusted partners who may have access to your health information in order to provide our services. All of our business associates are required to:

  • Sign Business Associate Agreements (BAAs) that comply with HIPAA requirements
  • Implement appropriate safeguards to protect your information
  • Report any security incidents or breaches
  • Return or destroy PHI when the business relationship ends

Our Key Partners

Quest Diagnostics: Our laboratory partner for processing all lab tests. Quest Diagnostics is one of the largest and most trusted CLIA-certified laboratories in the United States and maintains full HIPAA compliance.

Data Breach Notification

In the unlikely event of a data breach affecting your health information, we will:

  • Notify affected individuals within 60 days of discovery
  • Provide information about what happened and what information was involved
  • Describe steps you can take to protect yourself
  • Explain what we are doing to investigate and prevent future occurrences
  • Report to the U.S. Department of Health and Human Services as required by law

How to Exercise Your Rights

To exercise any of your HIPAA rights or if you have questions about our privacy practices, please contact our Privacy Officer:

  • Email: [email protected]
  • Mail: EllaDx Privacy Officer, 1630 W Prosper Trail, Prosper, Texas 75078

We will respond to your request within 30 days. In certain circumstances, we may need an additional 30 days, in which case we will notify you of the delay.

Filing a Complaint

If you believe your privacy rights have been violated, you have the right to file a complaint with:

  • EllaDx Privacy Officer (contact information above)
  • The U.S. Department of Health and Human Services Office for Civil Rights at www.hhs.gov/ocr

We will not retaliate against you for filing a complaint.

Changes to This Notice

We reserve the right to change our privacy practices and the terms of this notice at any time. Any changes will be effective for all health information we maintain. We will post the revised notice on our website with a new effective date.

Last Updated: January 17, 2026