BodySync strictly adheres to HIPAA (The Health Insurance Portability and Accountability Act) compliance standards for privacy and security of personal health information. BodySync recognizes the need for privacy protection and careful management of personal and genetic information. Any information shared with BodySync is kept strictly confidential and secured electronically using superior encryption technology. Personal information will not be disclosed to anyone within BodySync other than those authorized by BodySync directly involved in providing the service defined, unless we receive express permission or unless required by law. Upon written request, BodySync will provide a report of the personal information on record, or will modify or remove personal information in BodySync’s database.

Secure Server Technology
The results of all genetic assessments will be stored in an encrypted, anonymous, database, served on a dedicated, HIPAA-hardened server, housed in a world-class data center. This database is maintained to facilitate written requests for upgrades, revisions and replacement of lost reports. BodySync’s server configuration includes: regular patches and updates; Virus, Worm, Trojan & Malware protection; blocking and logging of unauthorized access attempts; dedicated firewall support with enhanced security rules for secured SSH & Remote Desktop connection; automatic server password expirations & automatic SSH & Remote Desktop timeouts; detailed audit tracking in Operating System environments; disk-based data encryption support; offsite encrypted tape backups with offsite tape rotations to a secure third - party facility; data destruction before electronic media is reused or discarded; recording of data movement on electronic media – both inside and outside of BodySync’s facilities; regular maintenance records maintained for any changes to the physical security of the facility; secure facility access with person-traps, biometric readers, and card scanners; and mandatory escorting of all outside visitors at all times, including strictly enforced security access limits.

CLIA Compliance
BodySync complies with Clinical Laboratory Improvement Amendments (CLIA) standards for laboratory test accuracy and reporting standards. The Centers for Medicare & Medicaid Services (CMS) regulates all laboratory testing (except research) performed on humans in the U.S. through the Clinical Laboratory Improvement Amendments (CLIA). The objective of the CLIA program is to ensure quality laboratory testing. The privacy, security, and accuracy of its laboratory, data center and product development facilities are paramount to the operations of BodySync.