Diagnostic Laboratory of Oklahoma (DLO) is a joint venture of Quest Diagnostics. We know that privacy is important to you. Your privacy is important to us too. This Notice explains how Quest Diagnostics and its affiliates ("Quest", "DLO" "we", "our") collect information from or about you ("you" or "your") when you visit the websites or any applications, social media networks, interactive features, and other services that link to this Notice (the "platforms"), and how we use, maintain, protect and disclose that information. If you are using our Platforms in connection with our HIPAA covered services, please refer to our HIPAA Notice of Privacy Practices, which describes how we use and disclose your protected health information, our legal duties with respect to your protected health information, and your rights with respect to your protected health information and how you may exercise them. In connection with HIPAA covered services, in the event of conflict between this Notice and our HIPAA Notice of Privacy Practices, our HIPAA Notice of Privacy Practices will prevail.
Information We Collect
We may collect information about you including non-personally identifiable information and/or "Personal Information," which is information that may identify, relate to, describe, or be capable of being associated with or reasonably linked, directly or indiretly, with a particular identified or identifiable person or household. Personal Information we might collect includes data such as the following:
We do not consider Personal Information to include that can no longer be used to identify a specific natural person, whether in combination with other information or otherwise. For example, de-identified or aggregated consumer information.
Additionally, the following types of information are not considered Personal Information:
- publicly available information from government records; or
- information excluded from the applicable data privacy law’s scope, including but not limited to PHI covered by HIPAA, information derived from PHI that is de-identified in accordance with HIPAA, and personal information we handle in our capacity as a service provider to a business. If we combine non-personally identifiable information with Personal Information, we will treat such information appropriately, but not all rights may apply to the non-personally identifiable information portion.
For Business or Commercial Purposes
We may use your personal information:
- to fullfill the purposes for which the information was provided (e.g., to provide a service or perform on a contract); to identify you in order to respond to requests, provide services or products, personalize information we provide to you, or otherwise as described below;
- to communicate with you about your account or our relationship, such as making announcements about the Platforms or our privacy policies and terms;
- to send push notifications and other information through our Platforms;
- to design, improve and administer our Platforms;
- to recruit and evaluate job applicants and candidates for employment and to conduct background checks;
- to engage in the ordinary course of employment (e.g., facilitate onboarding processes, manage compensation, provide benefits, review performance, etc.) and for other internal human resources purposes;
- to audit and measure user interaction with our Platforms, so we can improve the relevancy or effectiveness of our content and messaging;
- to develop and carry out marketing, advertising and analytics;
- to provide texts or emails containing information about our products or services, or events or news, that may be of interest to recipients, as permitted by law;
- to deliver content and products or services relevant to your interests, including targeted ads on third party sites;
- to detect security incidents or monitor for fraudulent or illegal activity;
- to enable security measures (such as, to protect our Platforms, customers, employees and business partners);
- debugging to identify and repair errors;
- to protect our rights and to protect your safety or the safety of others;
- to investigate fraud or respond to government inquiries;
- to complete corporate transactions (from time to time, we sell, buy, merge or otherwise reorganize our businesses, and these corporate restructurings may involve disclosure of Personal Information to prospective or actual purchasers, or the receipt of it from sellers);
- to comply with laws, regulations or other legal process; or
- otherwise use your Personal Information with your consent.
We may also use your Personal Information to:
- provide you with the services and products you request or that have been ordered and/or requested by your healthcare provider;
- process or collect payments for our services; or
- respond to your questions and otherwise provide support you request.
We may use Precise Location Data from your device in accordance with the device’s consent process on some of our Platforms to help us improve your user experience and provide information that is relevant to you, such as nearby Patient Service Center locations.
When you choose to print or email one of your results from within the MyQuest application, the result file is temporarily stored on your mobile device to aid in more efficient delivery of your result. The result file will be deleted from your mobile device storage once the action of printing or emailing is complete.
How Long We Retain Your Personal Information
DLO retains your Personal Information only for as long as is necessary for our legitimate business purposes. We will retain and use your Personal Information to the extent necessary to comply with our legal, accounting, or reporting obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes and enforce our legal agreements and policies. Additionally, we may continue to store your Personal Information contained in our standard back-ups. This applies to all categories of Personal Information in use by us.
Selling Personal Information or Disclosing of Personal Information for Targeted Advertising
We do not sell Personal Information. We may disclose the following categories of Personal Information to the categories of third parties listed below for the purpose of targeted or cross-context advertising (under California law, this is called “Sharing”):
Keeping Your Information Secure
DLO has adopted physical, technical and administrative measures that are designed to prevent unauthorized access or disclosure, maintain data accuracy, and ensure appropriate use of Personal Information. We cannot, however, ensure or warrant the security of information. No security measures are infallible.
How Can You Help Protect Your Information?
If you are using a DLO website for which you registered and choose a password, we recommend that you do not divulge your password, you should not divulge your password to anyone. We will never ask you for your password in an unsolicited phone call or in an unsolicited email. Also remember to sign out of the DLO website and close your browser window when you have finished your work. Please note that unencrypted email is not a secure method of transmission, as information in such emails may be accessed and viewed by others while in transit to us. For this reason, we prefer that you not communicate confidential or sensitive information to us via regular unencrypted email. We will, however, honor patient requests for communications through unencrypted email.
Links to Other Sites
Our Platforms may be accessed from or contain links to other websites that we do not own or operate. If you access those links, you will leave our Platforms. Quest does not control those third party websites or their privacy practices, which may differ from ours. We do not endorse or make any representations about third-party sites, including about the content or security of those sites. The information you choose to provide to or that is collected by these third parties is not covered by this Notice.
We do not knowingly collect information from children (as defined by COPPA) and we do not target our Platforms to children. If we learn that we have collected any information from children, we will delete it. For more information about the Children’s Online Privacy Protection Act (“COPPA”), which applies to websites that direct their services to children under the age of thirteen (13), please visit the Federal Trade Commission’s website https://www.ftc.gov/tips-advice/business-center/guidance/complying-coppa....
Updates To This Privacy Notice
From time to time, we may change this Privacy Notice. If we make changes, we will revise the “Last Updated” date at the bottom of this Notice. We encourage you to review this Notice periodically to be sure you are aware of those changes. Changes will become effective as of the “Last Updated” date.
Should you have any questions about this Notice or our privacy practices more generally, please email us at Privacy@QuestDiagnostics.com or write to us at: Quest Diagnostics
Attention: Privacy Office
500 Plaza Drive
Secaucus, NJ 07094
You can also call us at 800-222-0446, ext. 1020123.
Last Updated: December 30, 2022