In order to provide valuable and actionable health guidance, we require that you share as much information as possible about your personal health history, including medical labs and data from genetic testing services. We take the privacy and security of your information extremely seriously and have one of the most restrictive and protective privacy policies in the industry.
Information that we collect
We collect several types of information as part of the formal client agreement:
During registration, your name, physical address, phone number, and e-mail address are collected to create a user account and profile.
As part of the consulting process, we also collect medical labs, your genetic data (if available), and additional detailed information about your personal medical history provided via the initial intake questionnaire. The level of detail provided on the questionnaire is exclusively at your discretion.
Payment information is also collected and stored securely on our payment processor’s servers for hourly consulting, full program enrollment, and monthly / recurring subscriptions. Such information is deleted at the time the client agreement is terminated.
How your information is used
All information is collected for the sole purpose of understanding you, your health challenges, and your personal history as deeply as possible. Your age, weight, vitals, geographical location, ancestry, genetics, and lifestyle are brought together to formulate a complete picture of your past and current health as well as predict outcomes for the future.
All payment processing is handled securely via Paypal and payment details are stored exclusively in the Paypal system. We have chosen this payment processing platform due to their high levels of compliance with online financial institutions.
All medical labs and personal history data are accessed exclusively by our Chief Scientist, John Ledford Gregory, and are not stored in any other location than in the secure, HIPAA-compliant repository to which you upload them. Labs are scanned and correlated against relevant genetic pathways, your medical history, and other such information and are never transferred outside the repository for any reason, without your explicit consent.
Data from genetic testing services is also processed in our HIPAA-compliant cloud-based analytics pipeline and is used exclusively for the generation of our proprietary gene-based reports. This data is also integrated with other databases in the same computing cloud to provide additional insights regarding your response to substances, foods, and lifestyle adjustments.
Your information will never be shared for any reason
Unlike other services in our industry, we are not interested in profiting from the harvesting of customer information for larger population studies, whether privately or publicly funded. As stated on our BiopathFx page, we are strongly against such uses of genetic information and, as such, limit access to medical data exclusively for the purposes of analysis and development of personal health guidance. We will not sell, rent, or share your information under any circumstances, except with your explicit consent, unless required to do so by the law.
You are in complete control of your information
Access to your client profile and personal document repository is restricted to our Chief Scientist, John Ledford Gregory and you, with no exceptions. You have complete control over your profile, including creating, viewing, and deleting documents as you choose. Rest assured, backups of data are performed to a secondary HIPAA-compliant respository in the event data is deleted by accident.
Security is our highest priority
Our primary data repository is hosted on Google’s G Suite and Cloud. Both have received security certifications for ISO 27001, 27017, and 27018 and have passed SOC2 and SOC3 Type II audits. Their audit reports may be found here. We have signed a Business Associate Agreement (BSA) with Google and have ensured both HIPAA and GDPR compliance, strictly adhering to their guidelines. You can read more about their policies here.
That being said, any data transmitted across the internet (especially via e-mail) is not guaranteed to be 100% secure. We are constantly evolving our security strategy, and you will be notified of all modifications that affect the transfer, storage, and handling of your private information. Nonetheless, we make no assurances that your information will not be accessed, altered or lost through a breach of any of our physical and electronic safeguards, and this may be said of any company world-wide that stores health information.
Copyright © 2019 World Visionary Society, LC