Privacy & Compliance

• Directory & knowledge base only. We publish curated information about companion diagnostics, indications, and biomarkers.
• No medical advice. Content is for healthcare professional education and not a substitute for clinical judgment.
• No PHI processing. CDxTests.com does not collect, store, or transmit PHI on its informational pages.

• Direct lab links: When a provider selects an ordering link, they are generally taken to a lab's own system. PHI is handled by that lab.
• Casandra digital ordering: If digital ordering is enabled via Casandra, PHI is processed by Casandra as the lab's HIPAA Business Associate and sent directly to the lab.
• Separation of systems: CDxTests.com and Casandra operate on separate infrastructure and policies.

a) Site analytics (aggregate)

• Standard metrics: Page views, search frequency, and outbound link clicks.
• Aggregated channel reporting via UTM parameters.
• No PHI/PII is required to browse the site.

b) Communication modules

• If you submit a contact form or "List Your Test" request, we collect basic business contact info (name, email, organization).
• We explicitly request that no patient details or PHI be included in these messages.

c) Cookies & tracking

• First‑party session and analytics cookies only.
• No third‑party behavioral retargeting or cross‑site advertising profiles are created.

• We may share aggregate, de‑identified metrics with laboratory or pharmaceutical partners.
• Small‑cell suppression: We suppress small counts to prevent any potential re‑identification from sparse data.
• No patient‑level or provider‑level tracking data is shared.

• Information is sourced directly from FDA labels and official regulatory documentation.
• Our mapping of indications and biomarkers is built from published CDx labeling requirements.
• We strive for medical accuracy but encourage clinicians to verify all labeling before clinical decision-making.

• Data is encrypted in transit and at rest using modern security standards.
• We maintain a least‑privilege model for administrative access.
• Retention is limited to what is necessary for site performance and aggregate analytics.

• Users can browse all educational content without an account.
• Browser-level cookie controls can be used to manage first‑party analytics tracking.

• We process limited data consistent with professional business interactions.
• You may request access to or deletion of your business contact information by contacting us via email.

• When labs use Casandra for clinical workflows, Casandra operates as a HIPAA Business Associate.
• Digital ordering data is protected under a Business Associate Agreement (BAA) with the laboratory.
• CDxTests.com public informational pages remain separate.

We update this page as regulatory requirements or our platform features evolve. Significant changes will be noted with an updated date.