Privacy & Compliance

• Directory & education only. We publish program pages that describe eligibility, participating labs, and access steps.
• No medical advice. Content is informational and not a substitute for professional judgment.
• No PHI processing. SponsoredTesting.com does not collect, store, or transmit Protected Health Information (PHI).

• Default flow: When a provider selects "Order," they are taken to a participating lab's own ordering system. PHI is handled by that lab, not by SponsoredTesting.com.
• Casandra add‑on (optional): If a program enables EHR/API digital ordering via Casandra, PHI is processed by Casandra as the lab's HIPAA Business Associate and sent directly to the lab.
• Separation of systems: SponsoredTesting.com and Casandra operate on separate infrastructure, domains, and policies.

a) Site analytics (aggregate)

• Page views, category/search exposure, and outbound click counts
• UTM parameters for channel reporting (aggregate only)
• No PHI/PII is required to browse program pages

b) Provider info‑request module (Premium pages)

• Fields collected: name, work email, organization, role, region, non‑PHI message
• Explicit warning: "Please do not include patient details or PHI."
• Submissions are delivered to the sponsor's inbox/CRM; SponsoredTesting.com does not store payloads (only short‑lived spam hashes).

c) Server logs & cookies

• Standard logs (IP truncated/rotated where feasible), timestamps, user agent
• First‑party session/analytics cookies only; no advertising cookies or cross‑site retargeting

• Aggregate, de‑identified metrics (e.g., page views, outbound clicks, top referrers/UTMs)
• Small‑cell suppression: hide/roll‑up small counts (default threshold N < 20) and suppress complementary cells to prevent back‑solving
• No provider‑level reports; no PHI/PII
• If Casandra ordering is enabled: program‑level aggregate order throughput may be reported via the lab's workflow. PHI is processed by Casandra as the lab's BA.

• Featured placement is time‑based and clearly labeled.
• Paid placement does not alter which labs appear on a program page or the program's ordering workflow.

• Clinician‑attested medical eligibility (no broad "screen everyone" language).
• Commercial, CLIA/CAP laboratory testing (not program‑exclusive one‑off assays).
• No patient/payer billing for sponsor‑funded services; no collection/ancillary fees passed along.
• Counseling limited to test/result education (no therapy promotion in counseling).
• De‑identified, aggregate analytics only; no patient/provider targeting.

• Access controls, encryption in transit, least‑privilege administration.
• Minimal retention: aggregate analytics for trends; spam hashes 7–14 days.
• We don't store PHI; business‑contact submissions (if any) are forwarded to sponsor systems.

• Browse program pages without an account.
• Manage first‑party analytics cookies via your browser; core features remain available.

• We process limited business‑contact info (if you submit it) and aggregate analytics.
• Request access, correction, or deletion of your business‑contact submission by emailing us; we'll verify and respond consistent with applicable law.

• When enabled by a participating lab, Casandra operates as the Business Associate to that lab under a BAA.
• PHI entered for digital ordering is processed by Casandra and transmitted directly to the lab per the lab's standard workflows.
• SponsoredTesting.com remains outside the PHI flow.

We may update this page periodically. Material changes will be noted with a new "Last updated" date and, where appropriate, additional notice.