Privacy Policy for Commonwealth Testing, Inc.
Effective Date: Jan 1, 2025
Commonwealth Testing, Inc. (“we,” “us,” or “our”) is a drug testing collection facility committed to protecting the privacy and security of the confidential information we collect, receive, and process during the course of providing our services. This Privacy Policy outlines our practices regarding the collection, use, disclosure, and protection of information, including protected health information (PHI) and personally identifiable information (PII).
1. Scope and Application
This policy applies to all information collected by Commonwealth Testing, Inc. as part of the drug and alcohol testing process, including collections, specimen handling, record-keeping, and communication with clients and testing laboratories.
2. Information We Collect
We collect information necessary to perform drug and alcohol testing services and comply with relevant regulatory requirements. This information may include:
| Category | Examples of Data Collected |
|---|---|
| Personal Identification Information (PII) | Full name, address, phone number, date of birth, employee ID/Social Security Number (if required by client), and employer/client name. |
| Protected Health Information (PHI) | Specimen identification number, collection date and time, test results, medical review officer (MRO) communications, and information related to the drug testing process. |
| Collection Information | Type of test, reason for test, specimen temperature, volume, and any notes regarding the collection process. |
| Payment/Billing Information | Information necessary for processing payments for services, which may include client billing details. |
3. How We Use the Information
The information we collect is used strictly for the purpose of providing drug and alcohol testing collection services, including:
- Performing Collection Services: To properly identify the donor, collect the specimen, and ensure the chain of custody.
- Compliance and Reporting: To comply with federal, state, and local laws, and client-specific program requirements (e.g., Department of Transportation (DOT) regulations).
- Communication: To communicate with the client/employer, the designated testing laboratory, and the Medical Review Officer (MRO) regarding the collection process and results.
- Record-Keeping: To maintain accurate and secure records of all collections performed.
4. Disclosure of Information
We will not disclose your information to any unauthorized third party. Information is primarily disclosed to the following entities as required for the testing process:
- The Client/Employer: Test results and related collection information are provided to the company or organization that requested the test.
- Testing Laboratory: Necessary PII and PHI are shared to facilitate specimen testing and reporting.
- Medical Review Officer (MRO): PHI, PII, and test results are shared with the MRO for the verification process, especially in cases of non-negative results.
- Regulatory Authorities: We may disclose information when legally required by subpoena, court order, or governmental regulation (e.g., DOT audits).
- Authorized Agents: Information may be shared with our business associates who perform services on our behalf and who are obligated to protect the confidentiality of the data (e.g., IT and data storage providers).
We will seek written authorization from the donor or the employer (on behalf of the donor, where legally permissible) for any disclosure of information not covered by this policy or by a legal mandate.
5. Data Security and Storage
We take the security of your information seriously and implement reasonable administrative, technical, and physical safeguards to protect PII and PHI from loss, theft, unauthorized access, disclosure, alteration, and destruction.
- Physical Security: Access to collection areas and record storage is restricted to authorized personnel.
- Technical Security: We use secure networks, firewalls, and encryption where appropriate to protect electronic data.
- Storage: Records are retained only as long as necessary to comply with applicable federal and state record retention requirements.
6. Donor Rights
Depending on applicable laws, you may have the following rights concerning your information:
- Right to Access: The right to inspect and obtain a copy of your records, subject to certain legal limitations.
- Right to Amend: The right to request an amendment to your records if you believe they are incorrect or incomplete.
- Right to an Accounting of Disclosures: The right to request a list of certain disclosures we have made of your information.
To exercise any of these rights, please contact our Privacy Officer at the contact information provided below.
7. Changes to this Policy
We reserve the right to modify this Privacy Policy at any time. Any changes will be effective immediately upon posting the revised policy on our premises and/or sending it to our clients.
8. Contact Information
If you have any questions about this Privacy Policy or our data practices, please contact our Privacy Officer:
| Contact Role | Name | Contact Information |
|---|---|---|
| Privacy Officer | Theresa Rayens | Email: cs@commonwealthtesting.com |
| Phone: 859-236-6002 | ||
| Corporate Address | Commonwealth Testing, Inc. | 380 Whitlaway Drive # 2, Danville KY 40422 |
For a copy of our current policy, please request the document: CTI Privacy Policy