Your Genetic Analysis Data and Customer Data Belong to You!

In hardly any other area is data security as important as in genetic diagnostics. That is why we have integrated numerous security measures into our processes to ensure the security of all data, especially customer data.

As a state-approved gene laboratory, this is a given!

Since only customers and doctors or partners commissioned by the customer should have access to confidential genetic data, we protect this information with strict security measures.

A Summary of Our Data Protection Measures

  • Approval to conduct medical genetic analyses requires adherence to extremely strict data protection guidelines.
  • Our laboratory staff is subject to medical confidentiality and is regularly trained on data protection topics.
  • To prevent unauthorized access to our customer data, we have established state-of-the-art security measures for our systems.
  • To keep our customers’ identities anonymous, we label samples with encrypted QR codes instead of their names.
  • Once the analysis results are available for the order, we promptly destroy the DNA in all samples.
  • Our customers can request at any time that their stored genetic data be immediately deleted.
  • The data obtained from the genetic test is used solely for its intended purpose and is never transmitted to third parties.

Compliance with Medical Data Protection Requirements

The Austrian Federal Ministry of Health has authorized our laboratory to conduct medical genetic analyses. As a result of this certification, we are required to adhere to strict regulations for the protection of medical data.

Inspection procedures such as government audits during approval or internal and external controls ensure that we meet the required standards for medical data protection. Therefore, our customers can entrust us with their confidential medical data with peace of mind.

 

Our Employees Are Subject to Medical Confidentiality

Our employees may only access confidential data when certain workflows require it.

At the same time, all our employees are bound by medical confidentiality, meaning they have signed an agreement to adhere to this under all circumstances. We handle customer data as discreetly as hospitals or medical practices.

Telephone inquiries regarding an order for a genetic analysis are not provided unless the caller’s identity is clearly established. Questions are answered only through the registered customer and partner emails.

Regular Training of Our Employees on Data Protection

If employees are unaware of what needs to be considered regarding data protection, they must, of course, be trained to comply with confidentiality requirements. Therefore, all employees handling sensitive customer data have received extensive training and inspections on data protection issues. In addition, we ensure through regular refresher courses that our employees always understand and can answer questions about data protection.
 

Data Security Through Technical Measures

Technical access to data is granted only to employees who actually need it for further work. In addition, every access to confidential data (including the identity of the respective employee) is recorded so that data access can always be tracked.

To protect our system from unauthorized access, we also use two-factor authentication, which makes it impossible to retrieve sensitive customer data without authorization.

Independent Data Storage on a Dedicated Server

As an additional security measure, we separate genetic and personal customer data after receipt and store it on two different servers. If hackers were still able to steal data from one server, they would either obtain a simple contact list or unusable genetic codes without personal reference.
 

Process Security

Handling several thousand samples in a short period presents a real logistical challenge. The possibility of sample mix-ups must be eliminated, and each sample must be analyzed within the prescribed timeframe.

That is why we have developed a system that labels each sample with a 2D data matrix barcode (similar to a barcode) and simultaneously records every step of the analysis in detail (software-supported). Handwritten lists and illegible notes, as still commonly used in other laboratories, are no longer used. This way, sample mix-ups are excluded, and our customers can be absolutely certain that they receive analysis reports and products from their own genetic data.

What Happens to My Sample?

Of course, our customers can be sure that their analysis samples are not stored against their will. After the analysis is completed, the sample is immediately destroyed using a DNA-degrading solution.

Extended storage only occurs if a customer has explicitly consented to having their sample used for research. In this context, the sample is reused anonymously, without the possibility of assigning it to a specific person.

 

Data Security

The standard in medical laboratories is to store data for seven years after its last use. Our accredited human genetics laboratory follows this recommendation to refer back to our past analysis data and recommendations in case of later inquiries about results.

We also often need to revisit test results for the production of our customized dietary supplements and cosmetics. Of course, you can request at any time that your data be deleted. Our customers can find a form for this under our terms and conditions.