Privacy & HIPAA

ARUP Laboratories is committed to comply with the Health Insurance Portability and Accountability Act (HIPAA) Standards and General Data Protection Regulations (GDPR). ARUP has implemented policies, processes, and procedures designed to ensure compliance with these standards. Compliance to these standards is continuously monitored and audited for effectiveness, and workforce training is completed annually.

• ARUP’s Online Privacy Policy
• ARUP’s Notice of Privacy Practices for US Patients
• ARUP’s EU Data Protection Notice
• ARUP’s HIPAA Training for Sponsored Individuals

ARUP complies with the security standards by ensuring that systems, policies, and procedures meet or exceed all required and addressable implementation specifications. Internet and interface connectivity is encrypted and/or password protected, and electronic access is limited to only those entities that have been authorized. Additionally, ARUP has implemented ARUP Connect™ and Secure File Transfer, secure methods for communicating protected health information and sensitive business communications with our clients. Clients wishing to establish an ARUP Connect account or retrieve protected health information via Secure File Transfer, may do so via ARUP Connect.

Effective Date: November 30, 2018

For ARUP HIPAA or GDPR compliance, contact:

Karen M Gauna, CT(ASCP), CHC, CHPC
Privacy Officer
ARUP Laboratories
500 Chipeta Way MS241
Salt Lake City, Utah 84108-1221

1-800-242-2787 ext. 2063
privacy@aruplab.com

Contact the HIPAA Hotline

If ARUP cannot resolve your concern or complaint, you may also file a complaint with the federal government. We will not penalize you or retaliate against you in any way for filing a complaint.