Skip to main content
Quest Diagnostics Home

Data Privacy Framework

Quest Diagnostics Incorporated
Data Privacy Framework Policy
Under the EU-US Data Privacy Framework (EU-US Framework) as set forth by the U.S. Department of Commerce
Policy Issued: December 5, 2018
Policy Last Revised: October 6, 2023

This Policy is provided by Quest Diagnostics Incorporated (Quest Diagnostics) in relation to its certification to the EU-US Data Privacy Framework.

Advisory

On July 10, 2023, the European Commission adopted its adequacy decision for the EU-US Data Privacy Framework (the EU-US Framework). The decision concluded that the US ensures an adequate level of protection for personal information that is transferred from the EU to US companies as part of the EU-US Framework.

The EU-US Framework amends the privacy principles that Quest Diagnostics adhered to under the EU-US Privacy Shield Framework as the EU-US Data Privacy Framework Principles. Quest Diagnostics offerings certified as part of the EU-US Privacy Shield Framework remain certified under the EU-US Framework.

Quest Data Privacy Framework Companies

Quest Diagnostics Incorporated and its subsidiaries and affiliates, including without limitation the following affiliated companies, have certified their adherence to the EU-US Framework as set forth by the U.S. Department of Commerce.  For purposes of this Policy, the affiliated Quest Diagnostics affiliated companies will be collectively referred to as Quest:

Quest Diagnostics Clinical Laboratories, Inc.
500 Plaza Drive
Secaucus, NJ 07094

Blueprint Genetics, Inc.
200 Forest Street, 2nd floor
Marlborough, MA 01752

Haystack Oncology, Inc.
301 W 29th St
Baltimore, MD 21211

LabOne, LLC
10101 Renner Blvd.
Lenexa, Kansas 66219

LabOne of Ohio, Inc.
6700 Steger Drive
Cincinnati, Ohio 45237

ExamOne World Wide, Inc.
10101 Renner Blvd
Lenexa, Kansas 66219

ExamOne, LLC
500 Plaza Drive
Secaucus, New Jersey 07094

ExamOne World Wide of N.J., Inc.
10101 Renner Blvd.
Lenexa, Kansas 66219

Quest Diagnostics Nichols Institute, Inc. (California)
33608 Ortega Highway
San Juan Capistrano, California 92675

Quest Diagnostics Nichols Institute, Inc. (Virginia)
14225 Newbrook Drive
Chantilly, Virginia 20153

Quest Diagnostics Ventures LLC
500 Plaza Drive
Secaucus, New Jersey 07094

MedFusion, LLC
2501 South State Hwy 121, Suite 1100
Lewisville, Texas 75067

Unilab Corporation
8401 Fallbrook Avenue
West Hills, California 91304

AmeriPath, Inc.
7111 Fairway Drive, Suite 400
Palm Beach Gardens, FL 33418

Specialty Laboratories, Inc.
27027 Tourney Road
Valencia, California 91355-5386

PhenoPath Laboratories
551 N 34th St #100
Seattle, Washington 98103

Data Privacy Framework Principles

Quest has recertified to the US Department of Commerce that it adheres to the principles set forth in the EU-US Framework with regard to the processing of personal data received from the European Union and European Economic Area (EU/EEA). To learn more about the EU-US Framework and the US Department of Commerce Data Privacy Framework program, and to view our certification, please visit https://www.dataprivacyframework.gov/.

Scope of Certification

Quest’s EU-US Framework certification encompasses personal data transferred from the EU/EEA to the US that pertains to patients, clinical research participants and investigators, employees, former employees, beneficiaries identified by employees, job applicants, healthcare professionals, other customers (including customer workforce members, customers’ insurance applicants) and suppliers residing in the EU/EEA.

Third-Party Transfers and Disclosures

Quest entrusts personal data to third-party partners who assist with business activities, or who have regulatory or legal oversight responsibilities in relation to certain business activities. Where it does so, Quest takes steps to ensure that the third parties entrusted with personal data uphold an equivalent level of protection for the data. Quest understands that it can be held responsible if its business partners entrusted with personal data violate those obligations.

Law Enforcement Requests

Quest may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

As of the date of this Policy, we have not been asked to do so and, if asked, will endeavor to notify the data exporter and/or the data subject with the exporter’s assistance. If such notice is not possible, we will seek to have restrictions on our ability to provide the notice waived. If and to the extent permissible, we will agree to share information regarding any such requests for disclosure of personal data with our data exporters.

Choices and Means to Limit Uses and Disclosures

Quest has mechanisms in place to respond to requests from individuals to limit the use and disclosure of their personal data transferred under the EU-US Framework. Should you wish to do so, you may contact us by email at Privacy@QuestDiagnostics.com or write to us at Quest Diagnostics Incorporated, Attention: Privacy Officer, 500 Plaza Drive, Secaucus, New Jersey 07094 USA. Please note that there are certain limitations on these rights, as described in the EU-US Framework.

Disputes and Independent Recourse Mechanisms

In compliance with the EU-US Framework, Quest commits to resolve complaints about our collection or use of your personal data. Individuals with inquiries or complaints regarding our EU-US Framework policy should first contact Quest via email at: Privacy@QuestDiagnostics.com, or write to us at Quest Diagnostics Incorporated, Attention: Privacy Officer, 500 Plaza Drive, Secaucus, New Jersey 07094 USA. If you are not satisfied with our resolution of your inquiry or dispute, you may also contact the relevant data protection authority.

In compliance with the EU-US Framework, Quest commits to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities (DPAs) with regard to unresolved complaints concerning our handling of personal data received in reliance on the EU-US Framework.

Regulatory Oversight and Enforcement

As noted above, Quest is also subject to the investigatory and enforcement authority of the US and EU/EEA agencies that oversee the EU-US Framework, namely the US Federal Trade Commission and the relevant EU/EEA supervisory authorities. You have a right to file a complaint with these oversight agencies, particularly if you believe your complaint is not satisfactorily resolved through Quest.

Right to Binding Arbitration

Under certain conditions, more fully described on the EU-US Framework website at https://www.dataprivacyframework.gov/s/article/ANNEX-I-introduction-dpf?tabset-35584=2, you may be able to invoke binding arbitration if other dispute resolution procedures have been exhausted.

Rights of Individuals to Access Their Data

Quest has committed to respect and uphold the rights of individuals in relation to their personal data covered under the UE-US Framework. Should you wish to exercise those rights, you may contact us by email at Privacy@QuestDiagnostics.com or write to us at Quest Diagnostics Incorporated, Attention: Privacy Officer, 500 Plaza Drive, Secaucus, New Jersey 07094 USA. Please note that there are certain limitations on these rights, as described in the EU-US Framework.

Conflicts

If there is any conflict between the terms in this Policy and the EU-US Framework, the EU-US Framework will govern.

Privacy

Our company

Quest® is the brand name used for services offered by Quest Diagnostics Incorporated and its affiliated companies. Quest Diagnostics Incorporated and certain affiliates are CLIA certified laboratories that provide HIPAA covered services.  Other affiliates operated under the Quest® brand, such as Quest Consumer Inc., do not provide HIPAA covered services. 

 

Quest, Quest Diagnostics, any associated logos, and all associated Quest Diagnostics registered or unregistered trademarks are the property of Quest Diagnostics. All third-party marks—® and ™—are the property of their respective owners. © 2023 Quest Diagnostics Incorporated. All rights reserved. Image content features models and is intended for illustrative purposes only.