Data Disclosure Policy

Last Updated: March 3, 2022

This Data Disclosure Policy describes our Authorization for Use or Disclosure of Protected Health Information (Required by the Health Insurance Portability and Accountability Act, 45 C.F.R. Parts 160 and 164)

Authorization

By sharing any Personal Health Information (PHI) with CIONIC, Inc., you hereby authorize CIONIC, Inc. to use the PHI as described below. Additionally, you authorize CIONIC, Inc. to share your information as described below with research and development partners (R&DPs).

Effective Period

This authorization for release of information covers all past, present, and future periods.

Extent of Authorization

Cionic

You authorize CIONIC, Inc. to collect, save, and analyze your data including but not limited to:

CIONIC, Inc. will make best efforts to preserve your data privacy and security as well as limiting the number of employees that have access to your PHI to those who need this information to perform their job duties.

Research and Development Partners

You authorize CIONIC, Inc. to share data collected from you with Research and Development Partners (R&DPs) for the purpose of conducting research and analysis into the efficacy of certain products, techniques, and medications as well as to further the understanding of any medical condition you may disclose. CIONIC, Inc. will make best efforts to anonymize your data prior to sharing with any R&DP unless CIONIC, Inc. has a pre-existing agreement to not anonymize shared data. At your request, CIONIC, Inc. will provide you with a list of all potential R&DPs who could have access to your data.

CIONIC, Inc. provides a facility for R&DPs to collect data using the CIONIC, Inc. platform and devices and to store that data on the CIONIC, Inc. platform. CIONIC, Inc. will be bound to the data privacy practices outlined in a HIPAA Business Associate Agreement (BAA) between CIONIC, Inc. and the R&DP. CIONIC, Inc. will make this BAA available to you on request.

Authorization Revocation

You have the right to revoke this authorization, in writing, at any time. A revocation is not effective to the extent that any person or entity has already acted in reliance on your authorization. A revocation does not require CIONIC, Inc. to dispose of the data already gathered on the CIONIC, Inc. platform and anonymized data may still be shared with CIONIC, Inc.’s R&DPs.