HIPAA Notice of Privacy Practices

Pandora Biosciences Inc. (d/b/a "Pandora Health")

Effective Date: May 1, 2025

THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION.

Please review it carefully.

Who We Are

This notice covers Pandora Health, its affiliated entities, and all business units operating under that name. Our services include:

  • Home-collected gut test kits
  • Telehealth consultations with licensed clinicians
  • AI-powered symptom analysis
  • Personalized care plans
  • Digital health coaching
  • Community forums
  • Related wellness products

Our Commitment to Your Privacy

We are required by law to maintain the privacy of your protected health information (PHI), provide you with this notice of our legal duties and privacy practices, and notify you if there is a breach of your unsecured PHI. We are required to follow the terms of this notice currently in effect.

How We May Use and Disclose Your PHI

We may use and disclose your protected health information for the following purposes:

Treatment

We may share your lab results with health coaches or physicians to provide tailored recommendations and coordinate your care.

Payment

We may use and disclose your PHI to submit insurance claims or process credit card payments for services and products.

Health Care Operations

We may use your PHI for quality-improvement analytics on anonymized transcripts to enhance our AI systems and improve our services.

As Required by Law

We may disclose your PHI when required by law, such as reporting communicable-disease findings to public-health authorities.

Individuals Involved in Your Care

With your permission, we may discuss your care plans with caregivers or family members who are involved in your care.

Business Associates

We may share your PHI with vendors who store encrypted data under Business Associate Agreements that require them to protect your information.

Other Permitted Disclosures

We may also use or disclose your PHI in the following circumstances:

  • Public health activities and reporting
  • Health oversight agency activities
  • Organ and tissue donation
  • Workers' compensation claims
  • Law enforcement purposes
  • Judicial and administrative proceedings (subpoenas, court orders)
  • To avert a serious threat to health or safety
  • Specialized government functions (military, national security)
  • Coroners, medical examiners, and funeral directors

Uses Requiring Your Written Authorization

Except for the situations listed above, we will not use or disclose your PHI—especially for marketing purposes or any sale of PHI—without your prior written authorization.

You may revoke any authorization you give us at any time by emailing [email protected]. Your revocation will not affect any actions we took before receiving it.

De-Identification

We may remove identifiers from your PHI to create de-identified information that can no longer be linked to you. De-identified information may be used for research, benchmarking, and product development without the restrictions that apply to PHI.

Your Rights Regarding Your PHI

You have the following rights with respect to your protected health information:

Right to Request Restrictions

You may request that we limit how we use or disclose your PHI. We will consider reasonable requests and honor them when possible.

Right to Confidential Communications

You may request that we send communications to you at an alternate address, phone number, or email address.

Right to Inspect and Copy

You may request to inspect and obtain copies of your PHI, including electronic copies in a commonly used format.

Right to Request Amendment

You may request that we amend your PHI if you believe it is inaccurate or incomplete.

Right to an Accounting of Disclosures

You may request a list of certain disclosures we have made of your PHI during the prior six years (excluding disclosures for treatment, payment, operations, and certain other exempt categories).

Right to a Paper Copy

You may request a paper copy of this notice at any time.

Right to Choose a Representative

You may designate someone to act on your behalf regarding your PHI, such as through a medical power of attorney.

Changes to This Notice

We reserve the right to change the terms of this notice and to make the new provisions effective for all PHI we maintain. When we make material changes, we will post the revised notice on our website and make copies available upon request.

Complaints

If you believe your privacy rights have been violated, you may file a complaint with us or with the Secretary of the U.S. Department of Health and Human Services. We will not retaliate against you for filing a complaint.

Contact Information

To exercise your rights, request more information, or file a complaint, please contact us:

Email: [email protected]

Mailing Address:
Pandora Health – Privacy Office
1309 Coffeen Avenue, STE 1200
Sheridan, WY 82801