Health Data Notice
Last updated: April 6, 2026 · Required disclosure under the FTC Health Breach Notification Rule
TestedClear handles sensitive health-related information. This notice explains exactly what health data we collect, how we use it, who we share it with, and your rights. Please read it carefully.
What health data we collect
We collect a minimal set of health-related information necessary to issue your verified credential. Specifically: the type of STI panel administered (e.g., "Full STI Panel," "HIV Only"); the date your test was conducted; the name of the clinic or laboratory that conducted the test; and a binary result status (clear/not clear) for each test in your panel. We do not collect or store your raw laboratory results, your CD4 count or viral load, your diagnosis, your treatment history, or any other detailed clinical information.
How your health data is stored
Your credential data is stored in two places. A reference record is stored in our Supabase database, which is hosted on AWS in the United States and encrypted at rest with AES-256. A cryptographic record is stored in our tamper-evident audit ledger — each credential is SHA-256 hashed at issuance and written to an append-only record that cannot be modified or deleted. This hash chain serves as the source of truth for your credential's authenticity. Your raw personal identifier (phone number) is stored separately from your health data and linked only through a one-way cryptographic hash.
Who can see your health data
Only you control who sees your credential. Your public verification link shows: the test panel name, the result status (clear), the test date, and the issuing provider name. No one — including TestedClear employees — can see who views your verification link without your knowledge. Viewing statistics (number of views) are visible only to you in your dashboard. We do not sell health data to any third party under any circumstances.
When we share health data
We share health data only in the following specific circumstances: with the laboratory or clinic that issued your credential, to confirm the credential was properly issued (this happens at issuance only); with our infrastructure providers (AWS) under strict data processing agreements; and with law enforcement when compelled by valid legal process (court order, subpoena). In the event of any compelled disclosure, we will notify you promptly unless legally prohibited from doing so.
Your rights over your health data
You have the right to access all health data we hold about you — request a copy at privacy@testedclear.com. You have the right to revoke any active credential from your dashboard at any time. You have the right to delete your account — all personal identifiers are removed within 30 days. Note that the cryptographic record in the audit ledger is retained for 7 years as required by applicable law, but is permanently dissociated from your identity upon account deletion. You have the right to know if your data has been breached — we will notify you within 60 days of discovering any breach under the FTC Health Breach Notification Rule.
Data breach notification
TestedClear complies with the FTC Health Breach Notification Rule (16 CFR Part 318). In the event of a breach of unsecured personal health records, we will notify all affected individuals via SMS to their registered phone number within 60 calendar days of discovering the breach. If the breach affects 500 or more individuals, we will also notify the FTC and, where applicable, prominent media outlets. Our security team conducts regular penetration testing and security audits to minimize the risk of any breach.
Contact for health data questions
For questions about this notice or your health data: privacy@testedclear.com. For data deletion requests: privacy@testedclear.com. For security concerns or to report a potential breach: security@testedclear.com. For legal notices: legal@testedclear.com.