Notice of Privacy Practices for US Patients

Last Updated: October 9, 2025

Guardant Health, Inc. (“Guardant Health”, “our”, “us”, or “we”) is committed to protecting the privacy and confidentiality of your protected health information (“PHI”).

This Notice describes how we may use or disclose your PHI and how you can access it. Please review it carefully.

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the Health Information Technology for Economic and Clinical Health Act of 2009 (HITECH) require us to maintain the privacy and security of your PHI and to provide you with a notice of our legal duties, our privacy practices, and your patient rights.

This Notice applies to the PHI of U.S. patients only. If you are a patient located outside the U.S. in a country other than Japan, please refer to this privacy policy. For patients located in Japan, please refer to this privacy policy.

What is Protected Health Information
Your Rights Under HIPAA
Uses and Disclosures of Your Health Information
Our Responsibilities
Changes to Our Notice
Questions and Complaints
Contact Information

What is Protected Health Information

Protected Health Information, or PHI, is personal and health information that may identify you and relate to your past, present, or future health condition, treatment, or payment for services. We receive your protected health information (PHI) from your healthcare provider when they prescribe one of our laboratory tests for you. We create PHI when we deliver and bill for these laboratory tests. We retain this information as part of your medical record, so we can continue supporting your care and meet our legal obligations.

Your Rights Under HIPAA

You have the following rights with respect to your PHI. To exercise any of these rights, please contact our Privacy Office using the contact information provided at the end of this Notice. You have the right to:

Access PHI and test results. If you are an oncology patient, you may retrieve your test results using Guardant’s Oncology Patient Portal. Note, you must create a Portal account to access your test results online. In addition, both oncology and screening patients can obtain their results and copies of their PHI by calling or emailing our Client Services team.

Limit what we use or share. You have the right to request restrictions on certain uses and disclosures of your PHI. We are not required to honor such requests unless the requested restriction involves a disclosure to a health plan, and you have paid for the applicable services in full and out of pocket.

Correct or update your information. If you believe that there is an error in your PHI, you may request that we update it. If we say no to your request, we will tell you why in writing within 60 days.

Confidential communications. You may request that we communicate with you about your PHI in a specific means or to an alternative postal mail or email address. We will agree to reasonable requests for confidential communications.

Get a list of those with whom we have shared your PHI. You may request a list, or accounting of, certain disclosures of your PHI made by us or our business associates for purposes other than treatment, payment, healthcare operations, and certain other activities. The request must be in writing, and the accounting will include disclosures made within the prior six years.

Choose someone to act for you. If you have given someone medical power of attorney or if someone is your legal guardian, they can exercise your rights and make choices about your health information. We will make sure the person has the authority and can act for you before we take action.

Receive a copy of this notice. You have the right to obtain a paper or electronic copy of this Notice upon request.

File a complaint if you feel your rights are violated. You can file a complaint by contacting us using the information located at the bottom of this page. You can file a complaint with the U.S. Department of Health and Human Services Office for Civil Rights by sending a letter to 200 Independence Avenue, S.W., Washington, D.C. 20201, calling 1-877-696-6775, or visiting hhs.gov/ocr/privacy/hipaa/complaints/. We will not retaliate against you for filing a complaint.

You may exercise these rights by contacting us using the information at the bottom of this page.

Uses and Disclosures of Your Health Information

Guardant Health may use or disclose your PHI for the following purposes as permitted by law without your written authorization:

Treatment. We may use or disclose your PHI for purposes of providing your medical treatment. For example, we use and disclose your PHI to perform our diagnostic testing services and provide results to your physician and other health providers involved in your care.

Payment. We may use or disclose your PHI to bill and collect payment for our services. For example, we may disclose PHI to your health plan to obtain payment for our services.

Healthcare operations. We may use or disclose your PHI to facilitate our laboratory operations. For example, we may review your PHI internally as part of an audit to confirm the quality of our services and the accuracy of our testing.

As required by law. We may use or disclose PHI if required to do so by federal or state law.

Representatives and individuals involved in your care. As directed by you, we may disclose your PHI to friends or family members who are involved in your care, including those who are responsible for paying for your care. We may also disclose PHI to your personal representative, as established under applicable law, or to an administrator or authorized individual associated with your estate.

Disclosures to business associates. We may disclose your PHI to companies that provide services to us. These business associates are required to protect the privacy and security of your PHI and notify us of any improper disclosure of information.

Legal proceedings. We may disclose your PHI in response to a court or administrative order, subpoena, discovery request, or other legal process. Any such disclosures will be made in accordance with applicable law.

Communication about products and services. We may use and disclose your PHI to contact you about other Guardant Health products and services that we believe may be of interest to you. We do not disclose your PHI to third parties for marketing purposes without your written authorization.

De-Identification of PHI. We may use your PHI to create “de-identified” information, which means that direct identifiers that can be reasonably used to identify you will be removed. Guardant maintains a database of de-identified health data from many patients, including de-identified DNA and RNA data, that is used to facilitate future health care discoveries. In connection with our laboratory testing services, we may retain leftover tissue, cells, and/or DNA or RNA extracted from your cells, which we use for internal purposes such as quality assurance and test validation. Direct identifiers may also be removed from these materials to create de-identified health data. Once the information has been de-identified as required by law, it is no longer considered PHI, and therefore is not covered by this Notice, and we may use and share it for any lawful purpose without further notice or compensation to you.

Research. We or external researchers may access your PHI to develop research projects or identify patients who may potentially qualify to participate in research studies. We may otherwise use your PHI for research when it is in the form of a limited data set, meaning that most identifiable information has been removed from the information, or once an institutional review board or privacy board has reviewed the research proposal (“IRB Approved Research”). Note, as part of IRB Approved Research, we may be required to obtain your explicit authorization to perform the research. We may also use or disclose the PHI of deceased persons for research purposes if certain conditions are met.

Health and safety. We may disclose your PHI to prevent or reduce the risk of a serious and imminent threat to the health and safety of an individual or the general public.

Other disclosures permitted by law. In addition to those disclosures listed above we may also disclose your PHI to:

Health Oversight Agencies
The Food and Drug Administration
Military Command Authorities
Correctional Institutions
Organ and Tissue Donation Organizations
Coroners, Medical Examiners and Funeral Directors
Law Enforcement, Only in Response to a Valid Subpoena or Court Order
Social Services or Protective Services Agencies
Workers Compensation Agents

Uses and disclosures of PHI for purposes other than those described above will not be made without a written authorization signed by you or your personal representative. Once you sign an authorization, you may revoke it by contacting Guardant Health at any time, using the contact information located at the bottom of this page, unless it has already been relied upon to use or disclose PHI.

Our Responsibilities

We are required by law to maintain the privacy and security of your protected health information. We will let you know promptly if there is a breach involving your PHI, unless we reasonably determine, after investigating the situation and assessing the risk involved, that there is a low probability that the privacy or security of your PHI was compromised. If such a risk exists, we will notify you no later than 60 days after we discover the breach. We must follow the duties and privacy practices described in this notice and give you a copy of it. We will not use or share your information other than as described here unless you tell us we can in writing. If you tell us we can, you may change your mind at any time. Let us know in writing if you change your mind using the contact information at the bottom of this page.

Changes to Our Notice

Guardant Health reserves the right to amend this Notice from time to time. When changes are made, we will promptly post the updated Notice on the Guardant Health website at www.guardanthealth.com.

Questions and Complaints

If you have any questions or comments about this Notice, please contact us using the information found at the bottom of this page.

Contact Information

When communicating with us regarding this Notice or our privacy practices, please contact the Privacy Office using the following contact information:

Guardant Health

Attn: Privacy Office

3100 Hanover Street

Palo Alto, CA 94304

privacy@guardanthealth.com

855-698-8887

To exercise your privacy rights, call Client Services at 855-698-8887 or email Guardant Health clientservices@guardanthealth.com.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.