We respect your privacy. We are also legally required to maintain the privacy of your protected health information (PHI) under the Health Insurance Portability and Accountability Act (HIPAA).
As part of our commitment and legal compliance, we are providing you with this Notice of Privacy Practices (Notice). This Notice describes:
We create a record of the care and health services you receive, to provide your care, and to comply with certain legal requirements. This Notice applies to all the PHI that we generate.
We and our employees and other workforce members follow the duties and privacy practices that this Notice describes and any changes once they take effect.
We can change the terms of this Notice, and the changes will apply to all information we have about you. The new notice will be available on request, in our office, and on our website.
We will promptly notify you if a data breach occurs that may have compromised the privacy or security of your PHI. We will notify you within the legally required time frame. Most of the time, we will notify you in writing, by first-class mail, or we may email you if you have provided us with your current email address and you have previously agreed to receive notices electronically.
As a patient, you have the rights regarding medical information that we maintain about you:
1. Right to Inspect and Copy: You have the right to inspect and obtain a copy of your paper or electronic protected health information. If you request a copy of the information, we may charge a fee for the costs of copying, mailing, or other supplies associated with your request.
We may deny your request to inspect and copy in certain very limited circumstances. If you are denied access to medical information, you may request that the denial be reviewed. If the Plans do not maintain the health information, but know where it is maintained, you will be informed of where to direct your request.
2. Right to Amend Your Records: If you feel that health information we have about you is incorrect or incomplete, you may ask us to amend the information. You have the right to request an amendment for as long as the information is kept by or for your benefit plan.
You also must provide a reason that supports your request.
We may deny your request for an amendment if it is not in writing or does not include a reason to support the request. In addition, we may deny your request if you ask us to amend any of the following information:
3. Right to Request Confidential Communications: You have the right to request that we communicate with you about health related matters in a certain way or at a certain location. For example, you can ask that we only contact you at work, by phone, or by mail. We will not ask you the reason for your request. We will accommodate all reasonable requests. Your request must specify how or where you wish to be contacted.
4. Right to Request Restrictions on Use or Disclosure: You have the right to request a restriction or limitation on the health information we use or disclose about you for treatment, payment, or health care operations. You also have the right to request a limit on the health information we disclose about you to someone who is involved in your care or the payment for your care, such as a family member or friend. For example, you could ask that we not use or disclose information about a procedure that you had.
We are not required to agree to your request. If your benefit plan does agree to a request, a restriction may later be terminated by your written request, by agreement between you and your benefit plan, or unilaterally by your benefit plan for health information created or received after your benefit plan has notified you that they have removed the restrictions and for emergency treatment.
To request restrictions, you must make your request in writing and must tell us the following information:
We will comply with any restriction request if: (1) except as otherwise required by law, the disclosure is to your benefit plan for purposes of carrying out payment or health care operations (and is not for purposes of carrying out treatment); and (2) the protected health information pertains solely to a health care item or service for which the health care provider involved has been paid out-of-pocket in full.
5. Right to an Accounting of Disclosures: You have the right to request an “accounting of disclosures” (that is, a list of certain disclosures the Plans have made of your health information). Generally, you may receive an accounting of disclosures if the disclosure is required by law, made in connection with public health activities, or in situations similar to those listed herein as permitted disclosures. You do not have a right to an accounting of disclosures where such disclosure was made:
To request this list or accounting of disclosures, you must submit your request, which shall state a time period that is not longer than six years ago. Your request should indicate in what form you want the list (for example, paper or electronic). The first list you request within a 12-month period will be free. For additional lists, we may charge you for the costs of providing the list. We will notify you of the cost involved and you may choose to withdraw or modify your request at that time before any costs are incurred.
Notwithstanding the foregoing, you may request an accounting of disclosures of any “electronic health record” (that is, an electronic record of health-related information about you that is created, gathered, managed, and consulted by authorized health care providers and staff). To do so, however, you must submit your request and state a time period, which may be no longer than three years prior to the date on which the accounting is requested. In the case of any electronic health record created on your behalf, this paragraph shall apply to disclosures made on or after the date we acquired the electronic health record.
6. Choose someone to act for you: If you have given someone medical power of attorney or if someone is your legal guardian, that person can exercise your rights and make choices about your PHI.
7. Request confidential communications. You have the right to request that we communicate with you about health matters in a certain way or at a certain location. For example, you can ask that we only contact you at work or at a specific address. For these requests:
8. Right to Receive a Copy of this Notice: You have the right to request a copy of this notice in print or electronic form at any time.
For a detailed explanation of your rights, visit the HHS Consumer Rights Page.
For certain health information, you can tell us your choices about what we share. If you have a clear preference for how we share your information in the situations described below, please contact us at and we will make reasonable efforts to follow your instructions.
If you are not able to tell us your preference, for example if you are unconscious, we may share your information if we believe it is in your best interest, according to our best judgment. We may also share your information when needed to lessen a serious and imminent threat to health or safety
At ROYAL OAK FAMILY DENTAL, we may collect:
We gather this information through forms, direct interactions, third-party providers (such as insurance companies), and electronic communications.
No mobile information will be shared with third parties/affiliates for marketing/promotional purposes. All the above categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties.
HIPAA generally permits the use and disclosure of your health information without your permission for purposes of health care treatment, payment activities, and health care operations. These uses and disclosures are more fully described below. This Notice does not list every use or disclosure; instead it gives examples of the most common uses and disclosures.
1. Treatment: When and as appropriate, we may use or disclose health information about you to facilitate treatment or services by health care providers, as well as to provide and manage your dental care. We may disclose health information about you to healthcare providers.
2. Payment: When and as appropriate, we may use and disclose health information about you to determine your eligibility for plans’ benefits, to facilitate payment for the treatment and services you receive from health care providers, to determine benefit responsibility and coverage under benefit plans, or to coordinate your coverage. For example, we may disclose information about your health history to determine whether a particular treatment is experimental, investigational, or medically necessary, or to decide if your benefit plan will cover the treatment. Additionally, we may share health information with another entity to assist with the adjudication or subrogation of health claims, or with another health plan to coordinate benefit payments.
3. Healthcare Operations: We may use or disclose, as needed, your protected health information in order to support the business activities of our organization. These activities include, but are not limited to, quality assessment activities, employee review activities, accreditation activities, and conducting or arranging for other business activities. For example, we may disclose your protected health information to accrediting agencies as part of an accreditation survey. We may also call you by name while you are at our facility. We may use or disclose your protected health information, as necessary, for improving services, scheduling appointments, and quality assurance.
4. Electronic Communications & Recording: We may monitor, intercept, or record electronic communications—such as phone calls, emails, chats, and other digital transmissions— for purposes including, but not limited to, quality assurance, compliance, training, and patient support. Where required by federal or state law, prior notice and consent will be obtained from all parties before such recordings are made. We comply with both one-party and all-party consent laws depending on the applicable jurisdiction. These practices apply to all locations operated or supported by us and extend to communications with any of our affiliated or partner practices.
5. Our Business Associates: We may use and disclose your PHI to outside persons or entities that perform services on our behalf, such as auditing, legal, or transcription (Business Associates). The law requires our business associates and their subcontractors to protect your PHI in the same way we do. We also contractually require these parties to use and disclose your PHI only as permitted and to appropriately safeguard your PHI.
6. Legal Requirements: We may use or disclose your protected health information in the following situations without your authorization: as required by law, public health issues as required by law, communicable diseases, health oversight, abuse or neglect, Food and Drug Administration requirements, legal proceedings, law enforcement, criminal activity, inmates, military activity, national security, and Workers’ Compensation. Required Uses and Disclosures: Under the law, we must make disclosures to you and when required by the Secretary of the Department of Health and Human Services to investigate or determine our compliance with the requirements of Section 164.500.
We will always try to ensure that the health information used or disclosed is limited to a “Designated Record Set” and to the “Minimum Necessary” standard, including a “limited data set,” as defined in HIPAA and ARRA for these purposes. We may also contact you to provide information about treatment options or alternatives or other health-related benefits and services that may be of interest to you. We will never sell or share your information for marketing purposes without your explicit written consent.
The privacy laws of a particular state or other federal laws might impose a more stringent privacy standard. If these more stringent laws apply and are not superseded by federal preemption rules under the Employee Retirement Income Security Act of 1974 (ERISA), the benefit plans will comply with the more stringent law.
To enhance care and improve services, Artificial Intelligence (AI) technologies may be incorporated into certain aspects of healthcare operations. We may use and disclose your health information in connection with various AI solutions. By AI solutions, we mean computer systems that have the ability to automatically learn and improve based on training and/or experience, without being explicitly programmed, and which we might use to make predictions, recommendations or decisions about your treatment or our payment and health care operation purposes. AI solutions may also create new, original content, such as images or text; produce content autonomously that closely resembles human-created output; or produce natural language texts. Our current use of AI solutions is limited but may increase in the future. For any use of an AI solution to treat you, we will inform you in advance of such use, give you the option for us not to use the AI solution to treat you, and obtain your consent prior to the use of the AI solution to treat you.
1. Transparency: The organization is committed to transparency regarding its use of AI. This means the organization will strive to inform and educate patients about the use of AI documentation tools, including provisions for privacy and security, and any associated risks.
2. Purpose of AI Use: AI may be used in various ways, such as:
3. Data Used by AI: AI systems may process various types of information, which may include PHI. The organization is committed to protecting the privacy of this data and complying with all applicable regulations.
4. Your Rights / Patient Control:
5. Data Minimization and Security: Data minimization principles will be applied, collecting and using only the necessary data for AI systems. Robust security measures will also be implemented to protect PHI when used with AI technologies, such as encryption, access controls, and regular security audits.
6. Addressing Bias: The potential for bias in AI algorithms is acknowledged, and the organization is committed to addressing this issue. Diverse and representative datasets will be used for training AI models, and potential biases that could lead to disparities in care will be monitored.
7. Human Oversight:AI systems are used as tools to support healthcare professionals, not replace them. Clinical judgment and human oversight remain essential in all aspects of care, including when AI tools are utilized.
8. Ongoing Monitoring and Improvement: The performance of AI systems will be continuously monitored, addressing potential risks, and seeking opportunities to improve their effectiveness and ensure the equitable use of AI in care.
ROYAL OAK FAMILY DENTAL takes patient privacy seriously and implements the following safeguards:
When you visit our website, we may use cookies and similar technology to improve your experience and understand website usage. This information is used solely to enhance site functionality and is never sold or shared with unauthorized parties.
If you have any questions, concerns, or complaints regarding your privacy or this Notice, you may contact us at:
ROYAL OAK FAMILY DENTAL
We are here to address your concerns promptly. Filing a privacy complaint will not affect the quality of care you receive at ROYAL OAK FAMILY DENTAL.