Privacy Policy

This Privacy Policy describes how our chiropractic practice ("we," "us," or "our") collects, uses, maintains, and discloses information collected from users ("you" or "your") of our website and services.

This Privacy Policy applies to:

• Our website and online services
• Protected Health Information (PHI) as defined under HIPAA
• Personal Information as defined under the California Consumer Privacy Act (CCPA)
• All interactions with our practice, both online and in-person

Personal Identification Information

We may collect the following personal information:

• Name, date of birth, gender
• Contact information (address, email, phone number)
• Emergency contact information
• Employment information
• Social Security Number (for insurance and billing purposes only)

Protected Health Information (PHI)

In the course of providing chiropractic care, we collect:

• Medical history and health conditions
• Treatment records and clinical notes
• Diagnostic test results and imaging
• Medication and allergy information
• Insurance and billing information
• Any other health-related information necessary for treatment

Technical and Usage Information

When you visit our website, we automatically collect:

• IP address and browser type
• Device information and operating system
• Pages viewed and time spent on pages
• Referring website and exit pages
• Cookies and similar tracking technologies

Treatment, Payment, and Healthcare Operations

We use your PHI for:

• Treatment: Providing, coordinating, or managing your healthcare and related services
• Payment: Billing and collecting payment for services, including insurance claims
• Healthcare Operations: Quality assessment, staff training, licensing, and business planning

Other Uses

• Appointment Management: Scheduling, reminders, and follow-up communications
• Communication: Responding to inquiries and providing customer support
• Website Improvement: Analyzing usage patterns to enhance user experience
• Legal Compliance: Meeting legal and regulatory requirements
• Marketing: Sending health tips and practice updates (with your consent)

We are required by law to maintain the privacy and security of your Protected Health Information (PHI) under the Health Insurance Portability and Accountability Act (HIPAA).

Your HIPAA Rights

You have the right to:

• Access: Inspect and obtain a copy of your health records
• Amendment: Request corrections to your health information
• Accounting of Disclosures: Request a list of certain disclosures of your PHI
• Restrictions: Request restrictions on uses and disclosures of your PHI
• Confidential Communications: Request communications by alternative means or at alternative locations
• Breach Notification: Be notified of breaches of your unsecured PHI

When We May Disclose Your PHI Without Authorization

We may disclose your PHI without your authorization in the following situations:

• As required by law (court orders, subpoenas)
• For public health activities
• To report abuse, neglect, or domestic violence
• For health oversight activities
• In response to judicial or administrative proceedings
• For law enforcement purposes
• To avert a serious threat to health or safety
• For workers' compensation purposes

As a California resident, you have specific rights regarding your personal information under the CCPA:

Your California Privacy Rights

• Right to Know: You can request disclosure of the personal information we have collected about you
• Right to Delete: You can request deletion of your personal information (subject to certain exceptions)
• Right to Opt-Out: You can opt-out of the sale of personal information (we do not sell personal information)
• Right to Non-Discrimination: You have the right to not be discriminated against for exercising your CCPA rights

How to Exercise Your Rights

To exercise any of these rights, please contact us at:

• Email: privacy@chiropracticclinic.com
• Phone: (555) 123-4567
• Mail: [Your Practice Address]

We will respond to your request within 45 days. We may require verification of your identity before processing your request.

We do not sell, trade, or rent your personal information to third parties.

When We May Share Your Information

We may share your information with:

• Healthcare Providers: Other healthcare professionals involved in your care
• Insurance Companies: For billing and claims processing
• Business Associates: Third-party service providers who assist with our operations (under HIPAA-compliant agreements)
• Legal Authorities: When required by law or to protect rights and safety

Business Associates

We may share your PHI with business associates who perform services on our behalf, such as billing services, IT support, and email services. These business associates are required by law to protect your information.

We implement comprehensive security measures to protect your information:

Technical Safeguards

• Encryption of data in transit and at rest
• Secure SSL/TLS connections for website communications
• Regular security audits and vulnerability assessments
• Firewalls and intrusion detection systems

Physical Safeguards

• Restricted access to facilities containing PHI
• Secure storage of physical records
• Proper disposal of PHI (shredding, secure deletion)

Administrative Safeguards

• Employee training on privacy and security
• Access controls and authentication
• Regular privacy and security policy reviews
• Incident response and breach notification procedures

We retain your information as follows:

• Medical Records: Retained for a minimum of 7 years from the date of last treatment, as required by California law
• Billing Records: Retained for 7 years as required for tax and audit purposes
• Website Usage Data: Retained for up to 2 years for analytics purposes

After the retention period, we securely dispose of your information in accordance with legal requirements.

We use cookies and similar tracking technologies to enhance your experience on our website. For detailed information about our use of cookies, please see our Cookie Policy.

Our website may contain links to third-party websites. We are not responsible for the privacy practices of these websites. We encourage you to read the privacy policies of any third-party websites you visit.

Our website is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us.

We reserve the right to update this Privacy Policy at any time. Changes will be effective immediately upon posting to this website. We will notify you of material changes by posting a notice on our website or by sending you an email.

Your continued use of our Services after changes are posted constitutes your acceptance of the updated Privacy Policy.

If you have questions about this Privacy Policy or our privacy practices, please contact us:

• Privacy Officer: [Name]
• Email: privacy@chiropracticclinic.com
• Phone: (555) 123-4567
• Mail: [Your Practice Address]

Filing a Complaint

If you believe your privacy rights have been violated, you may file a complaint with us or with the U.S. Department of Health and Human Services:

• Office for Civil Rights
  U.S. Department of Health and Human Services
  200 Independence Avenue, S.W.
  Washington, D.C. 20201
  Phone: 1-877-696-6775
  Website: www.hhs.gov/ocr/privacy/

You will not be retaliated against for filing a complaint.