HIPAA Policy

This Notice explains how protected health information (“PHI”) about you may be used and shared, and how you can access that information. Please read it carefully.

1) Our Responsibilities

Bedford Endodontics is required by law to:

  • Protect the privacy and security of your PHI.

  • Provide you with this Notice describing our legal duties and privacy practices.

  • Follow the terms of the Notice that is currently in effect.

  • Notify you if a breach occurs involving unsecured PHI that may affect the privacy or security of your information.

We may update this Notice from time to time. When we do, the updated version will apply to PHI we maintain and will be available in our office and on our website.

2) How We May Use or Share Your Information (No Written Permission Needed in Many Cases)

HIPAA allows (and sometimes requires) healthcare providers to use and disclose PHI for certain purposes. The most common are:

Treatment

We may use and share your PHI to provide, coordinate, or manage your care (for example, communicating with your general dentist or another healthcare provider about diagnosis, imaging, or treatment planning).

Payment

We may use and share PHI to bill and receive payment (for example, sending necessary information to your dental/medical plan for claims or prior authorizations).

Health Care Operations

We may use and share PHI for practice operations (for example, quality improvement, training, licensing, audits, business planning, and administrative activities).

Appointment Reminders and Care-Related Messages

We may contact you about appointments, follow-up instructions, or information related to your care (phone, voicemail, text, email, or mail—based on what you provide and request).

Business Associates (Vendors)

We may share PHI with trusted vendors who help us run the practice (for example, electronic records systems, billing services, IT support). They are required to protect PHI under written agreements.

People Involved in Your Care

We may share relevant information with family members, friends, or others involved in your care or payment for your care, unless you tell us not to (and when required, we’ll follow your instructions).

Legal and Public Interest Situations

We may share PHI when permitted or required by law, such as:

  • Public health and safety activities (as allowed by law)

  • Health oversight (audits, inspections, licensing)

  • Law enforcement requests (in specific situations)

  • Court orders, subpoenas, or legal proceedings

  • Workers’ compensation claims (as allowed by law)

  • To reduce a serious threat to health or safety, when allowed

3) Uses and Disclosures That Usually Require Your Written Authorization

In most cases, we will not use or share your PHI for the following unless you sign a written authorization:

  • Marketing (certain communications that go beyond general health-related information)

  • Sale of PHI

  • Most sharing of psychotherapy notes (generally not typical in an endodontic practice, but included because HIPAA treats these records differently)

You may revoke an authorization in writing at any time. Revocation will not affect actions already taken in reliance on your authorization.

4) Your Rights Regarding Your Health Information

You have important rights under HIPAA, including:

Get a Copy of Your Records

You can request access to or copies of your record (paper or electronic, when available). We may charge a reasonable, cost-based fee as allowed by law and generally respond within required timeframes.

Ask Us to Correct Your Record

You can request an amendment if you believe something is incorrect or incomplete. We may deny the request in certain situations, but we will respond in writing.

Request Confidential Communications

You can ask us to contact you in a specific way (for example, call only your mobile number, send mail to a different address). We will accommodate reasonable requests.

Ask Us to Limit What We Use or Share

You can request limits on certain uses or disclosures. We are not required to agree in every case.
If you pay out-of-pocket in full for a service or item, you can ask us not to share that information with your health plan for payment or operations, and we will comply unless a law requires sharing.

Receive a List of Certain Disclosures

You can request an “accounting” of certain disclosures of your PHI (as defined by HIPAA).

Get a Paper Copy of This Notice

You can request a paper copy at any time, even if you previously agreed to receive it electronically.

Choose Someone to Act for You

If someone has legal authority (e.g., healthcare power of attorney or legal guardian), that person may exercise your rights after we verify documentation.

5) Your Choices (When You Tell Us What You Prefer)

For some situations, you can tell us your preference, and we will follow it, such as:

  • Sharing information with family or friends involved in your care

  • Emergency or disaster relief situations (as allowed)

If you are unable to tell us your preference (for example, an emergency), we may share information if we believe it is in your best interest and permitted by law.

6) Website and Electronic Communications (Important)

If you submit information through our website (for example, appointment request forms), we may receive that information and use it to respond and coordinate care.

Email/texting note: Standard email and text messaging are not always fully secure. If you prefer, you can request that we contact you using more private methods (for example, phone calls or mailed correspondence). (This section is not a substitute for a separate website privacy policy.)

7) Complaints and Contact Information

If you believe your privacy rights have been violated, you may:

  1. Contact Bedford Endodontics, and/or

  2. File a complaint with the U.S. Department of Health and Human Services (HHS), Office for Civil Rights.

We will not retaliate against you for filing a complaint.

Privacy Contact (Bedford Endodontics):
Name: Bedford Endodontics
Phone: 603 698 0222
Email: admin@bedfordendo.com