Privacy policy.
Effective Date: Jan 2024
GRACE Breast Imaging & Medical Spa, PLLC ("we," "our," or "us") is committed to protecting the privacy and security of your personal information. This Privacy Policy explains how we collect, use, and protect your data, as well as your rights regarding your information. This policy applies to all interactions with us, including in-person visits, online engagement, and SMS communications.
Information We Collect
We may collect the following types of information:
Personal Information: Name, address, phone number, email address, and demographic data.
Health Information: Medical history and other data necessary for your care, as required under the Health Insurance Portability and Accountability Act (HIPAA).
Payment Information: Credit card numbers and billing details for transactions.
Technical Information: IP addresses, browser type, and other details automatically collected when you use our website.
Use of Your Information
We use your information to:
Provide medical and spa services, including mammography and other imaging.
Communicate appointment reminders, updates, and promotions.
Process payments and manage billing.
Comply with legal, regulatory, and HIPAA requirements.
SMS Communications
We may send SMS text messages to communicate with you regarding:
Appointment Reminders: Notifications about upcoming or rescheduled appointments.
Appointment Updates: Real-time updates about delays or other changes.
Your Rights:
Opt-In: You can opt into SMS communications by selecting this option on our website contact form or intake form.
Opt-Out: You can opt out of SMS communications at any time. To opt out, follow the instructions provided in the SMS message or contact us directly.
We comply with The Campaign Registry (TCR) requirements to ensure that all SMS communications are transparent, ethical, and compliant with applicable laws.
We do not share, sell, or distribute any mobile opt-in information to third parties for marketing purposes.
HIPAA Compliance
We adhere to HIPAA regulations to ensure the confidentiality, integrity, and security of your protected health information (PHI). We:
Limit access to your PHI to authorized personnel only.
Use secure systems to store and transmit PHI.
Ensure that third-party partners comply with HIPAA standards.
Your health information is never used for marketing purposes without your explicit authorization.
Sharing Your Information
We do not sell your personal or health information. We may share your data only with:
Authorized third-party service providers who assist in delivering our services.
Legal or regulatory authorities as required by law.
Healthcare providers for continuity of care.
All third parties are contractually obligated to maintain the confidentiality and security of your data.
Your Privacy Rights
You have the right to:
Access and obtain a copy of your personal and health information.
Request corrections to inaccurate or incomplete information.
Restrict certain uses or disclosures of your data.
File a complaint if you believe your rights have been violated.
To exercise these rights, contact us using the details provided below.
Security Measures
We take reasonable administrative, technical, and physical safeguards to protect your information from unauthorized access, use, or disclosure. These measures include:
Secure data storage and encryption.
Regular security audits and staff training.
However, no system is entirely secure, and we cannot guarantee absolute security.
Updates to This Privacy Policy
We may update this policy periodically to reflect changes in our practices, services, or legal obligations. Any updates will be posted on our website with the updated effective date.
Contact Us
If you have any questions about this Privacy Policy or your data, please contact us:
GRACE Breast Imaging & Medical Spa
Attn: Data Privacy Officer
1250 NW 128th St. Ste 130, Clive, Iowa 50325
Email: admin@gracebreastimaging.com
By engaging with our services, you acknowledge that you have read and understood this Privacy Policy.