Effective Date: February 9, 2026
Welcome. At Journey Smiles Orthodontics and Pediatric Dentistry (“we,”“our,” or “us”),
we are committed to protecting the privacy and security of your personal and health
information. This Privacy Policy explains how we collect, use, disclose, and safeguard your
information when you visit our website or receive care from us, and describes your rights
concerning your information under applicable privacy laws, including the Health Insurance
Portability and Accountability Act of 1996 (HIPAA).
By Accessing our website or receiving services from us, you agree to the terms outlined in
this Privacy Policy.
We may collect information that identifies you or relates to your dental care when you:
• Complete online forms (appointment requests, contact requests, patient
registration),
• Visit our oQice,
• Communicate with our team, or
• Submit information through email, phone, text or our patient portal.
• Name, address, email, phone number
• Date of birth
• Insurance and billing information
• Treatment and dental/medical history
• Appointment details and communication
• Health information necessary for diagnosis and care
This information may be considered Protected Health Information (PHI) under HIPAA
when collected in connection with treatment, payment, or health care operations.
B. Website Usage Data
When you visit our website, we may automatically collect analytics data such as:
• IP address
• Browser and device type
• Pages visited and time spent
• Referrer URL
We also use cookies and similar technologies to improve site functionality and user
experience. You may adjust browser settings to refuse cookies; however, doing so may
aQect website features.
We use your information to:
• Provide dental and orthodontic care and services
• Schedule, manage, and confirm, appointments
• Communicate about treatment, reminders, and care instructions
• Process insurance claims and billing
• Improve our services and website
• Comply with legal, regulatory, and professional obligations
We will use and disclose PHI only as permitted by law and as described in this Policy or our
HIPAA Notice of Privacy Practices.
We do not sell or rent your personal information.
We may share information (Including PHI) with:
• Healthcare Providers involved in your care
• Insurance Companies and Payers for claims and payment
• Business Associates and Service Providers (e.g., billing, software vendors) under
strict confidentiality agreements
• Legal or Governmental Authorities where required by law (e.g., subpoenas, public
health reporting)
• Emergency Contacts or Family Members, if permitted or authorized by you
We require that entities receiving PHI on our behalf agree to safeguard it in compliance with
HIPAA.
We implement administrative, technical, and physical safeguards designed to protect your
personal and health information from unauthorized access, misuse, or disclosure.
However, no system can guarantee absolute security.
If you believe there has been a privacy breach involving your information, please contact us
immediately.
Under HIPAA and Applicable Law, You Have the Right To:
• Access and Inspect your PHI
• Request Copies of your records
• Request Corrections (amendments) to your information
• Receive an Accounting of disclosures of your PHI
• Request Restrictions on certain uses and disclosures
• Request Alternative Communications (e.g., email vs. mail)
Requests to exercise these rights must be submitted in writing and may require identity
verification before processing requests.
We comply with 42 Code of Federal Regulations (CFR) Part 2, which provides additional
privacy protections for records related to the diagnosis, treatment, or referral for treatment
of Substance Use Disorder (SDU).
What this Means for You:
• SUD-related records are subject to stricter confidentiality protections than other
health records.
• These records cannot be disclosed without your specific written consent, except as
permitted or required by law.
• Your consent must clearly state who may receive the information, what information
may be shared, and for what purpose.
Permitted Disclosures of SUD Information Without Consent
SUD-related information may be disclosed without your authorization only in limited
circumstances, including:
• Medical emergencies
• Research, audits, or evaluations (with appropriate safeguards)
• Court orders that meet part 2 requirements
• As otherwise permitted under federal law
Prohibition on Re-Disclosure
Any SUD information disclosed under your authorization is accompanied by the following
statement:
This information has been disclosed to you from records protected by federal confidentiality rules
(42 CFR Part 2). The federal rules prohibit you from making any further disclosure unless expressly
permitted by the written consent of the person to whom it pertains or as otherwise permitted by law. A general authorization for the release of medical or other information is NOT suGicient for this
purpose.
We do not knowingly collect personal information from children via the website without
verified parental consent. Clinical information for minor patients is collected with consent
for the purpose of providing care. Parents or legal guardians may access their child’s
information in accordance with applicable law.
Our website may include links to third-party sites (e.g., social media or payment portals).
We are not responsible for the privacy practices of these external sites and encourage you
to review their privacy policies.
We may update this Privacy Policy from time to time. The revised version will be posted
here with an updated “E=ective Date.” Your continued use of the website after changes are
posted constitutes acceptance of those changes.
For questions, privacy concerns, or to exercise your privacy rights, please contact us.