Privacy Policy

Last Updated: January 2025

1. Introduction

Community Pediatric Clinic ("we," "our," or "us") is committed to protecting the privacy and security of your personal information, especially your protected health information (PHI). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or use our services. We are committed to complying with the Health Insurance Portability and Accountability Act (HIPAA) and all applicable state and federal privacy laws.

2. Information We Collect

2.1 Personal Information

We may collect the following types of personal information:

• Contact information (name, address, phone number, email)
• Demographic information (age, gender, date of birth)
• Insurance information (insurance carrier, policy number)
• Medical history and health information
• Payment information (credit card, billing address)
• Information you provide through our contact forms

2.2 Automatically Collected Information

When you visit our website, we may automatically collect certain information, including:

• IP address
• Browser type and version
• Operating system
• Referring website
• Pages visited and time spent on our site

3. How We Use Your Information

We use your information for the following purposes:

• To provide medical care and treatment
• To schedule appointments and communicate with you
• To process insurance claims and billing
• To maintain medical records
• To improve our services and website functionality
• To respond to your inquiries and requests
• To send appointment reminders and health-related communications (with your consent)
• To comply with legal and regulatory requirements

4. Disclosure of Your Information

4.1 Permitted Disclosures Under HIPAA

We may disclose your protected health information as permitted or required by law, including:

• To other healthcare providers involved in your care
• To insurance companies for payment purposes
• To healthcare clearinghouses
• To public health authorities as required by law
• To law enforcement when required by law or court order
• To family members or other individuals involved in your care (with your authorization)
• To business associates who perform services on our behalf (under written agreements)

4.2 Website Service Providers

We may share information with third-party service providers who assist us in operating our website, such as:

• Website hosting providers
• Analytics services
• Email service providers
• Payment processors

These service providers are contractually obligated to protect your information and may only use it to provide services to us.

5. Your Privacy Rights

5.1 HIPAA Rights

Under HIPAA, you have the following rights regarding your protected health information:

• Right to Access: You may request access to your medical records and PHI.
• Right to Amend: You may request that we amend your PHI if you believe it is inaccurate.
• Right to an Accounting: You may request a list of disclosures of your PHI.
• Right to Restrictions: You may request restrictions on certain uses and disclosures of your PHI.
• Right to Confidential Communications: You may request that we communicate with you in a confidential manner.
• Right to a Paper Copy: You may request a paper copy of this Notice of Privacy Practices.

5.2 California Residents

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and California Medical Information Act (CMIA).

6. Data Security

We implement appropriate technical, administrative, and physical safeguards to protect your information from unauthorized access, use, or disclosure. These measures include:

• Encryption of sensitive data in transit and at rest
• Secure servers and firewalls
• Access controls and authentication
• Regular security assessments and updates
• Employee training on privacy and security practices

Despite our efforts, no method of transmission over the internet or electronic storage is completely secure. We cannot guarantee absolute security.

7. Cookies and Tracking Technologies

Our website may use cookies and similar tracking technologies to enhance your experience. Cookies are small files stored on your device that help us remember your preferences and understand how you use our site. You can control cookie settings through your browser preferences.

8. Third-Party Websites

Our website may contain links to third-party websites, including social media platforms and healthcare resources. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party websites you visit.

9. Children's Privacy

Our website is not directed to children under the age of 13. We do not knowingly collect personal information from children under 13 without parental consent. If you believe we have inadvertently collected information from a child under 13, please contact us immediately.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on our website and updating the "Last Updated" date. Your continued use of our website after such changes constitutes your acceptance of the updated policy.

11. Contact Us

If you have questions or concerns about this Privacy Policy or our privacy practices, please contact us at:

Community Pediatric Clinic
10210 Orr and Day Road, Suite A
Santa Fe Springs, CA 90670
Phone: (562) 864-4000
Email: info@heidiwinklermd.com

If you believe your privacy rights have been violated, you may file a complaint with our Privacy Officer or with the U.S. Department of Health and Human Services Office for Civil Rights.