Privacy Policy
1. Introduction:
Smile Care Claims, LLC ("we," "our," or "us") provides insurance verification and claims processing services to dental offices ("Clients"). In the course of providing these services, we may receive, use, and disclose Protected Health Information ("PHI") as a Business Associate under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), as amended by the Health Information Technology for Economic and Clinical Health (“HITECH”) Act. We are committed to safeguarding the privacy and security of PHI in accordance with HIPAA and applicable state laws.
2. Scope of This Policy:
This Privacy Policy describes how we receive, use, maintain, and protect PHI obtained during the provision of our services to Clients. It applies solely to information handled in our capacity as a HIPAA Business Associate.
3. Use and Disclosure of PHI:
We may use or disclose PHI only as permitted or required by our Business Associate Agreements with Clients and applicable law, including to:
Perform insurance verification and claims processing services.
Communicate with insurers or dental offices as needed for claims resolution.
Fulfill legal, regulatory, or contractual obligations.
Support health care operations as authorized by Clients.
Report data breaches as required by law.
We will not use or disclose PHI for marketing, sale, or other unauthorized purposes.
4. Safeguards:
We maintain appropriate administrative, physical, and technical safeguards to protect the confidentiality, integrity, and availability of PHI, including:
Access controls and role-based permissions.
Secure data transmission and storage.
Employee HIPAA training and confidentiality agreements.
Regular security risk assessments.
5. Subcontractors:
Any subcontractors or agents who receive PHI on our behalf are required to enter into a written agreement that complies with HIPAA and ensures the protection of PHI.
6. Breach Notification:
In the event of a breach of unsecured PHI, we will notify the affected Client(s) without unreasonable delay and in accordance with HIPAA’s breach notification requirements.
7. Individual Rights:
While we do not have a direct relationship with patients whose PHI we process, we will cooperate with our Clients in responding to any requests by individuals to access, amend, or restrict their PHI, or to obtain an accounting of disclosures, as required by HIPAA.
8. Data Retention and Disposal:
We retain PHI only for as long as necessary to fulfill our contractual and legal obligations. PHI is securely destroyed or returned to Clients in accordance with the terms of our Business Associate Agreements and applicable law.
9. Changes to This Policy:
We reserve the right to update or revise this Privacy Policy at any time. Clients will be notified of any material changes.
10. Contact Information: For questions about this policy or our privacy practices, please contact:
Karen Kaplan, HIPPA Compliance Officer
11800 30th Court North, St. Petersburg, FL 3316
727-530-4277