Privacy Policy
Effective Date: 11.01.2024
Introduction
Muse Plastic Surgery ("we," "us," or "our") is committed to protecting the privacy and confidentiality of the personal and health information you entrust to us. This Privacy Policy outlines our practices concerning information collected through our website, located at [Insert Website Address], and how we comply with the Health Insurance Portability and Accountability Act (HIPAA) and Google's advertising policies.
Website Visitors
We may collect non-personally identifiable information about your visit to our website, such as your IP address, browser type, referring URLs, and pages viewed, to analyze website traffic and improve user experience.
Collection of Personal Health Information (PHI) via Web Form
When you use our online consultation request form, you voluntarily provide us with Protected Health Information (PHI), which is data related to your health status. This includes:
Name, Email, Phone Number, City, Postal Code
Health Information: Height (in inches) and Weight (in pounds)
How We Use Your PHI
We use this information solely for the purpose of providing, coordinating, and managing your healthcare and related services. Specifically, this data helps our double board-certified surgeons assess your suitability for a tummy tuck (abdominoplasty) and prepare for your initial consultation.
Our Commitment to HIPAA Compliance
Muse Plastic Surgery is a "covered entity" under HIPAA and is required by law to maintain the privacy of your protected health information.
Confidentiality: We employ appropriate safeguards to protect the privacy of your PHI, ensuring it is kept secure and confidential.
Limited Disclosure: We limit the use and disclosure of your PHI to treatment, payment, and healthcare operations, or as otherwise authorized by law. We will not disclose, give, sell, or transfer your personally identifiable health information unless required by law enforcement or federal law, or with your explicit written authorization.
Business Associates: We require any third-party service providers who handle your PHI (e.g., our CRM system provider) to sign a Business Associate Agreement (BAA), committing them to the same strict data protection standards we uphold.
Data Collected for Advertising and Analytics (Google Ads)
We use services like Google Analytics to understand how visitors interact with our website. When using these services:
No PHI in Ads: We adhere to Google's policies and do not include PHI in our advertising campaigns or share identifiable health information with advertisers without explicit consent.
Google's Data Use: We require users to be aware of how Google uses information when they visit our site. You can review how Google handles data in sites that use their services on How Google uses information from sites or apps that use our services.
Your Rights Regarding Your PHI
You have rights regarding the health information we maintain about you, including the right to:
Examine and obtain a copy of your health records.
Request corrections to inaccurate information.
Request restrictions on how we use and disclose certain information.