Your Privacy is Important
Your privacy is critically important to us. At Vaksman Dental Group (“VDG”) we have some fundamental principles:
- We don’t ask for personal information unless we actually need it.
- We don’t share your personal health information, other than as outlined below in our HIPAA Privacy Practices Notice.
- No personal information is stored on our servers unless we need it for the on-going operation of our services.
If you have questions about deleting, restricting or correcting your personal data please contact us.
Irena Vaksman, DDS, PC (doing business as “Vaksman Dental Group”) operates this website (www.drvaksman.com) and any subdomains. It is VDG’s policy to respect your privacy regarding any information we may collect while operating our website.
Notice of Privacy Practices
THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.
I. Dental Practice Covered by this Notice
This notice (“Notice”) describes the privacy practices of Irena Vaksman, DDS, PC (doing business as Vaksman Dental Group, and hereinafter referred to as “Dental Practice”), as per the requirements of the HIPAA Privacy Rule (“HIPAA”) and with respect to Protected Health Information (“PHI”). “We” and “Our” means the Dental Practice. “You” and “Your” means Our patient. (Your “Authorization”).
II. How to Contact Us/Our Privacy Official
If You have any questions or would like further information about this Notice, You can contact the Dental Practice at:
Vaksman Dental Group
ATTN: Robert Vaksman, Esq.
450 Sutter Street, Suite 2307
San Francisco, CA 94108
III. Our Promise to You and Our Legal Obligations
The privacy of Your health information is important to us. We understand that Your health information is personal and We are committed to protecting it. This Notice describes how We may use and disclose Your protected health information to carry out treatment, payment or health care operations and for other purposes that are permitted or required by law. It also describes Your rights to access and control Your protected health information. Protected health information is information about You, including demographic information, that may identify You and that relates to Your past, present or future physical or mental health or condition and related health care services.
We are required by law to:
- Maintain the privacy of Your protected health information;
- Give You this Notice of Our legal duties and privacy practices with respect to that information; and
- Abide by the terms of Our Notice that is currently in effect.
IV. Last Revision Date
This Notice was last revised on December 14, 2018.
V. How We May Use or Disclose Your Health Information
The following examples describe different ways We may use or disclose Your health information. These examples are not meant to be exhaustive. We are permitted by law to use and disclose Your health information for the following purposes:
A. Common Uses and Disclosures
- Treatment. We may use Your health information to provide You with dental treatment or services, such as cleaning or examining Your teeth or performing dental procedures. We may disclose health information about You to dental specialists, physicians, or other health care professionals involved in Your care.
- Payment. We may use and disclose Your health information to obtain payment from health plans and insurers for the care that We provide to You.
- Health Care Operations. We may use and disclose health information about You in connection with health care operations necessary to run Our practice, including review of Our treatment and services, training, evaluating the performance of Our staff and health care professionals, quality assurance, financial or billing audits, legal matters, and business planning and development. Any audio or video recordings made for this purpose will not be part of Your medical record.
- Appointment Reminders. We may use or disclose Your health information when contacting You to remind You of a dental appointment. We may contact You by using a postcard, letter, phone call, voice message, text or email.
- Treatment Alternatives and Health-Related Benefits and Services. We may use and disclose Your health information to tell You about treatment options or alternatives or health-related benefits and services that may be of interest to You.
- Disclosure to Family Members and Friends. We may disclose Your health information to a family member or friend who is involved with Your care or payment for Your care if You do not object or, if You are not present, We believe it is in Your best interest to do so.
- Disclosure to Business Associates. We may disclose Your protected health information to Our third-party service providers (called, “business associates”) that perform functions on Our behalf or provide us with services if the information is necessary for such functions or services. For example, We may use a business associate to assist us in maintaining Our practice management software. All of Our business associates are obligated, under contract with us, to protect the privacy of Your information and are not allowed to use or disclose any information other than as specified in Our contract.
B. Less Common Uses and Disclosures
- Disclosures Required by Law. We may use or disclose patient health information to the extent We are required by law to do so. For example, We are required to disclose patient health information to the U.S. Department of Health and Human Services so that it can investigate complaints or determine Our compliance with HIPAA.
- Public Health Activities. We may disclose patient health information for public health activities and purposes, which include: preventing or controlling disease, injury or disability; reporting births or deaths; reporting child abuse or neglect; reporting adverse reactions to medications or foods; reporting product defects; enabling product recalls; and notifying a person who may have been exposed to a disease or may be at risk for contracting or spreading a disease or condition.
- Victims of Abuse, Neglect or Domestic Violence. We may disclose health information to the appropriate government authority about a patient whom We believe is a victim of abuse, neglect or domestic violence.
- Health Oversight Activities. We may disclose patient health information to a health oversight agency for activities necessary for the government to provide appropriate oversight of the health care system, certain government benefit programs, and compliance with certain civil rights laws.
- Lawsuits and Legal Actions. We may disclose patient health information in response to (i) a court or administrative order or (ii) a subpoena, discovery request, or other lawful process that is not ordered by a court.
- Law Enforcement Purposes. We may disclose Your health information to a law enforcement official for a law enforcement purposes, such as to identify or locate a suspect, material witness or missing person or to alert law enforcement of a crime.
- Coroners, Medical Examiners and Funeral Directors. We may disclose Your health information to a coroner, medical examiner or funeral director to allow them to carry out their duties.
- Organ, Eye and Tissue Donation. We may use or disclose Your health information to organ procurement organizations or others that obtain, bank or transplant cadaveric organs, eyes or tissue for donation and transplant.
- Research Purposes. We may use or disclose Your information for research purposes pursuant to patient authorization waiver approval by an Institutional Review Board or Privacy Board.
- Serious Threat to Health or Safety. We may use or disclose Your health information if We believe it is necessary to do so to prevent or lessen a serious threat to anyone’s health or safety.
- Specialized Government Functions. We may disclose Your health information to the military (domestic or foreign) about its members or veterans, for national security and protective services for the President or other heads of state, to the government for security clearance reviews, and to a jail or prison about its inmates.
- Workers’ Compensation. We may disclose Your health information to comply with workers’ compensation laws or similar programs that provide benefits for work-related injuries or illness.
- 3rd Party Communications Initiated by You. We are always pleased when patients are willing to communicate their experiences received at the Dental Practice. Sharing Your story can help others who are interested in knowing more about the patient services provided by the Dental Practice, and can help promote Our mission of service. In the event You communicate with any 3rd parties (such as but, not limited to, social and/or review platforms) about Your experience with the Dental Practice, You then hereby grant permission to the Dental Practice to use, disclose, respond, comment or otherwise communicate on or to such 3rd party with respect to your personal health information.
- Education and Promotion. You grant the Dental Practice the right to use, without limitation or any financial remuneration, Your intra-oral images, facial photographs and any testimonial(s) (in whatever form provided, such as text, video or audio) in any educational, marketing, or advertising materials, including use on the Dental Practice’s web site. Your full name or personal contact details will never be distributed, and You may opt-out of this consent at any time by notifying the Dental Practice in writing. You also understand that if Your image is posted on the Dental Practice’s web site, the image can be downloaded by any computer user, which is beyond the control of the Dental Practice, and You will hold the Dental Practice harmless from any such use or download.
VI.Your Written Authorization for Any Other Use or Disclosure of Your Health Information
Uses and disclosures of Your protected health information that involve other uses or disclosures not described in this Notice will be made only with Your written authorization, unless otherwise permitted or required by law. You may revoke this authorization at any time, in writing, except to the extent that this office has taken an action in reliance on the use of disclosure indicated in the authorization. If a use or disclosure of protected health information described above in this notice is prohibited or materially limited by other laws that apply to use, We intend to meet the requirements of the more stringent law.
VII. Your Rights with Respect to Your Health Information
You have the following rights with respect to certain health information that We have about You (information in a Designated Record Set as defined by HIPAA). To exercise any of these rights, You must submit a written request to Our Privacy Official listed on the first page of this Notice.
A. Right to Access and Review.
You may request to access and review a copy of Your health information. We may deny Your request under certain circumstances. You will receive written notice of a denial and can appeal it. We will provide a copy of Your health information in a format You request if it is readily producible. If not readily producible, We will provide it in a hard copy format or other format that is mutually agreeable. If Your health information is included in an Electronic Health Record, You have the right to obtain a copy of it in an electronic format and to direct us to send it to the person or entity You designate in an electronic format. We may charge a reasonable fee to cover Our cost to provide You with copies of Your health information.
B. Right to Amend.
If You believe that Your health information is incorrect or incomplete, You may request that We amend it. We may deny Your request under certain circumstances. You will receive written notice of a denial and can file a statement of disagreement that will be included with Your health information that You believe is incorrect or incomplete.
C. Right to Restrict Use and Disclosure.
You may request that We restrict uses of Your health information to carry out treatment, payment, or health care operations or to Your family member or friend involved in Your care or the payment for Your care. We may not (and are not required to) agree to Your requested restrictions, with one exception: If You pay out of Your pocket in full for a service You receive from us and You request that We not submit the claim for this service to Your health insurer or health plan for reimbursement, We must honor that request.
D. Right to Confidential Communications, Alternative Means and Locations.
You may request to receive communications of health information by alternative means or at an alternative location. We will accommodate a request if it is reasonable and You indicate that communication by regular means could endanger You. When You submit a written request to the Privacy Official listed on the first page of this Notice, You need to provide an alternative method of contact or alternative address and indicate how payment for services will be handled.
E. Right to an Accounting of Disclosures.
You have a right to receive an accounting of disclosures of Your health information for the six (6) years prior to the date that the accounting is requested except for disclosures to carry out treatment, payment, health care operations (and certain other exceptions as provided by HIPAA). The first accounting We provide in any 12-month period will be without charge to You. We may charge a reasonable fee to cover the cost for each subsequent request for an accounting within the same 12-month period. We will notify You in advance of this fee and You may choose to modify or withdraw Your request at that time.
F. Right to a Paper Copy of this Notice.
You have the right to a paper copy of this Notice. You may ask us to give You a paper copy of the Notice at any time (even if You have agreed to receive the Notice electronically). To obtain a paper copy, ask the Privacy Official.
G. Right to Receive Notification of a Security Breach.
We are required by law to notify You if the privacy or security of Your health information has been breached. The notification will occur by email or first class mail within sixty (60) days of the event. A breach occurs when there has been an unauthorized use or disclosure under HIPAA that compromises the privacy or security of Your health information. The breach notification will contain the following information: (1) a brief description of what happened, including the date of the breach and the date of the discovery of the breach; (2) the steps You should take to protect yourself from potential harm resulting from the breach; and (3) a brief description of what We are doing to investigate the breach, mitigate losses, and to protect against further breaches.
VIII. Special Protections for HIV, Alcohol and Substance Abuse, Mental Health and Genetic Information.
Certain federal and state laws may require special privacy protections that restrict the use and disclosure of certain health information, including HIV-related information, alcohol and substance abuse information, mental health information, and genetic information. For example, a health plan is not permitted to use or disclose genetic information for underwriting purposes. Some parts of this HIPAA Notice of Privacy Practices may not apply to these types of information. If Your treatment involves this information, You may contact Our office for more information about these protections.
IX. Our Right to Change Our Privacy Practices and This Notice.
We reserve the right to change the terms of this Notice at any time. Any change will apply to the health information We have about You or create or receive in the future. We will promptly revise the Notice when there is a material change to the uses or disclosures, individual’s rights, Our legal duties, or other privacy practices discussed in this Notice. We will post the revised Notice on Our website (if applicable) and in Our office and will provide a copy of it to You on request. The effective date of this Notice is December 14, 2018.
X. How to Make Privacy Complaints.
If You have any complaints about Your privacy rights or how Your health information has been used or disclosed, You may file a complaint with us by contacting Our Privacy Official listed on the first page of this Notice. You may also file a written complaint with the Secretary of the U.S. Department of Health and Human Services, Office for Civil Rights. We will not retaliate against You in any way if You choose to file a complaint.
 “HIPAA” stands for the Health Insurance Portability and Accountability Act of 1996.
 The “Privacy Rule” refers to regulations issued by the U.S. Department of Health and Human Services pursuant to HIPAA.
 “Protected Health Information” is information (i) about Your physical or mental health or condition, health care, or the payment for the health care; (ii) that identifies You directly or indirectly (i.e., there is a reasonable basis to believe that the information could be used to identify You); and (iii) that is maintained or transmitted by the Dental Practice.
Like most website operators, VDG collects non-personally-identifying information of the sort that web browsers and servers typically make available, such as the browser type, language preference, referring site, and the date and time of each visitor request. VDG’s purpose in collecting non-personally identifying information is to better understand how VDG’s visitors use its website. From time to time, VDG may release non-personally-identifying information in the aggregate, e.g., by publishing a report on trends in the usage of its website.
VDG also collects potentially personally-identifying information like Internet Protocol (IP) addresses for logged in users and for users submitting forms.
Gathering of Personally-Identifying Information
Certain visitors to VDG’s websites choose to interact with VDG in ways that require VDG to gather personally-identifying information. Users seeking to become members will need to provide personal and financial information necessary to process the membership application and perform billing operations, including a username, email address, phone number, family relationships if this is a group account, and billing information. In each case, VDG collects such information only insofar as is necessary or appropriate to fulfill the purpose of the visitor’s interaction with VDG. VDG does not disclose personally-identifying information other than as described below. And visitors can always refuse to supply personally-identifying information, with the caveat that it may prevent them from becoming members or maintaining their on-going membership.
VDG may collect statistics about the behavior of visitors to its websites. For instance, VDG may monitor the most popular uses of our VDG control panels, or look at the most common referrers to our public site.
Protection of Certain Personally-Identifying Information
VDG discloses potentially personally-identifying and personally-identifying information only to those of its employees, contractors and affiliated organizations that (i) need to know that information in order to process it on VDG’s behalf or to provide services available at VDG’s websites, and (ii) that have agreed not to disclose it to others. Some of those employees, contractors and affiliated organizations may be located outside of your home country; by using VDG’s websites, you consent to the transfer of such information to them. VDG will not rent or sell potentially personally-identifying and personally-identifying information to anyone. Other than to its employees, contractors and affiliated organizations, as described above, VDG discloses potentially personally-identifying and personally-identifying information only in response to a subpoena, court order or other governmental request, or when VDG believes in good faith that disclosure is reasonably necessary to protect the property or rights of VDG, third parties or the public at large. If you are a registered user of an VDG website and have supplied your email address, VDG may occasionally send you an email to tell you about new features, solicit your feedback, or just keep you up to date with what’s going on with VDG and our products. However, we expect to keep this type of email to a minimum. If you send us a request (for example via a support email or via one of our feedback mechanisms), we reserve the right to publish it in order to help us clarify or respond to your request or to help us support other users. VDG takes all measures reasonably necessary to protect against the unauthorized access, use, alteration or destruction of potentially personally-identifying and personally-identifying information.
If VDG, or substantially all of its assets, were acquired, or in the unlikely event that VDG goes out of business or enters bankruptcy, user information would be one of the assets that is transferred or acquired by a third party. You acknowledge that such transfers may occur, and that any acquirer of VDG may continue to use your personal information as set forth in this policy.