Patient Privacy Policy
Privacy Practices
Exceptional Smiles Family Dentistry and Kenneth R. Eye, DDS, PC are committed to protecting the privacy and security of our patients’ personal and health information. This notice describes how protected health information (PHI) may be used and disclosed and how you can access this information.
HIPAA Compliance and Website Security
Our dental practices comply with the Health Insurance Portability and Accountability Act (HIPAA) and the Health Information Technology for Economic and Clinical Health Act (HITECH) when collecting, storing, or transmitting protected health information (PHI).
This includes information submitted through:
- Online appointment requests
- Patient portals
- Contact forms or other electronic communications
Our websites use HTTPS with SSL/TLS encryption to protect data transmitted online. Any third-party services used for scheduling, payments, forms, or patient communications are required to be HIPAA-compliant and to have executed Business Associate Agreements (BAAs) when applicable.
Notice of Privacy Practices (NPP)
A Notice of Privacy Practices (NPP) is made available to patients and is posted prominently:
- On our website homepage
- In the website footer
- On the designated Privacy Practices page
The NPP explains:
- How patient information may be used and disclosed
- How we safeguard your information
- Your rights regarding your health information
- How to contact our Privacy Officer with questions or concerns
Data Protection and Access Controls
Access to protected health information is limited to authorized personnel only and governed by role-based access controls. Our staff receives regular training on HIPAA policies, including:
- The “minimum necessary” standard
- Proper handling of patient information
- Identifying and responding to phishing or security threats
We utilize strong password policies and multi-factor authentication (MFA) where available to protect our systems and data.
Content and Marketing Compliance
Patient privacy is respected in all marketing and online communications.
- Patient testimonials, photos, or videos are used only with signed, specific written consent
- We do not confirm or deny a patient relationship in public responses (including online reviews or social media)
- Responses to reviews are written carefully to avoid disclosing any protected health information
Universal consent forms are used only when clearly documented and when patients have explicitly agreed to their terms.
Website Maintenance and Monitoring
To maintain security and reliability, we:
- Regularly update website platforms, plugins, and themes
- Use firewalls, monitoring, and logging tools to detect suspicious activity
- Conduct periodic security assessments
- Maintain secure, offsite backups of patient data
Accessibility and Legal Compliance
Our websites strive to meet WCAG 2.0 Level AA accessibility standards in accordance with the Americans with Disabilities Act (ADA). This includes:
- Alternative text for images
- Keyboard navigation support
- Screen reader compatibility
We also monitor changes in applicable privacy and data protection laws, including GDPR requirements when applicable.
Questions or Concerns
If you have questions about our privacy practices or your rights regarding your health information, please contact our office directly. A designated Privacy Officer is available to assist you.
HIPAA / HITECH Compliance Privacy Officer for Exceptional Smiles Family Dentistry and Kenneth R. Eye, DDS, PC is Jenny Crisman, Office Manager. Phone: Woodstock Office Phone Number (540) 459-4341. Email: [email protected]. Physical Address: 408 S. Main Street, Woodstock, Virginia 22664. By appointment only.