Privacy Policy

San Jose Ear and Sinus Medical Center
Los Gatos, California

Effective Date: 2025-09-15
Last Updated: 2025-09-15

Our Commitment to Your Privacy

At San Jose Ear and Sinus Medical Center, we are committed to protecting the privacy and confidentiality of your personal health information. This Privacy Policy explains how we collect, use, share, and protect your information in accordance with the Health Insurance Portability and Accountability Act (HIPAA) and other applicable privacy laws.

HIPAA Compliance

We strictly adhere to all HIPAA regulations and requirements when handling your protected health information (PHI). Your medical information is protected by federal law, and we maintain comprehensive safeguards to ensure its confidentiality, integrity, and availability. You have specific rights regarding your health information under HIPAA, including:

  • The right to access and obtain copies of your health records

  • The right to request amendments to your health information

  • The right to request restrictions on how your information is used or shared

  • The right to request confidential communications

  • The right to file a complaint if you believe your privacy rights have been violated

For a complete description of your HIPAA rights, please request our Notice of Privacy Practices at your next visit or contact our Privacy Officer.

Information We Collect

We collect and maintain health information necessary to provide you with quality medical care, including:

  • Personal identifying information (name, address, phone number, date of birth)

  • Insurance and billing information

  • Medical history, symptoms, and examination findings

  • Diagnostic test results and treatment records

  • Prescription and medication information

  • Correspondence related to your care

How We Use Your Information

Your health information is used primarily for:

  • Treatment: Providing, coordinating, and managing your healthcare

  • Payment: Processing insurance claims and billing for services

  • Healthcare Operations: Quality improvement, staff training, and administrative functions

  • Legal Requirements: Complying with applicable laws and regulations

Technology Providers and Business Associates

To provide you with the highest quality care and efficient service, we work with trusted technology providers and business associates. These partners may have access to your health information solely for the purpose of supporting our operations. All such relationships are governed by strict Business Associate Agreements that require:

  • Compliance with all HIPAA requirements

  • Implementation of appropriate safeguards to protect your information

  • Limitation of use and disclosure to only what is necessary

  • Return or destruction of information when services end

Our technology partners may include providers of:

  • Electronic health record systems

  • Practice management software

  • Billing and payment processing services

  • Secure communication platforms

  • Data backup and storage services

  • Appointment scheduling systems

Information Security

We implement comprehensive security measures to protect your health information, including:

  • Physical safeguards to protect our facilities and equipment

  • Technical safeguards including encryption, access controls, and audit logs

  • Administrative safeguards including staff training and privacy policies

  • Regular security assessments and updates to our systems

Information Sharing

We only share your health information as permitted or required by law. This may include:

  • Healthcare providers involved in your treatment

  • Insurance companies for payment purposes

  • Public health authorities when required by law

  • Family members or friends you have authorized

  • Emergency situations to protect your health and safety

We will never sell your health information to third parties for marketing purposes.

We do not share your consent to receive SMS from us to our providers.

Your Rights and Choices

You have the right to:

  • Request restrictions on how we use or share your information

  • Choose how we contact you with appointment reminders or other communications

  • Access and obtain copies of your medical records

  • Request corrections to your health information

  • File a complaint with us or the Department of Health and Human Services

Website and Online Services

If we provide online services such as patient portals or appointment scheduling, we use secure, encrypted connections to protect your information during transmission. We may use cookies and similar technologies to improve your online experience, but we do not use these for advertising or tracking purposes without your consent.

Changes to This Policy

We reserve the right to modify this Privacy Policy as needed to comply with changes in laws or our practices. Any changes will be posted in our office and on our website (if applicable). The current version of this policy applies to all health information we maintain, including information created or received before the policy's effective date.

Acknowledgment

By receiving services at San Jose Ear and Sinus Medical Center, you acknowledge that you have been provided with this Privacy Policy and our Notice of Privacy Practices, and that you understand how your health information may be used and shared.

This Privacy Policy complies with HIPAA regulations and California state privacy laws. For specific legal questions, please consult with a qualified attorney.