Privacy Policy and HIPAA Notice of Privacy Practices

Effective Date: June 11, 2026


This Privacy Policy and HIPAA Notice of Privacy Practices describes how Beach Braces may collect, use, disclose, protect, and manage information about patients, prospective patients, website visitors, and other individuals who interact with our practice, website, online forms, text messaging services, email communications, and other services.


This notice also describes how medical information about you may be used and disclosed and how you can access this information. Please review it carefully.


Who We Are

Beach Braces is an orthodontic practice located in California. In this Privacy Policy, “Beach Braces,” “we,” “our,” and “us” refer to Beach Braces and its team members, representatives, and service providers acting on our behalf.


For questions about this Privacy Policy or our privacy practices, please contact us:


Beach Braces
220 N. Aviation Blvd. Suite A

Manhattan Beach, CA 90266

310) 379-0006


Information We Collect

We may collect information directly from you, automatically through our website, from your parent, guardian, caregiver, or authorized representative, from dental or healthcare providers involved in your care, from insurance providers, and from third-party service providers that help us operate our practice.


The types of information we may collect include:


  • Name, address, phone number, email address, date of birth, and other contact information
  • Patient forms, appointment requests, consultation requests, and communications submitted through our website
  • Dental, orthodontic, medical, treatment, insurance, billing, and payment information
  • Photographs, X-rays, scans, diagnostic records, treatment notes, and other orthodontic records
  • Parent, guardian, emergency contact, or responsible party information
  • Insurance plan information and payment details
  • Communication preferences, including consent to receive text messages or email communications
  • Website usage information, such as IP address, browser type, device information, pages visited, referring pages, and interactions with our website
  • Information collected through cookies, pixels, analytics tools, advertising tools, or similar technologies


Some of this information may be considered protected health information, or PHI, under the Health Insurance Portability and Accountability Act of 1996 and its implementing regulations, commonly known as HIPAA. Some information may also be protected under California privacy and medical confidentiality laws.


Protected Health Information

“Protected health information” means individually identifiable health information that relates to your physical or mental health, dental or orthodontic care, healthcare services you receive, or payment for healthcare services.


We are required by law to maintain the privacy and security of protected health information, provide you with this notice of our legal duties and privacy practices, follow the terms of this notice, and notify affected individuals following a breach of unsecured protected health information when required by law.


How We May Use and Disclose Protected Health Information

We may use and disclose your protected health information for treatment, payment, and healthcare operations.


Treatment

We may use or disclose your protected health information to provide, coordinate, or manage your orthodontic care. This may include sharing information with dentists, dental specialists, physicians, laboratories, imaging providers, or other healthcare professionals involved in your care.


For example, we may share orthodontic records with your general dentist or another dental provider to coordinate treatment.


Payment

We may use and disclose your protected health information to bill for services, collect payment, determine insurance eligibility or benefits, obtain pre-authorizations, submit insurance claims, or communicate with insurance companies, responsible parties, or payment processors.


For example, we may provide treatment and billing information to your insurance company so that your benefits can be processed.


Healthcare Operations

We may use and disclose your protected health information for activities necessary to operate our practice. These activities may include quality assessment, staff training, case management, business planning, compliance, auditing, legal services, customer service, patient satisfaction, credentialing, and other administrative functions.


For example, we may use patient information to evaluate the quality of care provided by our team or to train staff on proper office procedures.


Other Uses and Disclosures Permitted or Required by Law

We may also use or disclose protected health information in the following situations, as permitted or required by applicable law:


Appointment Reminders and Treatment Communications

We may contact you by phone, voicemail, text message, email, mail, or other communication methods to remind you of appointments, follow up on care, provide treatment-related information, or tell you about health-related benefits or services that may be of interest to you.


Family Members, Guardians, and Others Involved in Your Care

We may disclose relevant information to a family member, parent, guardian, personal representative, caregiver, or other person involved in your care or payment for your care, unless you object or applicable law restricts the disclosure.


For minors, parents or legal guardians may generally have access to the minor’s health information, subject to applicable federal and California law.


Business Associates and Service Providers

We may share protected health information with third-party service providers or business associates that perform services for us, such as billing, scheduling, practice management software, secure messaging, imaging, payment processing, marketing support, IT support, website hosting, data storage, analytics, legal, accounting, or consulting services. When required by law, these parties must agree to safeguard protected health information.


Public Health and Safety

We may disclose protected health information for public health activities, including reporting disease, injury, abuse, neglect, domestic violence, product recalls, adverse events, or other matters required or permitted by law.


Health Oversight Activities

We may disclose protected health information to government agencies, licensing boards, accreditation organizations, or other oversight authorities for audits, investigations, inspections, licensure, discipline, compliance, or other activities authorized by law.


Legal Proceedings

We may disclose protected health information in response to a court order, subpoena, discovery request, administrative order, or other lawful process, when required or permitted by law.


Law Enforcement

We may disclose protected health information to law enforcement officials in limited circumstances, such as in response to a court order, warrant, subpoena, or other lawful request, to report certain injuries or crimes, or to address a serious threat to health or safety.


Coroners, Medical Examiners, and Funeral Directors

We may disclose protected health information to coroners, medical examiners, or funeral directors when necessary for them to perform their duties.


Serious Threats to Health or Safety

We may use or disclose protected health information when we believe in good faith that the use or disclosure is necessary to prevent or lessen a serious and imminent threat to the health or safety of a person or the public.


Workers’ Compensation

We may disclose protected health information as authorized by and to the extent necessary to comply with workers’ compensation or similar laws.


Military, Veterans, National Security, and Protective Services

If applicable, we may disclose protected health information for military, veterans, national security, intelligence, or protective services activities as authorized or required by law.


Correctional Institutions

If you are an inmate or in the custody of law enforcement, we may disclose protected health information to a correctional institution or law enforcement official when necessary for your health and safety, the health and safety of others, or the safety and security of the institution.


Disaster Relief

We may use or disclose protected health information to an organization assisting in disaster relief efforts so that your family or others responsible for your care may be notified of your location, condition, or status.


Required by Law

We may use or disclose protected health information when required to do so by federal, state, or local law.


Uses and Disclosures That Require Your Written Authorization

We will obtain your written authorization before using or disclosing your protected health information for purposes not described in this notice or otherwise permitted by law.


In most cases, we must obtain your written authorization for:


  • Uses and disclosures of psychotherapy notes, if applicable
  • Uses and disclosures of protected health information for marketing purposes where authorization is required by law
  • Sale of protected health information
  • Certain uses or disclosures of photographs, testimonials, videos, or patient stories for marketing, advertising, website, social media, or promotional purposes


If you give us written authorization, you may revoke that authorization in writing at any time, except to the extent we have already relied on it.


Your HIPAA Privacy Rights

You have the following rights regarding your protected health information. To exercise these rights, please contact us in writing using the contact information listed in this policy.


Right to Inspect and Receive a Copy

You have the right to inspect or receive a copy of certain protected health information that we maintain about you. This may include medical and billing records used to make decisions about your care. We may provide copies in paper or electronic format, as required by law. We may charge a reasonable, cost-based fee when permitted by law.


We may deny your request in certain limited circumstances. If we deny your request, you may have the right to request a review of that denial.


Right to Request an Amendment

You have the right to request that we amend protected health information that you believe is incorrect or incomplete. Your request must be made in writing and explain why the information should be amended.


We may deny your request if the information was not created by us, is not part of the records we maintain, is not available for inspection, or is accurate and complete. If we deny your request, you may submit a written statement of disagreement as permitted by law.


Right to Request Restrictions

You have the right to request restrictions on how we use or disclose your protected health information for treatment, payment, or healthcare operations. We are not required to agree to every request.


However, if you pay for a healthcare item or service in full out of pocket and ask us not to disclose information about that item or service to your health plan for payment or healthcare operations purposes, we will honor that request unless disclosure is required by law.


Right to Request Confidential Communications

You have the right to request that we communicate with you in a specific way or at a specific location. For example, you may ask us to contact you only at a certain phone number or address. We will accommodate reasonable requests when required by law.


Right to Receive an Accounting of Disclosures

You have the right to request a list of certain disclosures we have made of your protected health information. This list will not include all disclosures, such as disclosures made for treatment, payment, healthcare operations, disclosures made to you, disclosures made with your authorization, or other disclosures excluded by law.


Right to Receive a Paper Copy

You have the right to receive a paper copy of this notice at any time, even if you agreed to receive it electronically.


Right to Choose Someone to Act for You

If you have given someone medical power of attorney or if someone is your legal guardian or authorized personal representative, that person may exercise your rights and make choices about your health information, subject to applicable law.


Right to File a Complaint

You have the right to file a complaint if you believe your privacy rights have been violated. You may file a complaint with Beach Braces using the contact information listed in this policy.


You may also file a complaint with the U.S. Department of Health and Human Services, Office for Civil Rights.


We will not retaliate against you for filing a complaint.


California Medical Privacy Rights

Because Beach Braces is located in California, we also comply with applicable California medical privacy laws, including the California Confidentiality of Medical Information Act, where applicable.


California law may provide additional protections for medical information and may limit how healthcare providers and certain contractors use and disclose individually identifiable medical information. We will use and disclose medical information only as permitted by applicable federal and California law.


Website Privacy Practices

This section explains how we may collect, use, and share information through our website and digital services.


Information Submitted Through Online Forms

When you submit a contact form, appointment request, consultation request, referral form, patient form, payment form, or other online form, we may collect the information you provide, such as your name, phone number, email address, appointment preferences, patient status, treatment interests, and message content.


Please do not submit sensitive medical information through a general website contact form unless the form is specifically intended for that purpose. If you are experiencing a medical emergency, call 911 or seek immediate medical attention.


Cookies, Analytics, Pixels, and Similar Technologies

Our website may use cookies, analytics tools, pixels, tags, or similar technologies to operate the website, improve functionality, understand how visitors use the website, measure marketing performance, prevent fraud, and support advertising or retargeting efforts.


These technologies may collect information such as IP address, device type, browser type, pages visited, referring website, date and time of visit, and interactions with the website.


You can usually adjust your browser settings to reject or remove cookies. Some website features may not function properly if cookies are disabled.


Third-Party Tools

We may use third-party tools and service providers to support our website, online forms, scheduling, analytics, advertising, call tracking, payment processing, website hosting, security, and communications. These third parties may collect or receive information as necessary to provide their services to us.


Where required, we take steps designed to ensure that third-party service providers protect information appropriately.


How We Use Personal Information

We may use personal information for the following purposes:


  • To respond to inquiries and appointment requests
  • To schedule consultations and appointments
  • To provide orthodontic care and related services
  • To verify identity, insurance, benefits, and payment information
  • To communicate with patients, parents, guardians, and responsible parties
  • To send appointment reminders and treatment-related messages
  • To process payments and manage billing
  • To operate, maintain, and improve our website and services
  • To personalize website content and improve user experience
  • To evaluate marketing and advertising performance
  • To comply with legal, regulatory, professional, and contractual obligations
  • To protect the security, integrity, and availability of our systems and information
  • To prevent fraud, misuse, or unauthorized access
  • For other purposes described at the time information is collected or with your consent


How We Share Personal Information

We do not sell protected health information.


We may share personal information with:

  • Dental, orthodontic, medical, or healthcare providers involved in your care
  • Insurance providers, benefit administrators, and payment processors
  • Parents, guardians, personal representatives, or responsible parties, where permitted by law
  • Service providers and business associates that help us operate our practice, website, communications, analytics, advertising, security, billing, scheduling, and other business functions
  • Government agencies, regulators, courts, law enforcement, or other parties when required or permitted by law
  • Professional advisors, such as attorneys, accountants, consultants, and insurers
  • Other parties with your consent or authorization


SMS/Text Messaging Privacy

If you provide your mobile phone number and opt in to receive text messages from Beach Braces, we may use text messaging to communicate with you about appointments, forms, treatment-related reminders, account updates, and other practice-related information.


Message and data rates may apply. Message frequency may vary. You may opt out of text messages at any time by replying STOP, or you may contact our office for assistance. Reply HELP for help when supported by the messaging platform.


We will not sell or share your text messaging opt-in data or consent with third parties for their own marketing purposes. We may share your mobile number, SMS opt-in status, and related information with vendors and service providers that help us deliver text messages, manage communications, or provide related services on our behalf.


Email Communications

If you provide your email address, we may use it to communicate with you about appointments, treatment, forms, account matters, educational information, or other practice-related updates. Email may not always be a secure method of communication. Please avoid sending sensitive medical information by email unless you understand and accept the risks or we have provided a secure method for doing so.


Children’s Privacy

Our website and services are intended for use by patients, prospective patients, parents, guardians, and responsible parties. We may collect information about minors when submitted by a parent, guardian, responsible party, or as otherwise permitted by law in connection with orthodontic care.

We do not knowingly collect personal information from children through our website for purposes unrelated to providing orthodontic services or responding to inquiries submitted by a parent, guardian, or authorized individual.


California Consumer Privacy Notice

This section applies to California residents to the extent the California Consumer Privacy Act, as amended by the California Privacy Rights Act, applies to Beach Braces and to the personal information at issue.


Some information collected by a healthcare provider, including protected health information and medical information, may be exempt from certain CCPA/CPRA requirements when it is protected by HIPAA or California medical privacy laws. However, other personal information collected through our website or business operations may be subject to California consumer privacy requirements.


Categories of Personal Information We May Collect

Depending on how you interact with us, we may collect the following categories of personal information:


  • Identifiers, such as name, address, email address, phone number, IP address, or online identifiers
  • Personal information described in California Civil Code Section 1798.80, such as contact information, insurance information, and payment information
  • Protected classification information, such as age or date of birth, when relevant to care or required forms
  • Commercial information, such as services requested, payment history, or transaction history
  • Internet or electronic network activity information, such as website usage data, browser information, and interactions with our website
  • Geolocation information, such as general location inferred from IP address
  • Audio, electronic, visual, or similar information, such as voicemail messages, call recordings if used, photographs, X-rays, scans, or images
  • Professional or employment-related information, if you apply for employment
  • Sensitive personal information, such as health information, insurance information, payment information, or account access information, where applicable


Sources of Personal Information

We may collect personal information from:


  • You
  • Parents, guardians, caregivers, or responsible parties
  • Dental, orthodontic, medical, or healthcare providers
  • Insurance companies and benefit providers
  • Website forms, cookies, analytics tools, and advertising technologies
  • Service providers and business partners
  • Publicly available sources, where applicable


Purposes for Collection, Use, and Disclosure

We may collect, use, and disclose personal information for the purposes described in this Privacy Policy, including providing orthodontic services, responding to inquiries, scheduling appointments, operating our website, communicating with you, processing payments, managing insurance and billing, improving our services, complying with legal obligations, and protecting our practice.


Sale or Sharing of Personal Information

We do not sell protected health information.

We do not knowingly sell or share personal information of individuals under 16 years of age.


Some website analytics, advertising, retargeting, or tracking technologies may be considered a “sale” or “sharing” of personal information under California law if they are used for cross-context behavioral advertising or similar purposes. If Beach Braces uses these technologies in a way that qualifies as a sale or sharing under California law, California residents may have the right to opt out.


To exercise opt-out rights, please contact us using the information in this policy or use any “Do Not Sell or Share My Personal Information” link or privacy preference tool made available on our website, if applicable.


Sensitive Personal Information

We do not use or disclose sensitive personal information for purposes other than those permitted by California law, such as providing services, processing payments, ensuring security, preventing fraud, maintaining quality and safety, or complying with legal obligations.


California Privacy Rights

Subject to applicable exceptions, California residents may have the right to:


  • Know what personal information we collect, use, disclose, sell, or share
  • Access specific pieces of personal information we maintain about them
  • Request deletion of personal information
  • Request correction of inaccurate personal information
  • Opt out of the sale or sharing of personal information
  • Limit certain uses or disclosures of sensitive personal information, where applicable
  • Not be discriminated against for exercising privacy rights


To submit a California privacy request, please contact us:


Beach Braces
220 N. Aviation Blvd. Suite A

Manhattan Beach, CA 90266

310) 379-0006


We may need to verify your identity before responding to your request. You may also designate an authorized agent to submit a request on your behalf, subject to verification requirements.


Do Not Track and Global Privacy Control

Some browsers offer “Do Not Track” signals. Because there is not a uniform industry standard for responding to Do Not Track signals, our website may not respond to them.


Where required by applicable law and technically feasible, we will honor legally recognized browser-based opt-out preference signals, such as Global Privacy Control, for California residents.


Data Security

We use reasonable administrative, technical, and physical safeguards designed to protect personal information and protected health information from unauthorized access, use, disclosure, alteration, or destruction.


No website, email system, electronic storage system, or transmission method is completely secure. We cannot guarantee absolute security.


Data Retention

We retain personal information and protected health information for as long as necessary to provide services, operate our practice, maintain records, comply with legal and professional obligations, resolve disputes, enforce agreements, and fulfill the purposes described in this Privacy Policy.


Medical and orthodontic records are retained in accordance with applicable federal and California record retention requirements.


Links to Third-Party Websites

Our website may contain links to third-party websites or services. We are not responsible for the privacy practices, content, or security of third-party websites. We encourage you to review the privacy policies of any third-party sites you visit.


Changes to This Privacy Policy

We may update this Privacy Policy and HIPAA Notice of Privacy Practices from time to time. When we make updates, we will revise the “Last Updated” date above. Updated versions will apply to information we maintain as permitted by law.


You may request a current copy of this notice at any time by contacting our office.


Contact Us

For questions about this Privacy Policy, our privacy practices, or your privacy rights, please contact:


Beach Braces
220 N. Aviation Blvd. Suite A

Manhattan Beach, CA 90266

310) 379-0006

Complaints

If you believe your privacy rights have been violated, you may file a complaint with Beach Braces using the contact information above.

You may also file a complaint with the U.S. Department of Health and Human Services, Office for Civil Rights.


We will not retaliate against you for filing a complaint.