1. Introduction
China Dental Designs (“we,” “our,” or “us”) is committed to protecting the privacy and security of personal health information in accordance with applicable federal and state laws, including the Health Insurance Portability and Accountability Act of 1996 (HIPAA), the HITECH Act, and applicable state privacy regulations.
This Privacy Policy describes how we collect, use, disclose, and protect information when providing digital dental design services (CAD/CAM) to dental professionals and laboratories in the United States. As a Business Associate providing services to HIPAA-covered entities, we understand the critical importance of maintaining the confidentiality, integrity, and availability of Protected Health Information (PHI).
2. Information We Collect
Protected Health Information (PHI)
When providing digital dental design services, we may receive and process PHI that includes:
- Digital Files: STL/PLY/OBJ files containing patient-specific oral anatomy.
- Treatment Data: Information related to dental procedures (crowns, bridges, implants, aligners).
- Identifiers: Case numbers, patient initials, and treatment specifications provided by the dental professional.
- Imaging: Digital radiographic images or intraoral photos used for design reference.
Non-PHI Information
We also collect business-related information including:
- Contact Information: Dental Lab name, email addresses, and phone numbers.
- Technical Data: IP addresses and website usage data for security monitoring.
3. How We Use Information
Primary Use – Treatment Support
PHI is used exclusively for the purpose of completing the requested dental design work:
- Designing dental prosthetics (Crown & Bridge, All-on-X, Abutments).
- Verifying fit and occlusion accuracy.
- Communicating directly with the prescribing dental laboratory regarding case details.
Strict Prohibition on Data Sale
We will NEVER sell, market, or rent patient data or PHI to third parties. Data is used strictly for the fulfillment of the service contract.
4. Data Security Measures (HIPAA Security Rule)
We implement robust physical, technical, and administrative safeguards to protect your data:
🔒 Technical Safeguards:
- Encryption: All files (STL/PLY) are encrypted in transit (SSL/TLS) and at rest (AES-256).
- Access Control: Strict user authentication and role-based access for our design technicians.
- Audit Logs: We maintain logs of who accessed a file and when.
🛡️ Administrative Safeguards:
- NDA: All employees sign strict Non-Disclosure Agreements.
- Training: Regular HIPAA and data privacy training for all staff.
- BAA: We are prepared to sign Business Associate Agreements (BAA) with our US partners.
5. International Data Transfer
Our design center operates internationally to provide overnight services. By using our services, you acknowledge and consent to the secure transfer of data for processing. We ensure that international transfers comply with standard contractual clauses and maintain HIPAA-equivalent security levels.
6. Data Retention
- Active Cases: Files are retained for the duration necessary to complete the design and any revisions.
- Archiving: Completed design files are stored securely for a limited period to allow for remakes/adjustments, after which they are securely deleted or anonymized in accordance with our data retention policy.
7. Your Rights
As our partner (Dental Professional/Lab Owner), you have the right to:
- Request the deletion of specific case files from our servers.
- Request an audit of our data handling for your specific account.
- Receive notification within 24 hours in the unlikely event of a data breach.
8. Contact Us Regarding Privacy
If you have any questions about this Privacy Policy, need to sign a Business Associate Agreement (BAA), or wish to exercise your data rights, please contact our Privacy Officer:
Privacy Officer – China Dental Designs
Email: chinadentaldesigns@gmail.com
Subject Line: Privacy Compliance Inquiry
