Dr. Bertrand R. DesilvaSleep Medicine

Privacy Policy

Last updated: January 1, 2025

THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.

1. Information We Collect

Bertrand Desilva MD INC. (“we,” “us,” or “our”) collects the following types of information in connection with providing sleep medicine services:

  • Protected Health Information (PHI): Medical history, sleep study results, diagnoses, treatment plans, prescription information, and other clinical data related to your care.
  • Contact Information: Name, date of birth, address, phone number, and email address.
  • Insurance Information: Health insurance plan details, policy numbers, and claims-related information.
  • Payment Information: Credit card or debit card details, billing address, and transaction records necessary to process payments.
  • Identification Information: Government-issued identification used to verify your identity.
  • Telehealth Session Data: Audio and video data transmitted during telehealth consultations, as well as technical information related to your connection.

2. How We Use Your Information

We may use and disclose your health information for the following purposes without your additional authorization:

  • Treatment: To provide, coordinate, and manage your sleep medicine care. This includes sharing information with other healthcare providers involved in your treatment, such as your primary care physician, referring physicians, or specialists.
  • Payment: To bill and collect payment for the services we provide, including submitting claims to your health insurance plan, verifying coverage, and processing co-payments or deductibles.
  • Healthcare Operations: To support the day-to-day activities and management of our practice, including quality improvement, staff training, business planning, compliance audits, and customer service.
  • As Required by Law: To comply with federal, state, or local laws and regulations, including public health reporting and responding to lawful court orders or subpoenas.
  • Appointment Reminders and Health-Related Communications: To contact you with appointment reminders, treatment alternatives, or other health-related information that may be of interest to you.

3. How We Protect Your Information

We are committed to protecting the security and confidentiality of your personal and health information. Our safeguards include:

  • HIPAA Compliance: We comply fully with the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule and Security Rule, including all applicable requirements for the protection of electronic Protected Health Information (ePHI).
  • Administrative Safeguards: Staff training on privacy and security policies, designated privacy and security officers, and regular risk assessments.
  • Technical Safeguards: Encryption of data in transit and at rest, secure access controls, audit logging, and use of HIPAA-compliant telehealth and electronic health record platforms.
  • Physical Safeguards: Secure storage of physical records, restricted access to areas where PHI is stored, and proper disposal of documents containing PHI.

4. Your Rights

Under HIPAA and applicable California law, you have the following rights regarding your health information:

  • Right to Access: You have the right to inspect and obtain a copy of your health information maintained by our practice. We may charge a reasonable, cost-based fee for providing copies.
  • Right to Amendment: You may request that we amend your health information if you believe it is inaccurate or incomplete. We may deny your request under certain circumstances and will provide a written explanation if we do so.
  • Right to an Accounting of Disclosures: You have the right to request a list of certain disclosures we have made of your health information for purposes other than treatment, payment, or healthcare operations.
  • Right to Request Restrictions: You may request restrictions on certain uses and disclosures of your health information. We are not required to agree to all requests, but we must comply with requests to restrict disclosures to a health plan if you pay for the service in full out of pocket.
  • Right to Confidential Communications: You may request that we communicate with you about your health information in a specific way or at a specific location (for example, by mail instead of phone).
  • Right to File a Complaint: If you believe your privacy rights have been violated, you have the right to file a complaint with our practice or with the U.S. Department of Health and Human Services (HHS) Office for Civil Rights. We will not retaliate against you for filing a complaint.

5. Website Information Collection

When you visit our website, we may collect certain non-personally identifiable information to improve your experience:

  • Cookies: We use cookies and similar technologies to enhance website functionality and understand usage patterns.
  • Analytics: We may use analytics services to collect aggregate data about website usage, including pages visited, time on site, and referral sources.

Important: In accordance with HHS 2024 guidance on the use of online tracking technologies, we do not deploy tracking technologies (including cookies, pixels, or session replay tools) on any pages that require authentication or are used for booking appointments. No PHI is collected through website tracking technologies.

6. Third-Party Services

We use certain third-party services to deliver care and process payments. These services are selected for their compliance with applicable privacy and security standards:

  • Telehealth Platform: We conduct virtual consultations through a HIPAA-compliant telehealth platform. This platform encrypts audio and video transmissions and maintains a signed Business Associate Agreement (BAA) with our practice.
  • Payment Processing: Payments are processed through PCI DSS-compliant payment processors. We do not store your full credit card number on our systems.

We require all third-party service providers who may access PHI to sign Business Associate Agreements and comply with HIPAA requirements.

7. Children's Privacy

Our services are intended for individuals 18 years of age and older. We do not knowingly collect personal information or Protected Health Information from individuals under the age of 18. If you are under 18, please do not use our services or submit any personal information through our website.

8. Changes to This Policy

We reserve the right to update or modify this Privacy Policy at any time. Changes will become effective when posted on this page with an updated “Last updated” date. We encourage you to review this policy periodically. If we make material changes to how we handle your PHI, we will provide notice through our website and, where required, seek your acknowledgment of the revised policy.

9. Contact Information

If you have any questions about this Privacy Policy, wish to exercise any of your rights, or need to report a privacy concern, please contact our Privacy Officer:

Privacy Officer

Bertrand Desilva MD INC.

3333 Michelson Drive, Suite 300, Office 37, Irvine, CA 92612

Phone: (800) 000-0000

Fax: (800) 000-0001

Email: info@bertranddesilvamd.com

10. Complaints

If you believe your privacy rights have been violated, you may file a complaint with our practice using the contact information above, or you may file a complaint directly with the U.S. Department of Health and Human Services (HHS) Office for Civil Rights:

U.S. Department of Health and Human Services

Office for Civil Rights

200 Independence Avenue, S.W.

Washington, D.C. 20201

Toll-Free: 1-877-696-6775

Website: https://www.hhs.gov/ocr/complaints/index.html

You will not be penalized or retaliated against for filing a complaint.

Emergency Disclaimer

If you are experiencing a medical emergency, call 911 immediately or go to the nearest emergency room. Do not use this website, email, or telehealth services for emergencies.

📱 Book Telehealth Visit