SMART Spine Institute & Surgery Center

Privacy Policy & Notice of Privacy Practices

Last Updated: April 2026

Plain Language Summary: We collect your personal and medical information to provide you with quality healthcare. We protect your information in accordance with HIPAA and California law, and we will never sell your data. You have the right to access, correct, or request deletion of your information. Questions? Contact us at privacy@mysmartspine.com or call 626-445-0326.

HIPAA Notice of Privacy Practices

THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.

SMART Spine Institute & Surgery Center (“we,” “us,” or “our”) is required by law to maintain the privacy of your Protected Health Information (PHI) and to provide you with this Notice of Privacy Practices. We are committed to protecting your privacy and ensuring the security of your medical information.

Your Rights Regarding Your Health Information

You have the right to:

Request a copy of your medical records and other health information we maintain about you.
Request that we correct or amend your health information if you believe it is inaccurate or incomplete.
Request restrictions on how we use or disclose your health information for treatment, payment, or healthcare operations.
Request that we communicate with you about your health matters in a certain way or at a certain location.
Receive a list of disclosures we have made of your health information.
Receive a paper copy of this Notice of Privacy Practices upon request.
File a complaint if you believe your privacy rights have been violated.

How We May Use and Disclose Your Health Information

We may use and disclose your PHI for the following purposes without your written authorization:

Treatment: To provide, coordinate, and manage your healthcare and related services, including sharing information with other healthcare providers involved in your care.
Payment: To obtain payment for services provided, including submitting claims to insurance companies.
Healthcare Operations: For activities necessary to operate our practice, such as quality improvement, staff training, and compliance reviews.
As Required by Law: We will disclose your PHI when required by federal, state, or local law.

All other uses and disclosures of your PHI require your written authorization. You may revoke that authorization at any time in writing.

Website Privacy Policy

About Our Website

Our website address is https://mysmartspine.com. This policy also applies to information collected through our website and digital communications.

Information We Collect

We may collect the following types of personal information:

Contact information: Name, email address, phone number, and mailing address when you contact us or request an appointment.
Health-related information: Medical history, symptoms, and other health details you voluntarily provide when reaching out for care.
Website usage data: IP address, browser type, pages visited, and time spent on our site, collected automatically through cookies and similar technologies.
Communications: Any messages, comments, or inquiries you submit through our website or contact forms.

Cookies & Tracking Technologies

Our website uses cookies and third-party tracking tools, including:

Session cookies: Temporary cookies that expire when you close your browser, used to maintain your session.
Preference cookies: Stored for up to one year to remember your settings and preferences.
Analytics tools: We use tools to understand how visitors use our site so we can improve your experience.
Facebook Pixel: We use Facebook’s tracking pixel to measure the effectiveness of our advertising. This tool may collect data about your visit and browsing behavior in accordance with Facebook’s Privacy Policy.

You may disable cookies in your browser settings; however, some features of our website may not function properly as a result.

How We Use Your Information

We use the information we collect to:

Respond to your inquiries and schedule appointments.
Provide and coordinate your medical care.
Send appointment reminders and follow-up communications.
Improve our website and services.
Comply with legal and regulatory obligations.

How We Protect Your Information

SMART Spine Institute & Surgery Center takes the security of your information seriously. We employ the following safeguards:

Encrypted storage of all personal and health-related data.
Secure access controls limiting who can view your information.
Regular security audits and vulnerability assessments.
Staff training on HIPAA compliance and data security best practices.

How Long We Retain Your Information

We retain patient medical records in accordance with California law, which requires retention for a minimum of 10 years from the date of service, or 7 years after a minor patient reaches the age of 18, whichever is longer. Website usage data and non-medical contact information is retained for no longer than necessary to fulfill the purpose for which it was collected.

Third Parties We Work With

We may share your information with trusted third parties in the following circumstances:

Healthcare providers: Other physicians, specialists, labs, or facilities involved in your care.
Insurance companies: To process claims and verify coverage.
Service providers: Vendors who assist with website hosting, IT support, and communications, all of whom are contractually required to protect your information.
Legal requirements: When required by law, court order, or government authority.

We do not sell your personal information to any third party.

No Automated Decision-Making

SMART Spine Institute & Surgery Center does not use automated decision-making or algorithmic profiling to make decisions about your care. All treatment and care decisions are made by our qualified, board-certified healthcare professionals based on a thorough review of your individual health needs.

California Residents — Your CCPA Rights

As a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

Right to Know: You may request information about the categories and specific pieces of personal data we have collected about you in the past 12 months.
Right to Delete: You may request deletion of personal information we hold about you, subject to certain legal exceptions.
Right to Opt-Out: We do not sell your personal information. If this changes, you will have the right to opt out.
Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA rights.

To exercise your California privacy rights, please contact us using the information in the Contact section below.

Data Breach Procedures

In the event of a data breach involving your personal or health information, SMART Spine Institute & Surgery Center will:

Promptly identify, contain, and assess the scope of the breach.
Notify affected individuals as required by HIPAA and California law, generally within 60 days of discovery.
Report the breach to the appropriate regulatory authorities as required.
Implement corrective measures to prevent future breaches.

Contact Us & How to File a Complaint

If you have questions about this Privacy Policy, wish to exercise your rights, or believe your privacy has been violated, please contact our Privacy Officer:

SMART Spine Institute & Surgery Center

131 E Huntington Dr, Arcadia, CA 91006

Phone: 626-445-0326

Email: privacy@mysmartspine.com

Website: www.mysmartspine.com

You also have the right to file a complaint with the U.S. Department of Health and Human Services Office for Civil Rights at www.hhs.gov/ocr/privacy/hipaa/complaints or 1-800-368-1019. We will not retaliate against you for filing a complaint.

This Privacy Policy was last reviewed and updated in April 2026. SMART Spine Institute & Surgery Center reserves the right to amend this policy at any time. The current version will always be available on our website. We recommend consulting a qualified healthcare attorney before publishing this document.