Privacy Policy

Crovetti Orthopaedics & Sports Medicine
Effective Date: November 24, 2025

Crovetti Orthopaedics & Sports Medicine (“we,” “our,” “us”) is committed to protecting the privacy and security of your personal information and your Protected Health Information (“PHI”). This Privacy Policy explains how we collect, use, disclose, and safeguard information when you visit our website, communicate with our practice, submit online forms, or opt in to optional SMS messaging.

This Privacy Policy is separate from our HIPAA Notice of Privacy Practices, which explains in detail how we use and protect medical information inside our practice. That notice is available upon request and provided at the time of your first appointment.

By using our website, you agree to the terms outlined in this Privacy Policy.

1. What Information We Collect

We collect two categories of information:

A. Non-PHI / General Website Information (Not Regulated by HIPAA)

When using our website, we may collect:
– Name
– Email address
– Phone number
– Non-medical comments or questions
– Device information (browser, IP address, pages visited)
– Cookies and analytics data

This information helps us respond to your requests and improve your online experience.

B. Information That May Be Considered PHI

If you submit health-related details—such as through the Request Appointment form—these may be considered PHI and are protected under HIPAA.
Examples include:
– Medical concerns or symptoms you voluntarily describe
– Previous treatment details
– Insurance information
– Preferred appointment type
– Contact information linked to medical services

We treat all PHI submitted through our website with the same care and protections required by HIPAA.

2. Request Appointment Form

When submitting the Request Appointment form, we collect only the information needed to:
– Contact you
– Schedule your appointment
– Verify insurance
– Direct you to the proper provider or service
– Respond to your inquiry

This form is sent securely, but we encourage patients not to include extremely sensitive medical details online. If additional information is needed, we will follow up by phone or in person. We do not share this information with third parties except as required for scheduling or medical treatment, or as permitted by law. Submitting this form does not create a patient-provider relationship. It is a request for scheduling only.

3. How We Use Your Information

We may use your information to:
– Respond to your questions
– Schedule appointments
– Provide customer or patient support
– Improve website functionality
– Send optional SMS messages (if you explicitly opt in)
– Maintain security and regulatory compliance
– Analyze website usage

We do not sell your data.

4. Optional SMS Messaging (If You Opt In)

If you choose to receive SMS messages, the following apply:

Message Frequency & Data Rates
Message frequency may vary and will not exceed 3–5 messages unless related to an appointment or notification event. Message and data rates may apply.

Opt-Out Instructions
– Text “STOP” to unsubscribe
– Text “HELP” for assistance
– Or contact us directly

SMS opt-in consent applies only to Crovetti Orthopaedics & Sports Medicine.

5. HIPAA Privacy Protections

For any PHI we receive, we comply with all HIPAA regulations including:
– The HIPAA Privacy Rule (45 CFR §164.500 et seq.)
– The HIPAA Security Rule (45 CFR §164.300 et seq.)
– The HITECH Act

Your PHI may only be used or disclosed for:
– Treatment
– Healthcare operations
– Payment
– Situations required by law
– Situations explicitly authorized by you

We do not disclose your PHI to third parties without your permission unless legally permitted or required.

6. Data Sharing & Disclosure

We may share information with:
– Internal medical staff
– Business associates (e.g., appointment systems, secure email/SMS operators)
– Service providers (analytics, website hosting, scheduling tools)
– Legal authorities, when required

All business associates are required by HIPAA to protect your information through signed Business Associate Agreements (BAAs). We do not sell, rent, or trade your information under any circumstances.

7. Data Security

We use administrative, technical, and physical safeguards to protect all information, including:
– Secure servers
– Encrypted form submissions (when applicable)
– Access controls
– Staff training
– Monitoring and auditing

While no system is completely immune from security threats, we follow HIPAA-required best practices to reduce risk.

8. Cookies & Website Tracking

Our website may use:
– Cookies
– Session identifiers
– Google Analytics or similar tools

These tools track general website usage and do not identify you as a patient. You may disable cookies through your browser.

9. Record-Keeping

We maintain accurate records of:
– Form submissions
– Appointment requests
– SMS opt-ins and opt-outs
– Security and access logs
– Website interactions (when applicable)

This helps us maintain compliance and improve service.

10. External Links

Our website may link to third-party websites (insurance networks, medical resources, etc.). We are not responsible for their privacy practices. We encourage reviewing their privacy policies.

11. Children’s Privacy

Our website is not directed to children under 13. We do not knowingly collect information from children without parental involvement.

12. Changes to This Privacy Policy

We may update this Privacy Policy as laws or technology evolve. Updates will be posted on this page with a revised effective date. Continued use of our website constitutes acceptance of these changes.

13. Contact Us

For questions about this Privacy Policy or how your information is handled:
– Email: webmaster@crovettiortho.com
– Phone: 702-990-2290
– Address: Business Address

For a copy of our full HIPAA Notice of Privacy Practices, please contact our office.