Privacy Policy | Varma Shoulder Institute

Our Commitment to Your Privacy

At Varma Shoulder Institute and Florida Sports Injury & Orthopedic Institute, we are committed to protecting your privacy and maintaining the confidentiality of your personal and medical information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information in compliance with the Health Insurance Portability and Accountability Act (HIPAA) and applicable privacy laws.

Information We Collect

Medical Information

When you become a patient, we collect and maintain:

• Personal identification information (name, address, date of birth, contact information)
• Medical history and current health conditions
• Treatment records, test results, and imaging studies
• Insurance information and billing records
• Prescription and medication information
• Emergency contact information

Website Information

When you visit our website, we may automatically collect:

• IP address and browser type
• Pages viewed and time spent on our site
• Referring website addresses
• Device information (mobile, desktop, tablet)

How We Use Your Information

Medical Care Purposes

We use your protected health information to:

• Treatment: Provide, coordinate, and manage your healthcare
• Payment: Bill and collect payment for services rendered
• Healthcare Operations: Improve quality of care, train staff, and conduct business activities
• Appointment Reminders: Send appointment confirmations and follow-up care instructions
• Required by Law: Comply with legal and regulatory requirements

Communication

With your consent, we may use your contact information to:

• Send appointment reminders via phone, text, or email
• Provide treatment updates and follow-up care instructions
• Share educational health information relevant to your condition
• Notify you of practice updates or schedule changes

Information Sharing and Disclosure

We do not sell, rent, or trade your personal or medical information. We may share your information only in the following circumstances:

With Your Authorization

• When you provide written consent to share information with family members, other healthcare providers, or third parties

Healthcare Operations

• Healthcare Providers: Physicians, specialists, therapists, and other providers involved in your care
• Insurance Companies: For billing, authorization, and claims processing
• Business Associates: Third-party service providers (billing companies, IT support, medical transcription) who are bound by HIPAA agreements

As Required by Law

• Public health authorities for disease reporting
• Law enforcement in response to valid legal requests
• Healthcare oversight agencies for audits and investigations
• Courts and legal proceedings when compelled by subpoena or court order

Your Privacy Rights

Under HIPAA and applicable privacy laws, you have the right to:

1. Access Your Records: Request copies of your medical records and billing information
2. Request Corrections: Ask us to correct inaccurate or incomplete information
3. Request Restrictions: Ask for limits on how we use or disclose your information
4. Confidential Communications: Request that we communicate with you in specific ways or at specific locations
5. Accounting of Disclosures: Request a list of certain disclosures we’ve made of your information
6. Revoke Authorization: Withdraw your consent for uses of information (except where action has already been taken)
7. Receive Notice: Obtain a paper copy of our Notice of Privacy Practices

To exercise any of these rights, please contact our Privacy Officer at (352) 404-8956 or submit a written request to our office.

How We Protect Your Information

We implement comprehensive security measures to protect your information:

Physical Security

• Secure facility access with controlled entry
• Locked filing cabinets for paper records
• Restricted access to medical records areas

Technical Security

• Encrypted electronic health records systems
• Secure, password-protected networks
• Firewall protection and anti-virus software
• Regular security updates and system monitoring
• Secure backup systems

Administrative Security

• Staff training on HIPAA compliance and privacy practices
• Access controls limiting who can view your information
• Business associate agreements with third-party vendors
• Regular privacy and security audits

Website Privacy

Cookies and Tracking

Our website uses cookies to improve your browsing experience. Cookies are small text files stored on your device that help us:

• Remember your preferences
• Analyze site traffic and usage patterns
• Improve website functionality

You can disable cookies in your browser settings, though some website features may not function properly.

Third-Party Services

Our website may use third-party services such as:

• Google Analytics: To analyze website traffic and user behavior
• Social Media Plugins: To enable content sharing

These services have their own privacy policies governing their use of your information.

Online Forms

Information submitted through our website contact forms or appointment request forms is transmitted securely and used only for the stated purpose. We do not share this information with third parties for marketing purposes.

Patient Portal

We offer a secure patient portal where you can:

• View your medical records and test results
• Request prescription refills
• Schedule appointments
• Communicate securely with our staff
• Update your contact information

The patient portal is password-protected and encrypted. You are responsible for maintaining the confidentiality of your login credentials. Never share your username or password with others.

Children’s Privacy

Our services are available to patients of all ages. For patients under 18 years of age, we collect and use information only with parental or guardian consent, except as permitted or required by law. Parents and guardians have the right to access, review, and request corrections to their child’s medical information.

Breach Notification

In the unlikely event of a breach of your protected health information, we will notify you as required by law. Notification will include:

• A description of what happened
• The types of information involved
• Steps you can take to protect yourself
• What we are doing to investigate and prevent future breaches

Changes to This Privacy Policy

We reserve the right to modify this Privacy Policy at any time. Changes will be posted on this page with an updated “Last Updated” date. Material changes will be communicated to active patients via mail or email. Your continued use of our services after changes are posted constitutes acceptance of the revised policy.

Your Consent

By using our services and website, you consent to this Privacy Policy. When you become a patient, you will be asked to sign an acknowledgment that you have received our Notice of Privacy Practices, which provides additional detail about how we use and protect your medical information under HIPAA.