1. Introduction

India Dental Design (“we,” “our,” or “us”) is committed to protecting the privacy and security of personal health information in accordance with applicable federal and state laws, including the Health Insurance Portability and Accountability Act of 1996 (HIPAA), the HITECH Act, and applicable US privacy regulations.

This Privacy Policy describes how we collect, use, disclose, and protect information when providing digital dental design services to dental professionals and laboratories in the United States. As a Business Associate providing services to HIPAA-covered entities, we understand the critical importance of maintaining the confidentiality, integrity, and availability of Protected Health Information (PHI).

2. Information We Collect

Protected Health Information (PHI)

When providing digital dental design services, we may receive and process PHI that includes:

  • Digital dental impressions (STL/PLY/OBJ files) containing patient-specific oral anatomy.
  • Treatment information related to procedures (crowns, bridges, implants, aligners).
  • Case identifiers (Patient ID, Name, Rx) provided by dental professionals.
  • Digital radiographic images (CBCT, X-Rays) when provided for treatment planning.

Non-PHI Information

We also collect non-personal information including:

  • Website usage data through cookies and analytics tools.
  • Business Contact information (email addresses, practice names).
  • Technical information regarding file uploads and portal usage.

3. How We Use Information

Primary Use – Treatment Support: PHI is used exclusively for:

  • Digital CAD/CAM design of dental prosthetics.
  • Quality assurance and accuracy verification.
  • Communication with your lab regarding specific case queries.

Prohibited Disclosures: We will NEVER sell PHI to third parties or use PHI for marketing purposes.

4. International Data Security

Our design services involve international data processing (US to India). We implement strict safeguards to ensure HIPAA compliance across borders:

Security Measures:

  • Encryption: All files are encrypted (256-bit SSL) during transmission and storage.
  • Physical Security: Our facility in India has biometric access controls and 24/7 surveillance.
  • Workstation Security: USB ports are disabled on designer workstations to prevent data theft.
  • No Local Storage: Designs are uploaded directly to our secure cloud; no patient data remains on local hard drives after case completion.

5. Data Retention & Disposal

  • Active Cases: Retained for the duration of service delivery.
  • Completed Cases: Stored securely for 30 days for potential remakes, then archived or deleted according to our data policy.
  • Secure Disposal: Electronic data is securely overwritten using DoD-approved methods when no longer needed.

6. Breach Notification

In the unlikely event of a breach involving unsecured PHI, we adhere to the HIPAA Breach Notification Rule. We will notify affected dental practices within 24 hours of discovery and cooperate fully with any investigations.

7. Contact Information

For questions about this Privacy Policy, HIPAA compliance, or to sign a Business Associate Agreement (BAA), please contact our Privacy Officer:

Email: cndentaldesign@gmail.com
Subject Line: Privacy Policy Inquiry
Location: India Dental Design, Digital Operations Center, India.

Legal Note: This Privacy Policy is designed to comply with the HIPAA Privacy Rule (45 CFR Parts 160 and 164) and the HITECH Act. By engaging our services, dental professionals acknowledge understanding of these practices.