HIPAA Compliance Statement

Last updated: August 18, 2025

CRITICAL HIPAA NOTICE

Dentplicity Systems is NOT a HIPAA-covered entity or business associate. We are a marketing and business intelligence platform only.

ABSOLUTELY DO NOT enter any Protected Health Information (PHI), including: patient names, medical records, treatment details, appointments, or any individually identifiable health information.

Our AI systems actively scan for and attempt to block potential PHI, but you remain solely responsible for HIPAA compliance.

1. Our HIPAA Position

Dentplicity is a Marketing Platform: We provide AI-powered marketing tools, business intelligence, and competitive analysis for dental practices. We are NOT:

  • A covered entity under HIPAA
  • A business associate under HIPAA
  • A healthcare provider or clearinghouse
  • A patient management system
  • An electronic health records (EHR) system

Critical: We do not sign Business Associate Agreements (BAAs) because our platform should never contain PHI. If you need a BAA, you should not use our services.

2. Your HIPAA Responsibilities

As a healthcare provider using our marketing platform, YOU are responsible for:

  • Never entering PHI: Do not input patient names, dates of birth, medical record numbers, diagnoses, treatment information, or any other protected health information
  • Training your staff: Ensure all team members understand they cannot enter PHI into Dentplicity
  • Using aggregate data only: When discussing practice metrics, use percentages and anonymous statistics (e.g., "40% of patients" not "John Smith's treatment")
  • Maintaining separation: Keep your clinical systems separate from your marketing activities
  • HIPAA compliance: Your practice remains fully responsible for HIPAA compliance in all marketing activities

3. What We Mean by "HIPAA-Considerate"

While we are not required to comply with HIPAA, we implement security measures that align with healthcare industry best practices:

  • Encryption: All data is encrypted in transit and at rest
  • Access controls: Role-based access with strong authentication
  • Security audits: Regular security assessments and updates
  • Staff training: Our team understands healthcare privacy sensitivity
  • Interface warnings: We display warnings to prevent accidental PHI entry

Important: These measures protect your business information but do NOT make us HIPAA-compliant for PHI handling.

4. Appropriate Use Cases

CORRECT usage of Dentplicity:

  • "We want to attract more implant patients in our area"
  • "Our practice sees 200 new patients per month"
  • "We offer Invisalign and want to market it better"
  • "Our average patient value is $1,200"
  • "We want to improve our Google rankings"

INCORRECT usage (Never do this):

  • "Mrs. Johnson needs a crown on tooth #14"
  • "Patient John Doe, DOB 1/1/1980, has periodontal disease"
  • "Here's our patient list for marketing campaigns"
  • "These 50 patients haven't scheduled their cleanings"
  • Uploading any clinical records or x-rays

5. Marketing Compliance Under HIPAA

Even though our platform doesn't handle PHI, your marketing activities must still comply with HIPAA's marketing restrictions:

  • Patient authorization: You need written authorization to use patient information for marketing (even without using our platform)
  • Healthcare operations: General practice promotion and health education may not require authorization, but must not use individual patient information
  • Reviews and testimonials: Patient reviews must be handled through HIPAA-compliant processes outside our platform

6. If You Accidentally Enter PHI

Emergency Protocol: If you accidentally enter PHI into our platform:

  1. Stop immediately: Do not enter any additional information
  2. Contact us: Email [email protected] within 24 hours
  3. Document the incident: Note what was entered and when
  4. We will: Delete the information and provide confirmation
  5. Your obligation: Follow your practice's breach notification procedures if required

7. Alternative Solutions

If you need to:

  • Manage patient data: Use a HIPAA-compliant practice management system
  • Send patient communications: Use a HIPAA-compliant email/SMS service
  • Store clinical information: Use a HIPAA-compliant EHR system
  • Analyze patient data: Use a HIPAA-compliant analytics platform

Dentplicity is designed to complement these systems by providing marketing intelligence without accessing PHI.

8. Our Commitment

We are committed to helping dental practices grow through effective marketing while maintaining clear boundaries regarding protected health information. We will:

  • Never request or require PHI
  • Maintain clear warnings against PHI entry
  • Delete any accidentally entered PHI promptly
  • Support your practice's marketing goals without compromising patient privacy

9. Contact Information

For questions about HIPAA and appropriate use of our platform:

Dentplicity Systems
30 N Gould Street Suite 6610
Sheridan, WY 82801

HIPAA Inquiries: [email protected]
General Contact: [email protected]

Final Reminder: By using Dentplicity, you acknowledge that our platform is not HIPAA-compliant for PHI and agree to use it only for marketing and business intelligence purposes. You are solely responsible for ensuring no PHI enters our system and for maintaining HIPAA compliance in your practice's marketing activities.