PRIVACY POLICY
Expert Tinnitus & Audiology
Effective Date: January 15, 2026
This Privacy Policy describes how Expert Tinnitus & Audiology ("we," "us," or "our") collects, uses, and protects your personal information when you visit our website at experttinnitus.com or use our services.
1. Information We Collect
Personal Information:
• Name, date of birth, and contact information (email, phone, address)
• Health information and medical history
• Insurance information (if provided)
• Payment and billing information
• Emergency contact information
Website Usage Information:
• IP address and browser type
• Pages visited and time spent on our website
• Referring website or search terms
• Device information and operating system
2. How We Collect Information
We collect information:
• Directly from you when you complete forms, schedule appointments, or communicate with us
• Automatically through cookies and similar technologies when you visit our website
• From third parties such as partner clinics (with your consent)
• During telehealth sessions and consultations
3. How We Use Your Information
We use your information to:
• Provide audiology services and tinnitus management
• Schedule and conduct appointments
• Process payments and billing
• Communicate with you about your care
• Send appointment reminders and follow-up information
• Coordinate device procurement and fitting services
• Maintain records in compliance with legal requirements
• Improve our services and website functionality
• Comply with legal and regulatory obligations
4. HIPAA Protected Health Information
As a healthcare provider, we are required to protect your health information under the Health Insurance Portability and Accountability Act (HIPAA). Your Protected Health Information (PHI) is subject to additional privacy protections described in our HIPAA Notice of Privacy Practices, which you will receive separately.
We will not use or disclose your health information without your authorization except as permitted by HIPAA and other applicable laws.
5. How We Share Your Information
We may share your information with:
• Partner Clinics: For hearing aid fitting and dispensing services (with your consent)
• Service Providers: Such as CarePatron (EHR), Google Workspace (email), and payment processors (with Business Associate Agreements)
• Healthcare Providers: When making referrals or coordinating care (with your authorization)
• Legal Requirements: When required by law, court order, or regulatory authority
• Emergency Situations: To prevent serious harm or danger
We do NOT sell your personal information to third parties.
6. Data Security
We implement appropriate security measures to protect your information, including:
• Encrypted transmission of data (SSL/TLS)
• Secure, password-protected platforms with Business Associate Agreements
• Limited access to personal information (need-to-know basis)
• Regular security assessments and updates
• Compliance with HIPAA security standards
While we take reasonable precautions, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security of your information.
7. Cookies and Tracking Technologies
Our website uses cookies and similar technologies to:
• Remember your preferences
• Analyze website traffic and usage patterns
• Improve website functionality
You can control cookies through your browser settings. However, disabling cookies may limit your ability to use certain features of our website.
8. Third-Party Links
Our website may contain links to third-party websites. We are not responsible for the privacy practices or content of these external sites. We encourage you to review the privacy policies of any third-party sites you visit.
9. Data Retention
We retain your information:
• Medical records: For a minimum of 7 years as required by Washington State law
• Financial records: For a minimum of 7 years for tax and audit purposes
• Website data: As necessary for business purposes
After the retention period, we securely destroy or anonymize your information.
10. Your Privacy Rights
You have the right to:
• Access: Request a copy of your personal information
• Correction: Request correction of inaccurate information
• Restriction: Request limits on how we use or disclose your information (subject to legal requirements)
• Confidential Communications: Request communications through specific methods or locations
• Accounting: Request a list of certain disclosures of your information
To exercise these rights, please contact us using the information below. Additional HIPAA privacy rights are described in our HIPAA Notice of Privacy Practices.
11. Marketing Communications
We may send you:
• Appointment reminders and care-related communications (these are not marketing)
• Educational content about tinnitus and hearing health (with your consent)
• Updates about our services (with your consent)
You may opt out of marketing communications at any time by clicking "unsubscribe" in emails or contacting us directly. Opting out will not affect appointment reminders or other care-related communications.
12. Children's Privacy
Our services are not intended for individuals under 18 years of age. We do not knowingly collect personal information from minors without parental consent. If we discover we have collected information from a minor without proper consent, we will delete it promptly.
13. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. Changes will be posted on our website with an updated effective date. Material changes will be communicated to you via email or prominent notice on our website. Your continued use of our services after changes constitutes acceptance of the updated policy.
14. California Privacy Rights
If you are a California resident, you may have additional rights under the California Consumer Privacy Act (CCPA). However, most health information is exempt from CCPA because it is covered by HIPAA. For non-health information, California residents may request information about categories of personal information collected and shared.
15. Washington State Privacy Rights
Washington residents have rights under state privacy laws. However, health information is primarily governed by HIPAA. For questions about your Washington privacy rights, please contact us.
16. Breach Notification
In the event of a data breach affecting your personal information, we will notify you as required by law. Notification will include:
• A description of what occurred
• The types of information involved
• Steps you can take to protect yourself
• What we are doing in response
17. Do Not Track Signals
Our website does not currently respond to "Do Not Track" signals from browsers. However, you can disable cookies through your browser settings.
18. International Users
Our services are provided exclusively to patients in Washington State, USA. If you access our website from outside the United States, please note that your information may be transferred to and processed in the United States, where privacy laws may differ from your country.
19. Contact Information
For questions or concerns about this Privacy Policy or our privacy practices, please contact:
Expert Tinnitus & Audiology
Privacy Officer: Erika Kay, Au.D., CH-TM
15111 8th Ave SW
Burien, WA 98166
Phone: 206-588-5886
Email: privacy@experttinnitus.com
Website: www.experttinnitus.com
20. Complaints
If you believe your privacy rights have been violated, you may file a complaint with:
• Expert Tinnitus & Audiology (contact information above)
• U.S. Department of Health and Human Services Office for Civil Rights
• Washington State Department of Health
You will not be penalized or retaliated against for filing a complaint.
By using our website or services, you acknowledge that you have read and understood this Privacy Policy.