Last Updated: 2025
1. Introduction
Goodnight El Paso (“we,” “us,” “our”) is committed to protecting the privacy of visitors to our website and patients at our clinic in El Paso, Texas. This Policy explains how we collect, use, disclose, and secure your personal and health-related information, in compliance with HIPAA, the Texas Medical Records Privacy Act, and the Texas Data Privacy & Security Act (“TDPSA”).
2. Information We Collect
We may collect:
- Personal information: name, address, phone number, email, date of birth
- Health information (PHI): diagnosis, treatment, test results, medical history
- Billing and insurance information
- Website usage data (IP address, browser type, cookies)
3. How We Use Your Information
We process your information for:
- Providing treatment and healthcare services
- Processing payments and insurance claims
- Scheduling appointments and sending reminders
- Internal operations, quality assurance, accreditation
- Complying with legal or regulatory obligations
Under HIPAA, we may use and disclose PHI for treatment, payment, and healthcare operations without separate authorization.
4. Texas Data Privacy & Security Act (TDPSA)
As of July 1, 2024, Texas residents have rights regarding personal data:
- Access, correct, or delete their data
- Obtain a copy in a portable format
- Opt out of certain processing (e.g., targeted advertising)
TDPSA requires us to:
- Implement reasonable data security practices
- Provide notice about data collection
- Respond to access, correction, deletion requests
- Honor consumer requests regarding personal data
5. Texas Medical Records Privacy Act (TMRPA)
As required by Texas Health & Safety Code Chapter 181, we treat your medical records with confidentiality equal to HIPAA standards. We follow all federal and state regulations and require written consent for disclosures not otherwise permitted by law.
6. Security Measures
We maintain administrative, physical, and technical safeguards, including:
- Risk assessments and regular audits
- Staff training on data privacy and HIPAA
- Access control, encryption, and secure communication protocols
7. Biometric Data
If biometric data (e.g., facial images) is collected for diagnostic purposes, we will:
- Obtain explicit consent
- Use it solely for authorized healthcare purposes
Permanently delete it within one year, in accordance with Texas law
8. Your Rights
You have the right to:
- Access your health records within 30 days of request
- Request corrections to inaccurate information
- Request deletion of personal data under TDPSA
- Opt out of certain data processing
- Receive a portable copy of your data
- File a complaint with us or with government authorities if your rights are violated
9. Disclosure of Your Information
We may share your information with:
- Healthcare providers, insurance companies, and medical billing services
- Government or legal authorities, as required by law
- Third parties only with your written authorization, where applicable
10. Data Retention
- Adult patient records are retained for a minimum of seven (7) years as required by Texas law
- PHI retention complies with federal HIPAA guidelines
- Biometric data is deleted within one year of collection
11. Changes to This Policy
We reserve the right to update this Privacy Policy. All changes will be published on this website. If changes significantly affect your rights, we will provide notice directly.
12. Contact Us
If you have any questions, wish to exercise your rights, or submit a complaint, you may contact us at:
Goodnight El Paso
9398 Viscount Boulevard, Suite C
El Paso, Texas 79925
Email: contactato@goodnightelpuzzle.com
Phone: +1 (915) 219-9733