Privacy Policy

The Breast Place (“we,” “our,” or “us”) operates thebreastplacesc.com and provides private medical and breast cancer surgery services at 4975 Lacross Road, Suite 110, North Charleston, SC 29406. This Privacy Policy applies to all information collected through our website, patient portal, appointment booking systems, in-person interactions, and any other services we offer.

We take our obligation to protect your information seriously. As a medical practice, we are subject to both general privacy law and the heightened requirements of HIPAA, which applies to all protected health information (PHI) we receive and maintain.

We may collect the following categories of information:

We use the information we collect for the following purposes:

• To provide, coordinate, and manage medical care and treatment
• To schedule, confirm, and follow up on appointments
• To process payments and submit insurance claims
• To communicate with you about your health, test results, and care plans
• To send appointment reminders, wellness updates, and practice news (with your consent)
• To comply with legal, regulatory, and licensing obligations
• To improve the quality and safety of our services
• To operate and improve our website and digital services
• To respond to inquiries submitted through our contact form or by phone

We will never sell your personal information. We do not use your information for targeted advertising through third-party ad networks.

As a healthcare provider, The Breast Place is a covered entity under the Health Insurance Portability and Accountability Act (HIPAA). This means we are legally required to protect the privacy and security of your Protected Health Information (PHI).

Our full HIPAA Notice of Privacy Practices — which describes in detail how we may use and disclose your PHI, and your rights as a patient — is provided to all new patients and is available upon request at our office. Key provisions include:

• Treatment, Payment & Operations: We may use and share your PHI to treat you, process payment, and run our practice without requiring additional authorization.
• Authorization Required: For most other uses — including sharing with family members, marketing, or research — we will ask for your written authorization first.
• Minimum Necessary Standard: We disclose only the minimum information necessary for any given purpose.
• Business Associates: Vendors who handle PHI on our behalf (such as billing companies or IT providers) are contractually required to protect your information under HIPAA Business Associate Agreements.
• Breach Notification: In the event of a data breach affecting your PHI, we will notify you as required by the HIPAA Breach Notification Rule.

To request a copy of our full HIPAA Notice of Privacy Practices, please contact our office at (843) 797-1941.

We do not sell, rent, or trade your personal information. We may share information only in the following limited circumstances:

• With your care team: Physicians, specialists, labs, and other providers involved in your treatment, with your knowledge and consent.
• With insurance and billing partners: To verify coverage and process claims on your behalf.
• With service providers: Trusted vendors who help operate our practice (e.g., scheduling software, electronic health record systems, IT security), all under strict confidentiality agreements.
• As required by law: When mandated by a court order, subpoena, or applicable regulation, or to report certain conditions as required by public health authorities.
• For safety: To prevent or lessen a serious and imminent threat to the health or safety of a person or the public.
• With your written consent: For any other disclosure not described above, we will obtain your explicit authorization.

Our website uses cookies and similar technologies to enhance your browsing experience, understand how visitors use our site, and improve our services. Cookies are small text files stored on your device.

We may use the following types of cookies:

• Essential cookies: Required for core website functionality such as navigation and security. These cannot be disabled.
• Analytics cookies: Used to understand visitor behavior (e.g., Google Analytics). These collect anonymized, aggregate data.
• Preference cookies: Remember your settings and choices between visits.

You can control or disable non-essential cookies through your browser settings. Note that disabling cookies may affect some website functionality. We do not use cookies to collect or store any protected health information.

We take the security of your information seriously and implement administrative, technical, and physical safeguards to protect against unauthorized access, disclosure, alteration, or destruction. These measures include:

• Encrypted transmission of data via SSL/TLS on our website
• Secure, access-controlled electronic health record (EHR) systems
• Role-based access controls limiting data access to authorized personnel only
• Regular security risk assessments as required under the HIPAA Security Rule
• Staff training on privacy and security practices

While we strive to use commercially acceptable means to protect your personal information, no method of transmission over the internet or electronic storage is 100% secure. If you have reason to believe your information may have been compromised, please contact us immediately.

As a patient and website visitor, you have meaningful rights over your personal information:

To exercise any of these rights, please contact us in writing at the address below or call (843) 797-1941. We will respond within 30 days of receiving your request.

Our website is not directed to children under the age of 13, and we do not knowingly collect personal information from children under 13 without verifiable parental consent. If you believe we have inadvertently collected information from a child under 13, please contact us and we will promptly delete such information.

For minor patients receiving medical care at our practice, all necessary privacy protections and HIPAA requirements are applied. Parents or legal guardians may have access to their minor child’s records as permitted by applicable law.

Our website may contain links to third-party websites, patient portals, or booking platforms (such as our online scheduling system). These third-party sites have their own privacy policies, and we are not responsible for their practices. We encourage you to review the privacy policy of any third-party site before providing your personal information.

Links to external sites do not constitute an endorsement of those sites or their content by The Breast Place.

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or services. When we make material changes, we will update the “Last Updated” date at the top of this page. We encourage you to review this policy periodically.

For significant changes that affect your rights or the way we handle your health information, we will provide additional notice — such as a prominent notice on our website or direct communication to patients on file.

If you have questions, concerns, or requests regarding this Privacy Policy or the way we handle your personal information, please reach out to us:

You also have the right to file a complaint with the U.S. Department of Health and Human Services Office for Civil Rights if you believe your HIPAA rights have been violated. Filing a complaint with us or with HHS will not result in any retaliation.