HIPAA Compliance

Last updated: September 5, 2025

At Oakland Hills Dermatology, we are committed to protecting the privacy and security of your protected health information (PHI) in compliance with the Health Insurance Portability and Accountability Act (HIPAA). This page outlines how we adhere to HIPAA regulations to safeguard your personal and medical information while providing exceptional dermatology, cosmetic, and med spa services.

1. Our Commitment to HIPAA

HIPAA establishes national standards to protect the privacy and security of your health information. As a healthcare provider, Oakland Hills Dermatology complies with the HIPAA Privacy Rule, Security Rule, and Breach Notification Rule to ensure your PHI is handled with the utmost care and confidentiality.

2. How We Protect Your Information

We implement the following measures to safeguard your PHI:

  • Privacy Practices: We only collect, use, and disclose your PHI as necessary for treatment, payment, and healthcare operations, or as permitted by law. For example, we may share your information with your referring physician for coordinated care, with your consent.

  • Security Measures: We use physical, technical, and administrative safeguards, such as encrypted electronic health records (EHR), secure servers, and restricted access to PHI, to protect your information from unauthorized access or disclosure.

  • Staff Training: Our team, led by Dr. Christofer Buatti, undergoes regular HIPAA training to ensure compliance with privacy and security protocols.

  • Secure Communication: We use HIPAA-compliant methods for electronic communications, such as appointment reminders or telehealth consultations, to protect your data.

3. Your Rights Under HIPAA

As a patient, you have the following rights regarding your PHI:

  • Access: You may request access to or a copy of your medical records. Contact our office to submit a request.

  • Amendment: You may request corrections to your PHI if you believe it is inaccurate. We will review and respond to such requests promptly.

  • Accounting of Disclosures: You may request a list of disclosures of your PHI made by our practice, excluding those for treatment, payment, or healthcare operations.

  • Restrictions: You may request restrictions on how we use or share your PHI, though we are not always required to agree to these restrictions.

  • Confidential Communications: You may request to receive communications (e.g., appointment reminders) via specific methods or at alternative contact points.

4. Notice of Privacy Practices

Our Notice of Privacy Practices provides detailed information about how we handle your PHI. This notice is available at our Auburn Hills and Monroe offices, on our website, and upon request. It explains your rights, our responsibilities, and how we may use or disclose your PHI.

5. Data Breach Notification

In the unlikely event of a data breach involving your PHI, we will notify you promptly as required by the HIPAA Breach Notification Rule. We will also take steps to mitigate harm and prevent future incidents.

6. Third-Party Vendors

We work with third-party vendors (e.g., payment processors, appointment scheduling platforms) who are HIPAA-compliant and sign Business Associate Agreements (BAAs) to ensure your PHI is protected when shared for operational purposes.

7. Contact Us

If you have questions about our HIPAA compliance, wish to exercise your rights, or need a copy of our Notice of Privacy Practices, please contact us:

  • Email: info@oaklandhillsdermatology.com

  • Phone: (248) 858-2255

  • Address: Oakland Hills Dermatology, 3400 Auburn Rd, Suite 100, Auburn Hills, MI 48326

8. Updates to This Page

We may update this HIPAA Compliance page to reflect changes in our practices or regulations. Updates will be posted here with a new “Last updated” date. Your continued use of our services indicates acceptance of these updates.

Disclaimer: This page is for informational purposes and does not constitute legal advice. For specific concerns about your PHI, consult with our staff or a legal professional.