50% OFF first scan — $145·Book now

[ HIPAA NOTICE ]

HIPAA Notice of Privacy Practices

How MyNavi Scan collects, uses, discloses, and safeguards your protected health information (PHI) as a HIPAA Business Associate.

Last updated: May 13, 2026

This notice describes how medical information about you may be used and disclosed, and how you can get access to this information. Please review it carefully.

1. Who We Are

MyNavi Scan (operating as MyNavi Scan, LLC) is a mobile cone beam computed tomography (CBCT) imaging service operating in Chicago, Illinois. We provide on-site dental and maxillofacial CBCT scans to dental practices, ENT specialists, and their patients across Chicagoland.

Under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the Health Information Technology for Economic and Clinical Health Act (HITECH), MyNavi Scan acts as a Business Associate of the dental and medical practices (Covered Entities) that order our scans. We do not bill insurance, do not provide diagnoses, and do not maintain ongoing clinical relationships with patients.

2. Protected Health Information (PHI) We Handle

To perform a mobile CBCT scan we receive and process the following PHI on behalf of the referring practice:

  • Patient first and last name, date of birth
  • Phone number and/or email (for appointment confirmation only)
  • Referring dentist or physician name and clinic
  • Clinical indication for the scan as supplied on the prescription
  • The CBCT DICOM image set and derived viewer/share links
  • Surgical-guide design files when ordered (cross-service)

3. How We Use and Disclose PHI

3.1 Treatment

We use PHI to schedule, perform, and deliver the CBCT scan to the referring practice. The DICOM file is transmitted to the practice (and, when authorized, to the patient) via a HIPAA-compliant channel within fifteen (15) minutes of scan completion.

3.2 Payment

We use minimum necessary PHI to invoice the referring practice or, for direct-pay patients, to process payment. We do not retain card details — payments are tokenized through PCI-DSS-compliant processors.

3.3 Healthcare Operations

We may use PHI internally for quality assurance, equipment calibration logs, and required record-keeping under Illinois radiology regulations.

3.4 Disclosures Required by Law

We may disclose PHI when required by federal, state, or local law (for example, public-health authorities, child-protection authorities, judicial order, or law-enforcement subpoena consistent with 45 CFR § 164.512).

3.5 Disclosures We Do Not Make

We do not sell PHI. We do not use PHI for marketing without your written authorization. We do not share PHI with social-media platforms, ad networks, or analytics vendors that are not HIPAA Business Associates.

4. Your Rights Under HIPAA

  • Right to inspect and copy your PHI we maintain (subject to reasonable processing time).
  • Right to request amendment of PHI you believe is incorrect or incomplete.
  • Right to an accounting of certain disclosures made in the prior six (6) years.
  • Right to request restrictions on certain uses and disclosures.
  • Right to request confidential communications (alternative phone/email).
  • Right to a paper copy of this notice on request.
  • Right to be notified of a breach of unsecured PHI affecting you.

To exercise any of these rights, contact us in writing at mynaviscan@gmail.com or by mail (address available on request).

5. Safeguards

MyNavi Scan implements administrative, physical, and technical safeguards required under the HIPAA Security Rule (45 CFR Part 164, Subpart C), including:

  • Encrypted transmission of DICOM files (TLS 1.2 or higher)
  • Encrypted storage at rest of all PHI
  • Role-based access — only the technologist and owner-operator handle PHI
  • Audit logging of access events
  • Workforce training on HIPAA Privacy and Security Rules
  • Business Associate Agreements (BAAs) with every subcontractor that touches PHI

6. Business Associate Agreements

If you are a dental or medical practice that intends to refer patients to MyNavi Scan, a Business Associate Agreement (BAA) is available on request. Email mynaviscan@gmail.com with subject line “BAA request”.

7. Breach Notification

In the event of a breach of unsecured PHI affecting you, MyNavi Scan will notify you and the referring Covered Entity without unreasonable delay and in no case later than sixty (60) days after discovery, in accordance with 45 CFR §§ 164.400–414.

8. Complaints

If you believe your privacy rights have been violated you may file a complaint with us at mynaviscan@gmail.com or 312-999-0550, or with the U.S. Department of Health and Human Services Office for Civil Rights at hhs.gov/ocr/complaints. We will not retaliate against you for filing a complaint.

9. Changes to This Notice

We reserve the right to amend this notice. A revised version will be posted on this page with an updated “Last updated” date. The current version always supersedes prior versions.

10. Contact

MyNavi Scan, LLC
Privacy Officer: Owner-Operator
Phone: 312-999-0550
Email: mynaviscan@gmail.com
Service area: Chicago, IL and Chicagoland metro

← Return to homepageContact MyNavi Scan