Excel Pediatric Therapy

Get Started
Edit Content

PRIVACY POLICY

Effective Date: September 3, 2025

Excel Pediatric Therapy (“Excel,” “we,” “us,” or “our”) respects your privacy and is committed to protecting your personal information. This Privacy Policy describes how we collect, use, disclose, and safeguard information when you visit our website or use our services, in compliance with applicable U.S. federal and state laws, including the Health Insurance Portability and Accountability Act (HIPAA) and the Children’s Online Privacy Protection Act (COPPA). Our website and services are based in the United States and intended for U.S. users only.

By using the Excel Pediatric Therapy website, you agree to the practices described in this Privacy Policy. If you do not agree with these terms, please do not use our site or services.

Information We Collect

We collect a broad range of information to provide quality pediatric therapy services and to improve our website. The categories of information we may collect include:

  • Personal Identifiers: Information that identifies you or your child, such as full name, postal address, email address, phone number, date of birth, and relationship to the child (e.g. parent or guardian).
  • Protected Health Information (PHI): Health and medical information you provide about your child or yourself in connection with our services. This can include medical histories, therapy evaluation results, treatment plans, insurance information, and any other health-related data necessary for treatment or billing. (We discuss below how we protect PHI in compliance with HIPAA.)
  • Usage Data: Information automatically collected when you use our website, such as your IP address, device type, browser type, pages visited, and browsing behavior on our site. We may use cookies and similar tracking technologies to collect this usage data (see “Cookies and Analytics” below). This data helps us understand how visitors use our site and improve its functionality.
  • Communication and Preferences: Records of your communications with us (for example, emails or messages you send through our contact forms) and your preferences (such as appointment reminders or newsletter opt-ins, if applicable).
  • Other Information You Provide: Any other information you choose to provide to us, for example when filling out forms (such as inquiry forms or new patient intake forms) or when contacting us by phone or email. This could include details about your child’s condition or needs, scheduling preferences, or feedback.

Note: We aim to only collect information that is relevant for the purposes described in this policy. As our practice grows, we may expand the types of data we collect or the ways we use information. This Privacy Policy is intended to cover a broad range of data types, including those we currently collect and those we may collect in the future, in order to keep you informed of our potential data practices.

How We Use Your Information

We use the collected information for purposes that support our pediatric therapy services, website operations, and legal obligations. These purposes include:

  • Providing and Improving Services: To schedule and provide pediatric therapy services (occupational, physical, speech therapy, etc.) tailored to your child’s needs, and to evaluate and improve the quality of our services. This includes using health information to develop treatment plans and track progress.
  • Communication: To communicate with you about appointments, therapy updates, evaluation results, and respond to inquiries or requests you send us. We may also send administrative information, such as changes to our policies or appointment reminders.
  • Billing and Operations: To process payments for our services, handle insurance claims, and carry out internal operations such as accounting, record-keeping, and audits. For example, we use personal and insurance information to bill your insurance or you directly, and we maintain therapy and billing records as required for our operations.
  • Legal and Regulatory Compliance: To fulfill our legal obligations under healthcare, privacy, and other applicable laws. This includes using and disclosing information as required for compliance with HIPAA, reporting requirements, or responding to lawful requests by public authorities.
  • Website Functionality and Improvement: To operate, maintain, and improve our website’s functionality, user experience, and content. Usage data and cookies help us understand which pages are most useful to visitors, diagnose technical issues, and refine our web presence.
  • Safety and Security: To protect against fraud, unauthorized access, or misuse of our services, and to ensure the security of our website, systems, and users.
  • Other Purposes with Consent: If we intend to use your information for any additional purpose not listed above, we will describe it at the time of collection and, if required, obtain your consent.

We do not use personal information for any marketing or advertising purposes unrelated to our own services unless we have your explicit consent. We do not engage in third-party advertising that involves sharing your personal information.

How We Share Your Information

We understand the importance of your personal and health information, and we only share it in certain circumstances to run our business and comply with the law. We do not sell or rent your personal information to third parties for their marketing purposes. When we do share information, we limit it to what is necessary and ensure appropriate safeguards are in place. Instances of data sharing may include:

  • Service Providers: We may share information with trusted third-party service providers who perform functions on our behalf. This includes, for example, billing and payment processors, insurance billing services, scheduling or appointment reminder services, IT support and hosting providers, email or text message communication services, analytics services, or similar vendors. These service providers are only given the information necessary to perform their tasks, and they are contractually obligated to protect your information and use it only for the purposes we specify. If any service provider will handle PHI on our behalf (for example, a cloud software for managing therapy notes), we establish a HIPAA-compliant Business Associate Agreement to safeguard that PHI.
  • Healthcare Professionals and Partners: We may disclose relevant PHI to other healthcare professionals involved in your child’s care, but only as allowed by law and as necessary for treatment or care coordination. For example, if your child’s pediatrician or a specialist requires information to assist in treatment, we will share PHI with your consent or as otherwise permitted by HIPAA. Likewise, if we partner with educational programs or other therapy providers as part of your child’s care (with your consent), we will share information as needed for those services.
  • Insurance Companies and Payment Processors: We share necessary information with your health insurance provider (or other payors you designate) to process claims and payments. This typically includes information like diagnoses, treatment codes, and other PHI required for billing. We may also share personal and payment information with banks or credit card processors for payment transactions.
  • Analytics and Online Tools: We may share limited information with third-party analytics providers (such as Google Analytics) to understand how users interact with our website. These providers process usage data (e.g., page visits, IP address) on our behalf for the purpose of analyzing website traffic and improving our site. Analytics data does not include any PHI or identifying health information. (See “Cookies and Analytics” below for more details on our use of analytics.)
  • Legal Requirements and Safety: We may disclose information to governmental authorities, regulators, law enforcement, or other parties when required to do so by law or legal process. For instance, we might disclose information in response to a court order or subpoena, to report suspected abuse or neglect as required by law, or to address any lawful request by public authorities. We may also disclose information if necessary to protect the rights, property, or safety of our patients, staff, or others (for example, to prevent a serious and imminent threat to someone’s health or safety).
  • Business Transfers: In the unlikely event that Excel Pediatric Therapy undergoes a business transition such as a merger, acquisition, or asset sale, your information (including personal information and PHI) may be transferred to the successor organization as part of that transaction. In such cases, we would ensure the confidentiality of your information is maintained and provide notice before any changes to privacy practices.
  • With Your Consent: In situations other than those above, we will seek your consent before sharing your information. For example, if you request that we send information to a third party or sign an authorization for a specific disclosure of PHI, we will share accordingly.

No Third-Party Marketing: We do not share your personal information with third-party companies for their own marketing or advertising purposes. We also do not sell, rent, or lease your information to data brokers. Any sharing with third parties is limited to the purposes described above and is done in compliance with privacy laws and, for PHI, in accordance with HIPAA’s requirements.

Cookies and Analytics

Cookies are small text files that websites place on your device to store information about your preferences or usage. Web analytics tools (like Google Analytics) use cookies and similar technologies to collect data about how visitors use our site. On the Excel Pediatric Therapy website, we use these tools to help improve our online services and user experience.

  • Usage of Cookies: We may use both session cookies (which expire when you close your browser) and persistent cookies (which remain on your device for a set period or until deleted) to remember your preferences, enhance site functionality, and gather analytics information. For example, cookies might allow our site to remember form information you have entered previously or to recognize you on a return visit.
  • Analytics Data: Our site uses third-party analytics services such as Google Analytics to collect standard internet log information and details of visitor behavior patterns. This usage data can include information like your IP address, what pages you visit, how long you stay on each page, and how you arrived at our site. We use these analytics to find out things such as the number of visitors to the various pages of the site and to help improve the site’s content and navigation. These analytics tools do not collect personal health information (PHI) or your name/contact details – they focus on usage data.
  • Opt-Out and Browser Controls: You have choices about cookies and tracking. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies or notify you when a cookie is being placed. Please note that if you disable cookies, some features of our website may not function properly. For Google Analytics, Google provides an opt-out browser add-on if you wish to prevent your data from being used by Google Analytics across all websites.
  • Do Not Track: “Do Not Track” (DNT) is a setting in some web browsers that signals a preference that your activities not be tracked across websites. Currently, our website does not respond to DNT signals, because there is no consistent industry standard for compliance. However, we treat all users’ data in accordance with this Privacy Policy, and we do not track you across third-party websites.

By using our site without disabling cookies, you consent to our use of cookies and similar technologies as described here. Important: Cookies and analytics help us improve our website; they are not used to identify you personally in our context, and they are never used to collect sensitive information such as medical data or financial details from forms.

Data Security

We take the security of your personal information and health data seriously. Excel Pediatric Therapy implements administrative, physical, and technical safeguards to protect against unauthorized access, disclosure, alteration, or destruction of the information we hold. These measures include:

  • Encryption: We use encryption and secure protocols for data transmission where appropriate. For instance, when you submit information through our website (such as via a contact form or the patient portal), that transmission is protected by HTTPS (SSL/TLS encryption). PHI stored electronically may also be encrypted at rest in our systems or in the third-party portal.
  • Access Controls: We restrict access to personal information and PHI to those employees, therapists, and service providers who need the data to perform their duties or provide services to you. Staff members are trained on patient privacy and are required to follow strict confidentiality standards. Our third-party service providers are required to implement strong security measures and, when handling PHI, to comply with HIPAA’s security requirements.
  • Secure Storage: Personal data and health records are stored on secure systems. We utilize firewalls, antivirus software, and monitoring of our systems to protect against external threats. Physical records (if any) are kept in secure areas.
  • Monitoring and Testing: We monitor our systems for vulnerabilities and unauthorized access, and we periodically review and update our security practices to address new threats or changes in technology.

While we strive to protect your information with these robust measures and follow industry best practices, please understand that no method of transmission over the Internet or electronic storage is 100% secure. Therefore, we cannot guarantee absolute security of your data. However, we will promptly notify you, consistent with applicable laws, in the event of any data breach that compromises the privacy or security of your personal information or PHI. We also encourage you to take precautions when sending information to us (for example, using secure methods and protecting your account credentials).

Data Retention

We retain personal information and PHI for as long as necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law. In practice, this means:

  • Patient and Health Records: We retain health information and treatment records for the period required under healthcare laws and regulations. For example, healthcare providers are often required by state law to keep patient records for a minimum number of years. In the case of minors, the retention period may extend until a certain time after the child reaches adulthood. Excel Pediatric Therapy will adhere to these requirements to maintain complete records for continuity of care and legal compliance.
  • General Correspondence and Inquiry Data: If you contact us or submit an inquiry but do not become a patient, we may retain your communications and our response for a reasonable period, in case you decide to pursue services later or for our internal tracking.
  • Web Analytics Data: Analytics and cookie data is retained as per the policies of our analytics providers (for example, Google Analytics retains data for a specified timeframe, which we configure in accordance with our needs). This data is generally aggregated and not tied to an identifiable person after a short time.
  • Legal Holds: We may retain information for longer than the standard period if needed to establish, exercise, or defend our legal rights. For instance, if we are involved in a legal dispute or receive a legal order to preserve data, we will retain relevant information until the issue is resolved.

When information is no longer required, we will securely dispose of it in accordance with our data destruction policies. For electronic data, this may include secure deletion; for physical records, this may involve shredding or incineration. Even after you cease to be a patient or user of our services, we will continue to protect your information in accordance with this Privacy Policy so long as we retain it.

Protected Health Information (PHI) and HIPAA Compliance

As a provider of pediatric therapy services, Excel Pediatric Therapy is considered a Covered Entity under HIPAA. This means that Protected Health Information (PHI) – generally, individually identifiable information about a patient’s health or healthcare – is subject to special protections. We are fully committed to handling PHI in accordance with HIPAA and related state laws. Below is a summary of how we protect and manage PHI:

  • Use and Disclosure of PHI: We will use and disclose your or your child’s PHI only for purposes permitted by HIPAA. Primarily, this includes uses and disclosures for Treatment, Payment, and Healthcare Operations (TPO). For example, we use PHI to treat your child (treatment), to bill your insurance (payment), and for certain internal activities like quality improvement or clinician training (healthcare operations). We may also use or disclose PHI for other purposes required or allowed by law, such as public health reporting or if required by a court order. If we ever need to use or disclose PHI for a purpose not permitted by HIPAA (for instance, for marketing communications or research), we will obtain your written authorization first. You have the right to revoke any such authorization at any time.
  • HIPAA Notice of Privacy Practices: Because we are a healthcare provider, a more detailed Notice of Privacy Practices is available that outlines in detail how we may use and share PHI and what your rights are under HIPAA. We provide this notice to our patients (typically at the first appointment or intake). This website Privacy Policy is not meant to replace our official Notice of Privacy Practices; rather, it complements it by addressing online data collection. In the event of any conflict between this Privacy Policy and the HIPAA Notice of Privacy Practices with respect to PHI, the HIPAA Notice will control.
  • Your HIPAA Rights: Under HIPAA, patients and their parents/guardians have specific rights regarding their (or their child’s) health information. These include:
  • Right of Access: You have the right to access and get a copy of your or your child’s health records that we maintain, with certain limited exceptions. We will provide the records in your preferred format (electronic or paper) if readily producible. We may charge a reasonable cost-based fee as allowed by law.
  • Right to Request Amendment: If you believe that information in the records is incorrect or incomplete, you have the right to request an amendment. If we agree, we will amend the record. If we deny your request (for example, if we determine the record is accurate), we will provide an explanation, and you have the right to have your disagreement noted in the record.
  • Right to an Accounting of Disclosures: You can request a list of certain disclosures we have made of PHI outside of treatment, payment, or healthcare operations (for example, disclosures to public health authorities or in response to legal requests). This accounting will cover a period you specify (up to the past six years).
  • Right to Request Restrictions: You have the right to ask us to restrict the use or disclosure of PHI for certain purposes. For example, you might request that we not share certain information with a particular family member. We will consider all requests, and while we are not required to agree to all restrictions, we will comply if we do agree. Importantly, if you fully pay out-of-pocket for a service and request that we not bill your insurance for it, we must honor your request to not disclose information about that service to your health plan (except where required by law).
  • Right to Request Confidential Communications: You can request that we contact you by alternative means or at alternative locations for privacy reasons. For instance, you might ask that we send mail to a P.O. box instead of your home address, or use a specific phone number. We will accommodate reasonable requests.
  • Right to a Copy of the Notice of Privacy Practices: You are entitled to a paper copy of our official HIPAA Notice of Privacy Practices at any time upon request, even if you have viewed it electronically.
  • Exercising Your Rights: To exercise any of these rights, you can contact us using the information in the “Contact Us” section below. We may need you to make the request in writing and provide information to verify your identity (to protect privacy). We will respond within the timeframes required by law.
  • HIPAA Complaints: If you believe your or your child’s privacy rights under HIPAA have been violated, you have the right to file a complaint. You can file a complaint directly with us (so we have the opportunity to address the issue) or with the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR). You can find information about filing a complaint with OCR on the HHS website or by contacting OCR by email or phone. We will not retaliate against you for filing a complaint.
  • Minimum Necessary Standard: When we use, disclose, or request PHI, we make reasonable efforts to limit the information to the minimum necessary to accomplish the intended purpose, as required by HIPAA. For example, our staff access only the parts of the record needed for their duties, and when disclosing information (such as to a school or specialist), we will share only what is relevant.
  • Confidentiality of Therapy Sessions: As a pediatric therapy provider, we understand that the details shared in therapy sessions are sensitive. Our therapists and staff maintain strict confidentiality of all session notes and communications, in line with professional ethics and legal requirements.

Our commitment to HIPAA means that we have implemented policies and procedures to protect PHI, trained our workforce on those policies, and signed agreements with any third-party partners (Business Associates) who might handle PHI on our behalf, ensuring they likewise protect your information.

Children’s Privacy (COPPA Compliance)

We provide services to children, but we do not knowingly collect personal information directly from children under the age of 13 through our website. The Excel Pediatric Therapy website and online services are intended for use by parents or legal guardians, not by minors on their own. In accordance with the Children’s Online Privacy Protection Act (COPPA), we take special care to protect children’s privacy:

  • Parental Consent: Personal information related to children (such as name, age, health information, etc.) is only collected from parents or legal guardians, and only with the parent/guardian’s consent. For example, parents fill out intake forms and provide health history for their child; children are not expected to fill out forms themselves. If any online form on our site appears to collect information about a child, it is intended that a parent or guardian will complete it.
  • No Direct Child Accounts: We do not offer account registration or interactive features for children under 13 on our website. A child under 13 should not submit any information to us via the website (and we do not ask them to). Any online scheduling or patient portal access for a child’s information is to be done by the parent/guardian on behalf of the child.
  • If a Child Provides Information: If we discover that we have inadvertently collected personal information directly from a child under 13 without parental consent (for instance, if a child bypassed our safeguards and submitted a form), we will delete that information promptly from our records. Our website forms are designed to ask for the parent’s name and contact information, not the child’s, to avoid this scenario.
  • Parents’ Rights: If you are a parent or guardian and you have any questions about information we’ve collected about your child, you may contact us at any time. You have the right to review the personal information we have collected about your child, request that we delete it, and refuse to allow any further collection or use of the child’s information. We will ask you to verify your identity and relationship to the child (to ensure we are communicating with the proper guardian) before releasing or deleting information.
  • Teenagers (Children 13-17): For older minors (above 13 but under 18), our website is still directed at their parents or guardians. We expect a parent or guardian to be involved in providing information and overseeing the services for any minor patient. In general, we handle teenagers’ information with similar care and obtain any necessary consents in accordance with applicable laws (recognizing that in some jurisdictions, minors may have rights relating to certain health services). Regardless, no minor’s information is ever used for marketing or shared outside of the allowed purposes for providing care, as described in this Policy.

Excel Pediatric Therapy is committed to protecting children’s privacy and to complying with COPPA. If you have any concerns about your child’s personal information in connection with our services, please reach out to us (see “Contact Us” below) and we will address your inquiry promptly.

Third-Party Services and Patient Portal

Our website may contain links to or integrations with third-party websites and services that are not operated by Excel Pediatric Therapy. Please be aware that this Privacy Policy only applies to the Excel Pediatric Therapy website (excelpediatric.com and its subpages) and not to any third-party sites or services. If you choose to use these links or services, your information will be subject to their separate terms and privacy policies.

  • Patient Portal: For the convenience of our patients, we offer an online patient portal which allows access to new patient forms, therapy documentation, appointment information, and home exercise suggestions. This patient portal is provided through a third-party platform (i.e., it is not built or hosted on our main Excel Pediatric Therapy website). You can access the portal via our website link, but when you click to log in, you will be using the third-party service’s system. Important: Information you submit or access through the patient portal is stored on that third-party platform, and thus is subject to that service provider’s privacy and security practices. We have taken steps to ensure your data is protected on that platform as well – for example, we have a Business Associate Agreement in place with the portal provider to ensure they safeguard any PHI in accordance with HIPAA – but you should also review the privacy policy of the portal service to understand how they handle your data. If you have questions or concerns about the patient portal’s data practices, please contact us and we will provide more information.
  • Other Linked Websites: Our site may include links to external websites, such as professional resources, partner organizations, or our social media pages (e.g., Facebook or Instagram). If you follow a link to a site that we do not control, be advised that we are not responsible for the content, security, or privacy practices of those third-party sites. We encourage you to read the privacy policies of any website or service you visit via external links.
  • Third-Party Tools: We might use certain third-party embedded tools or plugins on our site (for example, a map service to show our location or a scheduling widget). These tools may collect some information (like your IP address or the fact that you visited our site). We only integrate third-party tools that we believe are compliant with privacy requirements, and they are intended to enhance your experience. However, since we do not operate these tools, their collection and use of data is governed by the respective third parties’ policies.

Excel Pediatric Therapy is selective about the third-party services we use, and we aim to work only with reputable providers who commit to protecting user data. Nonetheless, any data you provide to a third party – even if you access it through our website – is not covered by our Privacy Policy. If you have any issues or questions regarding a third-party service linked to our site, you can contact them directly or ask us for assistance/clarification.

International Users

Our website and services are intended for use by individuals in the United States. Excel Pediatric Therapy is a U.S.-based organization, and we primarily serve patients residing in the U.S. We do not actively market or provide services to individuals outside the U.S., nor is our website designed to comply with international privacy laws such as the European Union’s GDPR. If you are visiting our website from outside the United States, please be aware that any information you provide will be transferred to and processed in the United States. By using our site or submitting your information, you consent to this transfer, which is necessary for us to provide the services you request.

Foreign data protection laws (including those in the EU/EEA, UK, or other countries) may not apply to Excel Pediatric Therapy. The personal information we collect is governed solely by U.S. laws as described in this Privacy Policy. If you are not a U.S. resident, you should use our website only if you agree to this and understand that you may not have the same rights or protections as you would under your country’s law. That said, we value the privacy of all website visitors and will treat your information securely as described herein.

If you are an international visitor and have questions about how your information will be handled, please contact us. However, if you are located in a region whose laws would prohibit you from using U.S.-based services like ours or would require us to provide rights or protections beyond those described here, please refrain from using our website.

Changes to This Privacy Policy

We may update or revise this Privacy Policy from time to time to reflect changes in our practices, to keep up with new legal requirements, or for other operational reasons. If we make changes, we will update the “Effective Date” at the top of the policy. For any material changes that affect how we handle personal information, we will provide a prominent notice (such as a banner on our website or a notification by email, if appropriate) to inform you of the change.

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. Your continued use of our website or services after any changes to this Policy signifies your acceptance of those changes. If you do not agree with any updates to the Privacy Policy, you should stop using our services and contact us if you have any concerns.

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please do not hesitate to contact us:

Excel Pediatric Therapy
789 Justin Road
Rockwall, Texas 75087, USA
Phone: 972-771-5731
Email: info@excelpediatric.com

You may contact us for reasons including: to ask a question about how we handle your information, to request access to or correction of your data, to opt out of certain communications, to exercise any of your privacy rights described above, or to lodge a privacy-related complaint. We will respond to inquiries or requests as promptly as possible, and no later than required by applicable law.

Your trust is important to us. We are dedicated to protecting your privacy and will work hard to address any concerns. Thank you for choosing Excel Pediatric Therapy for your child’s care. We appreciate the opportunity to serve you and your family in a safe and privacy-conscious manner.

Scroll to Top