Privacy Policy
Contact us today for any questions
Send us a message about your physical therapy needs
Phone
Direct line to schedule your initial consultation
Office
Located in the heart of Bozeman, Montana
2304 N 7th Ave, Ste 6, Bozeman, Montana 59715
Privacy Policy
Highlander Physical Therapy
2304 N 7th Ave, Ste. 6, Bozeman, MT 59715
Last updated: November 28th, 2025
Highlander Physical Therapy (“Highlander PT,” “we,” “us,” or “our”) is committed to protecting the privacy and security of your personal information and your health information. This Privacy Policy explains how we collect, use, disclose, and protect information when you:
Visit our website (the “Site”);
Use our online forms or scheduling tools;
Communicate with us by email, phone, or other channels; or
Receive in-person care at our clinic.
This Privacy Policy is designed to be consistent with applicable federal and state privacy laws, including, as applicable:
The Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) and its implementing regulations; Montana DPHHS+1
Montana’s Uniform Health Care Information laws governing confidentiality of health care information; Montana State Legislature+1
Montana’s Consumer Data Privacy Act (sometimes referred to as the Montana Consumer Data Protection Act) and its amendments, to the extent they apply to us; Baker Donelson+2CookieYes+2
Other applicable Montana and federal laws regarding confidentiality and security of health and personal information. FindLaw+1
Important: This policy is for informational purposes only and does not replace your HIPAA Notice of Privacy Practices. It is also not legal advice. Please consult a licensed attorney to ensure full compliance with all applicable laws.
1. Information We Collect
We may collect the following categories of information:
A. Personal & Contact Information
Name, mailing address, email address, phone number
Emergency contact information
Demographic information you choose to share
B. Health & Medical Information (Protected Health Information / PHI)
As a health care provider, we may collect information that qualifies as “protected health information” (PHI) under HIPAA, such as: Montana DPHHS+1
Medical history and current conditions
Treatment plans, progress notes, and therapy records
Insurance information and claims details
Referrals and records received from or sent to other providers
This information is primarily governed by HIPAA and applicable Montana health privacy laws.
C. Payment & Billing Information
Insurance provider and policy numbers
Information necessary to process payments (e.g., amounts billed, dates of service)
Limited payment card or banking information if you pay electronically (often processed via a third-party payment processor).
D. Website & Device Information
When you visit our Site, we may automatically collect:
IP address
Browser type and version
Device type and operating system
Pages visited, time spent, and referring URLs
General location information (e.g., city/region based on IP)
E. Cookies & Similar Technologies
We use cookies and similar technologies to:
Remember your preferences
Improve website performance
Understand how visitors use our Site
Support certain features (e.g., online forms, embedded content)
See Section 7 – Cookies & Tracking Technologies below for more detail.
2. How We Use Your Information
We may use your information for the following purposes:
A. Clinical Care & Operations (PHI)
To provide physical therapy and related services
To coordinate care with other providers or facilities
To obtain payment from you or your insurance
For health care operations, such as quality improvement, training, and internal reporting
These uses are governed by HIPAA and Montana health information confidentiality laws. Montana DPHHS+2Montana State Legislature+2
B. Website & Communications
To respond to inquiries or appointment requests
To send confirmations, reminders, and follow-up messages
To improve and maintain our website and services
To monitor usage trends and protect against fraud or misuse
C. Legal & Regulatory Compliance
To comply with federal and Montana reporting obligations, court orders, subpoenas, or other legal processes
To cooperate with public health and regulatory authorities as permitted or required by law (e.g., disease reporting, safety concerns) Montana DPHHS+1
3. Legal Bases & Applicable Laws (Montana & Federal)
A. HIPAA & Health Information
If we are a HIPAA “covered entity,” we handle protected health information (PHI) in accordance with HIPAA’s Privacy Rule and Security Rule, including: Montana DPHHS+1
Using and disclosing PHI for treatment, payment, and health care operations
Obtaining authorizations for certain uses and disclosures not otherwise permitted or required by law
Providing you with a separate Notice of Privacy Practices describing your HIPAA rights
B. Montana Health Care Information Laws
Montana’s health care confidentiality laws generally require health care providers to keep patient health information confidential and limit when it may be disclosed, with specific exceptions (for example, certain public health reporting or court orders). Montana State Legislature+2Justia Law+2
These laws may also provide remedies and penalties for improper disclosure of confidential health information.
C. Montana Consumer Data Privacy Act (MCDPA / CDPA)
Montana’s Consumer Data Privacy Act, effective October 1, 2024 and amended by SB 297 effective October 1, 2025, establishes rights for Montana consumers regarding certain personal data and obligations for certain businesses that meet specific thresholds. PIRG+3Baker Donelson+3CookieYes+3
To the extent this law applies to Highlander PT, we aim to honor applicable rights, including:
The right to know what personal data we collect
The right to request access, correction, or deletion of certain personal data
The right to opt out of certain data processing, such as targeted advertising or sale of personal data (if applicable to our operations)
If we are exempt from some or all of this law (for example, due to size thresholds or health-care specific exemptions), we may still voluntarily respect certain privacy principles described in this Policy.
4. How We Share Information
We do not sell your personal data or PHI.
We may share information in the following ways:
A. With Other Health Care Providers
To coordinate your care (e.g., referrals, sharing progress notes)
When you request or authorize us to share information
B. With Health Plans & Billing Partners
To verify coverage and process claims
To manage payments and billing inquiries
C. With Service Providers (Vendors)
We may share limited information with trusted third-party vendors who assist us with:
Website hosting and analytics
Appointment scheduling tools
Secure email or messaging platforms
Payment processing
These parties are required to protect your information and use it only for the services they provide to us. When they handle PHI, we enter into Business Associate Agreements as required by HIPAA.
D. For Legal, Safety, and Compliance Reasons
We may disclose information when necessary to:
Comply with laws, regulations, or legal processes (e.g., subpoenas, court orders)
Respond to lawful requests from public health authorities or regulators
Protect the safety, rights, or property of you, our staff, or others, as permitted by law Montana DPHHS+1
5. Your Rights
Your rights may differ under HIPAA, Montana law, and general consumer privacy laws. Depending on which laws apply, you may have rights to:
Access your medical records and certain other information we maintain about you
Request corrections to your records if you believe they are inaccurate or incomplete
Request restrictions on how your PHI is used or disclosed (subject to legal and operational limits)
Request confidential communications, such as using alternative addresses or phone numbers
Request an accounting of certain disclosures of your PHI
Opt out of certain marketing communications (where applicable)
Under the Montana Consumer Data Privacy Act (if applicable), you may also have rights to: Baker Donelson+2CookieYes+2
Confirm whether we process your personal data
Access, correct, or delete certain personal data
Opt out of targeted advertising, sale of personal data, or certain profiling
To exercise any of these rights, please contact us using the information in Section 12 – Contact Us. Some rights may have limitations or exceptions under the law.
6. Data Security
We implement technical, administrative, and physical safeguards designed to protect your information from unauthorized access, use, or disclosure. These may include:
Secure networks and access controls
Encryption where appropriate
Staff training on privacy and security
Policies and procedures for handling PHI and personal data Compliancy Group+1
However, no system can be completely secure, and we cannot guarantee absolute security of your information.
7. Cookies & Tracking Technologies
A. What Are Cookies?
Cookies are small text files stored on your device when you visit a website. They help the site recognize your browser and remember certain information.
B. Types of Cookies We May Use
Strictly Necessary Cookies: Required for basic site functionality (e.g., form submission, security).
Performance & Analytics Cookies: Help us understand how visitors use the Site so we can improve it (e.g., page views, traffic sources).
Functionality Cookies: Remember your preferences (such as language or form data).
Third-Party Cookies: Set by external services (such as embedded maps, fonts, or analytics tools) that we may use on our Site.
C. How We Use Cookies
We may use cookies and similar technologies to:
Operate and secure the Site
Analyze Site performance and usage
Improve user experience
Some third-party services may collect data across websites over time; if used in a way that constitutes “targeted advertising” or sale of personal data, we will provide appropriate opt-out choices as required by Montana’s consumer data privacy laws. PIRG+3Montana Department of Justice+3White & Case+3
D. Your Choices
Most browsers allow you to:
Block or delete cookies
Receive alerts when cookies are sent
Set “Do Not Track” or similar preferences
If you disable cookies, certain features of the Site may not function properly.
8. Data Retention
We retain information for as long as necessary to:
Provide you with services
Meet our legal, regulatory, and professional obligations (including records retention for medical records)
Resolve disputes and enforce our agreements
Medical records are generally kept according to professional standards and applicable laws in Montana and under HIPAA. FindLaw+1
9. Third-Party Websites & Services
Our Site may contain links to external websites or services that are not operated by Highlander Physical Therapy. We are not responsible for the privacy practices of those third parties.
We encourage you to review the privacy policies of any third-party sites or services you visit.
10. Children’s Privacy
Our services are directed primarily to adults and families seeking physical therapy services. We may provide treatment to minors with appropriate consent as required under Montana law. National Center for Youth Law
We do not knowingly collect personal information from children online without the consent of a parent or legal guardian where required by law. If you believe a child has provided us personal information online without proper consent, please contact us so we can take appropriate steps.
11. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or other reasons. When we make changes, we will update the “Last updated” date at the top of the Policy.
Your continued use of our Site or services after any changes become effective means you accept the updated Policy.
You may also have the right to file complaints about potential privacy violations with applicable regulatory agencies, such as the U.S. Department of Health and Human Services (for HIPAA-related concerns) or Montana’s Office of Consumer Protection (for certain consumer data privacy issues).