Open Dental / ODMobile Privacy Policy

Last updated 09/20/2023

Open Dental General Privacy Policy

Open Dental Software distributes multiple applications, but primarily 'OpenDental.exe'. This policy applies to all Open Dental software applications. The primary application, OpenDental.exe is a client side application that communicates with a database hosted by the customer or as designated by the customer when cloud hosted.

We do not include a policy here generally about how we secure data 'at rest', because we do not collect or store it separately from the Customer's database. It is the responsibility of the customer, and/or other entity that might be hosting that database, to secure it and the network upon which it resides. For customers that use Open Dental Cloud, the data at rest is encrypted using BitLocker or other industry standard encryption.

We secure patient data 'in transit' as detailed here: Encryption of Data at Rest and in Transit, under the heading eConnector.

We may occasionally, (as requested by and as an agent of the Customer), review or interact with data provided by the Customer, in the course of support provided by us. Patients may, at direction of Customer, submit patient data that is held on Open Dental servers only as part of the transmission process back to the Customer. Information held on servers temporarily during transit is also encrypted as indicated above. Anytime the Customer provides us access to patient data, it should follow local privacy laws. In the United States of America this includes HIPAA, and in Europe this includes GDPR.

Open Dental does not sell or use personally identifiable patient data for any purpose except for customer support. We delete such data by request or when there is no longer a business purpose as defined by internal processes.

Open Dental does not share mobile information with third parties/affiliates for marketing/promotional purposes. All the above categories exclude text messaging originator opt-in data and consent; this information is not shared with any third parties.

Updates to this policy will occur as needed to accommodate new technologies, industry practices, and regulatory requirements. We recommend that you review this page periodically for any changes. Changes made to this page are effective immediately after they are posted.

If you have any questions, comments, or concerns regarding our Privacy Policy, please do not hesitate to contact us. See our Contact page for hours of operation and contact options.

ODMobile additional details

ODMobile (formerly Open Dental Mobile) is a commercial application for use in dental offices that are also using Open Dental Software, a dental practice management software. Staff and patients of the dental office (hereafter the 'Customer') interact with the ODMobile application, and data is securely transmitted to the office's database by Open Dental servers. Signup for the paid ODMobile service can be completed from inside Open Dental Software, and is separate from the free ODMobile application. This section informs Customers about how we collect, use, and disclose personal information with exclusive regard to this application.

Patient data is collected but not retained in the application. It is transmitted in live time, in encrypted form, from the device to the Customer database. This data is not collected or used by us. The Customer verifies each device once, using office level credentials previously created during the signup process. Upon each use, the Customer provides user level information verified against that Customer's database.

'We' or 'Us' in this policy refers to Open Dental Software, Inc., 3275 Marietta St SE Salem, OR 97317, United States.