Content Security Policy
Effective Date: May 18, 2026
Tamborello Dental Associates (“TDA,” “we,” “our,” or “us”) is committed to maintaining a secure, professional, and privacy-conscious online experience for all patients and website visitors.
This Content Security Policy outlines the standards and safeguards used to manage website security, approved website content, third-party integrations, scripts, plugins, and digital privacy protections.
1. Purpose
The purpose of this policy is to help reduce risks associated with:
- Unauthorized scripts
- Malicious code
- Cross-site scripting (XSS)
- Data interception
- Unauthorized content injection
- Unsafe third-party integrations
- Patient privacy exposure
2. Website Content Management
All website content, including but not limited to:
- Text
- Images
- Videos
- Forms
- Scripts
- Embedded tools
- Plugins
- Downloads
must be reviewed and approved prior to publication.
Website content should remain accurate, professional, patient-friendly, and compliant with applicable healthcare advertising and privacy standards.
3. Third-Party Integrations
Tamborello Dental Associates may use approved third-party services and integrations for:
- Analytics
- Appointment scheduling
- Marketing
- Patient communication
- Review management
- Website hosting
- Maps and location services
- Advertising performance tracking
Examples may include:
- Google Analytics
- Google Search Console
- Google Ads
- Meta/Facebook Pixel
- Online scheduling systems
- Review widgets
- Chat systems
- Website plugins
Third-party services should be reviewed periodically for privacy, security, and HIPAA-related risks.
4. Patient Information Protection
Patients should avoid submitting highly sensitive personal or medical information through unsecured forms or email communications.
Protected health information submitted through approved secure systems will be handled in accordance with HIPAA and applicable privacy regulations.
Website forms should collect only the minimum information necessary for communication and appointment coordination.
5. Script and Plugin Security
Only approved and verified scripts, plugins, widgets, or tracking tools may be installed on the website.
The following practices should be followed:
- Remove outdated plugins
- Disable unused integrations
- Review scripts periodically
- Limit unnecessary third-party tracking
- Monitor for security vulnerabilities
Unauthorized code or unknown scripts should be removed immediately.
6. Website Monitoring and Security
Tamborello Dental Associates may periodically review the website for:
- Malware
- Security vulnerabilities
- Broken links
- Redirect issues
- Plugin conflicts
- Unauthorized code changes
- Form vulnerabilities
- Privacy exposure risks
Security issues should be addressed promptly upon discovery.
7. Advertising and Tracking Technologies
Analytics and advertising technologies may be used to:
- Improve website performance
- Measure visitor engagement
- Analyze website traffic
- Support digital advertising campaigns
Tracking technologies should not intentionally collect protected health information.
8. Access Control
Administrative access to the website should be limited to authorized personnel, developers, or approved vendors.
Security best practices may include:
- Strong password requirements
- Multi-factor authentication
- Role-based access limitations
- Removal of former user access
9. Informational Disclaimer
Website content is provided for informational and educational purposes only and does not replace professional dental advice, diagnosis, or treatment.
Patients should contact a licensed dental professional regarding medical or dental concerns.
10. Policy Updates
Tamborello Dental Associates reserves the right to update or modify this Content Security Policy at any time.
Updated versions will be posted on this page with a revised effective date.
11. Contact Information
Tamborello Dental Associates
Website: https://www.tamborellodental.com Phone: 713.522.7540 Location: 2150 Richmond Ave #100 Houston, Texas 77098


