Privilege and Confidentiality Notice
Purpose: This section outlines the procedures for handling privileged and confidential information across various forms of communication.
The information contained in all forms of communication, including but not limited to electronic mail (email), facsimile (fax), postal mail, phone calls, voicemail, and text messages, is intended for the named recipients only. It may contain material that is privileged, confidential, or otherwise protected from disclosure. If you have received any form of communication in error, please take the following steps: (i) notify the sender through the respective communication channel, and (ii) destroy the original communication and any copies. Dissemination, distribution, or copying of any form of communication or the information contained therein by anyone other than the intended recipients or an authorized representative responsible for delivering the communication to the intended recipients is strictly prohibited. Your assistance in correcting any communication errors is greatly appreciated.
Information Collection and Usage
We collect and store information you enter on our website or provide to us in other ways. This may include personal details such as your name, email address, password, payment details, and communications. Additionally, we collect non-personal information such as IP addresses, login information, session data, and browsing behavior. We use this information for various purposes, including providing services, customer support, communication, improving our services, and complying with legal requirements.
When you conduct transactions on our website, we collect personal information such as your name, address, and email address. This information is used solely for the purpose of providing the services you requested.
Purposes of Data Collection
We collect both non-personal and personal information for several purposes:
- Providing and operating our services
- Offering customer assistance and technical support
- Sending service-related notices and promotional messages
- Generating aggregated statistical data for service improvement
- Complying with applicable laws and regulations
Data Storage and Security
Your data is stored on secure servers hosted by IVNet, LLP, and stored within databases and applications. We take measures to protect your information against unauthorized access, misuse, or disclosure.
We may contact you via email, telephone, text messages, or postal mail for account-related matters, updates, and communications related to our services.
Access and Corrections
Scheduling a Session
When using our HIPAA-compliant Appointment Request Form, we collect your name and contact information. This data is used to create your client profile and is treated with the utmost confidentiality. Submit the form even if not all questions are answered.
Creating a connection with your therapist is essential, and all information provided is completely confidential.
If you have any questions or concerns regarding our privacy practices, please feel free to reach out to us.
For the contact information of a specific member of our staff, please visit the About Us page to find their email address.
Effective Date: September 1, 2023
THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.
You are required to sign this document at the end, acknowledging you received and reviewed it.
We understand the importance of privacy and are committed to maintaining the confidentiality of your medical information. We make a record of the medical care we provide and may receive such records from others. We use these records to provide or enable other health care providers to provide quality medical care, to obtain payment for services provided to you as allowed by your health plan and to enable us to meet our professional and legal obligations to operate this medical practice properly. We are required by law to maintain the privacy of protected health information, to provide individuals with notice of our legal duties and privacy practices with respect to protected health information, and to notify affected individuals following a breach of unsecured protected health information. This notice describes how we may use and disclose your medical information. It also describes your rights and our legal obligations with respect to your medical information.
This document contains important information about federal law, the Health Information Portability and Accountability Act (HIPAA), that provides privacy protections and patient rights with regard to the use and disclosure of your Protected Health Information (PHI) used for the purpose of treatment, payment, and health care operations.
HIPAA requires that we provide you with a Notice of Privacy Practices (the Notice) for use and disclosure of PHI for treatment, payment and health care operations. The Notice explains HIPAA and its application to your PHI in greater detail.
The law requires that we obtain your signature acknowledging that we have provided you with this. If you have any questions, it is your right and obligation to ask so we can have a further discussion prior to signing this document. When you sign this document, it will also represent an agreement between us. You may revoke this Agreement in writing at any time. That revocation will be binding unless we have taken action in reliance on it.
Use and Disclosure of Protected Health Information
This medical practice collects health information about you and stores it in a chart [and on a computer] [and in an electronic health record/personal health record]. This is your medical record. The medical record is the property of this medical practice, but the information in the medical record belongs to you. The law permits us to use or disclose your health information for the following Purposes:
- Treatment. We use medical information about you to provide your medical care. We disclose medical information to our employees and others who are involved in providing the care you need. For example, we may discuss your information with other physicians or other health care providers who may be able to provide services that we do not provide. We may also disclose vital information to members of your family or others who can help you when you are sick or injured, or after you die.
- Payment. We use and disclose medical information about you to obtain payment for the services we provide. For example, we give your health plan the information it requires before it will pay us.
- Health Care Operations. We may use and disclose medical information about you to operate this medical practice. For example, we may use and disclose this information to review and improve the quality of care we provide, or the competence and qualifications of our professional staff. Or we may use and disclose this information to get your health plan to authorize services or referrals. We may also use and disclose this information as necessary for medical reviews, legal services, and audits, including fraud and abuse detection and compliance programs and business planning and management. We may also share your medical information with our “business associates,” such as our billing service, that perform administrative services for us. We have a written contract with each of these business associates that contains terms requiring them to protect the confidentiality and security of your protected health information.
- Appointment Reminders. We may use and disclose identifying information to contact and remind you about appointments. If you are not home, we will only leave a message with your prior instructions and permission.
- We may identify you by default when we call out your name when we are ready to see you.
- Notification and Communication with Family. We may disclose your identity or pertinent health information to notify or assist in notifying a family member about your location, your general condition in the event of a disaster.
- Required by Law. As required by law, we will limit our use or disclosure to the relevant requirements of the law. When the law requires us to report abuse, neglect, or domestic violence, or respond to judicial or administrative proceedings, or to law enforcement officials, we will further comply with the requirement set forth below concerning those activities.
- Public Health. We may, and are sometimes required by law, to disclose your health information to public health authorities for purposes related to preventing or controlling disease, injury, or disability; reporting child, elder or dependent adult abuse or neglect; reporting domestic violence; reporting to the Food and Drug Administration problems with products and reactions to medications; and reporting disease or infection exposure. When we report suspected elder or dependent adult abuse or domestic violence, we will inform you or your personal representative promptly unless in our best professional judgment, we believe the notification would place you at risk of serious harm.
- Health Oversight Activities. We may, and are sometimes required by law, to disclose your health information to health oversight agencies during the course of audits, investigations, inspections, licensure, and other proceedings, subject to the limitations imposed by law.
- Judicial and Administrative Proceedings. We may, and are sometimes required by law, to disclose your health information in the course of any administrative or judicial proceeding to the extent expressly authorized by a court or administrative order. We may also disclose information about you in response to a subpoena, discovery request or other lawful process if reasonable efforts have been made to notify you of the request and you have not objected, or if your objections have been resolved by a court or administrative order.
- Law Enforcement. We may, and are sometimes required by law, to disclose health information to a law enforcement official for purposes such as identifying or locating a suspect, fugitive, material witness or missing person, complying with a court order, warrant, grand jury subpoena and other law enforcement purposes.
- Coroners. We may be required by law, to disclose your health or treatment history information to coroners in connection with their investigations of deaths (especially in cases of suicide).
- Public Safety. We may, and are sometimes required by law, to disclose your treatment information to appropriate persons in order to prevent or lessen a serious and imminent threat to the health or safety of a particular person or the general public.
- Change of Ownership. In the event that this practice is sold or merged with another organization, your health information/record will become the property of the new owner, although you will maintain the right to request that copies of your health information be transferred to another provider.
- Breach Notification. In the case of a breach of unsecured protected health information, we will notify you as required by law. If you have provided us with a current e-mail address, we may use e-mail to communicate information related to the breach. In some circumstances our business associate may provide the notification.
- Psychotherapy Notes. We will not use or disclose your psychotherapy notes without your prior written authorization except for the following:
- use by the originator of the notes for your treatment,
- for training our staff, students, and other trainees,
- to defend ourselves if you sue us or bring some other legal proceeding,
- if the law requires us to disclose the information to you or the Secretary of NHS or for some other reason,
- in response to health oversight activities concerning your psychotherapist,
- to avert a serious and imminent threat to health or safety, or
- to the coroner or medical examiner after you die.
- For HIV Disclosure– Under the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule, public health authorities are authorized to collect and receive private health information “for the purpose of preventing or controlling disease” and in the “conduct of public health surveillance…” without patient or provider consent or authorization other than state or local public health law. This clause authorizes providers to report HIV/AIDS cases to the HIV Epidemiology Program without obtaining patient consent and it authorizes health department personnel to review medical records and any other source of information needed to report the case.
Any other disclosure of HIV-related information must be made on the “HIPAA- Compliant Authorization for Release of Medical Information and Confidential HIV-Related Information”. State law prohibits any further disclosure of HIV-related private health information without the specific written consent of the person to whom it pertains, or as otherwise permitted by law.
- Right to Treatment – You have the right to ethical treatment without discrimination regarding race, ethnicity, gender identity, sexual orientation, religion, disability status, age, or any other protected category.
- Right to Confidentiality – You have the right to have your health care information protected. If you pay for a service or health care item out-of-pocket in full, you can ask us not to share that information for the purpose of payment or our operations with your health insurer. We will agree to such unless a law requires us to share that information.
- Right to Request Restrictions – You have the right to request restrictions on certain uses and disclosures of protected health information about you. However, we are not required to agree to a restriction you request.
- Right to Receive Confidential Communications by Alternative Means and at Alternative Locations – You have the right to request and receive confidential communications of PHI by alternative means and at alternative locations.
- Right to Inspect and Copy – You have the right to inspect or obtain a copy (or both) of PHI. Records must be requested in writing and release of information must be completed. Furthermore, there is a copying fee charge of 1.50 per page. Please make your request well in advance and allow 2 weeks to receive the copies. If we refuse your request for access to your records, you have a right of review, which we will discuss with you upon request.
- Right to Amend – If you believe the information in your records is incorrect and/or missing important information, you can ask us to make certain changes, also known as amending, to your health information. You have to make this request in writing. You must tell us the reasons you want to make these changes, and we will decide if it is and if we refuse to do so, we will tell you why within 60 days.
- Right to a Copy of This Notice – If you received the paperwork electronically, you have a copy in your email. If you completed this paperwork in the office at your first session a copy will be provided to you per your request or at any time.
- Right to an Accounting – You generally have the right to receive an accounting of disclosures of PHI regarding you. At your request, we will discuss with you the details of the accounting process.
- Right to Choose Someone to Act for You – If someone is your legal guardian, that person can exercise your rights and make choices about your health information; we will make sure the person has this authority and can act for you before we take any action.
- Right to Choose – You have the right to decide not to receive services with us. If you wish, we will provide you with the names of other qualified professionals.
- Right to Terminate – You have the right to terminate services with us at any time without any legal or financial obligations other than those already accrued. We ask that you discuss your decision with us in session before terminating or at least contact must be made by phone letting us know you are terminating services.
- Right to Release Information with Written Consent – With your written consent, any part of your record can be released to any person or agency you designate. Together, we will discuss whether or not we think releasing the information in question to that person or agency might be harmful to you.
- We are required by law to maintain the privacy of PHI and to provide you with a notice of our legal duties and privacy practices with respect to PHI. We reserve the right to change the privacy policies and practices described in this notice. Unless we notify you of such changes, however, we are required to abide by the terms currently in effect. If we revise our policies and procedures, we will provide you with a revised notice in office during our session.
To the extent you revoke an authorization to use or disclose your psychotherapy notes, we will stop using or disclosing these notes.
Changes to this Notice of Privacy Practices
We reserve the right to amend this Notice of Privacy Practices at any time in the future. Until such amendment is made, we are required by law to comply with the terms of this Notice currently in effect. After an amendment is made, the revised Notice of Privacy Protections will apply to all protected health information that we maintain, regardless of when it was created or received. We will keep a copy of the current notice posted in our reception area, and a copy will be available at each appointment.
[We will also post the current notice on our website.]
If you are not satisfied with the manner in which this office handles a complaint, you may submit a formal complaint to: [email protected] The complaint form may be found at www.hhs.gov/ocr/privacy/hipaa/complaints/hipcomplaint.pdf. You will not be penalized in any way for filing a complaint.