Privacy Practices/Policy
Notice of Privacy Practices
Cynthia Thomas, LMFT 731 Yosemite Ave. Suite B 109 Merced, CA 95340
(559) 376-8707
EFFECTIVE DATE OF THIS NOTICE This notice went into effect on 11/1/2021 NOTICE OF PRIVACY PRACTICES THIS NOTICE DESCRIBES HOW HEALTH INFORMATION MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.
I. MY PLEDGE REGARDING HEALTH INFORMATION: I understand that health information about you and your health care is personal. I am committed to protecting health information about you. I create a record of the care and services you receive from me. I need this record to provide you with quality care and to comply with certain legal requirements. This notice applies to all of the records of your care generated by this mental health care practice. This notice will tell you about the ways in which I may use and disclose health information about you. I also describe your rights to the health information I keep about you, and describe certain obligations I have regarding the use and disclosure of your health information.
I am required by law to:
• Make sure that protected health information (“PHI”) that identifies you is kept private.
• Give you this notice of my legal duties and privacy practices with respect to health information.
• Follow the terms of the notice that is currently in effect.
• I can change the terms of this Notice, and such changes will apply to all information I have about you. The new Notice will be available upon request, in my office, and on my website.
II. HOW I MAY USE AND DISCLOSE HEALTH INFORMATION ABOUT YOU:
The following categories describe different ways that I use and disclose health information. For each category of uses or disclosures I will explain what I mean and try to give some examples. Not every use or disclosure in a category will be listed. However, all of the ways I am permitted to use and disclose information will fall within one of the categories.
For Treatment Payment, or Health Care Operations: Federal privacy rules (regulations) allow health care providers who have direct treatment relationship with the patient/client to use or disclose the patient/client’s personal health information without the patient’s written authorization, to carry out the health care provider’s own treatment, payment or health care operations. I may also disclose your protected health information for the treatment activities of any health care provider. This too can be done without your written authorization. For example, if a clinician were to consult with another licensed health care provider about your condition, we would be permitted to use and disclose your personal health information, which is otherwise confidential, in order to assist the clinician in diagnosis and treatment of your mental health condition. Disclosures for treatment purposes are not limited to the minimum necessary standard. Because therapists and other health care providers need access to the full record and/or full and complete information in order to provide quality care. The word “treatment” includes, among other things, the coordination and management of health care providers with a third party, consultations between health care providers and referrals of a patient for health care from one health care provider to another.
Lawsuits and Disputes: If you are involved in a lawsuit, I may disclose health information in response to a court or administrative order. I may also disclose health information about your child in response to a subpoena, discovery request, or other lawful process by someone else involved in the dispute, but only if efforts have been made to tell you about the request or to obtain an order protecting the information requested.
III. CERTAIN USES AND DISCLOSURES REQUIRE YOUR AUTHORIZATION:
1. Psychotherapy Notes.
I do keep “psychotherapy notes” as that term is defined in 45 CFR § 164.501, and any use or disclosure of such notes requires your Authorization unless the use or disclosure is:
a. For my use in treating you.
b. For my use in training or supervising mental health practitioners to help them improve their skills in group, joint, family, or individual counseling or therapy.
c. For my use in defending myself in legal proceedings instituted by you.
d. For use by the Secretary of Health and Human Services to investigate my compliance with HIPAA.
e. Required by law and the use or disclosure is limited to the requirements of such law.
f. Required by law for certain health oversight activities pertaining to the originator of the psychotherapy notes.
g. Required by a coroner who is performing duties authorized by law.
h. Required to help avert a serious threat to the health and safety of others.
2. Marketing Purposes. As a psychotherapist, I will not use or disclose your PHI for marketing purposes.
3. Sale of PHI. As a psychotherapist, I will not sell your PHI in the regular course of my business.
IV. CERTAIN USES AND DISCLOSURES DO NOT REQUIRE YOUR AUTHORIZATION.
Subject to certain limitations in the law, I can use and disclose your PHI without your Authorization for the following reasons:
1. When disclosure is required by state or federal law, and the use or disclosure complies with and is limited to the relevant requirements of such law.
2. For public health activities, including reporting suspected child, elder, or dependent adult abuse, or preventing or reducing a serious threat to anyone’s health or safety.
3. For health oversight activities, including audits and investigations.
4. For judicial and administrative proceedings, including responding to a court or administrative order, although my preference is to obtain an Authorization from you before doing so.
5. For law enforcement purposes, including reporting crimes occurring on my premises.
6. To coroners or medical examiners, when such individuals are performing duties authorized by law.
7. For research purposes, including studying and comparing the mental health of patients who received one form of therapy versus those who received another form of therapy for the same condition.
8. Specialized government functions, including, ensuring the proper execution of military missions; protecting the President of the United States; conducting intelligence or counter intelligence operations; or, helping to ensure the safety of those working within or housed in correctional institutions.
9. For workers’ compensation purposes. Although my preference is to obtain an Authorization from you, I may provide your PHI in order to comply with workers’ compensation laws.
10 Appointment reminders and health related benefits or services. I may use and disclose your PHI to contact you to remind you that you have an appointment with me. I may also use and disclose your PHI to tell you about treatment alternatives, or other health care services or benefits that I offer.
V. CERTAIN USES AND DISCLOSURES REQUIRE YOU TO HAVE THE OPPORTUNITY TO OBJECT.
1. Disclosures to family, friends, or others. I may provide your PHI to a family member, friend, or other person that you indicate is involved in your care or the payment for your health care, unless you object in whole or in part. The opportunity to consent may be obtained retroactively in emergency situations.
VI. YOU HAVE THE FOLLOWING RIGHTS WITH RESPECT TO YOUR PHI:
1. The Right to Request Limits on Uses and Disclosures of Your PHI. You have the right to ask me not to use or disclose certain PHI for treatment, payment, or health care operations purposes. I am not required to agree to your request, and I may say “no” if I believe it would affect your health care.
2. The Right to Request Restrictions for Out-of-Pocket Expenses Paid for In Full. You have the right to request restrictions on disclosures of your PHI to health plans for payment or health care operations purposes if the PHI pertains solely to a health care item or a health care service that you have paid for out-of-pocket in full.
3. The Right to Choose How I Send PHI to You. You have the right to ask me to contact you in a specific way (for example, home or office phone) or to send mail to a different address, and I will agree to all reasonable requests.
4. The Right to See and Get Copies of Your PHI. Other than “psychotherapy notes,” you have the right to get an electronic or paper copy of your medical record and other information that I have about you. I will provide you with a copy of your record, or a summary of it, if you agree to receive a summary, within 30 days of receiving your written request, and I may charge a reasonable, cost based fee for doing so.
5. The Right to Get a List of the Disclosures I Have Made. You have the right to request a list of instances in which I have disclosed your PHI for purposes other than treatment, payment, or health care operations, or for which you provided me with an Authorization. I will respond to your request for an accounting of disclosures within 60 days of receiving your request. The list I will give you will include disclosures made in the last six years unless you request a shorter time. I will provide the list to you at no charge, but if you make more than one request in the same year, I will charge you a reasonable cost based fee for each additional request.
6. The Right to Correct or Update Your PHI. If you believe that there is a mistake in your PHI, or that a piece of important information is missing from your PHI, you have the right to request that I correct the existing information or add the missing information. I may say “no” to your request, but I will tell you why in writing within 60 days of receiving your request.
7. The Right to Get a Paper or Electronic Copy of this Notice. You have the right get a paper copy of this Notice, and you have the right to get a copy of this notice by e-mail. And, even if you have agreed to receive this Notice via e-mail, you also have the right to request a paper copy of it. Acknowledgement of Receipt of Privacy Notice Under the Health Insurance Portability and Accountability Act of 1996 (HIPAA), you have certain rights regarding the use and disclosure of your protected health information.
Privacy Notice
Effective Date: 11/1/21
Notice Version: 1.0
Data Controller Contact Information:
Cynthia Thomas, LMFT
731 Yosemite Ave. Suite B 109, Merced, CA 95340
(559) 376-8707
Our privacy notice governs the privacy practices of our website CynthiaThomasLMFT.com. Our privacy notice tells you what personal data and nonpersonal data we collect from you, how we collect them, how we protect them, how we share them, how you can access and change them, and how you can limit our sharing of them. Our privacy notice also explains certain legal rights that you have concerning your personal data. Any capitalized terms not defined herein will have the same meaning as where they are defined elsewhere on our website.
Definitions
‘NONPERSONAL DATA’ (NPD) is information that is in no way personally identifiable.
‘PERSONAL DATA’ (PD) means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified directly or indirectly by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person. PD is in many ways the same as Personally Identifiable Information (PII). However, PD is broader in scope and covers more data. (GDPR) means General Data Protection Regulation. (CCPA) means California Consumer Privacy Act. (LGPD) means Brazilian General Data Protection Law.
Topics Covered in Our Privacy Notice
YOUR RIGHTS
INFORMATION WE COLLECT AND HOW WE COLLECT IT
HOW YOUR INFORMATION IS USED AND SHARED
RETAINING AND DESTROYING YOUR PD
UPDATING YOUR PD
PROTECTING THE PRIVACY RIGHTS OF THIRD PARTIES
DO NOT TRACK SETTINGS
LINKS TO OTHER WEBSITES
PROTECTING CHILDREN’S PRIVACY
OUR EMAIL POLICY
OUR SECURITY POLICY
USE OF YOUR CREDIT CARD
CHANGES TO OUR PRIVACY NOTICE
YOUR RIGHTS
Contact us using the information at the top of this privacy notice to exercise any of your legal rights contained within this privacy notice.
Our policy is that we do not sell our users and customers PD except in the sale or merger of our business. See the section about “Disclosures to Successors” in this privacy notice. The provision below is only here because it is required by law that we include it.
You have the right to request that we do not sell any of your personal information.
Personal information for this section means but is not limited to a natural person’s first name or first initial and last name in combination with any one or more of the following data elements when they are not encrypted: social security number, driver’s license number, driver authorization card number, or identification card number. Account number, credit card, or debit card number, in combination with any required security code, access code, or password that would permit access to the person’s financial account. If you wish to make this request, you can email us at CynthiaThomasLMFT@gmail.com telling us that you do not want to have any of your personal information sold. Include enough personal information so that we can reasonably verify your identity. We will respond to your request within 30 days after receiving it.
Google API
By using our website, you are subject to the Google Privacy Policy and Terms of Service.
When collecting and processing user data, including PD from Google APIs, we will follow Google API Services User Data Policy. We also require that our employees, contractors, agents, and successors comply with the Google API Services User Data Policy.
Automatic Information
We automatically receive information from your web browser or mobile device. This information may include the IP address of your computer/the proxy server you use to access the Internet, your Internet service provider’s name, your web browser type, the type of mobile device, your computer operating system, and data about your browsing activity when using our website. We use all this information to analyze trends among our users to help improve our website.
When Entering and Using Our Website
When you enter and use our website and agree to accept cookies, some of these cookies may contain your PD.
Our Use of Cookies
Our website uses cookies. A cookie is a small piece of data or a text file that is downloaded to your computer or mobile device when you access certain websites. Cookies may contain text that can be read by the web server that delivered the cookie to you. The text contained in the cookie generally consists of a sequence of letters and numbers that uniquely identifies your computer or mobile device; it may contain other information as well.
By agreeing to accept our use of cookies you are giving us and the third parties with which we partner permission to place, store, and access some or all the cookies described below on your computer and or mobile device.
· Strictly Necessary Cookies - These cookies are necessary for the proper functioning of the website, such as displaying content, logging in, validating your session, responding to your request for services, and other functions. Most web browsers can be set to disable the use of cookies.
· Performance Cookies - These cookies collect information about the use of the website, such as pages visited, traffic sources, users’ interests, content management, and other website measurements.
· Functional Cookies - These cookies enable the website to remember users’ choices, such as their language, usernames, and other choices while using the website. They can also be used to deliver services, such as letting a user create a blog post, listen to audios, or watch videos on the website.
· Media Cookies - These cookies can be used to improve a website’s performance and provide special features and content. They can be placed by us or third parties who provide services to us.
· Advertising or Targeting Cookies - These cookies are usually placed and used by advertising companies to develop a profile of your browsing interests and serve advertisements on other websites that are related to your interests. You will see less advertising if you disable these cookies.
· Session Cookies - These cookies allow websites to link the actions of a user during a browser session. They may be used for a variety of purposes, such as remembering what a user has put in their shopping cart as they browse a website. Session cookies also permit users to be recognized as they navigate a website so that any item or page changes they make are remembered from page to page. Session cookies expire after a browser session; they are not stored long term.
· Persistent Cookies - These cookies are stored on a user’s device between browser sessions, which allows the user’s preferences or actions across a website or across different websites to be remembered. Persistent cookies may be used for several purposes, including remembering users’ choices and preferences when using a website or target advertising to them.
· We may also use cookies for:
o identifying the areas of our website that you have visited;
o personalizing the content that you see on our website;
o our website analytics;
o remarketing our products or services to you;
o remembering your preferences, settings, and login details;
o targeted advertising and serving ads relevant to your interests;
o affiliate marketing;
o allowing you to post comments;
o allowing you to share content with social networks.
Most web browsers can be set to disable the use of cookies. However, if you disable cookies, you may not be able to access features on our website correctly or at all.
Web Beacons
We may also use a technology called web beacons to collect general information about your use of our website and your use of special promotions or newsletters. The information we collect by web beacons allows us to statistically monitor the number of people who open our emails. Web beacons also help us to understand the behavior of our customers and users.
Collecting Information About Your Physical Location
When you use our services, we may collect and process information about your actual physical location. We use several technologies such as GPS and IP tracking to determine your location. These technologies may also give us information about nearby cell towers, Wi-Fi access points, and other devices.
Website Chat Software or Contact Forms
Our website contains chat software or contact forms that enable visitors to communicate with us live online or offline by email. In some cases, visitors can communicate with us without buying our products and services. When you use our chat software or contact forms, we may collect some or all the following information: your email address, first name, last name, location, and any other information you willingly choose to give us. You should limit the information you give to us to one that is necessary to answer your questions.
Google Analytics
Our website uses Google Analytics to collect information about the use of our website. Google Analytics collects information from users such as age, gender, interests, demographics, how often they visit our website, what pages they visit, and what other websites they have used before coming to our website. We use the information we get from Google Analytics to analyze traffic, improve our marketing, advertising, and website. We do not combine the information collected using Google Analytics with PD. Although Google Analytics plants a permanent cookie on your web browser to identify you as a unique user the next time you visit our website, the cookie cannot be used by anyone but Google. Google also uses specific identifiers to help collect information about the use of our website. You can prevent Google Analytics from using your information by opting out at this link: https://tools.google.com/dlpage/gaoptout
Analytics
Our website uses analytics and crash reporting services from several companies to collect information about the use of our website. Analytics collects information such as how often users visit our website, what pages they visit, when they do so, what other websites they used before coming to our website, and their IP addresses. We use the information we get from analytics to improve our services.
HOW YOUR INFORMATION IS USED AND SHARED
We use the information we receive from you to:
· provide our services you have requested from us;
· personalize and customize our content;
· make improvements to our website;
· contact you with updates to our website, products, and services;
· resolve problems and disputes;
· contact you with marketing and advertising that we believe may be of interest to you.
Communications and Emails
When we communicate with you about our website, we will use the email address you provided when you registered as a user or customer. We may also send you emails with promotional information about our website or offers from us or our affiliates unless you have opted out of receiving such information. You can change your contact preferences at any time through your account or by contacting us using the contact information at the top of this privacy notice.
Sharing Information with Third Parties
We do not sell or rent your PD to third parties for marketing purposes. However, for data aggregation purposes we may use your NPD, which might be sold to other parties at our discretion. Any such data aggregation would not contain any of your PD. At times we give your PD to third-party service providers whom we hire to provide services to us. These third-party service providers may include but are not limited to payment processors, web analytics companies, advertising networks, call centers, data management services, help desk providers, accountants, law firms, auditors, shopping cart and email service providers, and shipping companies.
Text Messaging, SMS, Push Notifications, Telephone Calls, and Email
If you provide an email address, mobile telephone number, or landline telephone number to us, you are giving your express consent and authorize us or a third-party to contact you by using any of these communication methods. You are not required to give us your consent to contact you through these communication methods. However, withholding your consent may interfere or prevent us from providing some or all of our services to you. You can stop receiving emails, text messages, push notifications, and telephone calls at any time by contacting us or using one of our opt-out methods.
Legally Required Releases of Information
We may be legally required to disclose your PD if such disclosure is (a) required by subpoena, law, or other legal processes; (b) necessary to assist law enforcement officials or government enforcement agencies; (c) necessary to investigate violations of or otherwise enforce our terms and conditions; (d) necessary to protect us from legal action or claims from third parties, including you and or other users; or (e) necessary to protect the legal rights, personal and or real property, or the personal safety of our company, users, employees, and affiliates.
Disclosures to Successors
If our business is sold or merges in whole or in part with another business that would become responsible for providing the website to you, we retain the right to transfer your PD to the new business. The new business would retain the right to use your PD according to the terms of this privacy notice as well as to any changes to this privacy notice as instituted by the new business. We also retain the right to transfer your PD if our company files for bankruptcy and some or all of our assets are sold to another individual or business.
RETAINING AND DESTROYING YOUR PD
We retain information that we collect from you (including your PD) only for as long as we need it for legal, business, or tax purposes. Your information may be retained in electronic, paper, or a combination of both forms. When your information is no longer needed, we will destroy, delete, or erase it.
UPDATING YOUR PD
You can update your PD using services found on our website. If no such services exist, you can contact us using the contact information found at the top of this privacy notice and we will help you. However, we may keep your PD as needed to enforce our agreements and to comply with any legal obligations.
PROTECTING THE PRIVACY RIGHTS OF THIRD PARTIES
If any postings you make on our Website contain information about third parties, you agree to make sure that you have permission to include that information. While we are not legally liable for the actions of our users, we will remove any postings about which we are notified, if such postings violate the privacy rights of others.
DO NOT TRACK SETTINGS
Some web browsers have settings that enable you to request that our website not track your movement within our website. Our website does not obey such settings when transmitted to and detected by our website. You can turn off tracking features and other security settings in your browser by referring to your browser’s user manual.
LINKS TO OTHER WEBSITES
Our website may contain links to other websites. These websites are not under our control and are not subject to our privacy notice. These websites will likely have their own privacy notices. We have no responsibility for these websites and we provide links to these websites solely for your convenience. You acknowledge that your use of and access to these websites are solely at your risk. It is your responsibility to check the privacy notices of these websites to see how they treat your PD.
PROTECTING CHILDREN’S PRIVACY
Even though our website is not designed for use by anyone under the age of 13, we realize that a child under the age of 13 may attempt to access our website. We do not knowingly collect PD from children under the age of 13. If you are a parent or guardian and believe that your child is using our website, please contact us. Before we remove any information we may ask for proof of identification to prevent malicious removal of account information. If we discover that a child is accessing our website, we will delete his/her information within a reasonable period of time. You acknowledge that we do not verify the age of our users nor have any liability to do so.
OUR EMAIL POLICY
You can always opt-out of receiving email correspondence from us or our affiliates. We will not sell, rent, or trade your email address to any unaffiliated third-party without your permission except in the sale or transfer of our company, or if our company files for bankruptcy.
OUR SECURITY POLICY
We have built our website using industry-standard security measures and authentication tools to protect the security of your PD. We and the third parties who provide services to us also maintain technical and physical safeguards to protect your PD. Unfortunately, we cannot guarantee the prevention of loss or misuse of your PD or secure data transmission over the Internet because of its nature. We strongly urge you to protect any password you may have for our website and not share it with anyone.
USE OF YOUR CREDIT CARD
You may have to provide a credit card to buy products and services from our website. We use third-party billing services and have no control over them. We use commercially reasonable efforts to ensure that your credit card number is kept strictly confidential by using only third-party billing services that use industry-standard encryption technology to protect your credit card number from unauthorized use. However, you understand and agree that we are in no way responsible for any misuse of your credit card number.
CHANGES TO OUR PRIVACY NOTICE
We reserve the right to change this privacy notice at any time. If our company decides to change this privacy notice, we will post those changes on our website so that our users and customers are always aware of what information we collect, use, and disclose. If at any time we decide to disclose or use your PD in a method different from that specified at the time it was collected, we will provide advance notice by email sent to the email address on file in your account. Otherwise, we will use and disclose our users’ and customers’ PD in agreement with the privacy notice in effect when the information was collected. In all cases, your continued use of our website, services, and products after any change to this privacy notice will constitute your acceptance of such change. If you have questions about our privacy notice, please contact us through the information at the top of this privacy notice.
Copyright © CompuData LLC, DisclaimerTemplate.com - This document or any portion of it may not be copied or duplicated without a license from
https://www.disclaimertemplate.com/