Privacy Policy

1. Website Data Collection

We want to reassure you that our website does not collect, store, or transmit any confidential or protected health information (PHI). You may browse our site safely and anonymously.

2. Confidentiality in Our Practice

As an ABA agency, we understand the sensitive nature of the information you entrust to us. We strictly adhere to HIPAA; the Health Insurance Portability and Accountability Act, and all applicable state confidentiality laws to protect your privacy.

3. Notice of Privacy Practices

In compliance with HIPAA, our agency provides a Notice of Privacy Practices, which outlines:

How we may use and disclose your PHI, including for treatment, payment, and health care operations.Stride Autism Centers
Your legal rights, such as the right to:
Inspect, copy, or amend your records;
Request restrictions on certain disclosures;
Receive a detailed record of disclosures; and
File complaints if you believe your privacy rights have been violated.Aim Higher ABA
Our obligations, including providing this notice, limiting disclosures to the minimum necessary, and notifying you of any changes to our policies.

You can request a paper copy of the Notice at any time or view the latest version on our website.

4. Uses and Disclosures Without Authorization

We may use or disclose PHI without written authorization in specific circumstances permitted by law, including:

Treatment, payment, and operations; e.g., coordinating care with other professionals, billing, auditing, or training.Behavioral Support Partnership
Legal or safety reasons, such as legal mandates, to prevent harm, to report abuse/neglect, or to comply with court orders.Behavioral Support Partnership

5. Consent-Based Disclosures

Any other use or disclosure of PHI; such as for marketing, research (unless approved), or sharing psychotherapy notes, will only occur with your explicit, written authorization.

6. Record Keeping Practices

We maintain accurate and secure records in accordance with HIPAA, professional ethical codes, and accreditation standards. Records are created, stored, accessed, transferred, and disposed of in a manner that protects confidentiality.

7. Safeguarding Electronic and Physical PHI

We protect PHI through robust administrative, physical, and technical safeguards; including encryption, access controls, security training, and regular audits, to comply with HIPAA’s Privacy and Security Rules.

8. Business Associates

When working with third-party vendors (e.g., billing companies, software providers), we ensure they sign Business Associate Agreements. These agreements legally require them to:

Limit use and disclosure of PHI;
Protect PHI with appropriate safeguards;
Report breaches promptly; and
Return or destroy PHI at contract termination.

9. Breach Notification

In compliance with HIPAA’s Breach Notification Rule, should any unauthorized disclosure of PHI (a breach) occur:

We will notify you promptly, without unreasonable delay (within 60 days of discovery), as required by law.
We will also notify regulatory authorities, including the U.S. Department of Health and Human Services, and follow any required public notification protocols.

10. Your Privacy Rights

You have several important rights under HIPAA:

Inspect and copy your PHI.
Request amendments if you believe the information is incomplete or incorrect.
Request restrictions on certain uses or disclosures—particularly to health plans for services you paid for entirely out-of-pocket.
Receive an accounting of PHI disclosures made by our agency.
Request confidential communications, such as specifying an alternate method or location for contact.

11. Updates to this Policy

We may periodically update this Notice. Any changes will apply to all PHI we maintain; including PHI created or received in the past, and will be posted on our website and available upon request.

Contact Us

If you have any questions about this Notice, want to request your records, or learn more about your rights, please contact our Privacy Officer.