Windward Psychology℠

Privacy Policy

Confidentiality and Privacy Policy Healthcare providers that maintain electronic health care records (EHR) are required by the Health Insurance and Accountability Act of 1996 (HIPAA) to publish a notice indicating their Privacy Policy. An example of such notice, which we believe complies with the HIPAA requirements effective September 23, 2013, for those covered entities, follows under the heading "Privacy Policy". This notice describes how medical information about you may be used and disclosed and how you can get access to this information. Please review this information carefully.

The Health Insurance Portability and Accountability Act of 1996. (HIPAA) is a federal program that requires that all medical, psychological and dental records and other individually identifiable health information used or disclosed by covered entities in any form, whether electronically, on paper, or orally, are kept properly confidential. This act gives you, the patient significant new rights to understand and control how your health information is used. HIPAA provides penalties for covered entities that misuse protected health information (PHI). This notice of privacy practices describes how covered entities may use and disclose protected health information (PHI) to carry out treatment, payment or health care operations (TPO) and for other purposes that are permitted or required by law. It also describes your rights to access and control your protected health information. "Protected Health Information" is information about you, including demographic information that may identify you and that relates to your past, present or future physical or mental health condition and related healthcare services.

We may use and disclose your protected health information to provide, coordinate, or manage healthcare and any related services. This includes the coordination or management of your healthcare with a third party. For example, your protected health information may be provided to a physician or other health care provider to whom you have been referred to ensure that the health care professional has the necessary information to diagnose or treat you.

Treatment: We will use and disclose your Protected Health Information to provide, coordinate, or manage your health care and any related services. This includes the coordination or management of your health care with a third party. For example, your protected health information may be provided to a physician to whom you have been referred to ensure that the health care professional has the necessary information to diagnose or treat you.

Payment: Your protected health care information will be used, as needed, to obtain payment for health care services. For example, obtaining approval for a hospital stay may require that your relevant protected health information be disclosed to the health plan to obtain approval for the hospital admission. However, you have the right to restrict certain disclosures of protected health information (PHI) to a health plan if you pay out of pocket in full for the healthcare service.

Healthcare Operations: We may use or disclose, as needed, your protected health information in order to support the business activities of your healthcare providers practice. These activities include, but are not limited to, quality assessment activities, employee review activities, and conducting or arranging for other business activities. We may use or disclose, as needed, your protected health information to support the business activities of this practice. In addition, we may use a sign in sheet at the registration desk where you will be asked to sign your name and indicate your healthcare provider. We may also call you by name in the waiting room when your healthcare provider is ready to see you. We may use or disclose your protected health information, as necessary, to contact you to remind you of your appointment. We may call your home and leave a message either on an answering machine or with the person answering the phone to remind you of an upcoming appointment, the need to schedule an appointment or to call our office. We may also mail a postcard reminder to your home address. If you would prefer that we call or contact you at another telephone number or location or in some other way, please let us know.

We may use or disclose protected health information in the following situations without your authorization. These situations include: as required by law, public health issues required by law, and emergency situations.

Communicable diseases: health oversight: abuse or neglect: food and drug administration requirements: legal proceedings: law enforcement: coroners, funeral directors and organ donation: research: criminal activity: military activity and national security: Worker's Compensation: inmates: required uses and disclosures: under the law, we must make disclosures to you and when required by the Secretary of the Department of Health and Human Services investigators to investigate or determine our compliance with the requirements of HIPAA.

Patients must sign an authorization before we can release their personal health information for any uses and disclosures not described in our privacy notices, as well as signing an authorization for most uses and disclosures of psychotherapy notes when such notes are kept physically separate, e.g. 1. Together in the same folder, but physically separated from non-psychotherapy notes by a sheet indicating "Psychotherapy Notes follow and are to be considered and treated as being separate from other part(s) of the record", or 2. Psychotherapy notes and non-psychotherapy notes are maintained in two separate folders. A non all inclusive definition of psychotherapy notes is as follows: notes recorded in any medium, by a mental health professional, documenting or analyzing the contents of conversation during a private counseling session or a group, joint, or family counseling session, and that are separated from the rest of the individual's medical record. The term excludes medication prescription and monitoring, counseling session start and stop times, the modalities and frequencies of treatment furnished, results of clinical tests and any summary of the following items: diagnosis, functional status, the treatment plan, symptoms, prognosis, and progress to date.

You may revoke this authorization, at any time, in writing, except to the extent that your healthcare provider or the healthcare providers practice has taken action in reliance on the use or disclosure indicated in the authorization. It is noted that information included in those situations where authorization is not required would be situations related to a serious or imminent threat to the health or safety of a person or the public, and for my use in treatment. For more complete information regarding questions the reader may have about authorization, the reader is referred to the pertinent state and federal guidelines regarding PHI.

The following is a statement of your rights with respect to your protected health information. You have the right to inspect and copy protected health information. Under federal law, however, you may not inspect or copy the following records; psychotherapy notes; information compiled in reasonable anticipation of, or use, in a civil, criminal, or administrative action, or proceeding and protected health information that is subject to law that prohibits access to protected health information.

You have the right to request a restriction of your health information. This means you may ask us not to use or disclose any part of your protected health information for the purposes of treatment, payment, or healthcare operations. You may also request that any part of your protected health information not be disclosed to family members or friends who may be involved in your care or for notification purposes described in this notice of privacy practices. Your request must state the specific restriction and to whom you want a restriction to apply. Your healthcare provider is not required to agree to a restriction you may request. If your healthcare provider believes it is in your best interest to permit use and disclosure of your protected health information, your protected health information will not be restricted. You then have the right to use another healthcare professional.

You may complain to us or to the Secretary of Health and Human Services, if you believe that your privacy rights have been violated by us. You may file a complaint with us by notifying our privacy officer of your complaint at our office at the main telephone number. Will not retaliate against you for filing complaint.

You have the right to request to receive confidential communications from us by alternative means or at an alternative location. You have the right to obtain a paper copy of this notice from us, upon request, even if you have agreed to accept this notice alternatively,( i.e. electronically).

You have the right to receive an accounting of certain disclosures we have made of any of your protected health information. We reserve the right to change the terms of this notice and, providing that you are at the time of this change a patient defined as presently in therapy with us, will inform you of this at the time of your next appointment. You then have the right to object or withdraw as provided in this notice.

Please note that at the time of your initial consultation, or pre-consultation, and during the course of your therapy, should you have any questions concerning confidentiality, privacy, or any other questions about our practice, we will endeavor to answer them.

We will collect personal information if you choose to register as an e-mail participant or by any other information you submit to us online. If you submit information including any of the following: name, address, telephone number, business name, and e-mail address, we may retain this for the purpose of helping us change this site to fit you better, however this information will never leave our files or be shared with third parties. We will never contact you outside of your request. Our websites and servers are not used for third party marketing purposes. Should you receive unsolicited or improper contact with our name attached, you should forward a copy to us to use for legal action against the abuser.

Our website servers and files are not housed in our medical offices. Medical files are not housed on our website servers. There is no way for the access of one system to provide access to the other. They are purposefully isolated from one another.

Our website may collect certain information about your visit, through Google Analytics and other means, such as the name of the internet service provider and the Internet Protocol (IP) address through which you access the Internet; the date and time you access our website; the pages that you access while at our website and the internet address of the web site from which you linked directly to our site. None of this information is personally-identifiable. This information is used to help improve our website, analyze trends, and administer our website, and is discarded when this process is completed. This information may also be used to deliver relevant advertising through Google Ads. Most websites you visit today use these same processes.

Personal information collected on our website may be stored and processed in the United States, Canada or any other country in which our company or our affiliates, subsidiaries or agents maintain facilities, and by using this site, you consent to any such transfer of information outside of your country.

If we do use cookies on our website, it is to ensure the integrity of the registration process and to personalize your access. They will be for use with our website and will expire when you log off. There are no security risks or malware to worry about, just basic cookies the way they were supposed to be. A cookie is a small text file that is placed on your hard disk by a web page server. Cookies cannot be used to run programs or deliver viruses to your computer. You have the ability to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. If you choose to decline cookies, you may not be able to fully experience the interactive features of this or other web sites you visit.

This site is for everyone to enjoy, at any age, and all reproduction of our material in any way must meet our standards and written approval. All material is written in-house, by us and for our visitors to enjoy. All material, slogans, names, and styles of our sites have exclusive rights retained by Dr. Aaron Karnilow.