Privacy Policy

Your privacy and confidentiality are our highest priorities

HIPAA Compliance

As a healthcare provider, I am required to comply with the Health Insurance Portability and Accountability Act (HIPAA). This means that all protected health information (PHI) is kept strictly confidential and secure. Your medical records, therapy notes, and personal information are protected by federal law. I maintain comprehensive administrative, physical, and technical safeguards to protect your information. This includes secure record storage, encrypted communications for telehealth sessions, and strict access controls. Your information will never be shared without your written authorization, except in limited circumstances required by law (such as immediate danger to self or others, suspected abuse, or court order).

Information We Collect

To provide you with appropriate clinical care, I collect the following types of information: • Contact Information: Name, address, phone number, email address • Demographic Information: Date of birth, gender, insurance information • Clinical Information: Mental health history, current symptoms, treatment goals, session notes • Billing Information: Payment method, insurance details for reimbursement • Emergency Contact: Name and phone number of an emergency contact person This information is collected during the initial consultation, intake process, and ongoing therapy sessions. All information is stored in HIPAA-compliant electronic health record systems with industry-standard encryption and security measures.

Data Security & Protection

I implement multiple layers of security to protect your information: • Encrypted Storage: All electronic records are stored using AES-256 encryption • Secure Communication: Video sessions use HIPAA-compliant platforms with end-to-end encryption • Access Controls: Password-protected systems with multi-factor authentication • Physical Security: Paper records stored in locked filing cabinets in a secure office • Regular Backups: Encrypted backups stored in secure, HIPAA-compliant cloud services • Staff Training: Ongoing training on privacy practices and security protocols For email communication, please note that standard email is not fully secure. I recommend using our secure patient portal for sharing sensitive information. Brief administrative messages via email are acceptable, but detailed clinical information should be discussed during sessions or through the patient portal.

Your Rights as a Patient

Under HIPAA, you have the following rights regarding your health information: • Right to Access: You may request copies of your records at any time • Right to Amend: You may request corrections to your records if you believe information is inaccurate • Right to Accounting: You may request a list of disclosures of your information • Right to Request Restrictions: You may request limitations on how your information is used or shared • Right to Confidential Communications: You may request to receive communications through specific means • Right to Revoke Authorization: You may revoke previously given authorization for disclosure To exercise any of these rights, please submit a written request. Some requests may require processing time or have legal limitations. You will receive a response within 30 days of any request.

Website Cookies & Tracking

This website uses minimal cookies and tracking technologies to improve your experience. We use basic analytics to understand how visitors use our site, which helps us improve content and navigation. No personally identifiable information is collected through website cookies. You can disable cookies in your browser settings, though some website features may not function properly.

Third-Party Services

To provide clinical services, I may use HIPAA-compliant third-party services including electronic health record systems, telehealth platforms, and billing services. All third-party vendors are required to sign Business Associate Agreements (BAAs) ensuring they maintain the same level of privacy and security protections. I carefully vet all vendors to ensure compliance with HIPAA regulations and industry best practices.

Updates to This Policy

This privacy policy may be updated periodically to reflect changes in legal requirements or clinical practices. The effective date will be noted at the top of the policy. Any significant changes will be communicated to active clients. Your continued use of services after policy updates constitutes acceptance of the revised terms.

Questions About Your Privacy?

If you have questions about this privacy policy, your rights, or how your information is protected, please don't hesitate to reach out.

Emailcontact@hegertypsych.com

Phone(414) 253-3256