HIPAA Notice of Privacy Practices

About This Notice

HealTalk is committed to protecting your health information. This Notice of Privacy Practices describes how we may use and disclose your Protected Health Information (PHI) to carry out treatment, payment, or health care operations, and for other purposes permitted or required by law. It also describes your rights to access and control your PHI.

We are required by law to maintain the privacy of your PHI, provide you with this notice, follow the terms of the notice currently in effect, and notify you if a breach of your unsecured PHI occurs.

What is Protected Health Information (PHI)?

PHI is any information about you, including demographic information, that may identify you and relates to:

• Your past, present, or future physical or mental health or condition
• The provision of health care to you
• Payment for the provision of health care to you

How We May Use and Disclose Your PHI

1. Treatment

We may use and disclose your PHI to provide, coordinate, or manage your mental health care and related services. This includes consultation between health care providers.

2. Payment

We may use and disclose your PHI to bill and collect payment for services provided to you.

3. Health Care Operations

We may use and disclose your PHI for our health care operations, including quality assessment, credentialing of psychologists, and business planning.

4. Business Associates

We may share your PHI with third-party service providers (Business Associates) who perform functions on our behalf. These entities are contractually required to safeguard your information.

Uses and Disclosures That May Be Made Without Your Authorization

We may use and disclose your PHI in the following situations without your authorization:

1. When Required by Law

We will disclose PHI when required by federal, state, or local law, including court orders, subpoenas, or other legal process.

2. Public Health Activities

We may disclose PHI to public health authorities for activities such as preventing or controlling disease, injury, or disability.

3. Victims of Abuse, Neglect, or Domestic Violence

We may disclose PHI to appropriate authorities if we reasonably believe you are a victim of abuse, neglect, or domestic violence.

4. Health Oversight Activities

We may disclose PHI to health oversight agencies for activities authorized by law, such as audits, investigations, or inspections.

5. Judicial and Administrative Proceedings

We may disclose PHI in response to a court order, subpoena, discovery request, or other lawful process.

6. Law Enforcement

We may disclose PHI to law enforcement officials for law enforcement purposes, such as identifying or locating a suspect, fugitive, or missing person.

7. Serious Threat to Health or Safety

We may use and disclose PHI when necessary to prevent a serious threat to your health and safety or the health and safety of the public or another person.

Uses and Disclosures That Require Your Written Authorization

Other uses and disclosures not described in this Notice will be made only with your written authorization. You may revoke your authorization at any time, in writing, except to the extent that we have already taken action based on your authorization.

We will never use or disclose your PHI for the following without your authorization:

• Marketing purposes
• Sale of PHI
• Psychotherapy notes (if applicable)
• Research purposes (unless specifically exempted by law)

Your Rights Regarding Your PHI

1. Right to Access

You have the right to inspect and obtain a copy of your PHI. To request access, submit a written request to privacy@healtalk.com. We may charge a reasonable fee for copying and mailing costs.

2. Right to Amend

If you believe your PHI is incorrect or incomplete, you may request an amendment. We may deny your request in certain circumstances. To request an amendment, submit a written request to privacy@healtalk.com.

3. Right to an Accounting of Disclosures

You have the right to receive a list of certain disclosures we have made of your PHI. To request an accounting, submit a written request to privacy@healtalk.com.

4. Right to Request Restrictions

You have the right to request restrictions on certain uses and disclosures of your PHI. We are not required to agree to your request except in certain circumstances. To request restrictions, submit a written request to privacy@healtalk.com.

5. Right to Request Confidential Communications

You have the right to request that we communicate with you about your PHI by alternative means or at alternative locations. To request confidential communications, submit a written request to privacy@healtalk.com.

6. Right to a Paper Copy of This Notice

You have the right to a paper copy of this Notice, even if you have agreed to receive it electronically. To obtain a paper copy, contact support@healtalk.com.

7. Right to Breach Notification

You have the right to be notified in the event of a breach of your unsecured PHI.

How to Exercise Your Rights

To exercise any of your rights described in this Notice, please submit a written request to:

We will respond to your request within 30 days for most requests, or within 60 days for requests to access or amend your PHI.

Complaints

If you believe your privacy rights have been violated, you may file a complaint with:

You will not be retaliated against for filing a complaint.

Changes to This Notice

We reserve the right to change this Notice and to make the revised or changed Notice effective for PHI we already have about you as well as any information we receive in the future. We will post the current Notice on our website and make copies available upon request.

Contact Information