Wonders Counseling Services, LLC
PRIVACY PROTECTION NOTICES
Revised May 17, 2018
Acknowledgement and Acceptance of Terms
Participating Merchant Policies
Related services and offerings with links from this website to other sites, including vendor sites, have their own privacy statements that can be viewed by clicking on the corresponding links within each respective website. As we do not have direct control over the policies or practices of other third parties, we are not responsible for the privacy practices or contents of those sites. We do recommend and encourage you to always review the privacy policies of merchants and other third parties before you provide any information or complete any transaction with such parties.
Information We May Collect and How We Use It
Wonders Counseling may collect certain information from and about its users. Here are some examples of information we may track:
- Your internet protocol address
- The kind of browser and/or computer you use
- The number of links you click within the site
- The state or country from which you accessed the site
- The date and time of your visit
- The name of your internet service provider
- The web page you linked to our site from
- The pages you viewed on the site
Personal Information of Users
Visitors to our website may be permitted to register to purchase items. When you register, we will request some personal information such as name, address, email, telephone number or facsimile number, account number and/or other relevant information. If you are purchasing an item, we may request financial information. Any financial information we collect is used solely to bill you for the item you purchased. If you purchase by credit card, this information may be forwarded to your credit card provider. For other types of registrations, we will ask for the relevant information. You may also be asked to disclose personal information to us so that we can provide assistance and information to you. For example, such data may be warranted in order to provide online technical support and troubleshooting. We will also collect such additional personal information as you choose to share with us, such as photos or other content you may post, including, as you may elect to post, social media handles, links to Facebook groups or Google Groups, and other social platforms (“Posted Content”). You may not post (i) your own or third party email addresses, telephone numbers, physical addresses; or (ii) personal information of third parties.
We will NEVER disclose personally identifiable information (other than Posted Content, which you agree to make public by posting) we collect from you to third parties without your permission, except to the extent necessary, including:
- To fulfill your service requests for products or services;
- To protect ourselves, our customers or our vendors from liability, or to defend our rights, including investigations of fraud or misconduct;
- To third parties who have agreed in writing to maintain such information in confidence and use such information solely in performance of services to us;
- To respond to legal process or comply with law, including subpoenas;
- To entities under common ownership or control with us or to our owners; or
- In connection with a merger, acquisition or liquidation of the company.
How you can withdraw your consent:
If after you opt-in or after having not initially taken an opportunity to opt-out, you change your mind, you may withdraw your consent for us to contact you, for the continued collection, use or disclosure of your information, at any time, by contacting us at firstname.lastname@example.org
Accessing Web Account Information
We will provide you with the means to ensure that personally identifiable information in your web account file is correct and current. You may review this information by contacting us via email to our support team at email@example.com
How to Correct, Update, or Delete Your Information
If you would like to: access, correct, amend or delete any personally identifiable information we store about you, register a complaint, or simply want more information, contact us at firstname.lastname@example.org
How We Protect Information
We use commercially reasonable procedures to protect the personal information that we collect from you against loss, theft and misuse, as well as unauthorized access, disclosure, alteration and destruction. We have a security program applicable to all records containing personal information.
Children Under 18
We do not specifically market to or knowingly collect personal information from children under 18.. Because some information is collected online, it may not appear to be the personal information of a child under 18. If a child under 18 submits personal information to us, and we learn that the personal information is the information of a child under 18, we will work to delete the information as soon as possible. If you are under 18, please do not register for any of our services or provide us any information about yourself (such as your name, email address or phone number).
California Online Privacy Protection Act
- Your first and last name;
- Your home or other physical address, including street name and name of a city or town;
- Your email address;
- Your phone number;
- Other identifiers that may permit the physical or online contacting of a specific individual; and
Wonders Counseling & Consultation
2375 Rocky Mountain Rd. Suite 250
Marietta, GA 30066
Wonders Counseling will use commercially reasonable efforts to always respond and resolve any problem or question as promptly as possible
THIS NOTICE DESCRIBES HOW YOUR MENTAL HEALTH RECORDS MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE READ IT CAREFULLY. THIS POLICY IS POSTED ON OUR WEBSITE AT WWW.WONDERSCOUNSELING.COM AND A PAPER COPY IS AVAILABLE UPON YOUR REQUEST FOR YOUR REVIEW AS WELL.
Your Rights to Privacy under HIPAA Preamble: Communications between psychotherapists and their clients are privileged and, therefore, are protected from forced disclosure in cases arising under federal law. There is a difference between privileged conversations and documentation in your mental health Records are kept documenting your care as required by law, professional standards, and other review procedures. HIPAA very clearly defines what kind of information is to be included in your “Designated Medical Record” as well as some material, known as “Psychotherapy Notes” which is not accessible to insurance companies and other third-party reviewers and in some cases, not to the client himself/herself. HIPAA provides privacy protections about your personal health information, which is called “protected health information” (PHI) which could personally identify you. PHI consists of three(3) components: treatment, payment, and health care operations. Treatment refers to activities in which I provide, coordinate or manage your mental health care or other services related to your mental health care. Examples include a psychotherapy session, psychological testing, or talking to your primary care physician about your medication or overall medical condition. Payment is when I obtain reimbursement for your mental health care. The clearest example of this parameter is filing insurance on your behalf to help pay for some of the costs of the mental health services provided you. Health care operations are activities related to the performance of my practice such as quality assurance. In mental health care, the best example of health care operations is when utilization review occurs, a process in which your insurance company reviews our work together to see if your care is “really medically necessary.” The use of your protected health information refers to activities my office conducts for filing your claims, scheduling appointments, keeping records and other tasks within my office related to your care. Disclosures refer to activities you authorize which occur outside my office such as the sending of your protected health information to other parties (i.e., your primary care physician, the school your child attends).
Uses and Disclosures of Protected Health Information Requiring Authorization
The law requires authorization and consent for treatment, payment and healthcare operations. I may disclose PHI for the purposes of treatment, payment and healthcare operations with your consent. You have signed this general consent to care and authorization to conduct payment and health care operations, authorizing me to provide treatment and to conduct administrative steps associated with your care (i.e., file insurance for you) .Additionally, if you ever want me to send any of your protected health information of any sort to anyone outside my office, you will always first sign a specific authorization to release information to this outside party. A copy of that authorization formis available upon the request. The requirement of your signing an additional authorization form is an added protection to help insure your protected health information is kept strictly confidential. An example of this type of release of information might by your request that I talk to your child’s schoolteacher about his/her ADHD condition and what this teacher might do to be of help to your child. Before I talk to that teacher, you will have first signed the proper authorization for me to do so. There is a third, special authorization provision potentially relevant to the privacy of your records: my psychotherapy notes. In recognition of the importance of the confidentiality of conversations between psychotherapist -client in treatment settings, HIPAA permits keeping separate “psychotherapy notes” separate form the overall “designated medical record.” “Psychotherapy notes” cannot be secured by insurance companies nor can they insist upon their release for payment of services as has unfortunately occurred over the last two decades of managed mental health care. “Psychotherapy notes” are my notes “recorded in any medium by a mental health provider documenting and analyzing the contents of a conversation during a private, group or joint family counseling session and separated from the rest of the individual’s medical record.” “Psychotherapy notes” are necessarily more private and contain much more personal information about you hence, the need for increased security of the notes. “Psychotherapy notes” are not the same as your “progress notes” which provide the following information about your care each time you have an appointment at my office: medication prescriptions and monitoring, assessment/treatment start and stop times, the modalities of care, frequency of treatment furnished, results of clinical tests, and any summary of your diagnosis, functional status, treatment plan, symptoms, prognosis and progress to date. Certain payors of care, such as Medicare and Workers Compensation, require the release of both your progress notes and my psychotherapy notes in order to pay for your care. If I am forced to submit your psychotherapy notes in addition to your progress notes for reimbursement for services rendered, you will sign an additional authorization directing me to release my psychotherapy notes. Most of the time I will be able to limit reviews of your protected health information to only your “designated record set” which include the following: all identifying paperwork you completed when you first started your care here, all billing information, a summary of our first appointment, your mental status examination, your individualized, comprehensive treatment plan, your discharge summary, progress notes, reviews of you care by managed care companies, results of psychological testing, and any authorization letters or summaries of care you have authorized me to release on your behalf. Please note that the actual test questions or raw data of psychological tests, which are protected by copyright laws and the need to protect clients from unintended, potentially harmful use, are not part of your “designated mental health record.” You may, in writing, revoke all authorizations to disclose protected health information at any time. You cannot revoke an authorization for an activity already done that you instructed me to do or if the authorization was obtained as a condition for obtaining insurance and the insurer has the right to contest the claim under the policy.
Business Associates Disclosures
HIPAA requires that I ensure that all those performing ancillary administrative service for my practice and refers to these people as “Business Associates” sign and enter into a HIPAA compliant Business Associate Agreement so that your privacy is ensured at all times.
Uses and Disclosures Not Requiring Consent nor Authorization
By law, protected health information may be released without your consent or authorization for the following reasons:
- Child Abuse
- Suspected Sexual Abuse of a Child
- Adult and Domestic Abuse
- Health Oversight Activities (i.e., licensing board for Professional Counselors in Georgia)
- Judicial or Administrative Proceedings (i.e., if you are ordered here by the court)
- Serious Threat to Health or Safety (i.e., out “Duty to Warn” Law, national security threats)
- Workers Compensation Claims (if you seek to have your care reimbursed under Workers Compensation, all of your care is automatically subject to review by your employer and/or insurer(s).
I never release any information of any sort for marketing purposes.
Client’s Rights and My Duties
You have a right to the following:
- The right to request restrictions on certain uses and disclosures of your protected health information, which I may or may not agree to, but if I do, such restrictions shall apply unless our agreement is changed in writing;
- The right to receive confidential communications by alternative means and at alternative locations. For example, you may not want your bills sent to your home address so I willsend them to another location of your choosing;
- The right to inspect and receive a copy of your protected health information in my designated mental health record set and any billing records for as long as protected health information is maintained in the records;
- The right to amend material in your protected health information, although I may deny an improper request and/or respond to any amendment(s) you make to your record ofcare;
- The right to an accounting of non-authorized disclosures of your protected health information;
- The right to a paper copy of notices/information from me, even if you have previously requested electronic transmission of notices/information; and
- The right to revoke your authorization of your protected health information except to the extent that action has already been taken. For more information on how to exercise each of these aforementioned rights, please do not hesitate to ask me for further assistance on these I am required by law to maintain the privacy of your protected health information and to provide you with a notice of your Privacy Rights and myduties regarding your PHI. I reserve the right to change my privacy policies and practices as needed with these current designated practices being applicable unless you receive a revision of my policies when you come for your future appointment(s). My duties as a Licensed Professional Counselor on these matters include maintaining the privacy of your protected health information, to provide you this notice of your rights and my privacy practices with respect to your PHI, and to abide by the terms of this notice unless it is changed and you are so notified. If for some reason you desire a copy of my internal policies for executing private practices, please let me know and I will get you a copy of these documents I keep on file for auditing purposes.
Lynn Louise Wonders is the appointed “Privacy Officer” for Wonders Counseling Services, LLC per HIPAA regulations. If you have any concerns of any sort that my office may have compromised your privacy rights, please do not hesitate to speak to Lynn immediately about this matter. You will always find us willing to talk to you about preserving the privacy of your protected mental health information. You may also send a written complaint to the Secretary of the U.S. Department of Health and Human Services.
HIPAA provides client protections related to the electronic transmission of data (the transaction rule), the keeping and use of client records (“privacy rules”), and storage and access to health care records (“the security rules”).
HIPAA applies to all health care providers, including mental healthcare, and providers and health care agencies throughout the country are now required to provide clients a notification of their privacy rights as it relates to their health care records.
As you might expect, the HIPAA law and regulations are extremely detailed and difficult to grasp if you don’t have formal legal training. My Client Notification of Privacy Rights is my attempt to inform you of your rights in a simple yet comprehensive fashion. Please read this document as it is important you know what client protections HIPAA affords all of us. In mental health care, confidentiality and privacy are central to the success of the therapeutic relationship and as such, you will find I will do all I can to protect the privacy of your mental health records. If you have any questions about any of the matters discussed in this document, please do nothesitate toask me for further clarification.
Lynn Louise Wonders, LPC, RPT-S, CPCS
Clinical Director and Owner