Pillar 5 Privacy Policy
At Pillar 5, we are committed to protecting the privacy of our clients' personal health information (PHI) and personal data. This Privacy Policy outlines how we collect, use, disclose, and protect your information in compliance with the Health Insurance Portability and Accountability Act (HIPAA), California’s Consumer Privacy Rights Act (CPRA), and other applicable laws.
Collection and Use of Personal Health Information (PHI)
We collect PHI to provide quality behavioral health services. PHI may include:
-
Name, address, birth date, and Social Security number
-
Health insurance details
-
Medical history, treatment plans, and progress notes
-
Other information necessary for treatment and care coordination
We use PHI for the following purposes:
-
To provide treatment and coordinate care with other healthcare providers
-
To bill and collect payment for services
-
To conduct healthcare operations, such as quality assessments and staff training
-
To comply with legal requirements
Consumer Rights Under HIPAA
1. Right to Access PHI
You have the right to access and obtain a copy of your PHI, including medical and billing records. We can provide this in paper or electronic format upon your request. Requests can be made by contacting us directly.
2. Right to Request Amendments to PHI
If you believe your PHI is inaccurate or incomplete, you can request an amendment. We will review and either make the necessary changes or explain why the request is denied.
3. Right to an Accounting of Disclosures
You have the right to request a list of certain disclosures of your PHI made by Pillar 5, excluding those for treatment, payment, or healthcare operations. This list can cover a period of up to six years.
5. Right to Confidential Communications
You have the right to request that we communicate with you in specific ways or at certain locations to ensure your privacy. We will accommodate reasonable requests.
6. Right to Receive a Copy of Our Privacy Policy
You can request a copy of our Privacy Policy at any time. This document explains how we handle your PHI and outlines your rights under HIPAA.
7. Right to Opt-Out of Marketing and Fundraising Communications
You can opt out of receiving marketing or fundraising communications that use your PHI. We will not use your PHI for these purposes without your consent, and you may revoke consent at any time.
8. Right to Be Notified of a Breach
If your PHI is compromised in a data breach, you have the right to be notified. We will inform you within 60 days of discovering the breach and explain the information involved and how we are addressing it.
Consumer Rights Under CPRA
Under CPRA, you have additional rights regarding your personal information:
2. Right to Correct Inaccurate Personal Information
You can request that we correct inaccurate personal information, and we will use commercially reasonable efforts to do so.
3. Right to Know and Access Personal Information
You may request information about the categories of personal information we collect, the sources, the purpose for collection, and any third parties with whom we share it.
4. Right to Know What Personal Information is Sold or Shared
You have the right to know what personal information has been sold or shared and with whom. Pillar 5 does not sell personal information but may share it for certain business purposes.
5. Right to Opt-Out of Sale or Sharing of Personal Information
You can request that your personal information not be sold or shared with third parties. While Pillar 5 does not sell personal information, this right applies to any future data-sharing practices.
6. Right to Limit Use and Disclosure of Sensitive Personal Information
You can request that we limit the use of sensitive personal information, such as your Social Security number, to necessary business operations.
7. Right of No Retaliation
We will not discriminate or retaliate against you for exercising your privacy rights under CPRA.
1. Right to Delete Personal Information
You can request that we delete personal information collected from you, subject to certain exceptions, such as completing transactions, ensuring security, or complying with legal obligations.
Administration of Rights
To exercise your HIPAA or CPRA rights, you may submit a request through the following methods:
-
Phone: (888) 825-4784
-
Email: info@pillar5.com
-
Office: 912 10th Street, Unit B, Arcata, CA 95521
-
Website: www.pillar5.care
Upon receiving your request, we will confirm receipt within 10 business days. We will respond within 45 days, with the option to extend the timeframe by an additional 45 days if necessary.
Disclosure of Personal Information
We may disclose your PHI without your authorization in the following circumstances:
-
For treatment purposes with other healthcare providers
-
To obtain payment for services rendered
-
For healthcare operations, such as audits and quality improvement
-
When required by law, such as in response to legal orders or public health reporting
Security of Personal Information
Pillar 5 employs appropriate physical, electronic, and procedural safeguards to protect your personal information from unauthorized access, use, or disclosure. We train our staff to handle PHI in accordance with HIPAA and state privacy laws.
Changes to This Privacy Policy
We reserve the right to update this Privacy Policy as needed to comply with changes in the law. Any changes will be posted on our website, and you may request an updated copy at any time.
Acknowledgment of Receipt
By receiving services from Pillar 5, you acknowledge that you have received and understand this Privacy Policy, including your rights under HIPAA and CPRA.
Contact Information
If you have any questions or concerns about this Privacy Policy, or if you wish to exercise your privacy rights, please contact us:
Phone: (888) 825-4784
Email: info@pillar5.com
Office: 912 10th Street, Unit B, Arcata, CA 95521
Website: www.pillar5.care