top of page

Pillar 5 Privacy Policy

At Pillar 5, we are committed to protecting the privacy of our clients' personal health information (PHI) and personal data. This Privacy Policy outlines how we collect, use, disclose, and protect your information in compliance with the Health Insurance Portability and Accountability Act (HIPAA), California’s Consumer Privacy Rights Act (CPRA), and other applicable laws.

Collection and Use of Personal Health Information (PHI)

We collect PHI to provide quality behavioral health services. PHI may include:

  • Name, address, birth date, and Social Security number

  • Health insurance details

  • Medical history, treatment plans, and progress notes

  • Other information necessary for treatment and care coordination
     

We use PHI for the following purposes:

  • To provide treatment and coordinate care with other healthcare providers

  • To bill and collect payment for services

  • To conduct healthcare operations, such as quality assessments and staff training

  • To comply with legal requirements

Consumer Rights Under HIPAA

1. Right to Access PHI

You have the right to access and obtain a copy of your PHI, including medical and billing records. We can provide this in paper or electronic format upon your request. Requests can be made by contacting us directly.

2. Right to Request Amendments to PHI

If you believe your PHI is inaccurate or incomplete, you can request an amendment. We will review and either make the necessary changes or explain why the request is denied.

3. Right to an Accounting of Disclosures

You have the right to request a list of certain disclosures of your PHI made by Pillar 5, excluding those for treatment, payment, or healthcare operations. This list can cover a period of up to six years.

5. Right to Confidential Communications

You have the right to request that we communicate with you in specific ways or at certain locations to ensure your privacy. We will accommodate reasonable requests.

6. Right to Receive a Copy of Our Privacy Policy

You can request a copy of our Privacy Policy at any time. This document explains how we handle your PHI and outlines your rights under HIPAA.

7. Right to Opt-Out of Marketing and Fundraising Communications

You can opt out of receiving marketing or fundraising communications that use your PHI. We will not use your PHI for these purposes without your consent, and you may revoke consent at any time.

8. Right to Be Notified of a Breach

If your PHI is compromised in a data breach, you have the right to be notified. We will inform you within 60 days of discovering the breach and explain the information involved and how we are addressing it.

Consumer Rights Under CPRA

Under CPRA, you have additional rights regarding your personal information:

2. Right to Correct Inaccurate Personal Information

You can request that we correct inaccurate personal information, and we will use commercially reasonable efforts to do so.

3. Right to Know and Access Personal Information

You may request information about the categories of personal information we collect, the sources, the purpose for collection, and any third parties with whom we share it.

4. Right to Know What Personal Information is Sold or Shared

You have the right to know what personal information has been sold or shared and with whom. Pillar 5 does not sell personal information but may share it for certain business purposes.

5. Right to Opt-Out of Sale or Sharing of Personal Information

You can request that your personal information not be sold or shared with third parties. While Pillar 5 does not sell personal information, this right applies to any future data-sharing practices.

6. Right to Limit Use and Disclosure of Sensitive Personal Information

You can request that we limit the use of sensitive personal information, such as your Social Security number, to necessary business operations.

7. Right of No Retaliation

We will not discriminate or retaliate against you for exercising your privacy rights under CPRA.

1. Right to Delete Personal Information

You can request that we delete personal information collected from you, subject to certain exceptions, such as completing transactions, ensuring security, or complying with legal obligations.

Administration of Rights

To exercise your HIPAA or CPRA rights, you may submit a request through the following methods:

Upon receiving your request, we will confirm receipt within 10 business days. We will respond within 45 days, with the option to extend the timeframe by an additional 45 days if necessary.

Disclosure of Personal Information

We may disclose your PHI without your authorization in the following circumstances:

  • For treatment purposes with other healthcare providers

  • To obtain payment for services rendered

  • For healthcare operations, such as audits and quality improvement

  • When required by law, such as in response to legal orders or public health reporting

Security of Personal Information

Pillar 5 employs appropriate physical, electronic, and procedural safeguards to protect your personal information from unauthorized access, use, or disclosure. We train our staff to handle PHI in accordance with HIPAA and state privacy laws.

Changes to This Privacy Policy

We reserve the right to update this Privacy Policy as needed to comply with changes in the law. Any changes will be posted on our website, and you may request an updated copy at any time.

Acknowledgment of Receipt

By receiving services from Pillar 5, you acknowledge that you have received and understand this Privacy Policy, including your rights under HIPAA and CPRA.

Contact Information

If you have any questions or concerns about this Privacy Policy, or if you wish to exercise your privacy rights, please contact us:

Phone: (888) 825-4784


Email: info@pillar5.com


Office: 912 10th Street, Unit B, Arcata, CA 95521


Website: www.pillar5.care

bottom of page