Privacy Policy

1. HIPPA Requirements

We are covered entity under HIPAA, our organization is committed to protecting the privacy and security of your Protected Health Information (PHI). We are required to comply with the HIPAA Privacy Rule and Security Rule, which outlines how we can and cannot use or disclose your PHI. We have a responsibility to ensure the confidentiality, integrity, and availability of your PHI. 

2. Information We Collect

We may collect the following types of PHI and personal information when you use our services:

• Your name, contact details, and date of birth
• Mental health history, diagnoses, and treatment plans
• Communication records via text, phone, or video
• Billing information
• Any information you voluntarily provide

3. How We Use Your Information

We use your PHI for the following purposes:

• To provide, coordinate, and manage your psychiatric care
• To communicate with you regarding your appointments and treatment
• For billing and payment processing
• To comply with legal obligations
• To improve the quality and functionality of our services

4. How We Share Your Information

We may disclose your PHI under the following circumstances:

• With your consent
• To healthcare providers involved in your treatment
• To business associates (e.g., electronic health record vendors, teleconferencing providers) who are contractually obligated to safeguard your PHI
• To comply with law enforcement or legal requirements
• To public health authorities when required by law

We do not sell your PHI or use it for marketing purposes without your explicit written authorization.

5. Your Rights Under HIPAA

You have the right to:

• Access and request copies of your PHI
• Request corrections to your PHI
• Request restrictions on how we use or disclose your PHI
• Request confidential communications via specific methods or locations
• File a complaint if you believe your privacy rights have been violated

For any privacy-related questions or to exercise these rights, please contact our privacy officer, Jocelyn Johnson, by mail at 515 North Flagler Drive Suite 350, West Palm Beach, Florida 33401 or via email (Attn: Privacy Officer) at Jocelyn@mindmechanicrx.com

6. Communication Methods

We communicate with patients through:

• Text Messages: Standard SMS may not be fully secure; by choosing this method, you acknowledge and accept this risk.
• Phone Calls: Phone communications may be documented in your health record.
• Email:  We use Gmail in compliance with HIPAA guidelines under a Business Associate Agreement (BAA).
• Google Meet: We use Google Meet in compliance with HIPAA guidelines under a Business Associate Agreement (BAA).
• If you have concerns about the security of any communication method, please contact us to discuss alternative options.

7. Data Security

We use administrative, technical, and physical safeguards to protect your PHI. These include encrypted data transmission, secure servers, access controls, and staff training on HIPAA compliance.

8. Third-Party Services

We may use third-party service providers (such as scheduling or billing platforms) who have signed HIPAA-compliant Business Associate Agreements (BAAs) with us.

9. Changes to This Policy

We may update this Privacy Policy periodically. Changes will be posted on our website with the effective date. Your continued use of our services constitutes your acceptance of the revised policy.