THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.

Part I. Notice of Privacy Practices (HIPAA)

ReThink Mental Health Treatment (“ReThink,” “we,” “us,” or “our”) is committed to protecting the privacy of your health information. We are required by law to maintain the privacy of your protected health information, to provide you with this Notice of our legal duties and privacy practices concerning your health information, and to notify you following a breach of unsecured protected health information. We are required to follow the terms of the Notice currently in effect.

This Notice applies to all records of your care that we generate or maintain, whether created by our clinical staff, administrative staff, or others involved in your care. “Protected health information” (also called “PHI”) means individually identifiable information about your health, health care, or payment for health care that we collect or receive in the course of providing services to you.

Special note on mental health and substance use records.  Records relating to mental health treatment and to substance use disorder treatment receive additional protection under federal and New Jersey law. Where the federal confidentiality rules for substance use disorder patient records (42 CFR Part 2), New Jersey law, or any other applicable law provides greater protection than HIPAA, we follow the more protective standard. If we operate a federally assisted substance use disorder program, information identifying you as a patient of that program is protected under 42 CFR Part 2 and generally may not be disclosed without your written consent, except in the limited circumstances that Part 2 allows, such as a medical emergency, certain audits and evaluations, a valid court order, or a report of a crime on our premises or against our staff.

How We May Use and Disclose Your Health Information

The following categories describe the ways we may use and disclose your health information. Not every use or disclosure will be listed, but every use or disclosure we make will fall within one of these categories.

For treatment.  We use and disclose your health information to provide, coordinate, and manage your care. For example, we may share information with clinicians, therapists, prescribers, and other members of your care team, and with other providers involved in your treatment, so they have the information they need to care for you.

For payment.  We use and disclose your health information to obtain payment for the services we provide. For example, we may share information with your health plan to determine eligibility, obtain prior authorization, or submit claims for reimbursement.

For health care operations.  We use and disclose your health information to run our practice, improve the quality of care, train staff, conduct internal reviews, and carry out administrative activities. For example, we may use your information to evaluate the performance of our clinical team or to plan our services.

Appointment reminders and health-related communications.  We may contact you to remind you of appointments, to discuss treatment alternatives, or to tell you about health-related benefits and services that may be of interest to you. If you provide a mobile number, we may contact you by call or text consistent with your communication preferences and applicable law.

Individuals involved in your care.  Unless you object, we may share information directly relevant to a family member, friend, or other person you identify as involved in your care or payment for your care. If you are not present or are unable to agree or object, we will use our professional judgment to determine whether disclosure is in your best interest. Additional protections apply to mental health and substance use records, and we will obtain your consent where required by law.

Business associates.  We may share your health information with third parties, known as business associates, that perform services on our behalf, such as billing, technology, records storage, and communications vendors. We require each business associate to protect your information through a written agreement consistent with HIPAA.

Uses and Disclosures Permitted or Required Without Your Authorization

We may use or disclose your health information without your authorization in the following circumstances, subject to the additional protections that apply to mental health and substance use disorder records.

As required by law.  We will disclose your information when required to do so by federal, state, or local law.

Public health activities.  We may disclose information for public health purposes, such as preventing or controlling disease, reporting to the U.S. Food and Drug Administration about regulated products, and reporting certain vital events.

Abuse, neglect, or domestic violence.  We may disclose information to the appropriate authority if we reasonably believe you are a victim of abuse, neglect, or domestic violence, as permitted or required by law.

Health oversight activities.  We may disclose information to a health oversight agency for activities authorized by law, such as audits, investigations, inspections, and licensure.

Judicial and administrative proceedings.  We may disclose information in response to a court or administrative order, or in response to a subpoena or other lawful process when the applicable requirements are met. For substance use disorder records, disclosure requires a court order that satisfies 42 CFR Part 2.

Law enforcement.  We may disclose information for limited law enforcement purposes as permitted by law, subject to the heightened protections that apply to substance use disorder records.

Coroners, medical examiners, and funeral directors.  We may disclose information as necessary to allow these parties to carry out their duties.

Organ and tissue donation.  If you are an organ donor, we may disclose information to organizations that handle procurement or transplantation.

Research.  We may use or disclose information for research when an institutional review board has approved the research and established protections for your information.

To avert a serious threat to health or safety.  We may use or disclose information when necessary to prevent or lessen a serious and imminent threat to your health and safety or the health and safety of others.

Specialized government functions.  We may disclose information for military and veterans activities, national security and intelligence activities, protective services, and correctional purposes as permitted by law.

Workers’ compensation.  We may disclose information as authorized by and to the extent necessary to comply with workers’ compensation laws.

Uses and Disclosures That Require Your Written Authorization

The following uses and disclosures will be made only with your written authorization:

Psychotherapy notes.  Most uses and disclosures of psychotherapy notes require your written authorization.

Marketing.  Most uses and disclosures of health information for marketing purposes require your written authorization.

Sale of information.  Disclosures that constitute a sale of health information require your written authorization.

Substance use disorder records.  Except in the limited situations that 42 CFR Part 2 allows, disclosures of records that identify you as a substance use disorder patient require your written consent.

Other uses.  Other uses and disclosures not described in this Notice will be made only with your written authorization. You may revoke an authorization in writing at any time, except to the extent we have already acted in reliance on it.

Your Rights Regarding Your Health Information

You have the following rights with respect to the health information we maintain about you. To exercise any of these rights, please submit your request in writing to our Privacy Officer using the contact information at the end of this Notice.

Right to inspect and copy.  You have the right to inspect and obtain a copy of your health information, including an electronic copy of records we maintain electronically. We may charge a reasonable, cost-based fee. We may deny access in limited circumstances, and you may have the right to have certain denials reviewed.

Right to request an amendment.  You may request that we amend health information you believe is incorrect or incomplete. We may deny your request in certain cases, and if we do, we will explain why and describe your options.

Right to an accounting of disclosures.  You have the right to request a list of certain disclosures we have made of your health information, other than disclosures for treatment, payment, health care operations, and certain other exceptions.

Right to request restrictions.  You may request a restriction on how we use or disclose your information for treatment, payment, or health care operations. We are not required to agree to most requests. If you pay in full out of pocket for a service, you may request that we not disclose information about that service to your health plan, and we will honor that request unless disclosure is otherwise required by law.

Right to confidential communications.  You may request that we communicate with you in a specific way or at a specific location. We will accommodate reasonable requests.

Right to a paper copy.  You have the right to a paper copy of this Notice at any time, even if you have agreed to receive it electronically.

Right to breach notification.  You have the right to be notified following a breach of your unsecured health information.

Right to revoke authorization.  Where you have authorized a use or disclosure, you may revoke that authorization in writing at any time, except to the extent we have already relied on it.

Our Duties

We are required by law to maintain the privacy of your health information, to provide you with this Notice, to abide by the terms of the Notice currently in effect, and to notify you if a breach of your unsecured health information occurs. We reserve the right to change this Notice and to make the revised Notice effective for all health information we maintain. If we make a material change, we will post the revised Notice on our website and make paper copies available at our facility. The current Notice will always show its effective date.

Complaints

If you believe your privacy rights have been violated, you may file a complaint with our Privacy Officer using the contact information below, or with the Secretary of the U.S. Department of Health and Human Services, Office for Civil Rights. We will not retaliate against you for filing a complaint.

Office for Civil Rights, U.S. Department of Health and Human Services, 200 Independence Avenue SW, Washington, D.C. 20201. Toll-free: (800) 368-1019. Complaints may also be filed online at www.hhs.gov/ocr/complaints.

Contact Information

If you have questions about this Notice or wish to exercise any of your rights, please contact our Privacy Officer:

ReThink Mental Health Treatment, Attn: Privacy Officer, 2100 Corlies Avenue, Suite 8, Neptune City, NJ 07753. Phone: (732) 226-1897. Email: info@rethinkmh.com.

Part II. Website Privacy Policy (ReThinkMH.com)

This Website Privacy Policy explains how ReThink Mental Health Treatment collects, uses, and protects information through our website at ReThinkMH.com (the “Site”). It works alongside the Notice of Privacy Practices in Part I. Where information you submit through the Site is protected health information, the Notice of Privacy Practices governs how we handle it. By using the Site, you agree to the practices described here.

Information We Collect

Information you provide.  When you complete a form, request information, schedule an appointment, chat with us, or contact us, we collect the information you provide, which may include your name, contact details, and any information you choose to share about your health, insurance, or reason for reaching out. Please share only what is necessary, and understand that information you submit to schedule or receive care may become part of your treatment record.

Information collected automatically.  When you visit the Site, we automatically collect certain technical information, such as your IP address, browser type, device information, pages viewed, referring website, and the dates and times of your visits. We collect this information using cookies and similar technologies.

Cookies and analytics.  We use cookies and analytics tools to understand how visitors use the Site, to measure the performance of our content, and to improve our services. You can control cookies through your browser settings, though disabling cookies may affect how the Site functions.

How We Use Information

We use the information we collect to respond to your inquiries, schedule and coordinate care, verify insurance and process payment, operate and improve the Site, measure and improve our outreach, maintain the security of the Site, and comply with our legal obligations. We use protected health information only as described in the Notice of Privacy Practices.

Text Messaging and Phone Communications

If you provide a phone number and opt in to receive text messages, we may send you appointment reminders, care-related messages, and responses to your inquiries. Message and data rates may apply, and message frequency varies. You may opt out at any time by replying STOP, and you may reply HELP for assistance. We do not sell or share mobile opt-in information with third parties for their own marketing, and consent to receive text messages is not a condition of receiving care.

Advertising and Analytics

We may use advertising and measurement services to reach people who may benefit from our services and to understand how our outreach performs. We do not use protected health information for advertising in any manner that requires your authorization without first obtaining it, and we configure our advertising and analytics tools to avoid transmitting protected health information to third parties. We do not sell your personal information.

How We Share Information

Service providers.  We share information with vendors that perform services on our behalf, such as hosting, communications, scheduling, customer relationship management, analytics, and payment processing. Where these vendors handle protected health information, we require a business associate agreement consistent with HIPAA.

Legal and safety.  We may disclose information when required by law, to respond to lawful requests, to protect our rights and the safety of others, or in connection with the sale or transfer of our business.

No sale of personal information.  We do not sell your personal information, and we do not share protected health information except as permitted by the Notice of Privacy Practices or with your authorization.

Data Security

We maintain administrative, technical, and physical safeguards designed to protect the information we collect. Where we handle protected health information, we maintain safeguards consistent with the HIPAA Security Rule. No method of transmission or storage is completely secure, so we cannot guarantee absolute security. Please avoid sending sensitive health details through unsecured channels such as standard email or website chat unless we have told you the channel is secure.

Data Retention

We retain personal information and health information for as long as necessary to provide our services, to comply with our legal, regulatory, and professional obligations, to resolve disputes, and to enforce our agreements. Treatment records are retained in accordance with applicable New Jersey and federal requirements.

Your Choices

You may control cookies through your browser, opt out of text messages by replying STOP, and contact us to ask questions about your information. You may also exercise the rights described in the Notice of Privacy Practices with respect to your protected health information. Depending on your state of residence, you may have additional rights regarding your personal information, and we will honor those rights as required by applicable law.

Children’s Privacy

The Site is intended for adults. We do not knowingly collect personal information from children through the Site without appropriate consent. If you believe a child has provided information through the Site, please contact us so we can address it. Services provided to minors are subject to the consent requirements of applicable New Jersey and federal law.

Third-Party Links

The Site may contain links to third-party websites that we do not control. We are not responsible for the privacy practices of those sites, and we encourage you to review their privacy policies.

Changes to This Policy

We may update this Website Privacy Policy from time to time. When we do, we will revise the effective date at the top of this document and post the updated policy on the Site. Your continued use of the Site after changes take effect means you accept the revised policy.

Contact Us

If you have questions about this Website Privacy Policy, please contact us at ReThink Mental Health Treatment, 2100 Corlies Avenue, Suite 8, Neptune City, NJ 07753. Phone: (732) 226-1897. Email: info@rethinkmh.com.