Client Privacy & HIPAA Policy

At Haven Hands, protecting your privacy is a top priority. We are committed to safeguarding all personal, behavioral, and health information shared with us. This policy outlines how client information is collected, used, stored, and protected in compliance with the Health Insurance Portability and Accountability Act (HIPAA).

​

1. Protection of Personal Health Information (PHI)

Haven Hands adheres to all HIPAA regulations regarding the confidentiality and security of Protected Health Information (PHI). PHI includes any information that identifies a client and relates to:

• Health or developmental history

• Diagnoses and evaluations

• Services provided

• Progress notes

• Billing or payment information

PHI is stored securely and used only for purposes directly related to service delivery.

​

2. How We Use Your Information

Client information may be used for:

• Assessment and treatment planning

• Recordkeeping and clinical documentation

• Coordination of care (when authorized)

• Scheduling, billing, and administrative purposes

We will never sell or share client information for marketing or non-clinical purposes.

​

3. When Information May Be Shared

Haven Hands does not disclose PHI without written consent, except when required by law or HIPAA’s permitted uses. Information may be shared without consent in the following situations:

• If required to prevent serious harm to the client or others

• If there is suspicion of abuse, neglect, or exploitation

• When mandated by court order or legal process

• For limited administrative or auditing purposes as allowed by HIPAA

Any other disclosure requires prior written authorization from the parent or legal guardian.

​

4. Client & Parent Rights Under HIPAA

You have the right to:

• Request access to your or your child’s records

• Request corrections to inaccurate information

• Request limits on how PHI is used or shared

• Receive a list of any authorized disclosures made

• Request confidential communication methods (email, phone, etc.)

• Withdraw consent for information sharing at any time

All requests must be submitted in writing.

​

5. How Information Is Stored and Protected

Haven Hands uses secure systems to protect electronic and physical records.
Security measures include:

• Password-protected and encrypted digital files

• Locked and restricted storage of physical documents

• HIPAA-compliant email and telehealth systems

• Limited access to client information

Only authorized personnel may view or handle PHI.

​

6. Communication

Electronic communication (email, text, telehealth platforms) may be used with your consent. While encrypted systems are utilized when available, no digital communication is completely risk-free. You may decline electronic communication at any time.

​

7. Record Retention

Client records are maintained for the period required by state and federal regulations. After that time, records are securely destroyed.

​

8. Complaints About Privacy

If you believe your privacy rights have been violated, you have the right to:

• File a complaint directly with Haven Hands

• File a complaint with the U.S. Department of Health and Human Services (HHS)
  You will not be penalized for filing a complaint.​

​

9. Policy Updates

This policy may be updated to remain in compliance with HIPAA and applicable laws. Any significant changes will be communicated to active clients.