Footprints to Recovery
HIPAA NOTICE OF PRIVACY PRACTICES
Effective Date: 01/23/2020
THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND
DISCLOSED AND HOW YOU CAN OBTAIN ACCESS TO THIS INFORMATION. PLEASE REVIEW IT
The terms of this Notice of Privacy Practices (“Notice”) apply to Footprints to Recovery, its affiliates and its
employees. Footprints to Recovery will share protected health information of patients as necessary to carry out
treatment, payment, and health care operations as permitted by law.
We are required by law to maintain the privacy of our patients’ protected health information and to provide
patients with notice of our legal duties and privacy practices with respect to protected health information.
We are required to abide by the terms of this Notice for as long as it remains in effect. We reserve the right
to change the terms of this Notice as necessary and to make a new notice of privacy practices effective for
all protected health information maintained by Footprints to Recovery. We are required to notify you in the event of
a breach of your unsecured protected health information. We are also required to inform you that there may
be a provision of state law that relates to the privacy of your health information that may be more stringent
than a standard or requirement under the Federal Health Insurance Portability and Accountability Act
(“HIPAA”). A copy of any revised Notice of Privacy Practices or information pertaining to a specific State law
may be obtained by mailing a request to the Privacy Officer at the address below.
USES AND DISCLOSURES OF YOUR PROTECTED HEALTH INFORMATION:
Authorization and Consent: Except as outlined below, we will not use or disclose your protected health
information for any purpose other than treatment, payment or health care operations unless you have signed
a form authorizing such use or disclosure. You have the right to revoke such authorization in writing, with
such revocation being effective once we actually receive the writing; however, such revocation shall not be
effective to the extent that we have taken any action in reliance on the authorization, or if the authorization
was obtained as a condition of obtaining insurance coverage, other law provides the insurer with the right to
contest a claim under the policy or the policy itself.
Uses and Disclosures for Treatment: We will make uses and disclosures of your protected health
information as necessary for your treatment. Doctors and nurses and other professionals involved in your
care will use information in your medical record and information that you provide about your symptoms and
reactions to your course of treatment that may include procedures, medications, tests, medical history, etc.
Uses and Disclosures for Payment: We will make uses and disclosures of your protected health
information as necessary for payment purposes. During the normal course of business operations, we may
forward information regarding your medical procedures and treatment to your insurance company to arrange
payment for the services provided to you. We may also use your information to prepare a bill to send to you
or to the person responsible for your payment.
Uses and Disclosures for Health Care Operations: We will make uses and disclosures of your protected
health information as necessary, and as permitted by law, for our health care operations, which may include
clinical improvement, professional peer review, business management, accreditation and licensing, etc. For
instance, we may use and disclose your protected health information for purposes of improving clinical
treatment and patient care.
Individuals Involved In Your Care: We may from time to time disclose your protected health information
to designated family, friends and others who are involved in your care or in payment of your care in order to
facilitate that person’s involvement in caring for you or paying for your care. If you are unavailable,
incapacitated, or facing an emergency medical situation and we determine that a limited disclosure may be
in your best interest, we may share limited protected health information with such individuals without your
approval. We may also disclose limited protected health information to a public or private entity that is
authorized to assist in disaster relief efforts in order for that entity to locate a family member or other persons
that may be involved in some aspect of caring for you.
Business Associates: Certain aspects and components of our services are performed through contracts
with outside persons or organizations, such as auditing, accreditation, outcomes data collection, legal
services, etc. At times it may be necessary for us to provide your protected health information to one or
more of these outside persons or organizations who assist us with our health care operations. In all cases,
we require these associates to appropriately safeguard the privacy of your information.
Appointments and Services: We may contact you to provide appointment updates or information about
your treatment or other health-related benefits and services that may be of interest to you. You have the
right to request and we will accommodate reasonable requests by you to receive communications regarding
your protected health information from us by alternative means or at alternative locations. For instance, if
you wish appointment reminders to not be left on voice mail or sent to a particular address, we will
accommodate reasonable requests. With such request, you must provide an appropriate alternative
address or method of contact. You also have the right to request that we not send you any future marketing
materials and we will use our best efforts to honor such request. You must make such requests in writing,
including your name and address, and send such writing to the Privacy Officer at the address below.
Research: In limited circumstances, we may use and disclose your protected health information for
research purposes. In all cases where your specific authorization is not obtained, your privacy will be
protected by strict confidentiality requirements applied by an Institutional Review Board which oversees the
research or by representations of the researchers that limit their use and disclosure of your information.
Fundraising: We may use your information to contact you for fundraising purposes. We may disclose this
contact information to a related foundation so that the foundation may contact you for similar purposes. If
you do not want us or the foundation to contact you for fundraising efforts, you must send such request in
writing to the Privacy Officer at the address below.
Other Uses and Disclosures: We are permitted and/or required by law to make certain other uses and
disclosures of your protected health information without your consent or authorization for the following:
• Any purpose required by law;
• Public health activities such as required reporting of immunizations, disease, injury, birth and
death, or in connection with public health investigations;
• If we suspect child abuse or neglect; if we believe you to be a victim of abuse, neglect or
• To the Food and Drug Administration to report adverse events, product defects, or to
participate in product recalls;
• To your employer when we have provided health care to you at the request of your employer;
• To a government oversight agency conducting audits, investigations, civil or criminal
• Court or administrative ordered subpoena or discovery request;
• To law enforcement officials as required by law if we believe you have been the victim of
abuse, neglect or domestic violence. We will only make this disclosure if you agree or when
required or authorized by law;
• To coroners and/or funeral directors consistent with law;
• If necessary to arrange an organ or tissue donation from you or a transplant for you;
• If you are a member of the military, we may also release your protected health
information for national security or intelligence activities; and
• To workers’ compensation agencies for workers’ compensation benefit determination.
DISCLOSURES REQUIRING AUTHORIZATION:
Psychotherapy Notes: We must obtain your specific written authorization prior to disclosing any
psychotherapy notes unless otherwise permitted by law. However, there are certain purposes for which we
may disclose psychotherapy notes, without obtaining your written authorization, including the following: (1) to
carry out certain treatment, payment or healthcare operations (e.g., use for the purposes of your treatment,
for our own training, and to defend ourselves in a legal action or other proceeding brought by you), (2) to the
Secretary of the Department of Health and Human Services to determine our compliance with the law, (3) as
required by law, (4) for health oversight activities authorized by law, (5) to medical examiners or coroners as
permitted by state law, or (6) for the purposes of preventing or lessening a serious or imminent threat to the
health or safety of a person or the public.
Genetic Information: We must obtain your specific written authorization prior to using or disclosing your
genetic information for treatment, payment or health care operations purposes. We may use or disclose
your genetic information, or the genetic information of your child, without your written authorization only
where it would be permitted by law.
Marketing: We must obtain your authorization for any use or disclosure of your protected health information
for marketing, except if the communication is in the form of (1) a face-to-face communication with you, or (2)
a promotional gift of nominal value.
Sale of Protected Information: We must obtain your authorization prior to receiving direct or indirect
remuneration in exchange for your health information; however, such authorization is not required where the
purpose of the exchange is for:
• Public health activities;
• Research purposes, provided that we receive only a reasonable, cost-based fee to cover the
cost to prepare and transmit the information for research purposes;
• Treatment and payment purposes;
• Health care operations involving the sale, transfer, merger or consolidation of all or part of our
business and for related due diligence;
• Payment we provide to a business associate for activities involving the exchange of protected
health information that the business associate undertakes on our behalf (or the subcontractor
undertakes on behalf of a business associate) and the only remuneration provided is for the
performance of such activities;
• Providing you with a copy of your health information or an accounting of disclosures;
• Disclosures required by law;
• Disclosures of your health information for any other purpose permitted by and in accordance
with the Privacy Rule of HIPAA, as long as the only remuneration we receive is a reasonable,
cost-based fee to cover the cost to prepare and transmit your health information for such
purpose or is a fee otherwise expressly permitted by other law; or
• Any other exceptions allowed by the Department of Health and Human Services.
RIGHTS THAT YOU HAVE REGARDING YOUR PROTECTED HEALTH INFORMATION:
Access to Your Protected Health Information: You have the right to copy and/or inspect much of the
protected health information that we retain on your behalf. For protected health information that we maintain
in any electronic designated record set, you may request a copy of such health information in a reasonable
electronic format, if readily producible. Requests for access must be made in writing and signed by you or
your legal representative. You may obtain a “Patient Access to Health Information Form” from the front
office person. You will be charged a reasonable copying fee and actual postage and supply costs for your
protected health information. If you request additional copies you will be charged a fee for copying and
Amendments to Your Protected Health Information: You have the right to request in writing that
protected health information that we maintain about you be amended or corrected. We are not obligated to
make requested amendments, but we will give each request careful consideration. All amendment requests,
must be in writing, signed by you or legal representative, and must state the reasons for the
amendment/correction request. If an amendment or correction request is made, we may notify others who
work with us if we believe that such notification is necessary. You may obtain an “Amendment Request
Form” from the front office person or individual responsible for medical records.
Accounting for Disclosures of Your Protected Health Information: You have the right to receive an
accounting of certain disclosures made by us of your protected health information after April 14, 2003.
Requests must be made in writing and signed by you or your legal representative. “Accounting Request
Forms” are available from the front office person or individual responsible for medical records. The first
accounting in any 12-month period is free; you will be charged a fee for each subsequent accounting you
request within the same 12-month period. You will be notified of the fee at the time of your request.
Restrictions on Use and Disclosure of Your Protected Health Information: You have the right to
request restrictions on uses and disclosures of your protected health information for treatment, payment, or
health care operations. We are not required to agree to most restriction requests, but will attempt to
accommodate reasonable requests when appropriate. You do, however, have the right to restrict disclosure
of your protected health information to a health plan if the disclosure is for the purpose of carrying out
payment or health care operations and is not otherwise required by law, and the protected health information
pertains solely to a health care item or service for which you, or someone other than the health plan on your
behalf, has paid Footprints to Recovery in full. If we agree to any discretionary restrictions, we reserve the right to
remove such restrictions as we appropriate. We will notify you if we remove a restriction imposed in
accordance with this paragraph. You also have the right to withdraw, in writing or orally, any restriction by
communicating your desire to do so to the individual responsible for medical records.
Right to Notice of Breach: We take very seriously the confidentiality of our patients’ information, and we
are required by law to protect the privacy and security of your protected health information through
appropriate safeguards. We will notify you in the event a breach occurs involving or potentially involving
your unsecured health information and inform you of what steps you may need to take to protect yourself.
Paper Copy of this Notice: You have a right, even if you have agreed to receive notices electronically, to
obtain a paper copy of this Notice. To do so, please submit a request to the Privacy Officer at the address
Complaints: If you believe your privacy rights have been violated, you can file a complaint in writing with
the Privacy Officer. You may also file a complaint with the Secretary of the U.S. Department of Health and
Human Services at the below address. There will be no retaliation for filing a complaint.
Office for Civil Rights
Department of HHS
Jacob Javits Federal Building
26 Federal Plaza – Suite 3312
New York, NY 10278
Voice Phone (212) 264-3313
FAX (212) 264-3039
TDD (212) 264-2355
For Further Information: If you have questions, need further assistance regarding or would like to submit a
request pursuant to this Notice, you may contact the Footprints to Recovery Privacy Officer by phone at 55-628-2899 or at the following address: 6640 W Touhy Ave Niles, IL 60714 .