PRIVACY POLICY

THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.

I. ETHOS Treatment LLC

This Notice of Privacy Practices is provided by the substance use disorder and mental health treatment facilities and programs operated under the name ETHOS Treatment LLC (“ETHOS Treatment LLC”).

II. WE HAVE A LEGAL DUTY TO SAFEGUARD YOUR PROTECTED HEALTH INFORMATION (PHI).

Pursuant to the Privacy Rules established by the Health Insurance Portability and Accountability Act of 1996, as amended (“HIPAA”), we are legally required to protect the privacy of your health information. We call this information “protected health information,” or “PHI” for short. It includes information that can be used to identify you and that we’ve created or received about your past, present, or future health condition, the provision of health care to you, or the payment for this health care. We are required to provide you with this notice about our privacy practices. It explains how, when, and why we use and disclose your PHI. With some exceptions, we may not use or disclose any more of your PHI than is necessary to accomplish the purpose of the use or disclosure. We are legally required to follow the privacy practices that are described in this notice.

We may modify the terms of this notice and our privacy policies at any time. These changes will affect any protected health information (PHI) we already possess. If we make a significant alteration to our policies that impacts the content of this notice, we will promptly update and display a new notice in prominent public areas of our facilities, like the main reception or waiting area.

III. HOW WE MAY USE AND DISCLOSE YOUR PROTECTED HEALTH INFORMATION. 

ETHOS Treatment LLC’s substance use disorder and mental health treatment facilities may use and disclose your PHI within ETHOS Treatment LLC’s programs for purposes discussed in this notice. Generally, our substance use disorder treatment facilities may not disclose to persons outside our facilities that a patient is being or has been treated at our facilities, with certain exceptions outlined below:

CATEGORIES OF USES AND DISCLOSURES

A. Uses and Disclosures That Do Not Require Your Authorization

We may use and disclose your PHI without your authorization for the following reasons:

TREATMENT PURPOSES
We may share your protected health information (PHI) within our program or with an entity that directly administers our program on a need-to-know basis for diagnosing, treating, or referring to substance use disorders and mental health conditions. Example, this may involve sharing PHI with the healthcare professionals directly involved in your care, or with a laboratory for conducting specific tests.

APPOINTMENT REMINDERS
We may use your protected health information (PHI) to send you appointment reminders or share information about treatment options, health services, or benefits we provide. If you prefer not to be contacted for these purposes, or if you wish to update your contact information,you may inform us of your preferences regarding phone numbers, addresses or emails.

MEDICAL EMERGENCIES AND THREAT TO HEALTH
We may disclose your PHI to medical personnel to the extent necessary to In urgent medical emergencies where obtaining your prior consent is not feasible, we may disclose your protected health information (PHI) to address the situation effectively. Additionally, under specific circumstances, we may share your PHI with medical personnel from the Food and Drug Administration (FDA) who have reason to believe that a product regulated by the FDA may pose health risks due to errors in manufacture, labeling, or sale. This information will only be used to notify affected patients and their healthcare providers about potential dangers.

RESEARCH PURPOSES
ETHOS Treatment LLC may In certain circumstances, disclose PHI in order to conduct medical research.

CHILD ABUSE AND NEGLECT REPORTING
We may disclose your PHI to make an initial report of child abuse and neglect, in accordance with applicable state law.

DISCLOSURE REQUIRED BY COURT ORDER
If a court order is in compliance with applicable federal and state law, we may disclose your PHI pursuant to a court order. A subpoena or other legal mandate may need to accompany the court order.

SPECIFIC GOVERNMENT FUNCTIONS
We may disclose your protected health information (PHI) for certain governmental activities, as permitted by federal and state laws. For instance, we may disclose PHI to assist government or other health oversight agencies with activities such as auditing and evaluating our programs, conducting civil, administrative, or criminal investigations or proceedings, or undertaking other necessary oversight activities as authorized by law.

AUDIT AND EVALUATION FUNCTIONS
We may disclose your information for additional audit and evaluation purposes, such as when our programs are audited or evaluated by a private third-party insurance program.

CRIMES ON PREMISES
Regarding crimes committed or threatened on program premises or against program personnel, we may disclose limited information about you in these instances.

B. Uses and Disclosures Where You Have the Ability to Object:

  1. Disclosures to family, friends, or others If you have indicated family, friends or others involved in your care or the payment for your health care and you authorize us to discuss your care with these individuals, we may provide your PHI to these individuals, unless you object. We will obtain your written authorization for these types of disclosure, unless we are authorized by law to make the disclosure without consent.
  1. Disclosures pursuant to a subpoena or other legal mandate. We may disclose your PHI in response to a subpoena or other legal mandate, provided that you sign an authorization form permitting release of the information requested in the subpoena. If required by state and/or federal law, we will not respond to the subpoena unless and until we also receive a court order in accordance with such law.
  1. All Other Uses and Disclosures Require Your Prior Written Authorization. Other than as stated in this notice, we will not disclose your PHI without your written authorization. You can later revoke your authorization in writing except to the extent that we have taken action in reliance upon the authorization.
  1. Authorization for Marketing Communications. We will obtain your written authorization prior to using or disclosing your PHI for marketing purposes. However, we are permitted to provide you with marketing materials in a face-to-face encounter, without obtaining a marketing authorization. In addition, as long as we are not paid to do so, we may communicate with you about products or services relating to your treatment, case management or care coordination, or alternative treatments, therapies, providers or care settings. Your PHI can be used to identify wellbeing-related services and products that may be beneficial to your health and then contact you about the services and products.
  1. Sale of PHI. ETHOS Treatment LLC will disclose your PHI in a manner that constitutes a sale only upon receiving your prior authorization. Sale of PHI does not include a disclosure of PHI for: public health purposes; research; treatment and payment purposes; sale, transfer, merger or consolidation of all or part of our business and for related due diligence activities; the individual; disclosures required by law; any other purpose permitted by and in accordance with HIPAA. However, 42 C.F.R. Part 2 restricts any such disclosures, we will comply.
  1. Fundraising Activities. We do not engage in fundraising activities.
  1. Incidental Uses and Disclosures. Incidental uses and disclosures of information may occur. An incidental use or disclosure is a secondary use or disclosure that cannot reasonably be prevented, is limited in nature, and that occurs as a by-product of an otherwise permitted use or disclosure. However, such incidental uses or disclosure are permitted only to the extent that we have applied reasonable safeguards and do not disclose any more of your PHI than is necessary to accomplish the permitted use or disclosure. For example, disclosures about a patient within our facilities that inadvertently might be overheard by persons not involved in your care would be permitted so long as we have implemented reasonable safeguards to prevent or limit such inadvertent disclosures.
  1. Business Associates and Qualified Service Organizations.We may engage certain persons to perform certain of our functions on our behalf and we may disclose certain health information to these persons. For instance, without requiring your written authorization, we may share specific protected health information (PHI) with our billing company or a laboratory to support our health care operations or process payments for services related to your care. We may also share certain PHI with professionals serving our organization, such as accountants and attorneys. We ensure that our business associates and qualified service organizations sign agreements to maintain confidentiality of your PHI and adhere to specified terms and conditions.
  1. Pennsylvania Limitations. If you are enrolled in a ETHOS Treatment LLC substance use disorder treatment program located in the Commonwealth of Pennsylvania, our disclosure of your PHI may, in certain circumstances, be limited to disclosure of only the following information: (1) whether or not you are in treatment; (2) your prognosis; (3) the nature of the ETHOS Treatment LLC program in which you are enrolled; (4) a brief description of your progress; and (5) a short statement as to whether you have relapsed into substance use and the frequency of such relapse.

 

IV. WHAT RIGHTS YOU HAVE REGARDING YOUR PHI

You have the following rights with respect to your PHI:

  1. The Right to Request Limits on Uses and Disclosures of Your PHI. You can submit a written request asking us to limit how we use and disclose your protected health information (PHI). Please note that we cannot limit uses and disclosures that are legally required. While we will consider your request, we are not obligated to accept it. However, you have the right to request that we restrict the disclosure of your PHI to your health plan for a service you have paid for out of pocket in full. In this case, we must honor your request. If we agree to your request, we will document the limits in writing and adhere to them except in emergencies. There are certain circumstances where we may need to terminate our agreement to a restriction.
  1. The Right to Choose How We Send PHI to You. You have the right to ask that we send information to you at an alternate address (for example, sending information to your work address rather than your home address) or by alternate means (for example, via e-mail instead of regular mail). We must agree to your request so long as we can easily provide it in the manner you requested.
  1. The Right to See and Get Copies of Your PHI. In a majority of cases, you have the right to look at or get copies of your PHI that we have, but you must make the request in writing. If we don’t have your PHI but we know who does, we will tell you how to get it. We will respond to you within 30 days after receiving your written request. In certain situations, we may deny your request. If we do, we will tell you, in writing, our reasons for the denial and explain your right to have the denial reviewed.

    If you request a copy of your information, we will charge reasonable fees to cover the costs of copying, mailing, or other necessary expenses, as permitted by applicable law. Alternatively, instead of providing the requested protected health information (PHI) in full, we may offer a summary or explanation of the PHI, provided you agree to this approach and the associated costs beforehand. Additionally, you have the right to access your PHI in an electronic format, where feasible, and direct us to transmit the electronic record directly to a third party. We may charge for labor costs associated with transferring the information and for the costs of electronic media if you request this method of delivery.

    Please note
    , if you are the parent or legal guardian of a minor, certain portions of the minor’s records may not be accessible to you.

    For instance, records concerning the care and treatment that a minor can consent to independently (without your consent) may be limited unless the minor patient authorizes the disclosure.

 

  1. The Right to Get a List of the Disclosures We Have Made. You have the right to get a list of instances in which we have disclosed your PHI. The list will not include uses or disclosures made for purposes of treatment, payment, or health care operations, those made pursuant to your written authorization, or those made directly to you or your family. The list also won’t include uses and disclosures made for national security purposes, to corrections or law enforcement personnel, or prior to April 14, 2003.

     

    We will respond within 60 days of receiving your written request. The list we will give you will include disclosures made in the last six years unless you request a shorter time. The list will include the date of the disclosure, to whom PHI was disclosed (including their address, if known), a description of the information disclosed, and the reason for the disclosure. We will provide one (1) list during any 12-month period without charge, but if you make more than one request in the same year, we will assess a nominal charge for each additional request.

    To the extent that we maintain your PHI in electronic format, we will account for all disclosures including those made for treatment, payment and health care operations. Should you request such an accounting of your electronic PHI, the list will include the disclosures made in the last three years.

    Furthermore, if you have authorized the disclosure of your protected health information (PHI) using a general designation as outlined in the authorization form, you have the right to request, in writing, a list of entities to which your information has been disclosed by the designated entity. This list will be provided within 30 days of your request and will cover disclosures made within the past two years.

 

  1. The Right to Receive Notice of a Breach of Unsecured PHI. You have the right to receive notification of a “breach” of your unsecured PHI.
  1. The Right to Correct or Update Your PHI. If you believe that there is a mistake in your PHI or that a piece of important information is missing, you have the right to request, in writing, that we correct the existing information or add the missing information. You must provide the request and your reason for the request in writing. We will respond within 60 days of receiving your request in writing. We may deny your request if the PHI is (i) correct and complete, (ii) not created by us, (iii) not allowed to be disclosed, or (iv) not part of our records. Our written denial will state the reasons for the denial and explain your right to file a written statement of disagreement with the denial. If you don’t file one, you have the right to have your request and our denial attached to all future disclosures of your PHI. If we approve your request, we will make the change to your PHI, tell you that we have done it, and tell others that need to know about the change to your PHI.
  1. The Right to Get This Notice by EMail. You have the right to get a copy of this notice by email, upon your request. Even if you have agreed to receive notice via email, you also have the right to request a paper copy of this notice.

 

V. HOW TO COMPLAIN ABOUT OUR PRIVACY PRACTICES.

If you think we may have violated your privacy rights, or you disagree with a decision we made about access to your PHI, you may file a complaint with the person listed in Section VI below. You also may send a written complaint to the Secretary of the U.S. Department of Health and Human Services via email at OCRComplaint@hhs.gov or through the mail at 200 Independence Ave., S.W.; Room 509F, HHH Bldg., Washington, DC 20201. We will take no retaliatory action against you if you file a good-faith complaint about our privacy practices.

VI. PERSON TO CONTACT FOR INFORMATION ABOUT THIS NOTICE OR TO COMPLAIN ABOUT OUR PRIVACY PRACTICES. If you have any questions about this notice or any complaints about our privacy practices, please contact us at 267-669-0300. Written correspondence to our office should be sent to ETHOS Treatment LLC, 3031-A Walton Rd, Suite 300, Plymouth Meeting, PA 19462, Attention: Records.

VII. EFFECTIVE DATE OF THIS NOTICE

REVISED NOTICE – EFFECTIVE OCTOBER 12, 2021

ADDITIONAL PRIVACY NOTICE TO SUBSTANCE USE DISORDER TREATMENT PROGRAM PARTICIPANTS CONCERNING CONFIDENTIALITY OF TREATMENT RECORDS

If you receive services from the substance use disorder treatment programs of ETHOS Treatment LLC, please read this notice.

The confidentiality of substance use disorder treatment patient records maintained by ETHOS Treatment LLC is protected by the federal law and regulations at 42 U.S.C. § 290dd-2 and 42 C.F.R. Part 2 (the “Federal Confidentiality Laws”). Generally, ETHOS Treatment LLC may not say a word to a person outside ETHOS Treatment LLC that a participant attends ETHOS Treatment LLC’s substance use disorder treatment program, or disclose any information identifying a participant in the program or releasing the participant’s records, unless:

The participant consents in writing.

The disclosure is authorized or required by a court order which, in certain circumstances, must be accompanied by a subpoena or other legal mandate;

The disclosure is made to medical personnel to the extent necessary to meet a bona fide medical emergency in which your prior informed consent cannot be obtained.

The disclosure is made to medical personnel of the Food and Drug Administration (FDA) who assert a reason to believe that the health of any individual may be threatened by an error in the manufacture, labeling or sale of a product under FDA jurisdiction, and that the information will be used for the exclusive purpose of notifying patients and their physicians of potential dangers;

The disclosure is made to qualified personnel to conduct medical research, in certain circumstances and with certain limitations; or

The disclosure is for certain governmental functions or for the audit and evaluation of our Program.

Violation of the Federal Confidentiality Laws by ETHOS Treatment LLC is a crime. Suspected violations may be reported to appropriate authorities in accordance with federal regulations. Such reports may be made to the United States Attorney for the judicial district in which ETHOS Treatment LLC’s program is located. A list of United States Attorneys may be found at: https://www.justice.gov/usao/us-attorneys-listing. If the applicable program is an opioid treatment program, the violation also may be reported to the SAMHSA office responsible for opioid treatment oversight. SAMHSA contact information may be found at: https://www.samhsa.gov/about-us/contact-us.

The Federal Confidentiality Laws do not protect information about a crime committed by a substance use disorder program participant either at ETHOS Treatment LLC’s premises or against any person who works for ETHOS Treatment LLC or about any threat to commit such a crime.

The Federal Confidentiality Laws do not protect information needed to report suspected child abuse or neglect to appropriate state or local authorities, as required under applicable state law.

Legal References: 42 U.S.C. § 290dd-2 and 42 C.F.R. Part 2.

For questions concerning this notice please utilize the contact methods below:

Write: ETHOS Treatment LLC 
3031-A Walton Rd, Suite 300
Plymouth Meeting, PA 19462
Attn: Records

Call: 267-669-0300, ask for Records
Email: info@ethostreatment.com