Advanced Brain Center logo

Privacy Policy

Last Updated: January 1, 2025

Advanced Brain Center (“we,” “our,” or “us”) is committed to protecting the privacy and security of your personal and health information. This Privacy Policy describes how we collect, use, disclose, and protect information about you when you visit our website, contact us, or receive services from us.

We comply with the Health Insurance Portability and Accountability Act (HIPAA), applicable state privacy laws, and all applicable federal regulations governing the privacy and security of protected health information (PHI).

1. Information We Collect

A. Protected Health Information (PHI)

As a healthcare provider, we may collect and maintain protected health information, including:

  • Name, address, date of birth, and contact information
  • Social Security Number (when required for insurance billing)
  • Medical history, diagnoses, and treatment information
  • Insurance information and billing records
  • Neuropsychological test results and evaluation reports
  • Notes from clinical consultations and sessions
  • Referral information from healthcare providers

B. Website Information

When you visit our website, we may automatically collect certain technical information, including:

  • IP address and browser type
  • Pages visited and time spent on pages
  • Referring website and search terms
  • Device type and operating system

C. Contact Form and Booking Information

When you submit a contact form or booking request, we collect:

  • Name and contact information
  • The reason for your inquiry
  • Preferred appointment dates and times
  • Any information you voluntarily provide in your message

2. How We Use Your Information

A. Treatment, Payment, and Operations (TPO)

Under HIPAA, we may use and disclose your PHI without your written authorization for:

  • Treatment: Providing, coordinating, and managing your neuropsychological care, including consulting with other healthcare providers involved in your treatment.
  • Payment: Billing your health insurance company, submitting claims, and collecting payment for services rendered.
  • Healthcare Operations: Administrative activities including quality assurance, staff training, licensing, and auditing purposes.

B. Website and Communication Uses

We may use non-PHI information collected through our website to:

  • Respond to your inquiries and booking requests
  • Improve our website and user experience
  • Analyze website traffic and usage patterns
  • Send appointment reminders and confirmations

3. HIPAA Notice of Privacy Practices

As a HIPAA-covered entity, we maintain a detailed Notice of Privacy Practices (NPP) that describes your rights and our obligations regarding your PHI. You have the right to:

  • Access your records: Request a copy of your health records and receive them in the format you request when feasible
  • Request amendments: Ask us to correct information you believe is inaccurate or incomplete
  • Request restrictions: Ask us to limit how we use or disclose your PHI
  • Request confidential communications: Ask that we communicate with you in a specific way
  • Receive an accounting of disclosures: Request a list of certain disclosures we have made of your PHI
  • File a complaint: File a complaint with us or with the U.S. Department of Health and Human Services if you believe your privacy rights have been violated

A full copy of our Notice of Privacy Practices is available upon request and will be provided to you at your first appointment.

4. Disclosures Requiring Your Authorization

Except as permitted by law or as described in our Notice of Privacy Practices, we will obtain your written authorization before disclosing your PHI for purposes other than treatment, payment, and operations, including:

  • Disclosure to your employer
  • Use or disclosure for marketing purposes
  • Sale of your PHI
  • Most disclosures of psychotherapy notes (if applicable)
  • Disclosure to schools, attorneys, or other third parties not involved in your care

5. Data Security

We implement comprehensive administrative, technical, and physical safeguards to protect your information, including:

  • Encrypted electronic health records systems
  • Secure, password-protected systems with role-based access controls
  • Regular security training for all staff
  • Secure data backup and disaster recovery procedures
  • Business Associate Agreements with all third-party service providers who access PHI
  • SSL/TLS encryption for all data transmitted through our website
  • Locked filing cabinets for paper records

6. Third-Party Service Providers

We may share information with trusted third-party vendors who assist in our operations and who have agreed to maintain the confidentiality and security of your information. These include electronic health record providers, billing services, secure messaging platforms, and website hosting services. All such vendors who access PHI are required to enter into Business Associate Agreements with us.

7. Personal Representatives

Patients may authorize a personal representative, caregiver, or other support person to receive information or participate in care communications when permitted by law and appropriately documented. We honor valid authorizations and applicable legal requirements regarding access to protected health information.

8. Cookies and Tracking Technologies

Our website may use cookies and similar technologies to improve your browsing experience. These do not contain PHI. You may configure your browser to refuse cookies, though this may affect certain website functionality.

9. Breach Notification

In the event of a breach of unsecured PHI, we will notify you and, when required, the U.S. Department of Health and Human Services in accordance with the HIPAA Breach Notification Rule (45 CFR Part 164, Subpart D).

10. Retention of Records

We retain your health records and related documentation for the period required by applicable federal and state laws, generally a minimum of 6 years from the date of creation or the date when it was last in effect, whichever is later.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will post the updated policy on our website with a new “Last Updated” date. We encourage you to review this policy periodically.

12. Contact Us

If you have questions about this Privacy Policy or your privacy rights, or if you wish to file a privacy complaint, please contact our Privacy Officer at:

Advanced Brain Center
Privacy Officer
[Address], [City], [State] [ZIP]
Phone: (XXX) XXX-XXXX
Email: info@advancedbraincenter.com

You also have the right to file a complaint with the U.S. Department of Health and Human Services Office for Civil Rights at www.hhs.gov/ocr.

This Privacy Policy was last updated on January 1, 2025. This policy is not a contract and does not create legal rights or obligations beyond those required by applicable law.