Privacy Policy

ENCINITAS MENTAL HEALTH

Last Updated: January 19, 2026

INTRODUCTION

Encinitas Mental Health ("Encinitas Mental Health," "we," "us," or "our") is committed to protecting your privacy and safeguarding your personal information and protected health information. This Privacy Policy explains how we collect, use, disclose, and protect your information when you visit our website (www.encinitasmentalhealth.com) or receive services from us.

This Privacy Policy should be read in conjunction with our Notice of Privacy Practices (NPP), which provides detailed information about how we handle your protected health information under the Health Insurance Portability and Accountability Act (HIPAA). Our NPP is provided to all patients at intake and is available upon request.

By using our website or services, you consent to the practices described in this Privacy Policy.

1. INFORMATION WE COLLECT

We collect different types of information depending on how you interact with us:

A. INFORMATION YOU PROVIDE DIRECTLY

When you use our website or services, you may provide:

Contact Information: Name, email address, phone number, mailing address
Demographic Information: Date of birth, gender, preferred pronouns
Insurance Information: Insurance provider, policy number, group number
Health Information: Medical history, mental health history, medications, diagnoses, treatment records
Emergency Contact Information: Names and contact details for emergency contacts
Communication Preferences: How you prefer to be contacted
Payment Information: Billing address, payment method details (processed securely through third-party payment processors)
Feedback and Correspondence: Information you provide in emails, forms, or other communications

B. INFORMATION COLLECTED AUTOMATICALLY

When you visit our website, we automatically collect:

Device Information: IP address, browser type, operating system, device identifiers
Usage Information: Pages viewed, time spent on pages, click patterns, referring website
Location Information: General geographic location based on IP address
Cookies and Similar Technologies: Information collected through cookies, web beacons, and similar tracking technologies

C. INFORMATION FROM THIRD PARTIES

We may receive information from:

Insurance Companies: Eligibility verification, benefits information, claims processing
Referring Providers: Medical records, treatment history, referral information
Family Members or Authorized Representatives: Information provided with your consent
Healthcare Information Exchanges: Medical records from other providers with your authorization
Background Check Providers: For employment screening purposes only

2. HOW WE USE YOUR INFORMATION

A. TREATMENT, PAYMENT, AND HEALTHCARE OPERATIONS (HIPAA)

We use your protected health information for:

Treatment:

Providing, coordinating, and managing your mental health care
Consulting with other healthcare providers involved in your care
Developing treatment plans and monitoring progress
Coordinating services between our clinical team members
Facilitating group therapy and peer support activities

Payment:

Billing your insurance company for services rendered
Verifying insurance coverage and eligibility
Processing payments and managing accounts
Obtaining pre-authorization for services
Responding to claims and appeals

Healthcare Operations:

Quality assessment and improvement activities
Staff training and clinical supervision
Compliance and auditing activities
Business planning and development
Legal and regulatory compliance

B. OTHER USES OF YOUR INFORMATION

We also use your information to:

Communicate with you about appointments, services, and administrative matters
Respond to your inquiries and requests
Send appointment reminders via phone, text, or email (with your consent)
Improve our website and services
Conduct research and analysis (with de-identified or aggregated data)
Comply with legal obligations
Protect against fraud, security threats, and illegal activities
Exercise our legal rights and defend against legal claims

C. MARKETING AND COMMUNICATIONS

We do not sell your information for marketing purposes. We may send you:

Educational information about mental health topics
Information about our services and programs
Newsletters and updates (you may opt out at any time)

We will not use or disclose your health information for marketing purposes without your written authorization, except as permitted by HIPAA (e.g., face-to-face communications, promotional gifts of nominal value).

3. HOW WE DISCLOSE YOUR INFORMATION

A. DISCLOSURES WITH YOUR AUTHORIZATION

We will obtain your written authorization before using or disclosing your health information for purposes other than treatment, payment, healthcare operations, or as otherwise permitted by law.

B. DISCLOSURES WITHOUT YOUR AUTHORIZATION (AS PERMITTED BY LAW)

We may disclose your information without your authorization in the following circumstances:

Required by Law:

In response to court orders, subpoenas, or legal processes
To comply with workers' compensation laws
To report suspected abuse or neglect of children, elders, or dependent adults
To report threats of serious harm to yourself or others
To law enforcement for specific law enforcement purposes

Public Health and Safety:

To prevent or control disease, injury, or disability
To report adverse reactions to medications
To report product defects or problems
To notify persons who may have been exposed to communicable diseases

Health Oversight Activities:

To government agencies for audits, investigations, inspections, or licensing
For fraud and abuse detection programs

Judicial and Administrative Proceedings:

In response to lawful court orders or subpoenas

Research:

For research purposes when approved by an institutional review board
Only with de-identified data or with your specific authorization

Coroners, Medical Examiners, and Funeral Directors:

To identify a deceased person or determine cause of death

Organ and Tissue Donation:

To organizations handling organ, eye, or tissue donation

Workers' Compensation:

As required by workers' compensation or similar programs

Serious Threats to Health or Safety:

To prevent or lessen a serious and imminent threat to health or safety
To law enforcement if you make statements admitting participation in a violent crime

Military, Veterans, National Security:

To military authorities if you are a member of the armed forces
For national security and intelligence activities
To correctional institutions if you are an inmate

C. BUSINESS ASSOCIATES

We share information with third-party service providers ("Business Associates") who perform services on our behalf, including:

Billing and collections companies
Insurance verification services
Electronic health record vendors
IT support and cloud storage providers
Legal and accounting professionals
Quality improvement consultants

All Business Associates are required by law to protect your information and may only use it for the purposes we specify.

D. INSPIRED WAY MENTAL HEALTH LLC

We have a management services agreement with Inspired Way Mental Health LLC, which provides administrative and operational support. Information is shared only as necessary for business operations, and Inspired Way Mental Health LLC is bound by the same privacy protections.

4. WEBSITE AND TECHNOLOGY

A. COOKIES AND TRACKING TECHNOLOGIES

We use cookies and similar technologies to:

Remember your preferences and settings
Analyze website traffic and usage patterns
Improve website functionality and user experience
Detect and prevent fraud or security threats

You can control cookies through your browser settings. However, disabling cookies may limit your ability to use certain website features.

B. GOOGLE ANALYTICS

We use Google Analytics to analyze website usage. Google Analytics uses cookies to collect information about how visitors use our site. The information is used to compile reports and help us improve the site. The cookies collect information in an anonymous form, including the number of visitors to the site, where visitors have come from, and the pages they visited.

You can opt out of Google Analytics by installing the Google Analytics Opt-out Browser Add-on: https://tools.google.com/dlpage/gaoptout

C. THIRD-PARTY LINKS

Our website may contain links to third-party websites. We are not responsible for the privacy practices of these external sites. We encourage you to review their privacy policies before providing any personal information.

D. WEBSITE SECURITY

We use industry-standard security measures to protect information transmitted through our website, including:

SSL/TLS encryption for data transmission
Secure servers and firewalls
Regular security assessments
Access controls and authentication

However, no internet transmission is completely secure. You use our website at your own risk.

5. PROTECTED HEALTH INFORMATION SECURITY

We implement comprehensive safeguards to protect your protected health information:

Physical Safeguards:

Locked facilities and secured filing systems
Restricted access to areas containing health records
Secure disposal of records (shredding, electronic wiping)
Visitor sign-in and escort procedures

Technical Safeguards:

Encrypted electronic health records
Secure user authentication and access controls
Automatic logoff procedures
Audit trails and monitoring
Regular data backups
Anti-virus and firewall protection

Administrative Safeguards:

Staff training on privacy and security policies
Background checks for employees with access to health information
Business Associate Agreements with vendors
Incident response and breach notification procedures
Regular risk assessments
Privacy Officer oversight

6. YOUR PRIVACY RIGHTS

You have the following rights regarding your information:

A. RIGHTS UNDER HIPAA

Right to Access: You have the right to inspect and obtain a copy of your health records. We may charge a reasonable fee for copying.

Right to Amend: You have the right to request that we amend your health records if you believe they are incorrect or incomplete.

Right to an Accounting of Disclosures: You have the right to receive a list of certain disclosures we have made of your health information.

Right to Request Restrictions: You have the right to request restrictions on how we use or disclose your health information. We are not required to agree to your request, except in limited circumstances involving payment to your health plan.

Right to Request Confidential Communications: You have the right to request that we communicate with you in a certain way or at a certain location.

Right to a Paper Copy of This Notice: You have the right to obtain a paper copy of our Notice of Privacy Practices.

Right to be Notified of a Breach: You have the right to be notified if your unsecured health information is breached.

B. RIGHTS UNDER CALIFORNIA CONSUMER PRIVACY ACT (CCPA)

California residents have additional rights:

Right to Know: You have the right to request information about the categories and specific pieces of personal information we have collected about you.

Right to Delete: You have the right to request deletion of your personal information, subject to certain exceptions.

Right to Opt-Out: You have the right to opt out of the sale of your personal information. (Note: We do not sell personal information.)

Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights.

To exercise these rights, please contact our Privacy Officer using the information provided in Section 10.

7. MINORS' PRIVACY

Our services are intended for adults (18 years and older). We do not knowingly collect information from individuals under 18 without parental or guardian consent. If we learn that we have collected information from a minor without proper consent, we will delete it promptly.

In California, minors aged 12-17 may consent to certain mental health services without parental consent. In such cases, the minor controls access to their health information.

8. DATA RETENTION

We retain your information for as long as necessary to fulfill the purposes described in this Privacy Policy and to comply with legal obligations:

Health Records: Maintained for a minimum of 7 years after the last date of service, or longer as required by law or professional standards
Billing Records: Maintained for a minimum of 7 years
Marketing Opt-Outs: Maintained indefinitely to honor your preferences
Website Analytics: Typically retained for 26 months

When information is no longer needed, it is securely destroyed or de-identified.

9. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will post the updated policy on our website with a new "Last Updated" date. Material changes will be communicated through:

Prominent notice on our website
Email notification (if you have provided an email address)
Written notice for significant changes affecting your rights

Your continued use of our website or services after changes are posted constitutes your acceptance of the updated Privacy Policy.

10. CONTACT INFORMATION

A. PRIVACY QUESTIONS AND REQUESTS

For questions about this Privacy Policy or to exercise your privacy rights, contact:

Privacy Officer

Encinitas Mental Health

Email: EncinitasMentalHealth@gmail.com

Phone: (442) 444-0482

For HIPAA-related requests, you may also submit written requests to our Privacy Officer at the above address.

B. COMPLAINTS

If you believe your privacy rights have been violated, you have the right to file a complaint with:

Our Privacy Officer (contact information above)

U.S. Department of Health and Human Services

Office for Civil Rights

200 Independence Avenue, S.W.

Washington, D.C. 20201

Phone: 1-877-696-6775

Website: www.hhs.gov/ocr/privacy/hipaa/complaints/

California Attorney General's Office (for CCPA complaints)

Privacy Enforcement and Protection Unit

1300 I Street

Sacramento, CA 95814

Phone: (916) 210-6276

Website: https://oag.ca.gov/privacy

You will not be retaliated against for filing a complaint.

11. EFFECTIVE DATE

This Privacy Policy is effective as of January 19, 2026.

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

ACKNOWLEDGMENT

By using our website or services, you acknowledge that you have read and understood this Privacy Policy.

For clinical services, you will be provided with our complete Notice of Privacy Practices at intake, which provides additional detail about how we handle your protected health information under HIPAA.

If you have questions or concerns about your privacy, please do not hesitate to contact us.

Managed by Inspired Way Mental Health LLC.

IMPORTANT: This Privacy Policy covers website and general privacy practices. For complete information about how we handle your protected health information, please refer to our Notice of Privacy Practices (HIPAA) provided at intake or available upon request.