If this privacy notice doesn’t answer your questions, then get in touch with us by phone, email or post and we’ll be happy to help.
US Toll Free Phone: (833) 427-7873
Email: info@assurerecovery.com
Address: Privacy and Data Protection Office, 4858 Mercury St., San Diego, CA 9211
INTRODUCTION
Assure Recovery Center (“we,” “us,” or “our”) provides outpatient drug recovery services to individuals struggling with substance abuse. We are committed to protecting the privacy of our clients and website visitors (“you” or “your”), and complying with applicable privacy laws, including the Privacy Act, HIPAA, and California Online Privacy Protection Act (CalOPPA). When you engage with us we may collect certain information and/or medical records that can be used to identify you (your “personal data”).
Our Pledge Regarding Your Health information and/or medical records
Assure is committed to protecting the privacy of your medical or health information and/or medical records. We are required by law to maintain the privacy of your health information and/or medical records. We will follow the legal duties and privacy practices described in this notice. We are responsible for deciding how we hold, use and secure your personal data. We are responsible for responding to requests you make in relation to how your personal data is used.
This privacy notice explains the personal data we collect about you and how we use that personal data when you use our websites, mobile sites, mobile applications and other services by Assure Recovery Center that link to this privacy notice. It also explains the rights you may have in relation to that personal data.
CATEGORIES OF PERSONAL DATA WE COLLECT
We collect the following types of personal information:
Contact information such as your name, email address, and phone number.
Demographic information such as gender, citizenship, date of birth.
Insurance information such as health insurance coverage and claims.
Employment information if you apply for a job vacancy, such as your employment history, references and anything else you may include in the job application form or in any attachments such as a resume/CV.
Health information and/or medical records such as your medical history, drug use history, and treatment plans.
Records of your discussions with us: when you contact us using the contact options on the website (whether by email, phone, an online form) we may keep a record of the you provide when doing this.
Usage information such as your IP address, browser type, and device type.
Lawful Basis for Collecting Data
We collect personal information and/or medical records based on the following lawful basis:
To perform our contractual obligations to you, such as providing outpatient drug recovery services.
To comply with our legal obligations, such as maintaining medical records.
To pursue our legitimate interests, such as improving our services and protecting our rights.
Protecting Collected Data
We take reasonable measures to protect your personal information and/or medical records from unauthorized access, use, or disclosure. We use physical, technical, and administrative safeguards to protect your information and/or medical records, including encryption and access controls.
HOW DO WE COLLECT PERSONAL DATA
We will collect personal data from a number of sources. These include:
- Directly from you: when you set up an account with us, complete forms we provide to you, contact us by phone, email, or communicate with us directly in some other way (such as social media).
- Our website: We also collect information about how you use our website.
- Third parties: we may collect personal data about you from third parties. This includes: references (if you are applying for a job vacancy with us) or healthcare professional/providers, health plans, other healthcare providers or pharmacy providers (in relation to your use of our products).
PURPOSES YOUR PERSONAL DATA IS COLLECTED FOR
Purpose of processing
Categories of data typically processed for the purpose
Contact and communicate with you in
Data Collected
- All the personal data listed above
If you contact us with any queries or complaints, we will use your personal data to help us respond to you
Data Collected
- All the personal data listed above
For admission to our program
Data Collected
- All personal data listed above
To Treat you (We can use your health information and share it with other professionals who are treating you).
- Data Collected – All Personal data listed above
For recruitment and employment
Data Collected
- Contact details
- Demographic information
- Employment information
Bill for services (We can use and share your health information to bill and get payment from health plans or other entities).
Data Collected
- All Personal data listed above
WHO HAS ACCESS TO YOUR PERSONAL DATA?
Assure Recovery does not sell your personal data, however we may share it with the following third parties for a business purpose:
- Our staff – your personal data will be accessed by our staff but only where this is necessary for their job role.
- Companies in the same group of companies as us – for the purpose of providing a service to you.
- Government agencies or our regulators – where we are required to do so by law or to assist with their investigations or initiatives.
- Healthcare providers, health insurance companies – to provide the contemplated services or transactions or if you are hospitalized or fall ill.
HOW WE WILL RETAIN YOUR DATA AND KEEP YOUR DATA SECURE
We retain your personal information and/or medical records for as long as necessary to fulfill the purposes for which it was collected or as required by law. We may retain your information and/or medical records for a longer period if necessary to protect our legitimate interests or comply with legal obligations.
We also have put security measures in place to prevent your data from being lost or used in an unauthorized way. Access to your data is limited to only employees and service providers and will be in accordance with our instructions and will be required to keep your personal data confidential.
WHAT RIGHTS DO YOU HAVE?
You may have the:
Right to access your personal information and/or medical records. This enables you to receive information and/or medical records about the personal data we hold by seeing or receiving a copy of your information and/or medical records if we have your information in electronic format.
Right to correct your personal information. This enables you to have any incomplete or inaccurate information and/or medical records corrected.
Right to delete your personal information. This enables you to ask us to delete or remove personal information and/or medical records.
Right to object or restrict to the processing of your personal information and/or medical records. This enables you to stop us from processing or restricting parts of your information and/or medical records
Right to restrict the processing of your personal information and/or medical records.
Right to data portability. This enables you to transfer your information and/or medical records to you or another party.
To know third parties Assure has shared your information and/or medical records with. If you exercise this right, we will inform you of the categories of third parties we have shared your data with.
You can exercise your rights by contacting us using the contact details at the end of this notice.
We will always aim to help you when you wish to exercise your rights but in some instances we may have lawful grounds to reject your request.
When you make a request we will need to verify your identity. To do this we may ask you for a copy of your photo identification or ask you questions to match the personal data we have on file.
We will investigate any request you make without undue delay and in any event within 60 days of receipt of your request. In the event that we decide to not take action on the request, we will inform you of the reasons for not taking action.
PERSONAL DATA RETENTION
We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data, whether we can achieve those purposes through other means and the applicable legal requirements.
In some circumstances we may anonymize your personal data so that it can no longer be associated with you, in which case we may use such information and/or medical records without further notice to you.
HIPAA COMPLIANCE
At Assure Recovery, we are committed to protecting the privacy and confidentiality of our clients’ personal health information (PHI). We understand the sensitive nature of substance abuse treatment and are committed to complying with all laws, regulations, and guidelines of the Health Insurance Portability and Accountability Act (HIPAA) regarding the collection, use, and disclosure of PHI.
Collection of PHI:
We collect PHI through our website, phone, and in-person interactions with our clients. This information is used to provide effective treatment and meet our legal and ethical obligations.
The types of PHI we collect may include, but are not limited to:
Name
Address
Phone number
Email address
Date of birth
Social Security number
Health insurance information
Medical history
Diagnosis and treatment information
Medication information
Payment information
Use of PHI:
We use PHI to provide and coordinate treatment services for our clients. This may include:
Creating and maintaining treatment records
Communicating with other healthcare providers involved in the client’s care
Obtaining payment for services rendered
Conducting quality improvement activities
Meeting legal and regulatory requirements
Disclosure of PHI:
We may disclose PHI to third parties in certain circumstances, such as:
When required by law
When necessary to protect the health and safety of the client or others
When necessary to prevent or respond to abuse or neglect
When necessary to comply with a court order or subpoena
When the client has provided written consent for the disclosure
We may also disclose PHI to our business associates, who are required to protect the confidentiality of PHI and comply with HIPAA regulations.
Security of PHI:
We take the security of PHI seriously and have implemented physical, technical, and administrative safeguards to protect against unauthorized access, use, or disclosure. These safeguards include:
Secure storage of paper records
Use of secure electronic systems for storing and transmitting PHI
Password-protected access to electronic records
Regular training of staff on HIPAA regulations and privacy practices
Your Rights:
As a client, you have the right to:
Access your PHI
Request that your PHI be amended
Request restrictions on the use and disclosure of your PHI
Request a copy of this privacy policy
File a complaint if you believe your privacy rights have been violated
REQUESTS AND CONTACT
Data Subject Access Request
You may exercise your data subject rights by submitting a request to us at info@assurerecovery.com. We will respond to your request within 60 days.
Opt-Out of Data Collection
You may opt-out of the collection of your personal information by contacting us at info@assurerecovery.com.
Review or Delete Personal Information and/or medical records
You may review or delete your personal information and/or medical records by submitting a request to us at info@assurerecovery.com.
Communication of Changes and Updates
We may update this privacy policy from time to time by posting a new version on our website. Our changes will be in accordance with applicable data protection laws We will notify you of any material changes to this policy or when we use your data when we are required to do so by email or by posting a notice on our website.
Sharing of Personal Information and/or medical records
We do not share your personal information and/or medical records with third parties, except as necessary to provide our services or comply with legal obligations.
Do Not Track Requests
We do not currently honor Do Not Track (DNT) requests.
Contact Us
If you have any questions or concerns about this privacy policy, please contact us at info@assurerecovery.com.
US Toll Free Phone: (833)427-7873
Email: info@assurerecovery.com
Address: Privacy and Data Protection Office, 4858 Mercury St., San Diego, CA 9211
Effective as of July 24, 2023