HIPAA Privacy Notice
Issued by: CertifyESA — Emotional Support Animal (ESA) and Psychiatric Service Dog (PSD) Letter Service by Licensed Professionals
CertifyESA is committed to maintaining the privacy of your protected health information (PHI) as mandated by the Health Insurance Portability and Accountability Act of 1996 (HIPAA). In the course of providing ESA and PSD letter evaluations and services, we gather, maintain, and disclose health information about you. This Privacy Notice explains how we use and share your PHI, your rights regarding your health information, and our legal obligations to protect it.
We encourage you to read this document carefully and reach out if you have any questions.
2. Our Responsibilities
We are required by law to:
- Maintain the privacy and security of your protected health information.
- Inform you of our legal duties and privacy practices regarding PHI.
- Abide by the terms of the privacy notice currently in effect.
- Notify you promptly if a breach occurs that may have compromised the privacy or security of your PHI.
3. How We May Use and Disclose Your Information
We may use and disclose your PHI for the following purposes:
3.1 Treatment
We may use your health information to provide, coordinate, and manage your care. This includes communication with our licensed professionals and other relevant healthcare providers to ensure a thorough and accurate evaluation for ESA and PSD needs.
3.2 Payment
We may use and disclose your PHI to obtain payment for services provided, including disclosures to health insurers (if applicable) or other entities involved in the billing process.
3.3 Healthcare Operations
We may use your PHI for operational purposes such as quality assessment, professional training, licensing activities, legal compliance activities, customer service, and other administrative purposes.
3.4 Appointment Reminders and Communication
We may contact you via phone, email, or text message to remind you of appointments or to discuss your evaluation and services. We will do so in a manner that safeguards your privacy.
3.5 Required by Law
We will disclose your PHI when required to do so by federal, state, or local law.
3.6 Public Health and Safety
We may disclose your PHI to authorized public health authorities to help prevent or control disease, report adverse events, or support public health investigations. We may also disclose PHI to prevent a serious threat to your health or the health and safety of others.
3.7 Legal and Administrative Proceedings
We may disclose PHI in response to a court order, subpoena, discovery request, or other lawful process.
3.8 Law Enforcement
We may disclose PHI for law enforcement purposes, including reporting criminal conduct or responding to requests for information in legal investigations.
3.9 Research
We may use or disclose PHI for research purposes when approved by an Institutional Review Board or privacy board that has reviewed the research proposal and established protocols to protect your PHI.
3.10 Business Associates
We may share your PHI with third-party “business associates” who perform services for us, such as billing, accounting, or IT services. These business associates are required by HIPAA to protect your information.
4. Other Uses and Disclosures Requiring Authorization
Certain uses and disclosures of PHI will be made only with your written authorization, including:
- Most uses and disclosures of psychotherapy notes.
- Uses and disclosures for marketing purposes.
- Disclosures that constitute a sale of your PHI.
You may revoke an authorization at any time in writing, except where we have already acted based on your prior authorization.
5. Your Rights Regarding Your Protected Health Information
You have the following rights concerning your PHI:
5.1 Right to Access
You may request to inspect or receive a copy of your PHI maintained by CertifyESA. This may include medical records, billing records, and other health information used in your care.
5.2 Right to Request an Amendment
You may request an amendment to your PHI if you believe the information is incorrect or incomplete. We may deny your request if we believe the information is accurate and complete, or if it was not created by us.
5.3 Right to an Accounting of Disclosures
You may request an accounting of disclosures of your PHI made by CertifyESA in the past six years, except for disclosures made for treatment, payment, healthcare operations, or certain other exceptions.
5.4 Right to Request Restrictions
You have the right to request restrictions on how we use or disclose your PHI. We are not required to agree to your request unless you are paying for services out-of-pocket in full and request that the information regarding those services not be disclosed to a health insurer.
5.5 Right to Request Confidential Communications
You may request that we communicate with you about your health matters in a specific way or at a specific location. We will accommodate reasonable requests.
5.6 Right to a Paper Copy of This Notice
You may request a paper copy of this Privacy Notice at any time, even if you have agreed to receive it electronically.
6. Electronic Communications
7. Breach Notification
8. Changes to This Notice
9. Complaints
If you believe your privacy rights have been violated, you may file a complaint with us or with the Secretary of the U.S. Department of Health and Human Services.
To file a complaint with CertifyESA, contact:
We will not retaliate against you for filing a complaint.
10. Contact Information
If you have any questions about this notice or your rights, please contact our Privacy Officer:
CertifyESA
11. Additional Information
11.1 Personal Representatives
If you have given someone medical power of attorney or if someone is your legal guardian, that person may exercise your rights and make choices about your PHI.
11.2 Minors and Individuals With Guardianship
We will comply with state and federal laws regarding the privacy rights of minors and individuals under guardianship.
11.3 Deceased Individuals
We will protect the PHI of deceased individuals as required by HIPAA and applicable state law.
12. Special Situations
12.1 Military and Veterans
If you are a member of the armed forces, we may release your PHI as required by military command authorities.
12.2 Workers’ Compensation
We may release your PHI for workers’ compensation or similar programs providing benefits for work-related injuries or illness.
12.3 Inmates
If you are an inmate of a correctional institution, we may disclose your PHI to the institution or its agents if necessary for your health and the health and safety of others.
12.4 Disaster Relief
We may disclose your PHI to disaster relief organizations to coordinate your care or notify family members of your location and condition.
12.5 Organ and Tissue Donation
If you are an organ donor, we may release PHI to organizations that handle organ procurement or transplantation.
13. Acknowledgment
At CertifyESA, safeguarding your privacy is a top priority. We strive to maintain the confidentiality of your health information while ensuring you receive quality, compassionate service for your ESA and PSD needs. By using our service you acknowledge and review the HIPAA Privacy Notice for CertifyESA.
Please retain this notice for your records. If you have questions, concerns, or require further assistance, do not hesitate to contact our Privacy Officer listed above.
Thank you for choosing CertifyESA.