Privacy Policy

1. Introduction

Chosen Journey Therapy Group ("we," "us," or "our") is committed to protecting your privacy and maintaining the confidentiality of your personal and health information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or use our services. By using our services, you agree to the collection and use of information in accordance with this policy.

This Privacy Policy complies with the Health Insurance Portability and Accountability Act (HIPAA), the Florida Digital Bill of Rights (FDBR), the California Consumer Privacy Act (CCPA), and other applicable federal and state privacy laws.

2. Information We Collect

2.1 Personal Information

We collect personal information that you voluntarily provide to us when you register on the website, schedule an appointment, or contact us. This may include your name, email address, phone number, mailing address, date of birth, gender, and demographic information.

2.2 Protected Health Information (PHI)

In the course of providing mental health services, we collect Protected Health Information as defined by HIPAA. This includes your mental health history, current symptoms, diagnoses, treatment plans, progress notes, appointment records, and any other information relevant to your therapeutic care.

2.3 Payment and Insurance Information

We collect payment information including credit card details, insurance policy numbers, and billing addresses necessary to process payments for our services.

2.4 Website Usage Information

We automatically collect certain information when you visit our website, including your IP address, browser type, device information, operating system, referring URLs, pages viewed, and the dates and times of your visits. This information is collected through cookies, web beacons, and similar tracking technologies.

3. How We Use Your Information

We use the information we collect for the following purposes:

Treatment: To provide, coordinate, manage, and deliver mental health services to you. This includes scheduling appointments, maintaining clinical records, consulting with other healthcare providers involved in your care, and evaluating the quality of services provided.

Payment: To obtain payment for services rendered, including billing you or your insurance company, processing credit card transactions, and collecting outstanding balances.

Healthcare Operations: For administrative and operational purposes including quality assessment and improvement, training of healthcare professionals, business planning, customer service, and legal compliance.

Communication: To send you appointment reminders, treatment-related communications, administrative notices, and responses to your inquiries.

Website Improvement: To analyze website usage patterns, improve site functionality, and enhance user experience.

Legal Compliance: To comply with applicable federal, state, and local laws and regulations, and to respond to lawful requests from public authorities.

4. Information Sharing and Disclosure

We do not sell, rent, or trade your personal information. We may share your information only in the following limited circumstances:

4.1 With Your Consent

We may share your information when you have provided explicit written authorization to do so. You may revoke your authorization at any time, except to the extent that we have already taken action in reliance on it.

4.2 For Treatment Purposes

We may share your health information with other healthcare providers involved in your care, such as your primary care physician, psychiatrist, or specialists, when necessary for coordinated treatment.

4.3 As Required by Law

We may disclose your information when required or permitted by law, including: (a) in response to a valid court order, subpoena, or other legal process; (b) to report suspected child, elder, or dependent adult abuse or neglect; (c) when there is an imminent threat of serious harm to you or others; (d) for public health activities; (e) to law enforcement officials as required by law; and (f) to comply with workers' compensation laws.

4.4 Business Associates

We may share your information with third-party service providers who perform services on our behalf, such as billing companies, IT support, cloud storage providers, and payment processors. These business associates are contractually required to safeguard your information and use it only for the purposes for which it was disclosed.

4.5 Decedents

We may disclose PHI to coroners, medical examiners, and funeral directors as authorized by law.

5. Your Privacy Rights

Under HIPAA and other privacy laws, you have the following rights regarding your personal and health information:

Right to Access: You have the right to inspect and obtain a copy of your health records. We will provide the requested records within 30 days of your request.

Right to Amend: You may request that we amend your health information if you believe it is incorrect or incomplete. We will respond to your request within 60 days.

Right to an Accounting of Disclosures: You have the right to request a list of certain disclosures of your health information made within the six years prior to your request.

Right to Request Restrictions: You may request that we limit how we use or disclose your health information. We are not required to agree to your request but will consider it in good faith.

Right to Confidential Communications: You have the right to request that we communicate with you by alternative means or at alternative locations (e.g., via email instead of phone calls).

Right to Revoke Authorization: You may revoke any authorization you have given us to use or disclose your health information, except to the extent that we have already relied on the authorization.

Right to a Paper Copy: You have the right to request a paper copy of this Privacy Policy at any time.

To exercise any of these rights, please submit a written request to us at the contact information provided below.

6. Florida Privacy Rights

As a Florida-based practice, we comply with the Florida Digital Bill of Rights (FDBR). If you are a Florida resident, you have the following rights:

Right to Access: You have the right to confirm whether we are processing your personal data and to access such data.

Right to Delete: You have the right to request deletion of your personal data, subject to certain exceptions including legal and regulatory requirements.

Right to Correct: You have the right to correct inaccuracies in your personal data.

Right to Opt-Out: You have the right to opt out of the processing of your personal data for targeted advertising, the sale of personal data, or profiling. We do not sell personal data or engage in profiling.

To exercise your Florida privacy rights, please contact us.

7. California Privacy Rights

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

Right to Know: You have the right to know what personal information we collect, use, disclose, and sell about you.

Right to Delete: You have the right to request that we delete your personal information, subject to certain exceptions.

Right to Opt-Out: We do not sell personal information. If we ever do so in the future, you will have the right to opt out of such sales.

Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA rights.

To exercise your California privacy rights, please contact us.

8. Data Security

We implement appropriate technical, administrative, and physical security measures designed to protect your information from unauthorized access, use, alteration, or disclosure. These measures include:

Encryption of data in transit and at rest using industry-standard SSL/TLS protocols; secure, password-protected electronic health records systems with role-based access controls; regular security assessments, vulnerability testing, and software updates; comprehensive staff training on privacy and security practices; firewalls and intrusion detection systems; secure backup and disaster recovery procedures; and physical security measures to protect our facilities and equipment.

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee its absolute security.

9. Data Retention

We retain your personal information and health records for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. Clinical records are retained for a minimum of seven (7) years from the date of last service, or longer if required by applicable state law. Financial records are retained in accordance with tax laws and regulations. After the retention period expires, we securely destroy or anonymize your information.

10. Cookies and Tracking Technologies

Our website uses cookies, web beacons, and similar tracking technologies to enhance user experience, analyze site traffic, and gather demographic information. Cookies are small data files stored on your device. You can control cookies through your browser settings and choose to refuse all or some cookies. However, if you disable cookies, some parts of our website may not function properly.

We use the following types of cookies: essential cookies necessary for website functionality, analytics cookies to understand how visitors use our site, and functional cookies to remember your preferences. We do not use advertising cookies to track you across other websites.

11. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices or content of these external sites. We encourage you to read the privacy policies of any third-party sites you visit.

12. Children's Privacy

Our services are not directed to individuals under the age of 18, except when accompanied by a parent or legal guardian. We do not knowingly collect personal information from minors without parental consent. If you are a parent or guardian and believe we have collected information about your child without consent, please contact us immediately, and we will delete such information.

13. Do Not Track Signals

Our website does not currently respond to "Do Not Track" signals from web browsers. We do not track users across third-party websites to provide targeted advertising.

14. International Data Transfers

Our services are provided from the United States. If you access our services from outside the United States, your information may be transferred to, stored, and processed in the United States, where data protection laws may differ from those in your country. By using our services, you consent to the transfer of your information to the United States.

15. Changes to This Privacy Policy

We reserve the right to update or modify this Privacy Policy at any time. When we make material changes, we will post the updated policy on this page and update the "Effective Date" at the top. We will also notify you by email or through a notice on our website. Your continued use of our services after any changes indicates your acceptance of the updated policy. We encourage you to review this Privacy Policy periodically.

16. Breach Notification

In the event of a breach of unsecured protected health information, we will notify affected individuals in accordance with HIPAA breach notification requirements. Notification will be provided without unreasonable delay and no later than 60 days after discovery of the breach.

17. Notice of Privacy Practices

This Privacy Policy is supplemented by our HIPAA Notice of Privacy Practices (NPP), which provides more detailed information about how we use and disclose your Protected Health Information. You will receive a copy of our NPP at your first appointment, and it is also available upon request.

18. Contact Information

If you have any questions, concerns, or complaints about this Privacy Policy or our privacy practices, or if you wish to exercise any of your privacy rights, please contact us:

Chosen Journey Therapy Group, LLC
1326 E Commercial Blvd. Unit #2327, Oakland Park, FL 33334
Email: hello@chosenjtg.com
Contact Form: chosenjtg.com/contact
Website: chosenjtg.com

You also have the right to file a complaint with the U.S. Department of Health and Human Services if you believe your privacy rights have been violated. We will not retaliate against you for filing a complaint.

---

By using our services, you acknowledge that you have read and understood this Privacy Policy.