Your Rights Under HIPAA & SUD Confidentiality Law

Confidential. Privacy Law.

Alcohol Or Drug Treatment Is Confidential

Alcohol and drug treatment services are confidential and protected by two federal laws:
the Health Insurance Portability and Accountability Act (HIPAA) and 42 CFR Part 2 (Confidentiality of Substance Use Disorder Patient Records).
These laws strictly limit how information about your treatment may be used or shared. Unless you give written permission, we cannot confirm or deny that you receive services here, share details about your care, or disclose your records – except in situations specifically allowed by law.

HIPAA Is A Federal Law

HIPAA sets national standards to protect your Protected Health Information (PHI), which includes any information that identifies you and relates to your health, treatment, or payment for care.
Part 2 provides additional protections for people receiving substance use disorder treatment, restricting disclosure of those records even more tightly. We follow both sets of rules to ensure your privacy is fully protected.

Contact Us For Confidential treatment

WHAT INFORMATION IS PROTECTED BY HIPAA?

The following information is considered protected and cannot be shared without your written consent, unless permitted by law:

  • Your name, address, phone number, or email
  • Social Security number or other identifying numbers
  • Photographs, fingerprints, or other biometric data
  • Health plan information and medical record numbers
  • Diagnosis, treatment, and services received
  • Payment or billing information

Under 42 CFR Part 2, even the fact that you are receiving treatment for a substance use disorder is confidential.

Patient Protection-Under HIPAA Law

Except when required or allowed by law:

  • No records can be released without your written authorization.
  • Treatment cannot be verified, and we will not confirm or deny that you are a patient here.
  • Staff may only disclose information necessary to carry out your care, billing, or program operations.

We may ask you to sign a Release of Information (ROI) form when it is necessary to coordinate care or verify services. Each ROI must identify the recipient, specify the information to be shared, and can be revoked by you at any time.
All staff receive annual training on HIPAA and Part 2 policies and procedures. We use administrative, physical, and technical safeguards—such as secure record systems, password protections, and limited access controls—to protect your information from unauthorized use or disclosure.

Exceptions

Certain disclosures may be made without your authorization when required by law, such as:

  • Suspected child or vulnerable-adult abuse or neglect
  • Medical emergencies when information is needed to treat you
  • Court orders that meet HIPAA and Part 2 requirements
  • Audits or program evaluations by authorized oversight agencies

Even in these cases, only the minimum necessary information is shared, and recipients are reminded that further redisclosure is prohibited without your written consent.

Notice of Privacy Practices

Start Forging Your Own Path Today!

Home Contact Form

This field is for validation purposes and should be left unchanged.