Privacy Policy - ABC Physical Therapy

Our Commitment to Your Privacy

At ABC Physical Therapy, we are committed to protecting the privacy and confidentiality of your personal health information (PHI). This policy outlines how we collect, use, protect, and disclose your health information in compliance with the Health Insurance Portability and Accountability Act (HIPAA) and other applicable privacy laws.

Information We Collect

We collect and maintain the following types of information:

  • Medical history and current health conditions

  • Treatment records and progress notes

  • Insurance and billing information

  • Contact information and emergency contacts

  • Demographic information

  • Photographs or videos for treatment documentation (with separate consent)

How We Use Your Information

Your health information is used exclusively for:

  • Treatment: Providing, coordinating, and managing your physical therapy care

  • Payment: Processing insurance claims and billing activities

  • Healthcare Operations: Quality improvement, staff training, and administrative functions

  • Legal Requirements: When required by federal, state, or local law

Information Sharing and Disclosure

Written Authorization Required: We require your written authorization before disclosing your PHI to any third party, except in the following limited circumstances:

  • Emergency medical situations where you cannot provide consent

  • Court orders or legal subpoenas

  • Public health reporting requirements

  • Workers' compensation cases (when applicable)

Minimum Necessary Standard: When disclosure is permitted, we share only the minimum amount of information necessary to accomplish the intended purpose.

Your Privacy Rights

You have the right to:

  • Access: Request and receive a copy of your health records

  • Amendment: Request corrections to your health information

  • Restriction: Request limitations on how we use or disclose your PHI

  • Confidential Communications: Request communications through alternative means or locations

  • Accounting: Receive a list of disclosures we have made of your PHI

  • Revoke Authorization: Withdraw previously given consent (except where action has already been taken)

Security Measures

We protect your information through:

  • Secure, locked storage for physical records

  • Password-protected electronic systems with encryption

  • Limited access to authorized personnel only

  • Regular staff training on privacy and security protocols

  • Secure disposal of records when no longer needed

  • Network security measures and firewalls for digital systems

Data Retention

Medical records are retained according to state requirements and professional standards, typically for a minimum of 7 years after your last visit or longer as required by law.

Breach Notification

In the unlikely event of a privacy breach, we will notify you and appropriate authorities within the timeframes required by law.

Contact Information

Privacy Officer: [Name and Title] Phone: [Phone Number] Email: [Email Address] Address: [Full Address]

For questions about this privacy policy or to exercise your privacy rights, please contact our Privacy Officer.

Policy Updates

This policy may be updated to reflect changes in our practices or legal requirements. We will post updated versions prominently in our facility and provide copies upon request.

Effective Date: [Date] Last Updated: [Date]

Please review our complete HIPAA Notice of Privacy Practices for detailed information about all of your rights under federal privacy law.