top of page

HAVEN POINT LLC

HIPAA NOTICE OF PRIVACY PRACTICES
Effective Date:11/24/2025

THIS NOTICE DESCRIBES HOW MEDICAL AND MENTAL HEALTH INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN ACCESS THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.

OUR COMMITMENT TO YOUR PRIVACY

Each time you receive psychotherapy or related services from Haven Point LLC (“HP,” “we,” “us,” or “our”), a record is created. This record may include:

  • Presenting concerns

  • Background information

  • Assessments

  • Clinical impressions

  • Treatment plan

  • Progress notes

  • Related documentation

This information (“your health information” or “your record”) is used to provide quality care and meet legal, ethical, and billing requirements.

Although your record belongs to Haven Point LLC, you have specific rights regarding your Protected Health Information (PHI), described in this Notice.

Our current Notice is posted at www.thehavenpoint.com. You may request a paper copy at any time.

If you received this Notice electronically, you may request a paper copy.

If you have questions, contact:
Haven Point LLC — (402) 674-0774

YOUR RIGHTS REGARDING YOUR PHI

1. Right to a Copy of This Notice

You have the right to receive a paper copy of this Notice at any time.

2. Right to an Accounting of Disclosures

You have the right to request a list of certain disclosures of your PHI made by Haven Point LLC in the past six years (with some exceptions).

If you request more than one accounting within a 12-month period, we may charge a reasonable fee.

3. Right to Inspect and Obtain Copies of Records

You may request to review or obtain a copy of your records (excluding psychotherapy notes).

Requests must be submitted in writing.
We may charge a reasonable, cost-based copying fee.

You may not access:

  • Psychotherapy notes

  • Information compiled for legal proceedings

  • Information prohibited by state or federal law

In limited cases, access may be denied but may be reviewable.

4. Right to Request Amendment

If you believe your record is incorrect or incomplete, you may request an amendment.

Requests must be in writing and include supporting documentation.

We may deny the request if:

  • The information is accurate

  • It was not created by us

  • It is restricted from amendment by law

If denied, you may submit a statement of disagreement.

5. Right to Request Restrictions

You may request, in writing, that we restrict the use or disclosure of your PHI for:

  • Treatment

  • Payment

  • Health care operations

  • Disclosure to individuals involved in your care

We are not required to agree to the restriction unless the request relates to:

  • A service you paid for out-of-pocket in full, and

  • You request that the information not be shared with your health plan

If we agree to a restriction, we will abide by it unless PHI is needed for emergency treatment.

6. Right to Request Confidential Communications

You may request that we contact you at an alternative address, phone number, or method (e.g., email instead of phone).

We will accommodate reasonable requests.

OUR RESPONSIBILITIES

  • We are required by law to maintain the privacy of your PHI.

  • We must provide this Notice of our legal duties and privacy practices.

  • We must follow the terms of this Notice while it is in effect.

  • We will notify you if a breach occurs involving your unsecured PHI.

  • We may update this Notice and apply the changes to PHI we maintain.

Revised Notices will be made available at your next appointment and posted on our website.

HOW WE MAY USE AND DISCLOSE YOUR PHI WITHOUT YOUR AUTHORIZATION

HIPAA permits use and disclosure of PHI for treatment, payment, and health care operations, as well as certain other circumstances allowed by law.

Below are examples (not an exhaustive list):

1. Treatment

We may use and disclose PHI to provide, coordinate, or manage your care.

Example:
Your clinician may consult with another licensed provider within Haven Point LLC to support your treatment.

2. Payment

We may use and disclose PHI to receive payment for services.

Example:
We may submit information/diagnoses to insurance companies or send invoices to you.

If you do not want PHI disclosed to your health plan, you must pay in full at the time of service.

3. Health Care Operations

We may use PHI for internal operations such as:

  • Quality improvement

  • Compliance monitoring

  • Licensing

  • Training

  • Business management

Example:
We may share information with billing or software vendors under HIPAA-required Business Associate Agreements.

ADDITIONAL DISCLOSURES PERMITTED BY LAW

We may use or disclose your PHI without your authorization under the following circumstances:

1. Notification

To notify a family member or emergency contact of your condition or location in emergencies.

2. Public Health & Safety

To public health authorities to prevent or control disease, injury, or disability; or to prevent a serious threat to health or safety.

3. Abuse or Neglect

If we believe you are a victim of abuse, neglect, or exploitation, we must report this to the appropriate authorities.

4. Health Oversight

To agencies involved in audits, investigations, inspections, or licensing.

5. Judicial or Administrative Proceedings

In response to a court order, subpoena, or other lawful process.

6. Law Enforcement

As permitted by law, such as identifying a suspect, witness, or missing person.

7. Special Government Functions

For military, national security, or protective services when required by law.

8. Coroners, Medical Examiners, Funeral Directors

To assist with identification, determining cause of death, or other authorized duties.

9. Serious Threat to Health or Safety

If necessary to prevent or lessen a serious and imminent threat.

10. Workers’ Compensation

As required by workers’ compensation laws.

11. Legal Action Against Provider

If you file a complaint or legal claim against us, we may disclose PHI necessary to defend ourselves.

12. Required by Law

We will disclose PHI when required by state or federal law.

USES AND DISCLOSURES REQUIRING YOUR AUTHORIZATION

We will obtain your written authorization before using or disclosing your PHI for purposes not described in this Notice, including:

  • Psychotherapy notes (with limited exceptions)

  • Most marketing purposes

  • Sale of PHI

You may revoke an authorization in writing at any time, except when:

  • We have already acted in reliance on it, or

  • Authorization was obtained to obtain insurance coverage

When more stringent laws apply, we comply with those laws.

BREACH NOTIFICATION

If a breach occurs involving your unsecured PHI, we will notify you in writing:

  • Without unreasonable delay

  • No later than 60 days after discovery

  • By first-class mail or email (if you have authorized electronic notice)

If contact information is insufficient:

  • For 10+ individuals, we will use substitute notice (website posting or media notice).

  • For fewer than 10, we may use alternative methods.

Your Breach Notice will include:

  1. Description of what happened

  2. Types of PHI involved

  3. Steps you should take

  4. What we are doing to mitigate harm

  5. Contact information for questions

FOR QUESTIONS OR TO FILE A COMPLAINT

If you have questions about this Notice or believe your privacy rights have been violated, contact:

Haven Point LLC
Phone: (402) 674-0774
Mailing Location: Colorado Springs, CO
Website: www.thehavenpoint.com

You may also file a complaint with:
U.S. Department of Health and Human Services, Office for Civil Rights (OCR)
There is no retaliation for filing a complaint.

 

For example: Information obtained by your clinician will be recorded in your record and used to determine the course of your professional services. Your clinician and other qualified mental health team members may communicate with one another personally and through the client record to coordinate your professional services and assess your treatment and outcomes. This information is used in our ongoing efforts to ensure the quality and effectiveness of our professional services we provide.

 

We will use and disclose your health information for payment purposes.

 

For example, a bill may be sent to you or a third party payer. The information on or accompanying the bill may include information that identifies you, as well as your diagnosis and/or procedures. If you do not wish for us to disclose information to a third-party payer, you understand that you will be required to pay for the full amount of your services at the time such services are rendered.

 

We will use and disclose your health information for healthcare operations.

 

We may use or disclose your health information to carry out our daily activities as they relate to the provision of healthcare. Healthcare operations include but are not limited to quality assessment activities and licensing activities. For example, we may disclose your information with third parties that perform various business activities (e.g., billing or computer software services) provided we have a written contract with the business that requires it to safeguard the privacy of your protected health information.

 

Other Disclosures That May be Made Without Your Authorization

Unless we are otherwise restricted from doing so, we may also use or disclose your information for the following purposes without your authorization:

Notification: In an emergency situation, we may use or disclose your health information to notify or assist in notifying a family member, personal representative, or another person responsible for your care, of your location, and general condition.

 

Public Health: When required or permitted by law, we may disclose your therapeutic information to public health or legal authorities responsible for preventing or controlling disease, injury, or disability or performing other public health functions. In addition, we may disclose your therapeutic information in order to avert a serious threat to health or life.

 

Abuse or Neglect: If we believe you have been a victim of abuse or neglect or engaging in behavior that is abusive toward children or other “vulnerable” persons as defined by applicable federal and/or states laws, we may disclose your health information to an authorized governmental entity or agency. This disclosure will be made pursuant to the requirements of federal or state laws. We may also disclose your information to a public health entity that is authorized to receive reports of child abuse or neglect.

 

Healthcare Oversight Activities: we may disclose your health information to appropriate authorities for activities including but not limited to monitoring, investigating, inspecting, and disciplining or licensing those who work in the healthcare system or for government benefit programs.

 

Judicial and Administrative Proceedings: We may disclose your health information that is expressly authorized by an administrative proceeding, in response to an order of a court or administrative tribunal, and under certain conditions in response to a subpoena, discovery request or other lawful process.

Specialized governmental functions: we may disclose your therapeutic information for military and veteran activities, national security and intelligence activities, and similar special governmental functions as required or permitted by law.

 

Law Enforcement: We may disclose your therapeutic information for law enforcement purposes as required or permitted by law or in response to a valid subpoena, court order or other binding authority.

 

Disclosure About Decedents: We may disclose health information about decedents to coroners and medical examiners for the purpose of identifying a deceased individual, determining a cause of death, or carrying out other duties permitted by law. Additionally, we may disclose the decedent’s information to funeral directors as authorized by law.

 

Avoid Threat to Health or Safety: We may disclose information to specified authorities if we believe in good faith that a disclosure of your health information is necessary to prevent or minimize a serious threat to you or the public’s health or safety.

 

Disclosure required by law: We may use or disclose your counseling information as required by law provided such use or disclosure complies with and is limited to the relevant requirements of such law.

 

Workers Compensation: We may disclose health information to the extent authorized by and to the extent necessary to comply with laws related to workers’ compensation or other similar programs established by the law.

 

Charges Against Provider: In the event, you should file a suit against us, we may disclose health information necessary to defend such action. Also, we must make disclosures to you and when required by the Secretary of the Department of Health and Human Services to investigate and determine our compliance with the law.

 

Uses and Disclosures of Protected Health Information Requiring an Authorization: In situations other than those listed above, we will request your written authorization before using or disclosing protected health information about you. If you chose to sign such authorization to disclose information, you may, in writing, revoke that authorization to stop any future uses and disclosures except to the extent that action has been taken in reliance on the uses and disclose, or if the authorization was obtained as a condition of obtaining insurance coverage and the insurer has a legal right to contest a claim.

 

Additionally, if a use or disclosure of protected health information described above in this Notice is prohibited or materially limited by other laws that apply to use, it is our intent to meet the requirements of more stringent law.

 

BREACH NOTIFICATION

 

This Notice also reflects federal breach notification requirements in the event that your “unsecured protected health information” is acquired by an unauthorized party. We will notify you following the discovery of any “breach” of your unsecured protected health information as defined in the HITECH Act (the “Notice of Breach”). Your Notice of Breach will be in writing and provided via first-class mail, or alternatively, by email if you have previously agreed to receive such notes electronically. If the breach involves:

  • 10 or more individuals for whom we have insufficient or out-of-date contact information, then we will provide substitute individual Notice of Breach by either posting the notice on our website or by providing the notice in a major print or broadcast media where the affected individuals likely reside.

  • Less than 10 individuals for whom we have insufficient or out-of-date contact information, then we will provide substitute Notice of Breach by an alternative form.

 

Your Notice of Breach will be provided without unreasonable delay and in no case later than 60 days following the discovery of a breach and shall include, to the extent possible:

  • A description of the breach

  • A description of the types of information that were involved in the breach.

  • The steps you should take to protect yourself from potential harm.

  • A brief description of what we are doing to investigate the breach, mitigate the harm, and prevent further breaches

  • Our relevant contact information.

 

Additionally, for any substitute Notice of Breach provided via web posting or major print or broadcast media, the Notice of Breach shall include a toll-free number for you to contact us to determine if your protected information was involved in the breach.

 

For More Information or to Report a Problem

 

If you have questions or would like additional information, you may contact Haven Point, LLC via telephone at (402) 674-0774 or in writing at the address below. If you believe your privacy rights have been violated, you have the right to file a complaint with Haven Point or with the Secretary of Health and Human Services. There will be no retaliation for filing a complaint.

bottom of page